How To Protect Your Data From Attack

Lehrstuhl für Informatik 4

Kommunikation und verteilte Systeme

Page 1

Chapter 1: Introduction

Security in

Communication Networks

Lehrstuhl für Informatik 4

RWTH Aachen

Prof. Dr. Otto Spaniol

Dr. rer. nat. Dirk Thißen

Lehrstuhl für Informatik 4

Kommunikation und verteilte Systeme

Page 2

Chapter 1: Introduction

• Fortnightly

• Exercise is given on Monday, 16:45 – 18:15 • Frontal exercise

• Exact dates depend upon the lecture dates • Exercise sheets are provided on the web

page two weeks before an exercise date

Exercises

Planned exercise dates: 23.4. 7.5. 4.6. 25.6. 9.7.

Organization

Lecture

Lehrstuhl für Informatik 4

Kommunikation und verteilte Systeme

Page 3

Chapter 1: Introduction

Organization

Prof. Dr. Otto Spaniol, Dr. Dirk Thißen Lehrstuhl für Informatik 4, RWTH Aachen Ahornstraße 55, 52074 Aachen

Phone: 0241 / 80 – 21400/21450

eMail: {spaniol, thissen}@informatik.rwth-aachen.de

Contact Information for questions regarding lecture/exercises

http://www-i4.informatik.rwth-aachen.de/content/teaching/lectures/sub/sikon/sikonSS07/index.html

Slide Copies

At the end of summer term

Written Exam

• Copies to the lecture slides as well as exercise sheets are placed on the web page to the lecture:

Lehrstuhl für Informatik 4

Kommunikation und verteilte Systeme

Page 4

Chapter 1: Introduction

Literature

• Kaufman, Charlie; Perlman, Radia; Speciner, Mike: Network Security – Private

Communication in a Public World. Prentice-Hall, 2002

• Schneier, Bruce: Applied Cryptography - Protocols, Algorithms, and Source Code in C. John Wiley & Sons, 1996

• Mao, Wenbo: Modern Cryptography. Prentice Hall, 2004

• Spaniol, Otto; Güneş, Mesut: Skript zur Vorlesung “Sicherheit in Kommunikationsnetzen”. Mainz-Verlag, 2000

Lehrstuhl für Informatik 4

Kommunikation und verteilte Systeme

Page 5

Chapter 1: Introduction

Evolution of the Internet

• “Necessity is the mother of invention, and computer networks are the mother of modern cryptography“ - R. L. Rivest

• The Story of the Internet:

During the latter half of the 1980's ARPANET moved from the research domain into a transcontinental reality

In November 1988 the "Internet worm" brought the ARPANET to its knees

Since then an almost continuous stream of security-related incidents has affected thousands of computer systems and networks throughout the world (see for more information http://www.cert.org)

By 2005, the Internet had grown from 60,000 host computer systems to over 350 million

Many companies and private users now rely on the Internet for their daily business and private communication (sharing financial, business, or personal information)

Attacks: illegal gain of information, unrecognized change of information, disturbance of the functionality (Confidentiality, Integrity, Availability)

Lehrstuhl für Informatik 4

Kommunikation und verteilte Systeme

Page 6

Chapter 1: Introduction

Attacks on Computer

• Stand-alone computer system (UNIX operating system):

Only legitimate user with physical access to the computer system is able to log in by providing name and password

Attacker must have physical access and the login information • Networked computer (UNIX operating system):

System makes available some basic network services:

• telnetd: remote terminal access service, provided at port 23 • sendmail: electronic mail service, provided at port 25

• httpd: WWW, provided at port 80

• nsfd: network file service, provided at port 2049
Attacker does not need physical access

Lehrstuhl für Informatik 4

Kommunikation und verteilte Systeme

Page 7

Chapter 1: Introduction

Attacks on Computer

• Only an attacker who is able to physically access or connect to a computer system can attack it

→By adding more network connections, more vulnerabilities are added automatically

• A networked computer system runs software that is inherently more complex and error prone

→An attacker must know and be able to exploit just one single bug (administrator or security expert must know and fix each bug)

Security Goal: protect networked computers by separating a company network from the Internet (e.g. by a Firewall)

