Network Security

1
Network Security

• Protecting An Organizations Network

2
A Note About Security

• Humans are usually the most susceptible point in
  any security scheme
• A worker who is malicious, careless, or unaware
  of an organizations information policy can
  compromise the best security
• William Stallings

3
A Note About Security

• If your site has multiple access points, the
  overall security of the site is only as strong as
  the security of the least secure access point
• Thus, you must ensure that all points of access
  are secure
• Again, frequently the weakest link is people
• This includes such access points as E-Mail, their
  personal web sites, etc.

4
A Note About Security

• A recent demonstration found that 24 of
  passwords could be determined, by
• Searching dictionaries of names, places, and
  other words
• Using the username
• Using information about the user, such as their
  first name
• A much higher percentage would result if
  variations of the above were used
• e.g. marge123

5
Security Terminology

• Authentication The process of determining the
  identify of a client or other entity
• Encryption The process of obfuscating data so
  that it cannot be examined in its current form
• Public key An object used in the encryption
  process that is publicly available
• Private key An object used in the encryption
  process that is kept private within an
  organization

6
Authentication IPSec

• Uses IP datagrams to provide security features
  such as authentication
• Authentication is provided for each datagram
• An IP datagram, such as those used for TCP
  connections will be assigned an authentication
  header (AH)

7
Authentication IPSec
A normal TCP datagram
IPH
TCPH
TCP Data
A TCP datagram with IPSec authentication
information
IPH
TCPH
TCP Data
AH
8
Authentication Headers

• Each authentication header contains
  authentication information that relates the
  sender of the message to the message data
• If this data were static, it would be fairly
  simple to forge datagrams with another entitys
  authentication information
• Clearly this data must be dynamic, relating to
  the data in the message, and difficult to
  reproduce by another entity

9
Authentication Headers
Next Header
Points to the TCP header
1
Payload Length
Length of the entire header
1
Unused
Reserved for future use
2
Security Parameters Index
The security scheme used
4
Sequence Number
A unique number for each packet
4
Data
Data for the security scheme
?
10
Authentication Data

• The data portion of the authentication header is
  where we place authentication information
• This authentication must be difficult to forge
• IPSec (and many other schemes) use message
  digests for this purpose

11
Message Digests

• A message digest is a small piece of information
  created by examining a larger piece of
  information
• In this case, the larger bit of information is
  the data of the datagram
• Sound familiar?
• It should, a checksum is very similar to a digest
• A digest normally is a larger entity so there is
  a higher degree of detecting changes
• Various algorithms are used to create digests
• E.g. SHA-1, MD5

12
Authentication Information

• A well-known algorithm is used to generate the
  digest
• So how is that valid authentication information?
• Its not, the digest ensures the data received is
  the same as the data sent
• The digest is encrypted using the senders
  private key

13
Public Key Encryption

• Public key encryption (encrypting with pairs of
  public and private keys) will be discussed at a
  later time
• Suffice it to say, that either
• The sender encrypts the data using the receivers
  public key, and the receiver decrypts the data
  using its own private key
• The sender encrypts the data using its own
  private key, and the receiver decrypts the data
  using the senders public key

14
Public Key Encryption
A
B
As Private Key
Bs Public Key
Bs Private Key
As Public Key
15
Public Key Encryption
A
B
As Private Key
Bs Public Key
Bs Private Key
As Public Key
16
Public Key Encryption
A
B
As Private Key
Bs Public Key
Bs Private Key
As Public Key
17
Public Key Encryption
A
B
As Private Key
Bs Public Key
Bs Private Key
As Public Key
18
Public Key Encryption

• Clearly, each key can be used to encrypt, and
  each key can be used to decrypt
• Thus public key encryption is bi-directional
• The private key is used to encrypt when the
  receive wants to ensure the data comes from the
  correct recipient
• No-one else would have the private key
• The public key is used to encrypt when the data
  must not be seen by external entities
• Only the private key can be used to decrypt

