chapter21_Internet_Security.pdf

Computer Security:

Computer Security:

Principles and Practice

Principles and Practice

First Edition First Edition

by William Stallings and Lawrie Brown by William Stallings and Lawrie Brown

Lecture slides by Lawrie Brown Lecture slides by Lawrie Brown

Chapter 21 – Internet Security

Chapter 21 – Internet Security

Internet Security Protocols

Internet Security Protocols

and Standards

and Standards

 Secure Sockets Layer (SSL) / Transport _{Secure Sockets Layer (SSL) / Transport}

Layer Security (TLS) Layer Security (TLS)

 IPv4 and IPv6 Security_{IPv4 and IPv6 Security}

 S/MIME (Secure/Multipurpose Internet _{S/MIME (Secure/Multipurpose Internet}

Secure Sockets Layer (SSL)

Secure Sockets Layer (SSL)

 transport layer security service_{transport layer security service}  originally developed by Netscapeoriginally developed by Netscape  version 3 designed with public inputversion 3 designed with public input

 subsequently became Internet standard _{subsequently became Internet standard}

RFC2246: Transport Layer Security (TLS) RFC2246: Transport Layer Security (TLS)

 use TCP to provide a reliable end-to-end service_{use TCP to provide a reliable end-to-end service}  _{may be provided in underlying protocol suitemay be provided in underlying protocol suite}

SSL Record Protocol Services

SSL Record Protocol Services

 message integrity_{message integrity}

 using a MAC with shared secret keyusing a MAC with shared secret key

 similar to HMAC but with different paddingsimilar to HMAC but with different padding

 confidentiality_{confidentiality}

 using symmetric encryption with a shared using symmetric encryption with a shared

secret key defined by Handshake Protocol secret key defined by Handshake Protocol

 AES, IDEA, RC2-40, DES-40, DES, 3DES, AES, IDEA, RC2-40, DES-40, DES, 3DES,

Fortezza, RC4-40, RC4-128 Fortezza, RC4-40, RC4-128

SSL Record Protocol

SSL Record Protocol

SSL Change Cipher Spec

SSL Change Cipher Spec

Protocol

Protocol

 one of 3 SSL specific protocols which use _{one of 3 SSL specific protocols which use}

the SSL Record protocol the SSL Record protocol

 a single message_{a single message}

SSL Alert Protocol

SSL Alert Protocol

 _{conveys SSL-related alerts to peer entityconveys SSL-related alerts to peer entity}  severity_severity

• warning or fatal_{warning or fatal}

 specific alert_{specific alert}

• fatal: unexpected message, bad record mac, _{fatal: unexpected message, bad record mac,}

decompression failure, handshake failure, illegal decompression failure, handshake failure, illegal parameter

parameter

• warning: close notify, no certificate, bad certificate, _{warning: close notify, no certificate, bad certificate,} unsupported certificate, certificate revoked,

unsupported certificate, certificate revoked, certificate expired, certificate unknown

certificate expired, certificate unknown

SSL Handshake Protocol

SSL Handshake Protocol

 allows server & client to:_{allows server & client to:}

 authenticate each otherauthenticate each other

 to negotiate encryption & MAC algorithmsto negotiate encryption & MAC algorithms  to negotiate cryptographic keys to be usedto negotiate cryptographic keys to be used

 comprises a series of messages in phases_{comprises a series of messages in phases}

1.

1. Establish Security CapabilitiesEstablish Security Capabilities

2.

2. Server Authentication and Key ExchangeServer Authentication and Key Exchange

3.

3. Client Authentication and Key ExchangeClient Authentication and Key Exchange

4.

IP Security

IP Security

 various application security mechanisms_{various application security mechanisms}

 eg. S/MIME, PGP, Kerberos, SSL/HTTPSeg. S/MIME, PGP, Kerberos, SSL/HTTPS

 security concerns cross protocol layers_{security concerns cross protocol layers}

 hence would like security implemented by _{hence would like security implemented by}

the network for all applications the network for all applications

 authentication & encryption security _{authentication & encryption security}

features included in next-generation IPv6 features included in next-generation IPv6

IPSec

IPSec

 general IP Security mechanisms_{general IP Security mechanisms}

 provides_provides

 authenticationauthentication  confidentialityconfidentiality

 key managementkey management

 applicable to use over LANs, across public _{applicable to use over LANs, across public}

