Escolar Documentos
Profissional Documentos
Cultura Documentos
Notice
This lecture note (Cryptography and Network Security) is prepared by
Xiang-Yang Li. This lecture note has benefited from numerous
textbooks and online materials. Especially the Cryptography and
Network Security 2nd edition by William Stallings and the
Cryptography: Theory and Practice by Douglas Stinson.
You may not modify, publish, or sell, reproduce, create derivative
works from, distribute, perform, display, or in any way exploit any
of the content, in whole or in part, except as otherwise expressly
permitted by the author.
The author has used his best efforts in preparing this lecture note.
The author makes no warranty of any kind, expressed or implied,
with regard to the programs, protocols contained in this lecture
note. The author shall not be liable in any event for incidental or
consequential damages in connection with, or arising out of, the
furnishing, performance, or use of these.
Network Security
Topics to be covered
Applications
Email
security
www security
Malicious software
Networks
Email Security
email is one of the most widely used and
from disclosure
authentication
of sender of message
message integrity
non-repudiation of origin
systems
originally free, now have commercial
versions available also
PGP
Five services
Functions
Digital signature
Message encryption
Compression
Email compatibility
segmentation
10
message
3. hash code is encrypted with RSA using the
sender's private key, and result is attached to
message
4. receiver uses RSA or DSS with sender's public
key to decrypt and recover hash code
5. receiver generates new hash code for message
and compares with decrypted hash code, if
match, message is accepted as authentic
11
2.
3.
4.
5.
12
13
14
15
16
17
Key management
Generating unpredictable session keys
Identifying keys
Maintain keys
Its
18
Input to CAST-128
A 128-bit key
Two 64 bits plaintexts to be encrypted
number
19
Key Identifiers
Receiver has multiple public keys
How
Approach
20
Key Rings
Private key rings
Timestamp,
user ID
Public key rings
21
22
Approach
23
S/MIME (Secure/Multipurpose
Internet Mail Extensions)
security enhancement to MIME email
original
24
S/MIME Functions
enveloped data
encrypted
signed data
clear-signed data
25
and others
have a procedure to decide which
algorithms to use
26
27
Certificate Authorities
have several well-known CAs
trust
Class
1
2+
3+
Identity Checks
Usage
name/email check
web browsing/email
enroll/addr check
email, subs, s/w validate
ID documents e-banking/service access
Cryptography and Network Security
28
Email SPAM
Spam is flooding the Internet with many
29
Email Spam
E-mail spam has existed since the beginning
30
Anti-Spam Techs
Some popular methods for filtering and
31
Filtering Methods
32
Summary
have considered:
secure
PGP
S/MIME
33
34
Introduction
Introduction
Presentation of SSL
35
Web Security
Web now widely used by business,
government, individuals
but Internet & Web are vulnerable
have a variety of threats
integrity
confidentiality
denial of service
authentication
36
37
Location of SSL
Application Layer
TCP
Provides a TCP like
interface
In theory can be used
by all type of
applications in a
transparent manner
Internet Protocol
(IP)
38
SSL Architecture
39
SSL Architecture
SSL session
an
40
41
42
severity
warning or fatal
specific alert
unexpected message, bad record mac, decompression
failure, handshake failure, illegal parameter
close notify, no certificate, bad certificate,
unsupported certificate, certificate revoked,
certificate expired, certificate unknown
43
each other
to negotiate encryption & MAC algorithms
to negotiate cryptographic keys to be used
comprises a series of messages in phases
44
General purpose
1.Handshake
`
2. Data transmission
Two step process:
Handshake : exchange private keys using a public key encryption
algorithm
Data transmission: exchange the required data using a private key
encryption
45
46
handshake
`
Client
Client Hello
Server
Server Hello
Server Certificate
Server Hello Done
Client Key Exchange
Change Cipher Specification
Handshake Finished
Change Cipher Specifications
Handshake Finished
Cryptography and Network Security
47
hello
Client Hello:
List of supported private
key encryptions +
Client random number
Server Hello:
Selected encryption
algorithm
Server Random number
Session ID
Server Certificate:
Verify servers identity
`
Client
Server
Client Hello
Server Hello
Server Certificate
Server Hello Done
Client Key Exchange
Change Cipher Specification
Handshake Finished
Change Cipher Specifications
Handshake Finished
48
Key exchange
Client Key Exchange:
Client
Generate second
random: Pre Master
Key
Send Pre Master Key
Calculate Master Key
Calculate Secret Key
Calculate MAC Key
Server
Calculate Master Key
Calculate Secret Key
Calculate MAC Key
`
Client
Server
Client Hello
Server Hello
Server Certificate
Server Hello Done
Client Key Exchange
Change Cipher Specification
Handshake Finished
Change Cipher Specifications
Handshake Finished
49
`
Client
Client Hello
Server
Server Hello
Change Cipher Specification
Handshake Finished
Change Cipher Specifications
Handshake Finished
Cryptography and Network Security
50
Certificate authority
Certificate Authority (CA) is a trusted
51
MAC
MAC = Message Authentication Code
52
Attacks on SSL
Can be used on servers that accept small key sizes: 40 bits for symmetric
encryptions and 512 for the asymmetric one.
