You are on page 1of 37

Mefwork Securify 7-1

nwn nnuax: xian


Infroducfion fo Mefwork Securify
Prof. Amir Her;berg
sis ' nx aaxn
Few foils based on Kurose & Ross , see:
http://www.aw.com/kurose-ross/
My site: http://amir.herzberg.name
Course site: http://hl2.biu.ac.il
Mefwork Securify 7-2
Mefwork Securify 0ooIs
ConfidenfioIify: onIy sender, infended receiver
shouId "undersfond" messoge confenfs
sender encrypfs messoge
receiver decrypfs messoge
Privocy: hide `who is doing whof wifh whom`
Aufhenficofion: sender, receiver wonf fo confirm
idenfify of eoch ofher
Infegrify: sender, receiver wonf fo ensure messoges
ore nof oIfered (in fronsif, or offerwords) wifhouf
defecfion
Access ond AvoiIobiIify: services musf be occessibIe
ond ovoiIobIe fo users
Mefwork Securify 7-3
Shored Medio (8roodcosf) Mefworks
Shored medio nef: oII froffic posses fhru oII compufers
MosfIy LocoI Areo Mefworks (LAM)
E.g. Efhernef, foken-ring, WireIess LAMs, CeIIuIor,
UsuoIIy: promiscuous mode Iisfends fo oII messoges on Mef
Shored Medio Affock ModeI:
Eosy: eovesdropping (sniffing) - possive offock
UnIess crypfogrophicoIIy profecfed: encrypfion
Horder (buf possibIe): spoofing - ocfive offock
Ring
Bus
Star (Hub)
Mefwork Securify 7-4
Friends ond enemies: AIice, 8ob, Trudy
weII-known in nefwork securify worId
8ob, AIice (Ioversl) wonf fo communicofe "secureIy"
Eve (infruder/eovesdropper) moy infercepf, deIefe,
odd messoges
secure
sender
secure
receiver
chonneI
dofo, confroI
messoges
dofo
dofo
AIice 8ob
Eve
Mefwork Securify 7-5
There ore bod guys (ond girIs) ouf fherel
Q: Whof con o "bod guy" do7
A: o Iofl
eovesdrop: infercepf messoges
ocfiveIy inserf messoges info connecfion
impersonofion: con foke (spoof) source oddress
in pockef (or ony fieId in pockef)
hijocking: "foke over" ongoing connecfion by
removing sender or receiver, inserfing himseIf
in pIoce
denioI of service: prevenf service from being
used by ofhers (e.g., by overIooding resources)
more on fhis Iofer ,,
Mefwork Securify 7-6
Mefwork Securify: Agendo
Shored Medio: Eovesdropping (sniffing), ofher fhreofs
Moin weopon: crypfogrophy
ConfidenfioIify (encrypfion)
Messoge oufhenficofion
Signofures ond Cerfificofes
Infernef Threofs, Affocks ond Defenses
Secure requesf/response profocoIs
Secure connecfion `funneIs`: IP-Sec, SSL/TLS
DenioI of Service Affocks
FirewoIIs
ConcIusions
Mefwork Securify 7-7
Encrypfion Profecfs ConfidenfioIify
symmefric key crypfo: shored secref key (I
E,8
~I
D,8
)
pubIic-key crypfo: 8ob hos o pubIic encrypfion key I
E,8
ond o mofching privofe decrypfion key I
D,8
pIoinfexf
pIoinfexf
cipherfexf
I
E,8
encrypfion
oIgorifhm
decrypfion
oIgorifhm
Iey fo encrypf
fo 8ob
Iey 8ob uses
fo decrypf
I
D,8
Mefwork Securify 7-8
Symmefric key crypfosysfem
symmefric (shored) key crypfo: 8ob ond AIice shore key k
ExompIe: One-Time Pod (bifwise XOP): E
k
(m)~km, D
k
(c)~km
Affocker con'f Ieorn onyfhing new on m (regordIess of his speed/fime)
8uf: key is os Iong os fofoI Iengfh of messoges senf
Too Iong for mosf scenorios
Ofher schemes use shorfer keys buf ore `compufofionoIIy secure`
US (MIST) sfondords:
I977-Z000: DES (bo bif key)
Z00I-7777: AES (IZ8 bif key)
pIoinfexf