19
Authentication Information

• The private key of the sender is used to encrypt
  the message digest
• Since only the sender would have the private key,
  the resulting encrypted digest is unique
• Since the digest would change with even a minor
  change to the data, the encrypted ensures data
  has not been tampered with
• Thus this combination of digests and public key
  encryption ensures data integrity and provides
  authentication

20
Encryption in IPSec

• IPSec also supports encryption
• In IPSec, it is called Encapsulating Security
  Payload (ESP)
• The operation is similar to how IPSec handles
  authentication, except that the datagrams data
  portion is encrypted
• The ESP header describes the technique used for
  encryption

21
Encryption in IPSec

• Since the sender normally would use its private
  key to encrypt datagrams, additional
  authentication is not normally required
• Encryption schemes also normally include methods
  for ensuring data integrity

22
VPNs

• Recall that virtual private networks uses
  encryption to keep their data secure between
  sites
• VPNs frequently use IPSecs ESP feature to
  accomplish this
• The external router for each site would employ
  IPSec ESP on incoming and outgoing datagrams

23
VPNs

• The advantage of using IPSec to implement VPNs is
  that it is a well-known technology
• Thus it may be used, assuming the ubiquitous
  nature of IPSec on the Internet

24
Web Security

• Securing the World Wide Web

25
The Need

• The World Wide Web requires certain access points
• If your site is to have a world wide web server,
  it requires at least one port that external
  entities may connect to
• e.g. 80 (HTTP), 443 (HTTPS), etc.
• If users on your site will access the web through
  a client, it requires ports to do so
• This may be through a single machine, called an
  HTTP proxy server

26
The Threats

• There are four kinds of web-related threats
• Integrity threats Data and/or system files are
  modified or destroyed
• Confidentiality threats Private data is
  examined by the intruder
• Denial of Service Web service is disrupted,
  preventing other clients from using it
• Authentication The identify of an entity is
  forged, making it seem like a request or command
  is coming from someone else
• Unchecked code attacks User-supplied data is
  assumed to be benign, but when used it could be
  code which is executed (e.g. Javascript or SQL)

27
Integrity Threats

• Data integrity can be compromised in several
  ways
• Files stored on the server are modified
• Memory, containing data, is modified
• Network messages are modified
• The result is the loss of data, or some
  compromised data
• This compromised data may include such things as
  password files, malicious shell scripts, etc.

28
Integrity Threats

• The common theme to all of these threats is that
  data is changed
• Checksums/digests make it possible to ensure data
  is not changed
• If data is changed, the checksum/digest will
  indicate the change
• That may not prevent loss of data alone, but it
  will (at least) alert administrators (or
  automatic sentry programs) of the change
• Example Nimbda virus

29
Nimbda Virus

• Nimbda virus exploited a vulnerability in
  Internet Information Server (a web server) to
  modify files
• The outgoing web page was modified
• Actually, Nimbda virus is also an example of a
  denial of service attack
• It is used as an example here, because of its
  widespread effect and notoriety

30
Confidentiality Threats

• The types of confidentiality threats are
• Reading files from the server
• Reading contents of a servers memory
• Reading network messages
• The results are
• Invasion of privacy
• Lost data (packets read are typically not placed
  back on the network)

31
Confidentiality Threats

• Encryption prevents any data from being
  interpreted
• Encryption allows only owners of the right key
  to unlock the contained data
• Datagrams might be examined and removed from the
  network, but timeouts would allow that
  information to arrive, eventually
• Example Packet sniffers, Spyware

32
Packet Sniffers

• Packet sniffers allow anyone on a network to
  intercept any datagram passing through a machine
• Instead of passing the datagram along, first the
  packet sniffers read the packets data
• Examples SpyNet, CommView, Ethereal

33
Denial of Service Attacks

• Sometimes called overload attacks, there are a
  few types
• Overloading a server with connections or requests
• Overloading the threads of a server
• Overloading the network connection to a server
  (buffer overload)
• Overloading a disk
• Overloading memory