Lehrstuhl für Informatik 4

Kommunikation und verteilte Systeme

Page 8

Chapter 1: Introduction

Attacks on Communication Processes

Passive Attack:

• Passive wiretapping attack: the attacker is able to interpret the data and to extract information

• Traffic analysis attack: attacker can observe who communicates with whom (e.g. two companies begin to exchange a large number of messages and combines them)

• Available programs: etherfind, tcpdump, ... Active Attack:

• Modify, extend, delete, and replay data units • Influence or modify routing tables

• Denial of service attack (flood a server)

Netw ork

Router

attacker

Lehrstuhl für Informatik 4

Kommunikation und verteilte Systeme

Page 9

Chapter 1: Introduction

Security in Communication Processes

Confidentiality

• Message contents should be kept confidential; i.e., only the communication partners may see it

• Sender and/or receiver of messages should remain anonymous, and third parties (including the network operators) should be unable to observe their communication • Neither potential communication partners nor third parties (including the network

operators) should be able to locate mobile stations

Integrity

• Forging message contents (including sender’s address) should be detected

• The recipient of a message should be able to prove that a particular message has been sent, and if that the addressee has received the message

• Nobody can cheat the network operators in terms of usage fees. On the other hand, the network operators can only charge fees for correctly delivered services

Availability

• The communication network enables communication between all parties who wish to communicate and who are allowed to do so

Lehrstuhl für Informatik 4

Kommunikation und verteilte Systeme

Page 10

Chapter 1: Introduction

Security Techniques

• Known techniques for

Confidentiality: Data encryption, anonymity techniques

Integrity: Data encryption, digital signatures, access control and authentication
Availability: Fault-tolerant systems, access control, firewall, intrusion detection • Important term: Cryptography

Secrecy

• Steganography: Hide message, e.g. in a picture

• Encryption: enc_algorithm: (plaintext, key) → ciphertext
Authentication

• Identification, entity authentication: Who is currently on the other end of this connection?

• Message authentication: Who created this message?

Lehrstuhl für Informatik 4

Kommunikation und verteilte Systeme

Page 11

Chapter 1: Introduction

Requirement: Trusted Domains

Source

Trusted Domain

Protection technique

Untrusted Area

Nearly no security technique is perfect: you mostly need to trust somebody: • Protection against every possible attacker is impossible

• Before the design of a protection technique it is necessary to identify trusted domains • A trusted domain comprises systems or parts of systems (e.g. security module)

• No attackers are assumed within a trusted domain (restriction of the attacker) • A trusted domain is always related to a single user or group of users

Destination Trusted Domain

Lehrstuhl für Informatik 4

Kommunikation und verteilte Systeme

Page 12

Chapter 1: Introduction

Shared-key Encryption Scheme

Encryption algorithm Secret Channel k enc(k, m) m Key generator Decryption algorithm m or „error“ random secur . par a m. k Trusted Domain k m = message, k = key • One-time pad, DES, IDEA etc.

• Can handle data volumes of several Gigabyte/s, but security is questionable • Key sizes of 56-128 bit

Lehrstuhl für Informatik 4

Kommunikation und verteilte Systeme

Page 13

Chapter 1: Introduction

Shared-key Authentication Scheme

Test algorithm Secret Channel k m, auth(k, m) “ok” or “error” Key generator Auth. algorithm m random secur . par a m. k Trusted Domain k m = message, k = key • Message authentication codes

• Specific constructions, or based on block ciphers or keyed hash functions • Limitation: third party cannot check authenticity

Lehrstuhl für Informatik 4

Kommunikation und verteilte Systeme

Page 14

Chapter 1: Introduction

Cryptographic Hash Functions

• Hash Function H:
variable length in

fixed length out (≥128 bit) • One-way:

easy to compute
infeasible to invert • Collision resistant

• Practical hash functions:
SHA, MD5, etc.