Benefits of IPSec

Benefits of IPSec

 in a firewall/router provides strong security _{in a firewall/router provides strong security}

to all traffic crossing the perimeter to all traffic crossing the perimeter

 in a firewall/router is resistant to bypass_{in a firewall/router is resistant to bypass}

 is below transport layer, hence transparent _{is below transport layer, hence transparent}

to applications to applications

 can be transparent to end users_{can be transparent to end users}

IP Security Architecture

IP Security Architecture

 mandatory in IPv6, optional in IPv4_{mandatory in IPv6, optional in IPv4}  have two security header extensions:_{have two security header extensions:}

 Authentication Header (AH)Authentication Header (AH)

 Encapsulating Security Payload (ESP)Encapsulating Security Payload (ESP)

 Key Exchange functionKey Exchange function

 VPNs want both authentication/encryption_{VPNs want both authentication/encryption}

 hence usually use ESPhence usually use ESP

 specification is quite complex_{specification is quite complex}

Security Associations

Security Associations

 a one-way relationship between sender & _{a one-way relationship between sender &}

receiver that affords security for traffic flow receiver that affords security for traffic flow

 defined by 3 parameters:_{defined by 3 parameters:}

 Security Parameters Index (SPI)Security Parameters Index (SPI)  IP Destination AddressIP Destination Address

 Security Protocol IdentifierSecurity Protocol Identifier

 has a number of other parameters_{has a number of other parameters}

 seq no, AH & EH info, lifetime etcseq no, AH & EH info, lifetime etc

Authentication Header (AH)

Authentication Header (AH)

 provides support for data integrity & _{provides support for data integrity &}

authentication of IP packets authentication of IP packets

 end system/router can authenticate user/append system/router can authenticate user/app  prevents address spoofing attacks by tracking prevents address spoofing attacks by tracking

sequence numbers sequence numbers

 based on use of a MAC_{based on use of a MAC}

 HMAC-MD5-96 or HMAC-SHA-1-96HMAC-MD5-96 or HMAC-SHA-1-96

Encapsulating Security

Encapsulating Security

Key Management

Key Management

 handles key generation & distribution_{handles key generation & distribution}  typically need 2 pairs of keys_{typically need 2 pairs of keys}

 2 per direction for AH & ESP2 per direction for AH & ESP

 manual key management_{manual key management}

 sysadmin manually configures every systemsysadmin manually configures every system

 automated key management_{automated key management}

 automated system for on demand creation of automated system for on demand creation of

keys for SA’s in large systems keys for SA’s in large systems

S/MIME (Secure/Multipurpose

S/MIME (Secure/Multipurpose

Internet Mail Extensions)

Internet Mail Extensions)

 security enhancement to MIME email_{security enhancement to MIME email}

 original Internet RFC822 email was text onlyoriginal Internet RFC822 email was text only  MIME provided support for varying content MIME provided support for varying content

types and multi-part messages types and multi-part messages

 with encoding of binary data to textual formwith encoding of binary data to textual form  S/MIME added security enhancementsS/MIME added security enhancements

 have S/MIME support in many mail agents_{have S/MIME support in many mail agents}

S/MIME Functions

S/MIME Functions

 enveloped data_{enveloped data}

 encrypted content and associated keysencrypted content and associated keys

 signed data_{signed data}

 encoded message + signed digestencoded message + signed digest

 clear-signed data_{clear-signed data}

 cleartext message + encoded signed digestcleartext message + encoded signed digest

 signed & enveloped data_{signed & enveloped data}

S/MIME Cryptographic

S/MIME Cryptographic

Algorithms

Algorithms

 digital signatures: DSS & RSA_{digital signatures: DSS & RSA}

 hash functions: SHA-1 & MD5_{hash functions: SHA-1 & MD5}

 session key encryption: ElGamal & RSA_{session key encryption: ElGamal & RSA}

 message encryption: AES, 3DES, etc_{message encryption: AES, 3DES, etc}  MAC: HMAC with SHA-1_{MAC: HMAC with SHA-1}

 must map binary values to printable ASCII_{must map binary values to printable ASCII}

S/MIME Public Key Certificates

S/MIME Public Key Certificates

 S/MIME has _{S/MIME has} effective encryption and _{effective encryption and}

signature services signature services

 but also need to _{but also need to} manage public-keys_{manage public-keys}  S/MIME uses X.509 v3 certificates_{S/MIME uses X.509 v3 certificates}

 each client has a list of trusted CA’s certs_{each client has a list of trusted CA’s certs}  and own public/private key pairs & certs_{and own public/private key pairs & certs}

Summary

Summary

 Secure Sockets Layer (SSL) / Transport _{Secure Sockets Layer (SSL) / Transport}

Layer Security (TLS) Layer Security (TLS)

 IPv4 and IPv6 Security_{IPv4 and IPv6 Security}

 S/MIME (Secure/Multipurpose Internet _{S/MIME (Secure/Multipurpose Internet}