34
Denial of Service Attacks

• Overloading a server can cause the service to
  become unavailable (thus denial of service)
• Example Nimbda virus
• Once Nimbda virus infiltrates a site (using an
  integrity attack), each incoming request executes
  a program (part of the virus)
• This program attacks a number of other sites,
  trying to install the virus there
• Eventually, the attacks themselves can cause
  denial of service (DoS), even on machines where
  the Nimbda virus could not install itself

35
Denial of Service Attacks

• DoS attacks can be reduced/avoided in a variety
  of ways
• Routers can filter out duplicate packets
• Reduce the effect of a request
• Attempt to recognize bogus attacks and
  eliminate any unnecessary processing as a result
• Require authenticated access wherever possible
• Although, authentication itself may be a target
  of DoS
• However, there is no way to make DoS attacks
  impossible at this time

36
Authentication Attacks

• Sometimes used in combination with integrity
  attacks
• Where data is modified and the identity of the
  sender is forged, so that the data is accepted
• Authentication attacks typically involve users
  modifying source IP addresses (and things like
  IPSec authentication headers) to forge their
  identities
• Although the authentication schemes used by IPSec
  now make this difficult

37
Authentication Attacks

• Authentication can be accomplished using
  techniques such as those used by IPSec
• Including a message digest, encrypted with the
  senders private key allows the receiver to
  validate the identity of the sender
• Examples Using a packet sniffer, modifying the
  packets, placing them back on the network

38
Unchecked Code Attacks

• User-supplied data should always be validated
• Positive validation Checking to make sure the
  data meets your expectations
• e.g. the expected format of an E-Mail address
• Negative validation Checking for code, special
  characters and other enablers which might
  indicate that something malicious is in the user
  data
• e.g. a ltscriptgt tag

39
Unchecked Code Attacks

• Imagine a form that asks for an E-Mail address
• Please enter your E-Mail address and password to
  log into our site
• Imagine that when the form submission fails, the
  printed the E-Mail address in the browser for
  verification
• Are you sure bsmith_at_abc.com the correct E-Mail
  address?
• Now imagine that the user types in some nasty
  JavaScript code (ltscriptgtlt/scriptgt)
• The code will be put into the response page, and
  possibly executed

40
Guarding Against Attacks

• For each type of attack, I have suggested a few
  examples of technologies that can be used to
  prevent the attacks
• Of course, none of these solutions is fool proof
• Recall the comment about the weakest link in the
  chain
• e.g. A private key falls into the wrong persons
  hands
• e.g. A certificate is sent unencrypted via E-Mail

41
Guarding Against Attacks

• The combination of the following techniques may
  represent a security scheme for a given site
• Message digests
• Guards against integrity attacks
• Encrypting the digest with a private key
• Guards against authentication attacks
• Encrypting the message with a public key
• Guards against confidentiality attacks
• Employing duplicate-removing routers, and
  requiring authenticated access wherever possible
• Guards against DoS attacks
• User input validation
• Guards against unchecked code attacks

42
Guarding Against Attacks

• One fact is always true about site security
• An ounce of prevention is worth a pound of cure
• Frankly if attacks can be avoided or halted
  before they occur, we will not need to deal with
  the side-effects of intrusions
• The Code Red worm gives an example
• The security hole was discovered by a popular
  security site, and a patch was created by them
  many months in advance
• The security hole was made public by this site
• Many clones of the Code Red worm were created
  given this new information, which also flourished
  on unpatched sites
• Microsoft subsequently released an official patch
  for IIS more than 2 months before the code red
  worm became prevalent

43
Another Attack Categorization

• The previous scheme categorized attacks by their
  purpose
• Another possibility is to categorize attacks by
  how messages propagate
• Interruption Messages are removed from the
  network, so they are never received
• Interception Messages are read from the network
  without interrupting the message reaching its
  destination
• Modification Messages are removed from the
  network and replaced by another, modified version
• Fabrication Messages are created, usually in
  order to appear to come from a different source,
  for a different purpose

