Prashant Sodhiya

1
Network Security-II

• Prashant Sodhiya
• IBM India Software Labs
• psodhiya_at_in.ibm.com

2
Agenda

• Few Security mechanisms with respect to OSI 7
  layer model
• Kerberos GSS-API - Application layer
• SSL - Transport layer
• IPsec based VPNs - Network layer

3
The 7 Layers of OSI
4
Application layer security

• Kerberos - Network Authentication Protocol
• Developed at MIT in the mid 1980s.
• Uses a trusted third party which can vouch for
  the identity of both parties in a transaction.
• Security of third party is imperative.
• Based on Secret key cryptography, suitable for
  Intranet applications.

5
Kerberos

• Kerberos ensures that our password is never
  transmitted on the wire for client-server
  authentication.
• A free implementation of this protocol is
  available from -- http//web.mit.edu/kerberos/
• Available on all Unix flavors and also on
  Windows.
• Available as APIs that application can use.

6
Working of Kerberos
7
What is GSS-API ?

• GSS-API is the acronym of Generic Security
  Service Application Programming Interface.
• It is a generic API for securing the
  communication between the applications.
• It aims to fulfill the goals of security services
  PAIN.
• Used by NFS for mounting/umounting.

8
Other Security mechanisms below GSS-API

• SPKM Simple Public Key Mechanism.
• It make use of PKI (Public Key Infrastructure)
• RFC 2025 for SPKM
• LIPKEY- Low Infrastructure Public key mechanism
• RFC 2847 for LIPKEY

9
The GSS-API Layer
10
GSS-API Tokens

• Applications using the GSS-API communicate with
  each other by using tokens, both for exchanging
  data and for making security arrangements.
• Tokens are declared as gss_buffer_t data types
  and are opaque to applications.
• Tokens are of two types
• context-level tokens
• per-message tokens

11
Types of GSS-API Tokens

• Context-level tokens are used primarily when a
  context is established (initiated and accepted),
  although they can also be passed afterward to
  manage a context.
• Per-message tokens are used after a context has
  been established, and are used to provide
  protection services on data.

12
GSS-API context

• Important fields of context data structure
• Context id
• Flags
• Expiration
• Source name
• Target name
• Session key
• Supported integrity algorithms
• Supported encryption algorithms
• Other fields

13
Context establishment
14
Secure message exchange
15
Client / Initiator Server /
Acceptor
GSS-API Application Walk Through

• 1. Connect to Server using socket or any IPC
  methods.
• 2. Read the credential information using
  gss_acquire_cred().
• 3. Initiate security context using
  gss_init_sec_context()

1. Wait accept connection from clients using
socket or IPC methods. 2. Read the credential
information using gss_acquire_cred(). 3. Accept
security context from client using
gss_accept_sec_context().
16
Client / Initiator Server /
Acceptor
GSS-API Application Walk Through
4. Receive tokens containing encrypted
data. 5. Decrypt data using gss_unwrap(). 6.
End security context using gss_delete_sec_context(
)/ gss_process_context_token() 7. Deallocate
space for all GSS data structures used. 8. End
connection with the client.

• 4. Encrypt all data using gss_wrap().
• 5. Send the token obtained from gss_wrap(),
  which contains the encrypted data, to the server.
  
• 6. End security context using
  gss_delete_sec_context() / gss_process_context_tok
  en()
• 7. Deallocate space for all GSS data structures
  used.
• 8. End connection with the server.

17
Why use GSS-API ?

• The GSS-API is a framework that allows developers
  to write applications that take advantage of
  underlying security mechanisms, without having to
  explicitly deal with any one mechanism.
• GSS-API provides several types of application
  portability
• - Mechanism independent.
• - Platform independent.
• - Communication protocol independent.
• - QoP (Quality of Protection) independent.

18
What are the services GSS-API provides ?

• Using GSS-API, application can perform following
  operations
• determine another applications identity i.e.
  Authentication.
• hiding data from unwanted identities i.e. Privacy
  / Confidentiality.
• verification of correctness of data received i.e.
  Integrity.

19
What GSS-API does not provide ?

• GSS-API does not -
• Transfer data between applications.
• Indicate status due to asynchronous remote
• errors.
• De-allocate GSS-API data spaces.
• Provide security credentials for a user or
  applications.

20
Classification of GSS-APIs

• Credential management APIs
• Context-level APIs
• Per-message APIs
• Support APIs

21
Credential management calls

• GSS_Acquire_cred(...)
• GSS_Release_cred ()
• GSS_Inquire_cred ()
• GSS_Add_cred ()
• GSS_Inquire_cred_by_mech ()

22
Context-level calls

• GSS_Init_sec_context ()
• GSS_Accept_sec_context ()
• GSS_Delete_sec_context ()
• GSS_Process_context_token ()
• GSS_Context_time ()
• GSS_Inquire_context ()
• GSS_Wrap_size_limit ()
• GSS_Export_sec_context ()
• GSS_Import_sec_context ()

23
Per-message calls

• GSS_GetMIC () / Integrity check /
• GSS_VerifyMIC ()
• GSS_Wrap () / Confidentiality and Integrity
  check /
• GSS_Unwrap ()