Timing attack
Brute force
53
54
TLS
TLS was developed by IETF to replace SSL version 3.
Based on SSL version 3, with some changes:
Replaced FORTEZZA key exchange option with DSS.
55
TLS
TLS has about 30 possible cipher suites, combinations of
key exchange, encryption method, and hashing method.
Key exchange includes: RSA, DSS, Kerberos
Encryption includes: IDEA(CBC), RC2, RC4, DES, 3DES,
and AES
Hashing: SHA and MD5
(Note: Some of the suites are intentionally weak export
versions.)
56
transactions
developed in 1996 by Mastercard, Visa etc
not a payment system
rather a set of security protocols &
formats
secure communications amongst parties
trust from use of X.509v3 certificates
privacy by restricted info to those who need it
57
SET Components
58
SET Transaction
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
59
Dual Signature
customer creates dual messages
order
60
61
62
2.
3.
4.
63
5.
6.
7.
8.
64
Payment Capture
merchant sends payment gateway a
65
A
B
C
D
C- Secure-HTTP
Presentation of S-HTTP
Designed by E. Rescorla and A. Schiffman
commercially
66
A
B
C
D
C- Secure-HTTP
Location of S-HTTP
Secure-HTTP
Message encryption and
signature
Application Layer:
HTTP message
HTTP-specific message
encryption
Can possibly be used
over a secure channel
Designed to be
compatible with HTTP
for handling at lower
layers
Internet Protocol
(IP)
67
A
B
C
D
C- Secure-HTTP
POPS, LDAPS)
Burden of encryption not on
transmission/reception but rather on message
production/unpacking
Similar set of available ciphers, plus added
capabilities for signing (DSS, RSA)
Very general specifications, leaving a lot to
implement and a potential for incompatible
implementations
Only one reference implementation in NCSA
Mosaic
68
A
B
C
D
C- Secure-HTTP
S-HTTP
SSL
Privacy
Integrity
MAC only
Authentication
Non-repudiation
Digital signature
Not provided
69
A
B
C
D
C- Secure-HTTP
OR
cleartext
SSL tunnel
External
secure server
SSL tunnel
SSL-aware proxy
Enterprise environment
Encrypted data
Authentication
External
secure server
Security on the WWW
S-HTTP-aware proxy
Enterprise environment
70
A
B
C
D
C- Secure-HTTP
Request:
Secure*Secure-HTTP/1.2
Response:
Secure-HTTP/1.2 200 OK
71
A
B
C
D
C- Secure-HTTP
S-HTTP attacks
Basically the same as on SSL, since the ciphers are the same
Default values more secure in S-HTTP than SSL at the time
72
A
B
C
D
D- Other protocols
73
IPsec
IPSec is a security layer added to a computers protocol
stack in the kernel (Below TCP). It is invisible to the
application. It is implemented by adding additional
protocol numbers in the IP protocol field.
74
Summary
have considered:
need
75
A
B
C
D
D- Conclusion
Web Security
76