Routing Overview - PowerPoint PPT Presentation

1 / 51
About This Presentation
Title:

Routing Overview

Description:

The problem of tampering and impersonation remains ... Impersonation can be addressed by certification and authentication. Digital Signature ... – PowerPoint PPT presentation

Number of Views:81
Avg rating:3.0/5.0
Slides: 52
Provided by: abhayp
Category:

less

Transcript and Presenter's Notes

Title: Routing Overview


1
Web Computing Security CS587x Lecture
13 Department of Computer Science Iowa State
University
2
What to Cover
  • Internet security issues
  • Introduction to cryptography
  • Secured Socket Layer (SSL)

3
Internet Security Issues
  • A TCP/IP packet could go through many
    intermediate computers and separate networks
  • Possible ways for communication interference
  • Eavesdropping
  • Information remains intact, but its privacy is
    compromised. For example, someone could learn
    your credit card number, etc.
  • Tampering
  • Information in transit is changed or replaced and
    then sent on to the recipient. For example,
    someone could alter an order of goods
  • Impersonation
  • Information passes to a person who poses as the
    intended recipient. For example, a person can
    pretend to have the email address
    jdoe_at_mozilla.com or a computer can identify
    itself as www.mozilla.com while it is not

4
Public-Key Cryptography
  • The goals of developing this standard
  • Encryption and decryption
  • Allow two communication parties to disguise
    information they send to each other.
  • Tamper detection
  • Allows the recipient of information to verify
    that it has not been modified in transit
  • Authentication
  • Allows the recipient of information to determine
    its origin, i.e., confirm the senders identity
  • Nonrepudiation
  • Prevents the sender of information from claiming
    at a later date that the information was never
    sent

5
Encryption and Decryption
  • Encryption is a process of transforming
    information so it is intelligible to anyone but
    the intended recipient
  • Decryption is a process of transforming encrypted
    information so it is intelligible again
  • A cryptography algorithm (also called cipher) is
    a mathematical function used for encryption or
    decryption.
  • In most cases, two related functions are
    employed, one for encryption and the other for
    decryption
  • Cryptography algorithms are widely known
  • The ability to keep encrypted information secret
    is based not on the cryptography, but on a number
    called key
  • Key is used with the algorithm to produce an
    encrypted result or to decrypt previously
    encrypted information

6
Symmetric-Key Encryption
  • With symmetric-key encryption, the encryption key
    can be calculated from the decryption key and
    vice versa
  • With most symmetric-key encryption, the same key
    is used for both encryption and decryption

7
Symmetric-Key Encryption
  • Advantages
  • Highly efficient implementation
  • fast encryption and decryption
  • Provides some degree of authentication
  • information encrypted with one symmetric key
    cannot be decrypted with any other symmetric key.
  • Disadvantages
  • Effective only if the key is kept secret by the
    two parties involved
  • If anyone else discovers the key, it affects both
    confidentiality and authentication
  • The person not only can decrypt messages sent
    with that key, but can encrypt new messages and
    send them as if they came from one of the two
    parties who were originally using the key

8
Public-Key Encryption
  • Public-key encryption (also called asymmetric
    encryption) involves a pair of keys public key
    and private key
  • Public key is published and could be well-known
  • Private key is associated with an entity that
    needs to authenticate its identity electronically
    or to sign or encrypt data
  • Data encrypted with a public key can be decrypted
    only with some corresponding private key
  • To send data to someone, you encrypt the data
    with his public key, and the person receiving the
    encrypted data decrypts it with the corresponding
    private key
  • Data encrypted with private key can be decrypted
    only with corresponding public key (more details
    later)

9
Public-Key Encryption
  • Advantage
  • Allow to freely distribute public key to the
    sender
  • Private key can be kept in secret
  • Disadvantage
  • Compared with symmetric-key encryption,
    public-key encryption requires more computation
    and is therefore not always appropriate for large
    amounts of data
  • The way to leverage the advantage and minimize
    the disadvantage
  • Use public-key encryption to send a symmetric
    key, which can be then be used to encrypt
    additional data. This is the approach used by
    the SSL protocol

10
Temper Detection
  • Encryption and decryption solves only the problem
    of eavesdropping
  • The problem of tampering and impersonation
    remains
  • Tamper detection is done by using public-key
    encryption for digital signature
  • Impersonation can be addressed by certification
    and authentication