44
Encryption and Authentication

• In Depth

45
Authentication and Encryption

• These two technologies are frequently
  inter-related
• Both can be closely related to private keys
• There are really two categories of encryption
  techniques
• Conventional (single-key) encryption The same
  key (shared by both sides) is used to encrypt and
  decrypt the data
• Public key encryption One key is used for
  encryption (usually the private key), and another
  for decryption (usually the public key)

46
Single Key Encryption

• Somehow, a shared key must be distributed between
  both programs
• Single key encryption algorithms must be
  symmetric
• They must provide a means to use the same key to
  decrypt and encrypt the data
• Usually this means there are two (reverse)
  algorithms

47
Single Key Encryption

• To ensure security, the key exchange must occur
  in some secure way
• If someone intercepts the key, the encrypted
  message can be decrypted
• Assuming they have the decryption algorithm
• This separation of encryption algorithm from the
  key is an advance in cryptography
• Encryption algorithms in the 30s and 40s
  involved only an encryption algorithm

48
Terminology

• Plaintext Data prior to the encryption process
• Or data after the decryption process
• Ciphertext Data after the encryption process
• Cipher An encryption algorithm
• Secret key A piece of data used by the
  encryption algorithm to generate ciphertext
• The secret key is also used by the decryption
  algorithm to generate plaintext

49
Encryption Algorithms Ancient

• Encryption methods (not applied to data per se,
  but to spoken or telegraph/written messages)
  usually involved the replacement of common parts
  of the messages with other characters/words
• One common example is the replacement of letters
  with some other letter in the alphabet
• This scheme was used by Julius Caesar, and as
  such it is called the Caesar Cipher
• Later, these schemes employed some changing
  factor
• Such as a table containing mappings between
  letters
• This table represents a changeable key that both
  parties must know

50
Caesar Cipher Problems

• If the relationship between ciphertext letters
  and plaintext letters follows some pattern (as
  they did in Caesars method), the key can be
  easily determined
• One way to combat these problems is to convert
  groups of letters at a time
• Thus AB might translate to XY, but AC might
  translate to WV (not XV or something like that)

51
The Playfair Cipher

• The Playfair cipher was created to convert groups
  of two letters at a time
• Thus each translation occurs on two letters, so
  there are 262 (or 676) combinations
• This method is more difficult to crack since all
  676 combinations must be found to be able to
  crack all messages
• However, if a partial list of mappings is known,
  it may reveal the message (or part of it), which
  will reveal more mappings
• mee? me a? ??e barn gt meet me at the barn

52
The Playfair Cipher

• The details of the Playfair cipher are irrelevant
  to this discussion, since the key can easily be
  determined
• This scheme does, however, remove some of the
  structure of the message (e.g. word groupings),
  which is a good idea
• For example, we cannot examine the ciphertext,
  looking for commonly used letters, to determine
  which represent common letters in the plaintext
  (such as R,S,T,E)
• We need to maximize this effect in order to make
  it more difficult to determine the key

53
Encryption Algorithms Single Key

• Keys have to be complicated enough that the
  encryption algorithm could be well-known and the
  ciphertext is still relatively secure
• While overly simplistic, the Caesar Cipher (as
  well as other ancient algorithms) represents a
  symmetric algorithm, as required by single key
  encryption
• One shortcoming is that the key can easily be
  determined through iteration
• Ciphertext should never be enough information to
  determine the secret key
• Algorithms which do not suffer from this include
• DES (Data Encryption Standard), IDEA
  (International Data Encryption Algorithm),
  BlowFish, RC5, RC2, CAST-128

54
DES Algorithm

• DES is a complicated algorithm, the details of
  which are not important here
• Suffice it to say that DES is more secure than
  the other (ancient) algorithms discussed here
• However, DES is vulnerable to brute-force attacks
• Attacks where various key values are tried until
  the message appears to be decrypted