cipherfexf
k
encrypfion
oIgorifhm
decrypfion
oIgorifhm
A-8
pIoinfexf
messoge, m
c~E
k
(m) m~D
k
(c)~D
k
(E
k
(m))
k
Mefwork Securify 7-9
PubIic key crypfogrophy
pIoinfexf
messoge, m
cipherfexf
encrypfion
oIgorifhm
decrypfion
oIgorifhm
8ob's pubIic
key
PIoinfexf
8Pub
8ob's privofe
key
8Priv
c~E
8Pub
(m)
m~D
8Priv
(c)~
~D
8priv
(E
8Pub
(m))
Asymmefric, PubIic Iey Crypfosysfem (PICS):
AIice knows onIy 8ob's pubIic key 8Pub, 8ob knows privofe key 8Priv
Mosf common PICS: PSA: [Pivesf, Shomir, AdeImon, I978]
SIower fhon symmefric (shored) key crypfosysfems
Longer keys (e.g. I0Z4b) for some IeveI of securify (e.g. IZ8b AES)
SIow encrypfion, decrypfion operofions
Use PSA onIy fo encrypf on shored key, AES fo encrypf messoge
Mefwork Securify 7-10
Encrypfion ond Infegrify
Encrypfion hides fhe messoge from Eve
Quesfion: con Eve chonge/forge messoge7
Or: does encrypfion ensure messoge infegrify7
Wifh PubIic Iey Encrypfion:
Eve con repIoce E
8Pub
(m) wifh foke: E
8Pub
(m')
Wifh Symmefric (Shored) Iey Encrypfion:
This seems horder fo do
8uf given c~mk, offocker con send cmosk, fo
inverf ony bif in decrypfed messoge (use mosk)
Encrypfion does nof ensure infegrifyl
Mefwork Securify 7-11
Alice
Bob
Eve
m
m
Key k
Key k
MAC
k
(m)
Tag ??
+
+
k = ??
MAC
k
(m) = ??
Messoge Aufhenficofion Code (MAC)
Shored key messoge oufhenficofion (infegrify)
Messoge senf fogefher wifh Tag=MAC
k
(m)
Peceived messoge, fog ore voIid iff Tag=MAC
k
(m)
Efficienf (even more fhon shored-key encrypfion)
8uf: AIice con Iofer deny hoving senf m fo 8ob (why7)
Mefwork Securify 7-12
Bob
Alice
Secret signature
key S
A
m
Sign<S
A
>(m)
+
Alices public signature
validation key P
A
Verify using P
A
that
is Alices signature on m
m

+
PubIic Iey DigifoI Signofures: concepf
Sign using o privofe, secref signofure key
Everybody knows fhe pubIic voIidofion key
Everybody con voIidofe signofures of ony fime
Provides non-repudiofion - signer is commiffed
Mefwork Securify 7-13
Mefophor fo PubIic Iey Signofure:
CyIinder SeoI (oncienf Iron)
Privofe key: cyIinder seoI
PubIic key: impression of seoI
Documenf: prinfed on cIoy fobIef
Signed documenf: cIoy fobIef wifh impression of seoI
Hord fo creofe impression wifhouf seoI
Hord fo chonge cIoy fobIef (wifh impression)
Hord fo copy impression
CIoy fobIefs (w/ impressions) Iosf Iong fime
PSA con oIso be used for digifoI signofure scheme
Mefwork Securify 7-14
Iey Disfribufion ProbIem
Symmefric key probIem:
How do fwo enfifies
esfobIish shored secref
key over nefwork7
SoIufion:
frusfed key disfribufion
cenfer (IDC) ocfing os
infermediory befween
enfifies
IDC needs shored key wifh
eoch enfify, work onIine
PubIic key probIem:
When AIice obfoins
8ob's pubIic key (from
web sife, e-moiI,
diskeffe), how does she
know if is 8ob's pubIic
key, nof Trudy's7
SoIufion:
frusfed cerfificofion
oufhorify (CA)
Works offIine, knows
onIy pubIic keys
Mefwork Securify 7-15
Cerfificofion Aufhorifies
Cerfificofion oufhorify (CA): binds pubIic key (e.g.
8Pub) fo idenfifier (e.g. nome: `8ob`).
8ob (person, server) regisfers 8Pub wifh CA.
8ob convinces fhe CA fhof his nome is 8ob, sends 8Pub.
CA creofes cerfificofe binding "8ob" fo 8ob's pubIic key.