11
Digital Signature
  • Tamer detection replies on a mathematical
    function called a one-way hash (also called a
    message digest)
  • A one-way hash is a number of fixed length with
    the following characteristics
  • Ideally, the value of the hash is unique for the
    hashed data. Any change in the data, even
    deleting or altering a single character, results
    in different value
  • The content of the hashed data cannot, for all
    practical purposes, be deduced from the hash
    which is why it is called one-way

12
Digital Signature
  • Public-key encryption allows you to use your
    private key for encryption and your public key
    for decryption
  • This feature can be used to digitally signing any
    data
  • The signing software creates a one-way hash of
    the data, then uses your private key to encrypt
    the hash
  • The encrypted hash, along with other information,
    such as the hashing algorithm, is known as a
    digital signature

13
Digital Signature
  • The source sends data as follows
  • One-way hash the original data is one-way hashed
  • Encrypt it with your private key
  • Send both the original data and digital signature
    to the recipient
  • The recipient validates the data integrity as
    follows
  • Decrypt the digital signature using the public
    key
  • Use the same hash algorithm to one-way hash the
    received data
  • The data has not been tempered if the two sets of
    data are the same

14
A Certificate Identifies an Entity
  • What is certificate?
  • A certificate is an electronic document used to
    identify an individual, a server, a company, or
    some other entity
  • Just like a driver license identifies a person
  • Who issues certificate?
  • Certificate Authorities (CA)
  • can be either independent third party or
    organizations running their certificate-issuing
    server software
  • Before issuing a certificate, CA must go through
    certain verification procedures, depending on the
    CAs policies

15
Certificate Content
  • Each certificate always
  • binds a particular public key to the certified
    entity
  • Only the public key certified by the certificate
    will work with the corresponding private key
    possessed by the owner of the certificate
  • includes the digital signature of the issuing CA
  • For tempering detection - you cannot change a
    certificate
  • The signature allows the certificate to function
    as a letter of introduction for users who know
    and trust the CA but dont know the entity
    identified by the certificate
  • Of course, a certificate also includes the name
    of the entity it identifies, an expiration date,
    the name the of CA that issued the certificate

16
Sample Certificate Content
Basic CA/Emailpersonal-basic_at_thawte.com
Subject Public Key Info Public Key
Algorithm rsaEncryption RSA Public Key
(1024 bit) Modulus (1024 bit)
00bcbc93536dc0504f8215e64894
a65abe6f42fa0f47ee777572dd8d49
9b9657a078d4ca3f51b3690b917617
2207976ac451934be08def3795a1
0c 4dda34901d178997e03538574
ac0f4 0870e93c447b507e619a90
e323d388 114627f50b070ebbddd1
7f200a88b9 560b2e1c80daf1e39
e29ef14bd0a44 fb1b5b18d1bf23
9321 Exponent 65537 (0x10001)
X509v3 extensions X509v3 Basic
Constraints critical CATRUE Signature
Algorithm md5WithRSAEncryption
2de2996bb03d7a89d759a294011f2bdd12
4b 53c2ad7faaa7005c914057254a38
aa8470b9 d9800fa57b5cfb73c6bdd7
8a615c03e32d27 a817e0848542dc5e
9bc6b7b26dbb74afe43f
cba7b7b0e05dbe78832594d2db810f7907
6d 4ff439155a52017bde32d64d38f6
125c0650 df055bbd144ba1df29ba3b
418df76356a1df 22b1
openssl x509 -noout -text -in thawte.
cer Certificate Data Version 3 (0x2)
Serial Number 0 (0x0) Signature Algorithm
md5WithRSAEncryption Issuer CZA, STWestern
Cape, LCape Town, OThawte Consulting,
OUCertification Services Division, CNThawte
Personal Basic CA/Emailpersonal-basic_at_thawte.com
Validity Not Before Jan 1 000000
1996 GMT Not After Dec 31 235959 2020
GMT Subject CZA, STWestern Cape, LCape
Town, OThawte Consulting, OUCertification
Services Division, CNThawte Personal
17
Authentication Confirms an Identity
  • Password-based authentication
  • A client submits user name and password
  • Server checks database to see if name and
    password match
  • Certificate-based authentication
  • A client digitally signs some piece of data,
    which are randomly generated based on the input
    from server and client
  • Both client and server must know exactly the data
    to be signed
  • The client sends both the certificate and the
    signed data to the server
  • The server uses the public key in the certificate
    to decode the signed data
  • The signed data is an evidence used to verify
    if the client owns the private key corresponding
    to the public key stored in its certificate

