《计算机网络英文课件:Chapter_8 Security》由会员分享,可在线阅读,更多相关《计算机网络英文课件:Chapter_8 Security(131页珍藏版)》请在金锄头文库上搜索。
1、8-1Chapter 8SecurityComputer Networking: A Top Down Approach 6th edition Jim Kurose, Keith RossAddison-WesleyMarch 2012A note on the use of these ppt slides:Were making these slides freely available to all (faculty, students, readers). Theyre in PowerPoint form so you see the animations; and can add
2、, modify, and delete slides (including this one) and slide content to suit your needs. They obviously represent a lot of work on our part. In return for use, we only ask the following:vIf you use these slides (e.g., in a class) that you mention their source (after all, wed like people to use our boo
3、k!)vIf you post any slides on a www site, that you note that they are adapted from (or perhaps identical to) our slides, and note our copyright of this material.Thanks and enjoy! JFK/KWR All material copyright 1996-2012 J.F Kurose and K.W. Ross, All Rights Reserved8-2Network SecurityChapter 8: Netwo
4、rk SecurityChapter goals: vunderstand principles of network security: cryptography and its many uses beyond “confidentiality”authenticationmessage integrityvsecurity in practice:firewalls and intrusion detection systemssecurity in application, transport, network, link layers8-3Network SecurityChapte
5、r 8 roadmap8.1 What is network security?8.2 Principles of cryptography8.3 Message integrity, authentication8.4 Securing e-mail8.5 Securing TCP connections: SSL8.6 Network layer security: IPsec8.7 Securing wireless LANs8.8 Operational security: firewalls and IDS8-4Network SecurityWhat is network secu
6、rity?confidentiality: only sender, intended receiver should “understand” message contentssender encrypts messagereceiver decrypts messageauthentication: sender, receiver want to confirm identity of each other message integrity: sender, receiver want to ensure message not altered (in transit, or afte
7、rwards) without detectionaccess and availability: services must be accessible and available to users8-5Network SecurityFriends and enemies: Alice, Bob, Trudyvwell-known in network security worldvBob, Alice (lovers!) want to communicate “securely”vTrudy (intruder) may intercept, delete, add messagess
8、ecuresenderssecurereceiverchanneldata, control messagesdatadataAliceBobTrudy8-6Network SecurityWho might Bob, Alice be?v well, real-life Bobs and Alices!vWeb browser/server for electronic transactions (e.g., on-line purchases)von-line banking client/servervDNS serversvrouters exchanging routing tabl
9、e updatesvother examples?8-7Network SecurityThere are bad guys (and girls) out there!Q: What can a “bad guy” do?A: A lot! See section 1.6eavesdrop: intercept messagesactively insert messages into connectionimpersonation: can fake (spoof) source address in packet (or any field in packet)hijacking: “t
10、ake over” ongoing connection by removing sender or receiver, inserting himself in placedenial of service: prevent service from being used by others (e.g., by overloading resources)8-8Network SecurityChapter 8 roadmap8.1 What is network security?8.2 Principles of cryptography8.3 Message integrity, au
11、thentication8.4 Securing e-mail8.5 Securing TCP connections: SSL8.6 Network layer security: IPsec8.7 Securing wireless LANs8.8 Operational security: firewalls and IDS8-9Network SecurityThe language of cryptographym plaintext messageKA(m) ciphertext, encrypted with key KAm = KB(KA(m)plaintextplaintex
12、tciphertextKAencryptionalgorithmdecryption algorithmAlices encryptionkeyBobs decryptionkeyKB8-10Network SecurityBreaking an encryption schemevcipher-text only attack: Trudy has ciphertext she can analyzevtwo approaches:brute force: search through all keys statistical analysisvknown-plaintext attack:
13、 Trudy has plaintext corresponding to ciphertexte.g., in monoalphabetic cipher, Trudy determines pairings for a,l,i,c,e,b,o,vchosen-plaintext attack: Trudy can get ciphertext for chosen plaintext8-11Network SecuritySymmetric key cryptographysymmetric key crypto: Bob and Alice share same (symmetric)
14、key: Kve.g., key is knowing substitution pattern in mono alphabetic substitution cipherQ: how do Bob and Alice agree on key value?plaintextciphertextKSencryptionalgorithmdecryption algorithmSKSplaintextmessage, mK (m)Sm = KS(KS(m)8-12Network SecuritySimple encryption schemesubstitution cipher: subst
15、ituting one thing for anothermonoalphabetic cipher: substitute one letter for anotherplaintext: abcdefghijklmnopqrstuvwxyzciphertext: mnbvcxzasdfghjklpoiuytrewqPlaintext: bob. i love you. aliceciphertext: nkn. s gktc wky. mgsbce.g.:Encryption key: mapping from set of 26 letters to set of 26 letters8
16、-13Network SecurityA more sophisticated encryption approachvn substitution ciphers, M1,M2,Mnvcycling pattern:e.g., n=4: M1,M3,M4,M3,M2; M1,M3,M4,M3,M2; .vfor each new plaintext symbol, use subsequent subsitution pattern in cyclic patterndog: d from M1, o from M3, g from M4 Encryption key: n substitu
17、tion ciphers, and cyclic patternkey need not be just n-bit pattern8-14Network SecuritySymmetric key crypto: DESDES: Data Encryption StandardvUS encryption standard NIST 1993v56-bit symmetric key, 64-bit plaintext inputvblock cipher with cipher block chainingvhow secure is DES?DES Challenge: 56-bit-k
18、ey-encrypted phrase decrypted (brute force) in less than a dayno known good analytic attackvmaking DES more secure:3DES: encrypt 3 times with 3 different keys8-15Network SecuritySymmetric key crypto: DESinitial permutation 16 identical “rounds” of function application, each using different 48 bits o
19、f keyfinal permutationDES operation8-16Network SecurityAES: Advanced Encryption Standardvsymmetric-key NIST standard, replacied DES (Nov 2001)vprocesses data in 128 bit blocksv128, 192, or 256 bit keysvbrute force decryption (try each key) taking 1 sec on DES, takes 149 trillion years for AES8-17Net
20、work SecurityPublic Key Cryptographysymmetric key cryptovrequires sender, receiver know shared secret keyvQ: how to agree on key in first place (particularly if never “met”)?public key cryptovradically different approach Diffie-Hellman76, RSA78vsender, receiver do not share secret keyvpublic encrypt
21、ion key known to allvprivate decryption key known only to receiver8-18Network SecurityPublic key cryptographyplaintextmessage, mciphertextencryptionalgorithmdecryption algorithmBobs public key plaintextmessageK (m)B+K B+Bobs privatekey K B-m = K (K (m)B+B-8-19Network SecurityPublic key encryption al
22、gorithmsneed K ( ) and K ( ) such thatBB.given public key K , it should be impossible to compute private key K BBrequirements:12RSA: Rivest, Shamir, Adelson algorithm+-K (K (m) = m BB-+-8-20Network SecurityPrerequisite: modular arithmeticvx mod n = remainder of x when divide by nvfacts:(a mod n) + (
23、b mod n) mod n = (a+b) mod n(a mod n) - (b mod n) mod n = (a-b) mod n(a mod n) * (b mod n) mod n = (a*b) mod nvthus (a mod n)d mod n = ad mod nvexample: x=14, n=10, d=2:(x mod n)d mod n = 42 mod 10 = 6xd = 142 = 196 xd mod 10 = 6 8-21Network SecurityRSA: getting readyvmessage: just a bit patternvbit
24、 pattern can be uniquely represented by an integer number vthus, encrypting a message is equivalent to encrypting a number.example:vm= 10010001 . This message is uniquely represented by the decimal number 145. vto encrypt m, we encrypt the corresponding number, which gives a new number (the cipherte
25、xt).8-22Network SecurityRSA: Creating public/private key pair1. choose two large prime numbers p, q. (e.g., 1024 bits each)2. compute n = pq, z = (p-1)(q-1)3. choose e (with en) that has no common factors with z (e, z are “relatively prime”).4. choose d such that ed-1 is exactly divisible by z. (in