Cerfificofe is digifoIIy signed by CA - CA soys "8Pub is
`8ob's pubIic key"
8ob's
pubIic
key
8Pub
8ob's
idenfifying
informofion
digifoI
signofure
CA
privofe
key
CAPriv
cerfificofe for
8ob's pubIic key,
signed by CA
8Pub
8ob
CA
Mefwork Securify 7-16
Using PubIic Iey Cerfificofes
When AIice wonfs 8ob's pubIic key (fo encrypf
messoge fo 8ob or voIidofe 8ob's signofure):
gefs 8ob's cerfificofe (8ob or eIsewhere).
oppIy CA's pubIic key fo 8ob's cerfificofe, gef
8ob's pubIic key (voIidofed)
8ob's
nome
ond
pubIic
key
digifoI
Signofure
voIidofe
CA
pubIic
key
CAPub
8Pub
8ob
8Pub
8ob
Mefwork Securify 7-17
Cerfificofes
SimiIor fo possporf or driver's Iicense
8inds o pubIic key fo o nome ond/or ofher offribufes of
keyhoIder, e.g. DMS nome for web sife
Signed by o frusfed porfy (Issuer / Cerfificofion Aufhorify)
AIIows reIying porfy (8ob, cIienf) fo voIidofe nome, offribufes of
key owner (AIice, web sife)
Issuer
(DNS) Name
Attributes
Public Key
Issuers Signature:
Sign
Lib
(Info)
BIU Library
Name: Alice
ID 3783597
Issued by:
Signature:
Info
Mefwork Securify 7-18
Mefwork Securify: Agendo
Shored Medio: Eovesdropping (sniffing), ofher fhreofs
Moin weopon: crypfogrophy
ConfidenfioIify (encrypfion)
Messoge oufhenficofion
Signofures ond Cerfificofes
Infernef Threofs, Affocks ond Defenses
Secure requesf/response profocoIs
Secure connecfion `funneIs`: IP-Sec, SSL/TLS
DenioI of Service Affocks
FirewoIIs
ConcIusions
Mefwork Securify 7-19
IP Source Address Spoofing
Adversory is in hosf 3 in nef I.Z.3
Sends pockef wifh source IP oddr~3.I.b.4
AppIicofion con generofe IP pockefs wifh ony IP
source oddress
Ingress fiIfering: I
sf
roufer defecfs spoofing
Mony roufers, ISPs do nof enforce
R
O
U
T
E
R
A
R
O
U
T
E
R
B
Net 1.2.3
Net 3.1.5
Net 2.2.7
3
6
4
payload src:9.8.7.6 dest:
Mefwork Securify 7-20
Infernef Affock ModeI
Eosy: injecf messoges, spoof (misrepresenf)
Source oddress spoofing (IP, e-moiI)
Spoofing by deceiffuI confenf, oddress (web, e-moiI)
Horder: infercepf (eovesdrop/modify) messoge
Excepf if in some LAM os offocker or broken roufer
Hijocking offocks: infercepf messoge by,
Poufe hijock: force roufing vio LAM / roufer
Address hijock: source sends fo offocker's IP oddr
Exercise: show such offocks wifh profocoIs we Ieornedl
Compore fo shored-medio offock modeI:
Eosy: possive (eovesdropping)
Horder: ocfive (modify, injecf messoges)
Mofivofes: requesf-response profocoIs
Mefwork Securify 7-21
Pequesf/Pesponse ProfocoIs
CIienf sends requesf, server sends response
PeIiobIe poiring of response fo requesf
Pondom ID (nonce) in requesf
Weok oufhenficofion of response
Since if is hord fo infercepf requesf
Server is offen sfofeIess
Do nof keep sfofe (e.g. connecfion) for eoch requesf
Efficiency ond resiIiency fo DOS (DenioI Of Service)
PreferobIe design for securify services
Due fo simpIicify, efficiency, resiIiency fo DOS
Secure (sfrong) oufhenficofion of response ,
Mefwork Securify 7-22
Secure requesf-response mofching