18
Certificate-based authentication
19
Types of Certificates
  • Client/server certificates
  • Used to authenticate client/server via SSL
  • S/MIMI certificates
  • Used for signed and encrypted email
  • Object certificates
  • Used to identify signers of Java code or other
    signed files
  • CA certificates
  • Used to identify Certificate Authorities that can
    be trusted

20
Establishing trust through CA Certificates
  • Any client/server software that supports
    certificates maintains a collection of trusted CA
    certificates
  • It is possible to delegate certificate-issuing
    responsibility to subordinate CAs, thus, creating
    CA hierarchies
  • The root CAs certificate is a self-signed
    certificates, i.e., it is digitally signed by the
    same entity
  • The CAs that are directly subordinate to the root
    CA have CA certificate signed by the root CA
  • CAs under the subordinate CAs in the hierarchy
    have their CA signed the higher-level subordinate
    CAs

21
CA Hierarchies
Note each certificate is signed with the private
key of its issuer so that its authenticity can be
verified through its public key
22
Certificate Verification
23
Certificate Standards
  • X.509 Standard
  • Created to provide credentials for X.500
    directory objects
  • V1 published as part of X.500 directory
    recommendations
  • V3 (1996) added much flexibility
  • added provisions for extension fields (V3
    extensions)
  • V3 use pretty much universal for Internet
    applications
  • supports mail, c/s, IPsec
  • alternatives limited to special purposes, e.g PGP
    certificates

24
Design Goals of Secure Sockets Layer
  • Negotiates and employs essential functions for
    secure transactions
  • Mutual Authentication
  • Establish trust with intended recipients
  • Signed Digital Certificates
  • Server Authenticates to Client
  • Client Authenticates to Server (optional)
  • Data Encryption
  • Privacy and confidentiality
  • Support different algorithms for different
    application needs
  • Data Integrity
  • Insure no one tampers with data transmissions
    intentionally or not
  • Freshness of transactions to avoid replays
  • As simple and transparent as possible, seamlessly
    integrated into existing protocols including
    TCP/IP

25
Secure Sockets Layer (SSL)
  • Platform and Application Independent
  • Operates between application and transport layers

26
TCP over IP
IP Header
IP Data
Src
Dst
TCP Header
TypeTCP
TCP Data
SrcPort
DstPort
SeqNum
Application Data
27
SSL over TCP over IP
IP Header
IP Data
Src
Dst
TypeTCP
TCP Header
TCP Data
TLS
TLS Payload
SrcPort
DstPort
SeqNum
EncryptedApplicationData
28
SSL 3.0 Layers
  • Record Layer
  • Fragmentation
  • Compression
  • Message Authentication (MAC)
  • Encryption
  • Alert Layer
  • close errors
  • message sequence errors
  • bad MACs
  • certificate errors
  • Handshake Layer
  • All messages are MACd
  • Message order is absolute
  • Negotiation messages are created here and handed
    to record layer

29
SSL Handshake
  • SSL protocol uses a combination of public-key and
    symmetric key encryption
  • Symmetric key encryption is much faster than
    public-key encryption
  • Public-key encryption provides better
    authentication techniques
  • Each SSL session always begin with an exchange of
    messages called SSL handshake
  • Allows the server to authenticate itself to the
    client using public-key techniques
  • Allows the client and the server to cooperate in
    the creation of symmetric keys used for rapid
    encryption, decryption, and tamper detection
    during the session that follows

30
Handshake Protocol
  • The client sends the server
  • the clients SSL version number, cipher settings,
    randomly generated data, etc.
  • The server sends the client
  • The servers SSL version number, cipher settings,
    randomly generated data, etc.
  • The servers own certificate
  • Request for the clients certificate if the
    client is requesting a server resource that
    requires client authentication
  • The client and the server selects a common cipher
  • Allows use of multiple ciphers because
  • Some countries disallow the use of strong ciphers
  • Strong ciphers may require too much computational
    overhead
  • Some communications must be secured with a strong
    cipher
  • SSL uses strongest commonly-allowed cipher suite

31
Handshake Protocol Summary
  • The client uses some of the information sent by
    the server to authenticate the server
  • If the authentication fails, terminate the
    connection
  • The client creates the premaster secret for the
    session, using the data generated during the
    handshake so far
  • The secret is sent to the server after encrypted
    with the servers public key (obtained from the
    servers certificate)
  • Only the corresponding private key can correctly
    decrypts the secret, so the client has some
    assurance that it is talking to the authentic
    server
  • If the server requests client authentication
    (optional), the client also signs another piece
    of data and sends it with the clients
    certificate
  • The data must be unique to this handshake and
    known by both the client and the server (why?)
  • Terminate the connection if authentication fails

