CNS Lecture 13

CNS Lecture 13

In the news CNS Lecture 13 Microsoft workstation server buffer overflow Microsoft XML core services remote code execution Network defenses Microsoft agent buffer overflow IPsec WinZip remote code execution Virtual Private Networks (VPNs) Wireless security Kerberos Trusted systems Secure OS CNS Lecture 13 - 2 Network security You are here … Attacks & Defenses Cryptography Applied crypto VULNERABILITIES COUNTERMEASURES • denial of service • disable denial of service disable • Risk assessment •Random numbers •SSH – ICMP smurf, redirects, unreachable • configure properly – SYN flooding • xinetdxinetd,, tcpwrappers • Viruses – frag, teardrop – filters (allow, deny) •Hash functions •PGP • • Unix security impersonationimpersonation – audit and alarm – host rename (LAN) • filtering portmap MD5, SHA,RIPEMD • • S/Mime – DNS • application filtering ((securelibsecurelibsecurelib)))) authentication – source routing • patches • Network security •Classical + stego •SSL • Session capture/modification • scanners ((NessusNessusNessus,, ISS) – TCP seq number guessing • Firewalls,vpn,IPsec,IDS firewalls •Number theory •Kerberos – TCP hijacking • intusionintusion detection & response • Forensics – sniffing • encryption, virtual private networks ((VPNsVPNsVPNs)))) • • • Server/application attacks Symmetric key IPsec – application flooding (ftp,mail,echo) – buffer overflows DES, RijndaelRijndael,, RC5 •Crypto APIs – Software bugs •Public key •Secure coding RSA, DSA, DD----H,ECCH,ECC CNS Lecture 13 - 3 CNS Lecture 13 - 4 Where to encrypt? Internet protocol (IP) link layer •encrypting modem, NIC (wireless) •transparent,fast Is IP secure? •suitable for private net •protects only one link (pt-to-pt) •info may be exposed in OS • integrity ------checksums? network/transport layer •swIPe, IPv6(IPsec) • can you trust the source address? •transparent • privacy? •selectable (policy) •appl./host/net keying • IP security option (RFC 760) •works over public net – •virtual private network (VPN) military security model: subject/object labels •system layer: encrypting file systems (EFS/CFS) –label each IP datagram (secret, top secret, unclassified) application layer –IP stack and routers enforce access controls •end-to-end over public net •custom applications (PGP, ssh, ssl) –only effective in very controlled environment •intrusive, but flexible •API for application development CNS Lecture 13 - 5 CNS Lecture 13 - 6 1 IP header IP security option RFC 760 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 This option provides a way for DoD hosts to send security and TCC (closed user groups) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ parameters through networks whose transport leader does not contain fields for this information . |Version| IHL |Type of Service| Total Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +--------+--------+---------+--------+ | Identification |Flags| Fragment Offset | |00000010|00000100|000000SS | TCC | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +--------+--------+---------+--------+ Type=2 Length=4 | Time to Live | Protocol | Header Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Security: 2 bits | Source Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Specifies one of 4 levels of security | Destination Address | 11-top secret +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 10-secret | OPTIONAL Options | Padding | 01-confidential 00-unclassified +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Transmission Control Code: 8 bits IPv4 Header Format Provides a means to compartmentalize traffic and define controlled communities of interest Protocols: 1 ICMP 6 TCP 17 UDP 50 ESP 51 AH among subscribers. But the IP header is easliy forged! CNS Lecture 13 - 7 CNS Lecture 13 - 8 TCP keyed-MD5 option IPsec – new IP security headers • RFC 2385 (BGP, LDP, MSDP) • RFC's for IPsec (v4 and v6) IETF IPsec RFC’s –Authenticate routing protocols • specifies implementation RFC2406 ESP • Include a keyedkeyed----MD5MD5 checksum in TCP option field • authenticated packets RFC2402 AH –Each TCP segment carries keyed checksum –prevents spoofed source addresses RFC2104 HMAC –Implemented in kernel • encrypted packets (transport or tunnel) RFC2412 Oakley –prevents sniffing • Limited deployment: Cisco/Juniper routers, FreeBSD/FreeBSD/OpeOpenBSDnBSD RFC2408 ISAKMP • does not specify policy • setsockoptsetsockopt()() to enable and set key TCP_MD5SIG RFC2409 IKE • now includes key management • Probably better to use HMAC as part of “““application“application packetpacket””””or RFC3715 IPsec and NAT • could use on a host use secure transport (SSL, IPsecIPsec)))) • could use on a router (tunnels) CNS Lecture 13 - 9 CNS Lecture 13 - 10 IPsec IPsec services • IPIP protos 50 and 51 for IPv4 • Access control • authenticated (51) and/or • Connectionless integrity encrypted (50) datagrams • Data origin authentication • system manager sets "policy" • Rejection of replayed packets • no changes to application (or • Confidentiality (encryption) optional) • key management (IKE) • can tunnel IP datagrams(VPN) can tunnel IP datagrams (VPN) Encryption without authentication is useless • implementationsimplementations availableavailable • US export controls limiting CNS Lecture 13 - 11 CNS Lecture 13 - 12 2 IPsec protocol Security Association (SA) • Establish a security association in each direction • sender/receiver security info –negotiate parameters/algorithms • SA for each direction –establish a secret (session key) –authenticate • maintained by kernel –not unlike ssh/ssl • identify by SPI (handle) and destination • keyed hashes (md5/sha/tiger) HMAC • specifies • public keys (RSA/DSA) or prepre----sharedshared secret – • block encryption encryption key, IV, algorithm (DES, 3DES,CAST, Blowfish,AES) –AES/DES/3DES/blowfish/CAST/IDEA/RC5 –authentication algorithm (MD5, SHA) • DiffieDiffie----HellmanHellman (mod p or ECC) –key lifetimes • tunnel and transport mode –SA lifetime • Requires modifications to OS!OS ! Requires modifications to OS !! –security labels CNS Lecture 13 - 13 CNS Lecture 13 - 14 SA authentication /* Security association data for IP Security */ struct key_secassoc { • negotiate u_int8 len; /* Length of the data (for radix) */ u_int8 type; /* Type of association */ • MD5/SHA HMAC (keyed) u_int8 state; /* State of the association */ u_int8 label; /* Sensitivity label (unused) */ • calculated over nonnon----changingchanging fields of IP packet u_int32 spi; /* SPI */ u_int8 keylen; /* Key length */ –headers (IP and TCP/ UDP) and user data u_int8 ivlen; /* Initialization vector length */ u_int8 algorithm; /* Algorithm switch index */ –NAT causes problems (IP source address changes) u_int8 lifetype; /* Type of lifetime */ caddr_t iv; /* Initialization vector */ dilemma: using source IP address as security token, but hosts have caddr_t key; /* Key */ multiple and changing IP addresses today u_int32 lifetime1; /* Lifetime value 1 */ u_int32 lifetime2; /* Lifetime value 2 */ • IP proto 51 RFC 2402 AH packet SOCKADDR *src; /* Source host address */ SOCKADDR *dst; /* Destination host address */ SOCKADDR *from; /* Originator of association */ u_int32 tp_len; /* Transform private data: length */ void *tp_data; /* Transform private data: data */ }; CNS Lecture 13 - 15 CNS Lecture 13 - 16 AH header Transport and tunnel modes +------------+-------------------+------------+-------+---------------+ | IPv6 Header| Hop-by-Hop/Routing| Auth Header| Others| Upper Protocol| +------------+-------------------+------------+-------+---------------+ +-------------+--------------+-------------------------------+ | IPv4 Header | Auth Header | Upper Protocol (e.g. TCP, UDP)| +-------------+--------------+-------------------------------+ 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Next Header | Payload Len | RESERVED | Next header: e.g. TCP +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Security Parameters Index (SPI) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ SPI – index into SA table | Sequence Number Field | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Tunnel mode has additional header that | | Sequence # -- prevent replay can specify different target (e.g. firewall or VPN) + Authentication Data (variable) | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Authentication -- HMAC CNS Lecture 13 - 17 CNS Lecture 13 - 18 3 IPsec encryption ESP header |<-- Unencrypted -->|<---- Encrypted ------>| • IPIP protoproto 5050 RFCRFC 24062406 ESPESP +-------------+--------------------+------------+---------------------+ | IP Header | Other IP Headers | ESP Header | encrypted data | +-------------+--------------------+------------+---------------------+ 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ---- | Security Parameters Index (SPI) | ^Auth. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Coverage | Sequence Number | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ---- | Payload Data* (variable) | | ^ ~ ~ | | | | |Conf. + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Coverage | | Padding (0-255 bytes) | | | +-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | | Pad Length | Next Header

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    16 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us