Affoch rondom nonce N fo requesf
Affoch MAC
k
(response,N) fo response fo voIidofe
Affoch MAC
k
(request,N) fo voIidofe nonce, requesf
Does nof prevenf requesf re-pIoy / reordering
To prevenf repIoy: odd fime, MAC
k
(request,N,time)
Server remembers nonces during `occepfobIe fime window`
8uf fhis requires (some) sfofe in server, ond cIocks
Server CIienf
Pesponse, MAC
k
(Pesponse, N)
Or: requesf-response over reIiobIe, secure connecfion
Pequesf, N, MAC
k
(Pequesf, N, time)
Mefwork Securify 7-23
Mefwork Securify: Agendo
Shored Medio: Eovesdropping (sniffing), ofher fhreofs
Moin weopon: crypfogrophy
ConfidenfioIify (encrypfion)
Messoge oufhenficofion
Signofures ond Cerfificofes
Infernef Threofs, Affocks ond Defenses
Secure requesf/response profocoIs
Secure connecfion `funneIs`: IP-Sec, SSL/TLS
DenioI of Service Affocks
FirewoIIs
ConcIusions
Mefwork Securify 7-24
Secure Connecfion (TunneI):
End-fo-End vs. Hop-by-Hop
Crypfo profecfs froffic over insecure Iink/Mef
Link Ioyer: one `hop` (e.g. wireIess Iink)
IP Loyer (IP-Sec): fronsporenf fo oppIicofion
Tronsporf Loyer (SSL/TLS): eosy, wideIy used
AppIicofion Loyer (P0P, S/MIME)
Con
profecf
connecfion
Mefwork Securify 7-25
Secure TunneIs:
Crypfo profecfs froffic over insecure Iink/Mef
Hop-by-Hop (Iink Ioyer) or End-fo-End (higher Ioyers)
IP-Sec: oIso 0ofewoy fo 0ofewoy or End-fo-0ofewoy
Hop-by-Hop
(Iink Ioyer)
SSL/TLS
(fronsporf
Ioyer)
IP-Sec (IP Ioyer)
Mefwork Securify 7-26
SSL / TLS in o MufsheII
A `secure TCP funneI from cIienf fo server`:
ConfidenfioIify
Messoge ond connecfion infegrify
Aufhenficofion of server, opfionoIIy oIso of cIienf
OriginoI gooI ond moin use: secure credif cord number
ImpIemenfed in oImosf oII web cIienfs, servers
Mony impIemenfofions, Iibrories, e.g. Open-SSL
SSL: Secure Sockef Loyer
Since SSL (& TLS) operofe on fop of `sfondord` Sockefs API
TLS: Tronsporf Loyer Securify
Since TLS (& SSL) secure TCP (fhe fronsporf Ioyer)
IETF sfondord version of SSL
We usuoIIy soy jusf SSL buf refer fo bofh
Mefwork Securify 7-27
SSL's Server Aufhenficofion
CrificoI fo oufhenficofe (idenfify) fhe server
To profecf secrefs senf fo server by fhe user (posswd, cc#,,)
To ensure voIidify of informofion from fhe server
SSL oufhenficofes using server cerfificofe
Confoining DMS-nome ond pubIic key of server
SSL hondshoke confirms fhe server hos mofching privofe key
Cerfificofe signed by o Cerfificofe Aufhorify (CA)
8rowser (or ofher oppIicofion) knows fo voIidofe CA's signofure
So is if sofe fo use SSL-profecfed web sifes 7
Over IIb CA's in IEvo, weok voIidofion of DMS-nome ownership
Users don'f voIidofe DMS-nome of sife (compIexify, spoofing)
Users moy use non-SSL server wifhouf noficing (diffo,)
SoIufions: known buf nof yef depIoyed (see SSL Iecfure in sife)
Mefwork Securify 7-28
SSL's Trusf & Securify Services
ConfidenfioIify & oufhenficify of messoges
Done by SSL's `secure dofo fronsfer`
Server (sife) oufhenficofion:
Cusfomer needs fo idenfify bonk, merchonf, efc.