32
SSL Handshake Protocol
  • Both the server and client follow the same steps
    to generate the master secret from the same
    premaster secret
  • If the server does not have the right private
    key, it cannot generate the right master secret
  • Both the client and the server use the master
    secret to generate the session keys, which are
    symmetric keys used to
  • encrypt and decrypt information exchanged during
    the SSL session
  • verify data integrity, i.e., detect any changes
    in the data between the time it was sent and the
    time it was received
  • Finishing handshake
  • The client and the server send each other a
    message informing that future messages from will
    be encrypted with the session key

33
Session Key Generation
Premaster Secret
Master Secret
Session Key
  • Both server and client need to generate the
    session key
  • The session key is not sent via network

34
A Simplified Way?
send its public key to the client
client
server
Use the public key to encrypt the session key
  • Server sends its public key to the client
  • Client generates the session key, encrypts it
    with the public key and then sends the
    encrypted session key to the server
  • The server decrypts the message and gets the key
  • Server and client now use the same session key to
    encrypt and decrypt their communication

35
Man-In-The-Middle Attack
key
key
M
C
S
session key encrypted with key
session key encrypted with key
  • A simple scenario
  • When M receives the public key from S, M replaces
    the public key with its own public key
  • M sends its own public key to C
  • C generates the session key, encrypts it with the
    public key and then sends the encrypted session
    key to M
  • M decrypts the message with its own private key
    and gets the session key
  • M encrypts the session key with the public key
    from S and forwards the result to S
  • M can now eavesdrop all communication between S
    and C
  • How about verifying the digital signature of C?

36
Checking Server Certificate
37
Checking Client Certificate
38
Java SSL
  • Java 1.4 includes Java Secure Socket Extention
    (JSSE)
  • JSSE can be downloaded and installed into
    previous versions of Java
  • Obtain SSLSocket or SSLServerSocket objects via
    javax.net.ssl's SSLServerSocketFactory and
    SSLSocketFactory classes

39
JSSE API Client Socket Factory Methods
  • javax.net.ssl.SSLSocketFactory methods
  • static SocketFactory getDefault()
  • Socket createSocket(String host, int port)
  • Socket createSocket(String host, int port,
    InetAddress localHost, int localPort)
  • Socket createSocket(InetAddress host, int port)
  • Socket createSocket(InetAddress host, int port,
    InetAddress localHost, int localPort)
  • Socket createSocket(Socket socket, String host,
    int port, boolean autoClose)
  • String getDefaultCipherSuite()
  • String getSupportedCipherSuites()

40
JSSE API Client Socket Methods
  • javax.net.ssl.SSLSocket methods (extends Socket)
  • Supported SSL cipher suites
  • String getEnabledCipherSuites()
  • String getSupportedCipherSuites()
  • void setEnabledCipherSuites(String suites)
  • SSL session creation enabled?
  • boolean getEnableSessionCreation()
  • void setEnableSessionCreation(boolean flag)
  • SSL client authentication required?
  • boolean getNeedClientAuth()
  • void setNeedClientAuth(boolean need)

41
JSSE API Client Socket Methods (2)
  • Change from SSL client to SSL server mode
  • boolean getUseClientMode()
  • void setUseClientMode(boolean mode)
  • Initiate the SSL handshake protocol
  • void startHandshake()
  • Add/remove SSL handshake listener (notified when
    SSL handshake operations complete on the socket)
  • void addHandshakeCompletedListener
    (HandshareCompletedListener listener)
  • void removeHandshakeCompletedListener
    (HandshareCompletedListener listener)

42
JSSE API Server Socket Factory Methods
  • javax.net.ssl.SSLServerSocketFactory methods
  • static ServerSocketFactory getDefault()
  • ServerSocket createServerSocket(int port)
  • ServerSocket createServerSocket(int port, int
    LQsize)
  • ServerSocket createServerSocket(int port, int
    LQsize, InetAddress localAddress)
  • String getDefaultCipherSuites()
  • String getSupportedCipherSuites()

43
JSSE API Server Socket Methods
  • javax.net.ssl.SSLServerSocket methods
  • Supported SSL cipher suites
  • String getEnabledCipherSuites()
  • String getSupportedCipherSuites()
  • void setEnabledCipherSuites(String suites)
  • SSL session creation enabled?
  • boolean getEnableSessionCreation()
  • void setEnableSessionCreation(boolean flag)
  • SSL client authentication required on accepted
    sockets?
  • boolean getNeedClientAuth()
  • void setNeedClientAuth(boolean need)
  • Switch accepted sockets from SSL client mode to
    SSL server mode
  • boolean getUseClientMode()
  • void setUseClientMode(boolean mode)