55
DES Algorithm

• One solution for this, is to apply the DES
  algorithm multiple times
• If the code breaker finds one of the keys, it
  will be hard for him/her to realize it, since the
  output will be ciphertext again
• Applying DES twice makes it difficult to break
  using brute force, however techniques exist for
  cracking double DES
• Thus, an alternative to DES is triple DES, where
  DES is applied three times
• Thus the two parties must share 3 different keys
• This scheme is called Triple-DES or 3DES

56
Key Distribution

• Single key encryption relies on the secrecy of
  the key in order to work
• There are a few ways to transfer secret keys
• The key is generated by A, and delivered
  (physically) to B
• For example, a floppy disk may be used for this
  purpose
• Once one key is securely transferred to B, A or B
  could send the other a new key, by encrypting the
  new key using the old key
• The keys are generated simultaneously using the
  same (private) algorithm and some shared data

57
Key Generation

• Generating a secret key is fairly simple, random
  sequences of characters are usually sufficient
• However, care must be taken to avoid
  pseudo-randomly generated keys
• These can be identified and keys may be found
  using prediction algorithms
• Computers are incapable of generating truly
  random numbers, but algorithms which generate
  very difficult to predict sequences can be used
  above easy to predict ones

58
Public Key Cryptography

• Cryptography Using Keys Which Are Publicly
  Distributed

59
Public Key Cryptography

• Public key cryptography involves ciphers that use
  different keys for encryption than decryption
• PKC uses a key pair
• A public key, which is made publicly available
• A private key, which is kept secret
• Since there are two keys, the private key need
  never be transferred, so there is less likelihood
  of it being discovered

60
Key Pairs

• In some systems, keys have a sort of symmetry
• Either key can decrypt data encrypted with the
  other key
• e.g. RSA encryption
• Thus if the private key is used to encrypt,
  anyone with the public key can decrypt the data
• This does not keep data private
• However, only the owner of the true private key
  could have generated the encrypted data
• If the public key is used to encrypt, only
  someone who has the private key can decrypt the
  data
• This keeps the data private
• However, it is possible for anyone to replace the
  data with other encrypted data

61
Key Pairs

• Thus there are two uses for PKC
• Encryption using the private key for
  authentication
• Encryption using the public key for data
  encryption
• Key pairs must be carefully generated to support
  this symmetry
• The details of generating key pairs is usually
  specific to each PKC technique
• e.g. RSA

62
RSA

• The RSA PKC scheme is very popular, and is used
  by many technologies
• PGP (Pretty Good Privacy) An implementation of
  an encryption scheme (typically used for E-Mail)
• One useful feature of the RSA algorithm is that
  it uses variable sized keys
• Larger keys can be used where additional security
  is required
• Smaller keys can be used for short periods (too
  short for the private key to be broken) and
  where computation and/or network bandwidth is a
  concern

63
RSA

• 428 bit RSA keys can be cracked by old desktop PC
  in less than 1 year
• Info Athlon XP 1900 CPU (4000 MIPS)
• So why the heck do banks (and other sites that
  use SSL) use only 128 bit encryption?
• Firstly, the US government will not allow larger
  keys
• They mandate that because they must be able to
  crack private keys when necessary
• Secondly, SSL-enabled browsers generates these
  keys for each SSL session
• Sessions typically last minutes or hours, not
  months

64
A Problem

• RSA (and other PKC schemes) suffer from one
  problem, similar to the distribution of the
  secret key in SKC
• How do we export public keys?
• At first glance, this may seem like an easy
  problem
• Public keys need not be hidden, since little
  damage can be done with them
• The danger is not with reading the public key,
  but replacing it (i.e. an integrity attack on the
  public key)

65
A Problem

• If a 3rd party replaced the public key with their
  own, they could use their own private key to
  decrypt data and for authentication
• Thus the site would grant full access to the 3rd
  party
• Obviously we want to avoid this
• We need to distribute public keys in such a way
  as to eliminate this possibility