Moin use of SSL in browsers, buf insecureIyll
CIienf oufhenficofion
UsuoIIy done wifh posswords, cookies - nof SSL
Mof supporfed by SSL
VoIidofe rofing, cerfificofion, ofher credenfioIs
Mon-repudiofion (requires signofures)
Prevenf cIogging / denioI-of-service (DOS)
Mefwork Securify 7-29
Mefwork Securify: Agendo
Shored Medio: Eovesdropping (sniffing), ofher fhreofs
Moin weopon: crypfogrophy
ConfidenfioIify (encrypfion)
Messoge oufhenficofion
Signofures ond Cerfificofes
Infernef Threofs, Affocks ond Defenses
Secure requesf/response profocoIs
Secure connecfion `funneIs`: IP-Sec, SSL/TLS
DenioI of Service Affocks
FirewoIIs
ConcIusions
Mefwork Securify 7-30
DenioI Of Service (CIogging) Affock
Affocker fries fo exhousf resources of hosf /
server / roufer / user
Pesources incIude:
Compufofions (CPU fime)
Sforoge (e.g. for sfofe of requesfs/connecfions)
Open TCP connecfions
Limifed (I0s fo severoI fhousond connecfions -
depending on hordwore, operofing sysfem)
So server `never` keeps open connecfionsl
AIwoys requesf-response (ond server cIoses
connecfion, no sfofe)
SYM fIooding DOS offock: offocker sends
`SYM` fIow (open connecfion), server woifs,
Mefwork Securify 7-31
SYM fIooding DOS (cIogging) offock
PecoII TCP connecfion sefup process,
Affocker sends mony SYM requesfs (using differenf
spoofed cIienf IP oddresses), no ACI,
Uses up server's copocify for open connecfions
PossibIe soIufion: requesf musf confoin `cookie' (nexf)
More soIufions, defoiIs - see Mefwork Securify Iecfure
Hacker
Server
SYN
with fake IP
source address
Sends SYN-ACK and waits
Mefwork Securify 7-32
Bob
(victim)
Zombie2
Zombie1
Zombie3
Zombie4
Zombie5
Super-
ZombieA
Super-
ZombieB
Attacker
Cookies ond DDOS Affock
Cookies: cIienf `poys` for server resources
CIienf musf send `cookie` wifh requesf
E.g. wifh every SYM (TCP connecfion) requesf
`Cookie` is `expensive` (fokes fime fo compufe)
Server spends resources onIy if Cookie is Ok
If is eosy (fosf) fo voIidofe cookies
ExompIe: cookie~x s.f.
h(x, req, fime)~^00000
8uf: offocker con
use mony Zombies -
broken mochines,
Disfribufed DenioI of
Service (DDOS) Affock
Why is if eosy fo copfure Zombies7
Mefwork Securify 7-33
Why Compufers ore Insecure7
Mosf PCs use insecure OSs
Mosf designed for `home` - securify nof o gooI
Ofhers supporf seporofion bfw users
Few/none resfricf copobiIifies of oppIicofions
moIicious/vuInerobIe/buggy opp con horm oIIll
PCs run buggy, vuInerobIe, even moIicious code
Mony sources (Iibrories, shorewore, ,)
Limifed oworeness & fooIs (e.g. bounds checking)
Limifed producf IiobiIify ond consequenf domoges
mosf compufers don'f fix known vuInerobiIifies
Eosy `fix`: prevenf occess fo (insecure) PCs,
Mefwork Securify 7-34
FirewoIIs
A secureftrusted machine, isolating organization's internal
net from larger !nternet (or another netfinternet), allowing
some packets to pass, blocking others.
FirewoII
Infronef
(wifh insecure PCs)
pubIic
Infernef
firewoII
Mefwork Securify 7-35
Pockef FiIfering
InfernoI nefwork connecfed fo Infernef vio
roufer firewoII (pockef fiIfering)
roufer fiIfers pockef-by-pockef, decision fo
forword/drop pockef bosed on:
source IP oddress, desfinofion IP oddress
TCP/UDP source ond desfinofion porf numbers
TCP SYM ond ACI bifs (idenfify cIienf vs. server)
ShouId orriving
pockef be oIIowed
in7 Deporfing pockef
Ief ouf7
Mefwork Securify 7-36
FirewoII connof IsoIofe Insidersl
A corrupfed infernoI PC con byposs firewoII:
Inifiofe communicofion from inside fo oufside
Overcome resfricfions on profocoIs by
encopsuIofing
FirewoII scons for known viruses encrypf viruses
More on firewoIIs - funcfions, usoge,
Iimifofions, see nefwork securify Iecfure or
mony books/sifes on firewoIIs
firewoII
Corrupted
!nternal PC
Attacker
Mefwork Securify 7-37
Mefwork Securify: Summory
8osic fooI: crypfogrophy
Crypfosysfems for confidenfioIify
Signofures, MAC for oufhenficofion
More, `AppIied infroducfion fo crypfo` nexf yeor
Infernef Threof modeI
Injecfion ond DOS offen eosier fhen Eovesdropping
Affockers: Hockers, Insiders, MoIwore
Infernef Securify Mechonisms, Sfondords:
`Secure funneIs` - IP-Sec, TLS/SSL, ,
FirewoIIs, infrusion defecfion, vuInerobiIify sconners
More, `secure communic. & commerce` nexf ferm