26、other words: ed mod z = 1 ).5. public key is (n,e). private key is (n,d).K B+K B-8-23Network SecurityRSA: encryption, decryption0. given (n,e) and (n,d) as computed above1. to encrypt message m ( IVs eventually reusedvIV transmitted in plaintext - IV reuse detectedattack:Trudy causes Alice to encryp
27、t known plaintext d1 d2 d3 d4 Trudy sees: ci = di XOR kiIVTrudy knows ci di, so can compute kiIVTrudy knows encrypting key sequence k1IV k2IV k3IV Next time IV is used, Trudy can decrypt!8-114Network Security 802.11i: improved securityvnumerous (stronger) forms of encryption possiblevprovides key di
28、stributionvuses authentication server separate from access point8-115Network SecurityAP: access pointAS:Authentication serverwirednetworkSTA:client station1 Discovery ofsecurity capabilitiesSTA and AS mutually authenticate, togethergenerate Master Key (MK). AP serves as “pass through”233STA derivesP
29、airwise Master Key (PMK)AS derivessame PMK, sends to AP4STA, AP use PMK to derive Temporal Key (TK) used for message encryption, integrity 802.11i: four phases of operation8-116Network SecurityEAP TLSEAP EAP over LAN (EAPoL) IEEE 802.11 RADIUSUDP/IPEAP: extensible authentication protocolvEAP: end-en
30、d client (mobile) to authentication server protocolvEAP sent over separate “links”mobile-to-AP (EAP over LAN)AP to authentication server (RADIUS over UDP)wirednetwork8-117Network SecurityChapter 8 roadmap8.1 What is network security?8.2 Principles of cryptography8.3 Message integrity8.4 Securing e-m
31、ail8.5 Securing TCP connections: SSL8.6 Network layer security: IPsec8.7 Securing wireless LANs8.8 Operational security: firewalls and IDS8-118Network SecurityFirewallsisolates organizations internal net from larger Internet, allowing some packets to pass, blocking othersfirewall administerednetwork
32、publicInternetfirewalltrusted “good guys” untrusted “bad guys” 8-119Network SecurityFirewalls: whyprevent denial of service attacks:vSYN flooding: attacker establishes many bogus TCP connections, no resources left for “real” connectionsprevent illegal modification/access of internal datave.g., attac
33、ker replaces CIAs homepage with something elseallow only authorized access to inside networkv set of authenticated users/hoststhree types of firewalls:vstateless packet filtersvstateful packet filtersvapplication gateways8-120 Network SecurityStateless packet filteringvinternal network connected to
34、Internet via router firewallvrouter filters packet-by-packet, decision to forward/drop packet based on:source IP address, destination IP addressTCP/UDP source and destination port numbersICMP message typeTCP SYN and ACK bitsShould arriving packet be allowed in? Departing packet let out?8-121Stateles
35、s packet filtering: exampleNetwork Securityvexample 1: block incoming and outgoing datagrams with IP protocol field = 17 and with either source or dest port = 23result: all incoming, outgoing UDP flows and telnet connections are blockedvexample 2: block inbound TCP segments with ACK=0.result: preven
36、ts external clients from making TCP connections with internal clients, but allows internal clients to connect to outside.8-122Network SecurityPolicyFirewall SettingNo outside Web access.Drop all outgoing packets to any IP address, port 80No incoming TCP connections, except those for institutions pub
37、lic Web server only.Drop all incoming TCP SYN packets to any IP except 130.207.244.203, port 80Prevent Web-radios from eating up the available bandwidth.Drop all incoming UDP packets - except DNS and router broadcasts.Prevent your network from being used for a smurf DoS attack.Drop all ICMP packets