24
Support calls

• GSS_Display_status ()
• GSS_Indicate_mechs()
• GSS_Compare_name()
• GSS_Display_name()
• GSS_Import_name()
• GSS_Release_name()
• GSS_Release_buffer()
• GSS_Release_OID_set()
• GSS_Create_empty_OID_set()
• GSS_Add_OID_set_member ()
• GSS_Test_OID_set_member ()
• GSS_Inquire_names_for_mech ()
• GSS_Inquire_mechs_for_name()
• GSS_Canonicalize_name ()
• GSS_Export_name ()
• GSS_Duplicate_name()

25
Transport layer security

• SSL- Secure Sockets Layer
• Developed by Netscape Communications for
  securing Internet applications.
• It provides an secure way of exchanging sensitive
  information between a web-server and the
  web-client (browser).
• Both IE and Netscape are SSL enabled.
• Based on PKI
• By convention the URLs which require SSL
  connections start with https// e.g
  https//icicibank.com.
• IETF has taken up further development of SSL and
  have termed it as TLS (Transport Layer Security).

26
Protocols comprising SSL

• Handshake protocol
• It does client/server authentication and
  negotiates the security parameters like symmetric
  key algorithm, hashing algorithm, session key
  etc.
• Record protocol
• It provides Confidentiality by doing per
  message encryption /decryption based on the above
  session key and the agreed symmetric key
  algorithms.
• Alert protocol
• If there are any alarms at any point during the
  session, the alert is attached to the
  questionable packet and handled according to the
  Alert Protocol.

27
SSL communication
Web browser
icicibank.com
Applications data (encrypted)
Applications data (encrypted)
28
SSL Pros and cons

• Pros
• Suitable of Internet applications.
• Easy key management.
• Cost effective as its already configured in your
  web-browser.
• Cons
• Dealing with revoked certificates.
• Slow with more secure algorithms.

29
Open SSL

• Free and open source toolkit providing
  cryptographic functionality.
• Managed by a worldwide community of volunteers.
• Complete implementation of protocols of SSLv2,
  SSLv3 and TLSv1RFC-2246.
• Not the only one alternatives are cryptlib and
  crypto
• Rich library, provides 214 API functions.

30
Open-SSL Library Overview

• Symmetric Ciphers AES, DES, Blowfish, IDEA, RC2,
  RC4, RC5, CAST
• Asymmetric Ciphers RSA, DSA, DH
• Hash Functions MD2, MD4, MD5, SHA1, HMAC
• Certificate X.509, X.509v3 RFC-3280
• Platform supported most Unix-like O/S, Windows

31
How to start

• Download tarball from http//www.openssl.org/sourc
  e/
• Latest version openssl-0.9.8d
• For installation, refer install.txt in the
  openssl dir.
• Directories Created
• /usr/include/openssl/ contains header files.
• /usr/doc/share/packages/openssl-doc/ contains
  documentation.
• Library files/usr/lib/libssl.so main library
  file
• Command Line Tools/usr/bin/openssl for using
  crypto functions from the shell such as
  generating keys and self-signed certificates. For
  further info. refer openssl-doc/howto/keys.txt
  file.

32
Network layer security

• VPN (Virtual private network)
• Provides security over public network.
• Provides advantages of the leased-line network at
  a cheaper rates.
• Works on the concept of Tunneling.
• Few tunneling protocols - L2F, L2TP, IPsec
• IPv6 by default has IPsec support.

33
Types of VPN
LAN-to-LAN VPNs
Remote access VPNs
34
Protocols comprising IPsec based VPN

• IKE Internet Key Exchange
• Does peer authentication, negotiates security
  associations(SA), derives session key.
• AH Authentication Header
• Provides Authenticity and Integrity
• ESP Encapsulating Security payload
• Provides Confidentiality along with Authenticity
  and Integrity

35
Modes of VPN
Transport mode - Protection of the IP packet
payload only - IP header unchanged Tunnel
mode - Protection of the entire IP packet. - To
do this, the entire protected original packet is
treated as the payload of a new "outer" IP
packet, with a new outer IP header.
36
IPsec Packets
IP Payload
IP header
Original IP packet
AH/ESP header
IP header
IP Payload
IPsec in transport mode
Authenticated encrypted
AH/ESP header
IP header 1
IP Payload
IP Header
IPsec in tunnel mode
Authenticated/encrypted
37
(No Transcript)
38
Conclusion

• Today we have seen
• Kerberos GSSAPI - Application layer
• SSL - Transport layer
• IPsec based VPNs - Network layer

39
References

• MIT Kerberos website http//web.mit.edu/kerberos/
  
• Open SSL website http//www.openssl.org/
• VPN website http//www.vpnc.org/
• RFCs
• RFC 2743 Generic Security Application
  Program Interface (GSS-API)
• Version 2.
• RFC 2744 GSS-API - Version2 C-Bindings
• RFC 4121 The Kerberos Version 5 GSS-API
  Mechanism Version 2
• RFC 2025 The Simple Public-Key GSS-API
  Mechanism (SPKM)
• RFC 2847 - Low Infrastructure Public Key
  Mechanism (LIPKEY)

40
Thank Q ?
41
(No Transcript)
42
Backup Slides
43
Some Introductory Terms concepts related to
GSS-API
44
Principal

• In network-security terminology, a principal is a
  user, a program, or a machine.
• Principals can be either clients or servers.
• Examples of principals are
• a user (joe_at_machine) logging into another
  machine.
• a network service (nfs_at_machine).
• a machine that runs an application
  (swimbirds_at_company.com).