44
Example Server
  • import java.io.
  • import javax.net.ssl.
  • public class EchoServer
  • public static void main(String arstring)
  • try
  • SSLServerSocketFactory sslserversocketfactor
    y
  • (SSLServerSocketFactory)SSLServerSocketFac
    tory.getDefault()
  • SSLServerSocket sslserversocket
  • (SSLServerSocket)sslserversocketfactory.cr
    eateServerSocket(9999)
  • SSLSocket sslsocket (SSLSocket)sslserverso
    cket.accept()
  • InputStream inputstream
    sslsocket.getInputStream()
  • InputStreamReader inputstreamreader new
    InputStreamReader(inputstream)
  • BufferedReader bufferedreader new
    BufferedReader(inputstreamreader)
  • String string null
  • while ((string bufferedreader.readLine())
    ! null)
  • System.out.println(string)
  • System.out.flush()

45
Example Client
  • import java.io.
  • import javax.net.ssl.
  • public class EchoClient
  • public static void main(String arstring)
  • try
  • SSLSocketFactory sslsocketfactory
    (SSLSocketFactory)SSLSocketFactory.getDefault()
  • SSLSocket sslsocket (SSLSocket)sslsocketfa
    ctory.createSocket("localhost", 9999)
  • InputStream inputstream System.in
  • InputStreamReader inputstreamreader new
    InputStreamReader(inputstream)
  • BufferedReader bufferedreader new
    BufferedReader(inputstreamreader)
  • OutputStream outputstream
    sslsocket.getOutputStream()
  • OutputStreamWriter outputstreamwriter new
    OutputStreamWriter(outputstream)
  • BufferedWriter bufferedwriter new
    BufferedWriter(outputstreamwriter)
  • String string null
  • while ((string bufferedreader.readLine())
    ! null)
  • bufferedwriter.write(string '\n')

46
Running the Samples
  • java -Djavax.net.ssl.keyStorekeystore
    -Djavax.net.ssl.keyStorePasswordkeystorePassword
    EchoServer
  • java -Djavax.net.ssl.trustStoretruststore
    -Djavax.net.ssl.trustStorePasswordtruststorePassw
    ord EchoClient

47
Java Certificate Classes
  • java.security.cert
  • Certificate (abstract class)
  • CRL (abstract class)
  • CertificateFactory
  • To obtain instances of Certificates and CRLs
  • X509Certificate extends Certificate
  • X509CRL extends CRL

48
CertificateFactory Class
  • public static CertificateFactory
    getInstance(String stringType)
  • Type is, e.g., X.509
  • public static CertificateFactory
    getInstance(String stringType, String
    stringProvider)
  • public final Certificate generateCertificate(Input
    Stream inputstream)
  • public final Collection generateCertificates(Input
    Stream inputstream)
  • public final CRL generateCRL(InputStream
    inputstream)
  • public final Collection generateCRLs(InputStream
    inputstream)

49
Certificate Interface
  • public abstract PublicKey getPublicKey()
  • public abstract byte getEncoded()
  • public abstract void verify(PublicKey publickey)
  • public abstract void verify(PublicKey publickey,
    String stringProvider)

50
X.509 Certificate Interface
  • public abstract byte getEncoded()
  • Returns certificate encoded in DER format
  • public abstract int getVersion()
  • public abstract Principal getSubjectDN()
  • public abstract Principal getIssuerDN()
  • public abstract Date getNotBefore()
  • public abstract Date getNotAfter()
  • public abstract BigInteger getSerialNumber()
  • public abstract String getSigAlgName()
  • public abstract String getSigAlgOID()
  • public abstract int getBasicConstraints()
  • public abstract boolean getKeyUsage()
  • public Set getCriticalExtensionOIDs()
  • public Set getNonCriticalExtensionOIDs()

51
Summary
  • Introduction to cryptography
  • Symmetric key and public key encryption/decryption
  • Digital signature
  • Certificate
  • Secure Sockets Layer
  • SSL handshake
  • Java Secure Sockets Extensions
  • Socket factories
  • SSLSockets and SSLServerSockets
  • Sample client and server
Write a Comment
User Comments (0)
About PowerShow.com