• Cryptographic primitive

H: collision-resistant one-way hash-function
fixed H: H(x) “simulates” a random oracle

variable H: Keyed hash functions, family of hash functions

H

≠

easy

Lehrstuhl für Informatik 4

Kommunikation und verteilte Systeme

Page 15

Chapter 1: Introduction

Public-key Encryption Scheme

Encryption algorithm Authenticated Channel pk enc(pk, m) _m Key generator Decryption algorithm m or „error“ random secur . par a m. pk Trusted Domain sk Trusted Domain

m = message, sk = secret key, pk = public key • RSA, Diffie-Hellman/El Gamal

• About 10 times slower than symmetric schemes • “Key size” of 512-2048 bit for RSA

Lehrstuhl für Informatik 4

Kommunikation und verteilte Systeme

Page 16

Chapter 1: Introduction

Digital Signature Scheme

Test algorithm Authenticated Channel pk m, sign(sk, H(m)) Key generator Signature algorithm m random secur . par a m. pk Trusted Domain sk Trusted Domain “ok” or „error“

m = message, sk = secret key, pk = public key, H = hash function • Digital Signature: A hash value (collision-resistant) of a message is encrypted with the

secret key of a public-key encryption scheme. • RSA, El Gamal, etc.

Lehrstuhl für Informatik 4

Kommunikation und verteilte Systeme

Page 17

Chapter 1: Introduction

Access Control

•In general: authentication refers to the process of verifying the claimed identity of a principal

•User → Computer

Knows (proof of knowledge)

Possesses (proof of possession)

Biometric characteristics (proof by property) •User → System (via network)

Password-Based (Name A, Password B)
Address-Based (Name A, Address B)
Cryptographic:

Name: A Challenge: X Response: Y=f(X)

Lehrstuhl für Informatik 4

Kommunikation und verteilte Systeme

Page 18

Chapter 1: Introduction

Security in Layered Protocols

Application Transport IP PGP, PEM, ... SSH, SSL, ... AH, ESP Application Transport IP

PGP = Pretty Good Privacy, PEM = Privacy Enhanced Mail, SSH = Secure Shell, SSL= Secure Socket Layer, AH = Authentication Header, ESP = Encapsulating Security Payload • There are always alternative ways to provide a (security) service

Higher layers are more application dependent and technology independent

End-to-end security is easier provided at higher layers; link (point-to-point) security at lower layers

Higher layers are more likely implemented in software; lower layers in hardware
Higher layer encryption cannot protect lower layer headers; lower layer encryption

may have to trust intermediate nodes

Lehrstuhl für Informatik 4

Kommunikation und verteilte Systeme

Page 19

Chapter 1: Introduction

Anonymity

• Multi-party protocol: collectively use of cryptographic protocols

• The sender and/or the recipient of a communication can remain anonymous

• Nobody (not even the network operator) can trace communication relations

Lehrstuhl für Informatik 4

Kommunikation und verteilte Systeme

Page 20

Chapter 1: Introduction

Protection of Networks: Firewall

• A firewall represents a barrier between a privately owned and protected network and another network (e.g. the Internet)

• Purpose: prevent unwanted and unauthorized communication into or out of the protected network

• Assume: Firewall is a trusted domain

Intranet Internet

Accessibility Security Firewall

Lehrstuhl für Informatik 4

Kommunikation und verteilte Systeme

Page 21

Chapter 1: Introduction

Protection of Networks: Intrusion Detection

System (IDS)

• IDS is a “burglar alarm for computers and networks” • Functional components

An analysis engine that finds signs of intrusion

A response component that generates reactions based on the outcome of the analysis engine

• Analysis engine:

Offline: analysis of stored log data

Online: “on the fly analysis” of observed data • Response capabilities after analysis:

Alarm

Deny operation

• Attack Recognition: learning of attack patterns or usual habit of users → Privacy problem

Lehrstuhl für Informatik 4

Kommunikation und verteilte Systeme

Page 22

Chapter 1: Introduction

Content

Chapter 2: Security Techniques Background • Secret Key Cryptography

• Public Key Cryptography • Hash Functions

• Authentication

Chapter 3: Security on Network and Transport Layer • e.g. IPsec, SSL, TLS, …

Chapter 4: Security on the Application Layer • e.g. Kerberos, PGP

Chapter 5: Security Concepts for Networks • e.g. Firewalls, Intrusion Detection