66
Public Key Distribution

• Secure public key distribution really boils down
  to one problem
• How do we know that the public key we receive is
  really from who we think?
• The answer is simple certificates
• Certificates provide a way of distributing public
  keys, while also providing source authentication

67
Certificates

• Certificates are quite simple
• They are an encrypted version of your public key
• Certificates are encrypted using the private key
  of a certification authority (CA)
• Public keys of CAs are well known
• In fact, the public keys of several CAs are built
  into browsers for SSL
• Since the public key of a CA is well known, we do
  not need to transfer it (and thus run the risk of
  it being tampered with)
• The CA public key can be used to decrypt the
  certificate, and thus extract the public key of
  the owner of the certificate

68
Certification Authorities

• CAs job is to create certificates
• The certificate (i.e. public key) of at least one
  well-known CA is installed into browsers
• For other (non-browser) uses of PKC, the
  certificate/public key of a CA must be known
• If the incoming certificate is issued by
  (encrypted using the private key of) a different
  CA, the certificate can still be verified
• The public key of the certificates CA can be
  downloaded (they are also publicly available),
  and used to extract the public key in the
  certificate
• The CAs public key is contained in a certificate
  authorized by another CA
• Eventually, through a chain of certificates, the
  certificate can be validated, and the public key
  extracted

69
SSL

• A Common Scheme

70
Secure Socket Layer (SSL)

• SSL was designed to create a communication model
  similar to that available through TCP
• However, SSL employs additional security
  techniques, such as encryption
• Thus SSL gives the appearance of normal socket
  communication, while providing security features

71
SSL

• SSL can use several different encryption
  algorithms, including IDEA, DES, 3DES
• However, due to the streaming nature of TCP,
  normally uses one of the schemes that encrypts a
  stream byte by byte RC4
• This includes key sizes of 40 (RC4-40) and 128
  bits (RC4-128)

72
SSL Operation

• SSL begins when clients connect to servers
• This stage is marked by each side exchanging
  hello messages
• Next, certificates are exchanged
• The server sends its certificate to the client,
  followed by the client sending its certificate to
  the server
• Then, the two agree upon an encryption algorithm
  and parameters
• Now, it is possible for the client and server to
  exchange information using the agreed encryption
  algorithm and the certificates (which contain
  public keys)

73
E-Mail Security
74
E-Mail Security

• There are two aspects to E-Mail security
• E-Mail privacy
• Using encryption (or some other means) to keep
  data contained in E-Mail private
• Virus protection
• Since E-Mail is a simple portal through which any
  entity may send messages, those messages must not
  affect the users system or the network

75
E-Mail Privacy

• The most common way to ensure data privacy
  through E-Mail is to use PGP
• PGP Pretty Good Privacy
• A freeware tool that uses single key cryptography
  (and public key cryptography) to encrypt text
• It uses public key cryptography for digital
  signatures (obviously)
• The tool allows users to choose the encryption
  method 3DES, IDEA (SKC), RSA (PKC)

76
E-Mail Virus Protection

• Microsoft recently release a patch for Outlook,
  which Outlook 2002 (shipped with Office XP) had
  already preinstalled
• This patch essentially prevents receiving any
  files which are suspect (.EXE, .COM, etc.)
• Other (better) solutions are to have virus
  checkers virus scan all incoming files
• Norton Antivirus, McAfee, PC-cillin, and others
  already perform these scans, if configured to do
  so

77
Malicious Programs

• A program with 2 goals to propagate itself to
  other machines, and to do some harm to this
  machine, possibly
• Trap door A modification that allows a secret
  entry point to a system (accidental or
  purposeful by an employee?)
• Logic bomb Code hidden within a seemingly
  harmless program that will activate when certain
  conditions are met (e.g. a time elapses)
• Trojan horse A program that appears to be
  useful, but actually has some unwanted behaviour
• Virus A program that propagates itself by
  embedding its own code into other executable
  programs
• Worm A program that uses network connections to
  propagate
• Bacteria A program that does no harm, except
  propagate