38、going to a “broadcast” address (e.g. 130.207.255.255).Prevent your network from being traceroutedDrop all outgoing ICMP TTL expired trafficStateless packet filtering: more examples8-123Network Securityactionsourceaddressdestaddressprotocolsourceportdestportflagbitallow222.22/16outside of222.22/16TCP
39、 102380anyallowoutside of222.22/16222.22/16TCP80 1023ACKallow222.22/16outside of222.22/16UDP 102353-allowoutside of222.22/16222.22/16UDP53 1023-denyallallallallallallAccess Control ListsvACL: table of rules, applied top to bottom to incoming packets: (action, condition) pairs8-124Network SecuritySta
40、teful packet filteringvstateless packet filter: heavy handed tooladmits packets that “make no sense,” e.g., dest port = 80, ACK bit set, even though no TCP connection established:actionsourceaddressdestaddressprotocolsourceportdestportflagbitallowoutside of222.22/16222.22/16TCP80 1023ACKvstateful pa
41、cket filter: track status of every TCP connectiontrack connection setup (SYN), teardown (FIN): determine whether incoming, outgoing packets “makes sense”timeout inactive connections at firewall: no longer admit packets8-125Network Securityactionsourceaddressdestaddressprotosourceportdestportflagbitc
42、heck conxionallow222.22/16outside of222.22/16TCP 102380anyallowoutside of222.22/16222.22/16TCP80 1023ACKxallow222.22/16outside of222.22/16UDP 102353-allowoutside of222.22/16222.22/16UDP53 1023-xdenyallallallallallallStateful packet filteringvACL augmented to indicate need to check connection state t
43、able before admitting packet8-126Network SecurityApplication gatewaysvfilters packets on application data as well as on IP/TCP/UDP fields.vexample: allow select internal users to telnet outside.host-to-gatewaytelnet sessiongateway-to-remote host telnet sessionapplicationgatewayrouter and filter1. re
44、quire all telnet users to telnet through gateway.2. for authorized users, gateway sets up telnet connection to dest host. Gateway relays data between 2 connections3. router filter blocks all telnet connections not originating from gateway.8-127Network SecurityApplication gatewaysvfilter packets on a
45、pplication data as well as on IP/TCP/UDP fields.vexample: allow select internal users to telnet outside1. require all telnet users to telnet through gateway.2. for authorized users, gateway sets up telnet connection to dest host. Gateway relays data between 2 connections3. router filter blocks all t
46、elnet connections not originating from gateway.applicationgateway host-to-gatewaytelnet sessionrouter and filtergateway-to-remote host telnet session8-128Network SecurityLimitations of firewalls, gatewaysvIP spoofing: router cant know if data “really” comes from claimed sourcevif multiple apps. need
47、 special treatment, each has own app. gatewayvclient software must know how to contact gateway.e.g., must set IP address of proxy in Web browservfilters often use all or nothing policy for UDPvtradeoff: degree of communication with outside world, level of securityvmany highly protected sites still s
48、uffer from attacks8-129Network SecurityIntrusion detection systemsvpacket filtering:operates on TCP/IP headers onlyno correlation check among sessions vIDS: intrusion detection systemdeep packet inspection: look at packet contents (e.g., check character strings in packet against database of known vi
49、rus, attack strings)examine correlation among multiple packetsport scanningnetwork mappingDoS attack8-130Network SecurityWebserverFTPserverDNSserverInternetdemilitarized zonefirewallIDS sensorsIntrusion detection systemsvmultiple IDSs: different types of checking at different locations internalnetwork8-131Network SecurityNetwork Security (summary)basic techniques.cryptography (symmetric and public)message integrityend-point authentication. used in many different security scenariossecure emailsecure transport (SSL)IP sec802.11operational security: firewalls and IDS
