sign in sign up
<<
Home , Transport layer

CS 356 Security Protocols

Fall 2013 Review • Chapter 1: Basic Concepts and Terminology • Chapter 2: Basic Cryptographic Tools • Chapter 3 – User Authentication • Chapter 4 – Access Control Lists • Chapter 5 – Database Security (skipped) • Chapter 6 – Malicious Software • Networking Basics (not in book) • Chapter 7 – Denial of Service • Chapter 8 – Intrusion Detection • Chapter 9 – Firewalls and Intrusion Prevention • Chapter 10 – Buffer Overflow • Chapter 11 – Software Security • Chapter 12 – OS Security • Chapter 22 – Internet Security Protocols Chapter 22

Internet Security Protocols and Standards But First!!!! Question #1: What was the first “killer app” on a PC? Question #1: What was the first “killer app” on a PC? Answer: VISICALC, the world’s 1 st spreadsheet Question #2: What was the first and is still the biggest Internet “killer app”?

Facebook? (850 million users) Twitter? (500 million users) YouTube? BitTorrent? World of Warcraft? Something else? Question #2: What was the first and is still the biggest Internet “killer app”? Answer: EMAIL EMAIL Popularity RFC 821

• Codified by Jon Postel in 1982 • Postel laid out the essential messaging framework for Internet-connected computers (what today we’d call ISPs or service providers) to exchange and forward messages. To be sure, the technology was raw and has been updated many times since (attachments and multi-part messages were standardized in the early 1990s, for instance). Question #3 Who’s that MIME? Question #3 Who’s that MIME?

But this isn’t the type of MIME used by EMAIL… MIME and S/MIME

MIME S/MIME • extension to the old RFC 822 specification of an • Secure/Multipurpose Internet mail format Internet Mail Extension – RFC 822 defines a simple • security enhancement to heading with To, From, the MIME Internet e-mail Subject format – assumes ASCII text format – based on technology from RSA Data Security – provides a number of new header fields that define – provides the ability to sign and/or encrypt e-mail information about the body messages of the message MIME Content Types S/MIME Content Types Typical S/MIME Process

Bob's private Alice's public key One-time key session key

DhYz949avHVA t5UpjUXn8L79o ADnluV3vpuhE HMEcMBB1K9 This is an This is an Y8ZoJOYAmF2 S/MIME S/MIME BsIpLbjDkNJQR message from message from j98IklSSmju650 Bob to Alice. Bob to Alice. SoDlFkYYtTqw Bob will sign Bob will sign po9812KKlmHx and encrypt the and encrypt the cFGIU8700qQrR message before message before sdfgIUYTp0m8 sending it to sending it to H7G4FF32jkoN NNmj78uqwplH

Plaintext message Digital signature Message with Encrypted copy Document converted (unisigned) added signature encrypted of session key to Radix-64 format (DSS/SHA) with one-time added session key (El Gamal) (Triple DES)

Figure 22.1 Typical S/MIME Process S/MIME Cryptographic Algorithms • default algorithms used for signing messages are DSS and SHA-1 • RSA public-key encryption algorithm can be used with SHA-1 or the MD5 message digest algorithm for forming signatures • radix-64 or base64 mapping is used to map the signature and message into printable ASCII characters S/MIME Public Key Certificates

• default algorithms used for encrypting S/MIME messages are 3DES and EIGamal – EIGamal is based on the Diffie-Hellman public-key exchange algorithm • if encryption is used alone radix-64 is used to convert the ciphertext to ASCII format • basic tool that permits widespread use of S/MIME is the public-key certificate • S/MIME uses certificates that conform to the international standard X.509v3 S/MIME Functions DomainKeys Identified Mail (DKIM) • specification of cryptographically signing e-mail messages permitting a signing domain to claim responsibility for a message in the mail stream • proposed Internet Standard (RFC 4871: DomainKeys Identified Mail (DKIM) Signatures) • has been widely adopted by a range of e-mail providers Message transfer Message transfer Message transfer agent (MTA) agent (MTA) agent (MTA) SMTP SMTP

SMTP (SMTP, local)

Mail submission Mail delivery agent (MSA) Message handling agent (MDA) system (MHS)

(SMTP, SMTP local) Internet

Message user Message Message store Mail agent (MUA) author (MS) Architecture

(IMAP, POP, local)

Message Message user recipient agent (MUA)

Figure 22.2 Function Modules and Standardized Protocols Used Between Them SMTP MTA MTA

SMTP SMTP

DNS Public key query/response Signer Verifier DNS MSA MDA POP, IMAP Example of SMTP DKIM MUA Deployment MUA

Mail origination Mail delivery network network

DNS = MDA = mail delivery agent MSA = mail submission agent MTA = message transfer agent MUA = message user agent

Figure 22.3 Simple Example of DKIM Deployment Today’s ACTING lesson

I need 3 volunteers, preferably someone who can act… You receive this EMAIL It takes you to this web site Or maybe this web site

Unknown Web site Certificate

Accept Anyway?

yes no Secure Sockets Layer (SSL) • one of the most widely used security services • general-purpose service implemented as a set of protocols that rely on TCP • subsequently became Internet standard RFC2246: (TLS) SSL

SSL SSL Change Handshake Cipher Spec SSL Alert HTTP Protocol Protocol Protocol

SSL Record Protocol

TCP

IP

Figure 22.4 SSL Protocol Stack SSL Record Protocol Operation

Application Data

Fragment

Compress

Add MAC

Encrypt

Append SSL Record Header

Figure 22.5 SSL Record Protocol Operation SSL Change Cipher Spec Protocol • one of three SSL specific protocols that use the SSL Record Protocol • is the simplest • consists of a single message which consists of a single byte with the value 1 • sole purpose of this message is to cause pending state to be copied into the current state • hence updating the cipher suite in use SSL Alert Protocol SSL Handshake Protocol

• most complex part of SSL • is used before any application data are transmitted • allows server and client to:

• comprises a series of messages exchanged by client and server • exchange has four phases Client Server c lient_he llo Phase 1 Establish security capabilities, including protocol version, session ID, cipher suite, hello server_ compression method, and initial random numbers. SSL ate certific change key_ex server_ Phase 2 Server may send certificate, key exchange, request Handshake _ rtificate and request certificate. Server signals end ce of hello message phase. one hello_d server_ Protocol cert Time ificate client_ Phase 3 key_ex change Client sends certificate if requested. Client sends key exchange. Client may send ce rtificate certificate verification. _verify

chan ge_ciph er_spec

finished Phase 4 Change cipher suite and finish _spec _cipher handshake protocol. change

finished

Note: Shaded transfers are optional or situation-dependent messages that are not always sent.

Figure 22.6 Handshake Protocol Action HTTPS (HTTP over SSL) • combination of HTTP and SSL to implement secure communication between a Web browser and a Web server • built into all modern Web browsers – search engines do not support HTTPS – URL addresses begin with :// – documented in RFC 2818, HTTP Over TLS – agent acting as the HTTP client also acts as the TLS client – closure of an HTTPS connection requires that TLS close the connection with the peer TLS entity on the remote side, which will involve closing the underlying TCP connection Virtual Private Networks (VPN)

A secure tunnel through the internet Before VPNs

• Corporations used LEASED LINES to create a WAN among their various geographic sites VPN

From Wikipedia IP Security (IPsec)

• various application security mechanisms – S/MIME, PGP, Kerberos, SSL/HTTPS • security concerns cross protocol layers • would like security implemented by the network for all applications • authentication and encryption security features included in next-generation IPv6 • also usable in existing IPv4 IPsec

• general IP •Provides: security mechanism s • provides the capability to secure communications across a LAN, across private and public WANs, and across the Internet IPsec Uses Benefits of IPsec

• when implemented in a or router, it provides strong security to all traffic crossing the perimeter • in a firewall it is resistant to bypass • below transport layer, hence transparent to applications • can be transparent to end users • can provide security for individual users • secures routing architecture The Scope of IPsec Security Associations

• a one-way relationship between sender and receiver that affords security for traffic flow – if a peer relationship is needed for two-way secure exchange then two security associations are required • is uniquely identified by the Destination Address in the IPv4 or IPv6 header and the SPI in the enclosed extension header (AH or ESP) Encapsulating Security Payload (ESP) Bit: 0 1624 31

Security Parameters Index (SPI) Sequence Number

Payload Data (variable) Authentication Coverage Padding (0 - 255 bytes) ConfidentialityCoverage Pad Length Next Header

Authentication Data (variable)

Figure 22.7 IPSec ESP Format Transport and Tunnel Modes

• transport mode protection • tunnel mode provides protection extends to the payload of an IP to the entire IP packet packet • the entire original packet travels • typically used for end-to-end through a tunnel from one point communication between two of an IP network to another hosts • used when one or both ends of a • ESP in transport mode encrypts security association are a and optionally authenticates the security gateway such as a IP payload but not the IP header firewall or router that implements IPsec • with tunnel mode a number of hosts on networks behind firewalls may engage in secure communications without implementing IPsec Summary

• secure E-Mail and S/MIME • HTTPS • DomainKeys Identified Mail – connection initiation – Internet mail architecture – connection closure – DKIM strategy • Virtual Private Networks • Secure Sockets Layer (VPN) (SSL) and Transport Layer • IPv4 and IPv6 security Security (TLS) – IP security overview – SSL architecture – scope of IPsec – SSL record protocol – security associations – change cipher spec – encapsulating security protocol payload – alert protocol – transport and tunnel modes – handshake protocol