45
Credentials

• A credential is a data structure that provides
  proof of an applications claim to a principal
  name.
• An application uses a credential to establish its
  global identity.
• The GSS-API does not provide credentials.
• Credentials are created by the security
  mechanisms that underlay the GSS-API.
• A given GSS-API credential is valid for a single
  principal.
• The GSS-API accesses credentials through the
  gss_cred_id_t structure this structure is called
  a credential handle. Credentials are opaque to
  applications.

46
Names

• A name refers to a principal that is, a person, a
  machine, or an application, such as joe_at_company
  or nfs_at_machinename.
• In the GSS-API, names are stored as a gss_name_t
  object, which is opaque to the application.
• Every imported name has an associated name type,
  which indicates what kind of format the name is
  in.

47
Object Identifiers ( OIDs )

• These are used to store the following kinds of
  data security mechanisms, QOPs (Quality of
  Protection values), and name types.
• typedef struct gss_OID_desc_struct
• OM_uint32 length
• void elements
• gss_OID_desc, gss_OID

48
OIDs continued

• Name Types
• OIDs are used to indicate name types, which
  indicate the format for an associated name.
• If the name type is GSS_C_NT_HOSTBASED_SERVICE,
  then the function knows that the name being input
  is of the form service_at_host

49
Status Codes

• All GSS-API functions return two types of codes
  that provide information on the functions
  success or failure. Both types of status codes
  are returned as OM_uint32 values. The two types
  of return codes are as follows
• Major-status codes These are codes that
  indicate generic GSS-API routine errors.
• Minor status codes These are returned by the
  underlying mechanism.

50
Note About APIs

• The declaration of functions follows the
  following The input parameters are shown in Pink
  output parameters are shown in Blue color.

51
Importing Name into Internal Mechanism Specific
Name

• Names are converted from gss_buffer_t objects to
  the gss_name_t form by the gss_import_name()
  function.
• OM_uint32 gss_import_name (
• OM_uint32 minor_status,
• const gss_buffer_t input_name_buffer,
• const gss_OID input_name_type,
• gss_name_t output_name )

52
Context Information

• This function provides information about a
  security context to the calling application.
• OM_uint32 gss_inquire_context (
• OM_uint32 minor_status,
• gss_ctx_id_t context_handle,
• gss_name_t src_name,
• gss_name_t tgt_name,
• OM_uint32 lifetime,
• gss_OID mech_type,
• OM_uint32 ret_flags,
• int local,
• int open )

53
Acquiring Credentials

• GSS-API-based applications acquire credentials
  using the following function.
• OM_uint32 gss_acquire_cred (
• OM_uint32 minor_status,
• const gss_name_t desired_name,
  /GSS_C_NO_NAME/
• OM_uint32 time_req, /GSS_C_INDEFINITE/
• const gss_OID_set desired_mechs,/GSS_C_NO_OID_
  SET/
• gss_cred_usage_t cred_usage,
  /GSS_C_INITIATE/GSS_C_ACCEPT/
• gss_cred_id_t output_cred_handle,
• gss_OID_set actual_mechs,
• OM_uint32 time_rec )

54
Context Initiation ( Client )

• OM_uint32 gss_init_sec_context (
• OM_uint32 minor_status,
• const gss_cred_id_t initiator_cred_handle,
• gss_ctx_id_t context_handle,
• const gss_name_t target_name,
• const gss_OID mech_type,
• OM_uint32 req_flags,
• OM_uint32 time_req,
• const gss_channel_bindings_t input_chan_bindings
  ,
• const gss_buffer_t input_token
• gss_OID actual_mech_type,
• gss_buffer_t output_token,
• OM_uint32 ret_flags,
• OM_uint32 time_rec )

55
Context Acceptance ( Server )

• OM_uint32 gss_accept_sec_context (
• OM_uint32 minor_status,
• gss_ctx_id_t context_handle,
• const gss_cred_id_t acceptor_cred_handle,
• const gss_buffer_t input_token_buffer,
• const gss_channel_bindings_t input_chan_bindings
  ,
• const gss_name_t src_name,
• gss_OID mech_type,
• gss_buffer_t output_token,
• OM_uint32 ret_flags,
• OM_uint32 time_req,
• gss_cred_id_t dlegated_cred_handle )

56
Data Protection Integrity

• The message is given a Mechanism Integrity Code
  (MIC) that can be checked by the recipient to
  ensure that the received message is the same as
  the one sent. The following function generates a
  MIC.
• OM_uint32 gss_get_mic (
• OM_uint32 minor_status,
• const gss_ctx_id_t context_handle,
• gss_qop_t qop_req,
• const gss_buffer_t message_buffer,
• gss_buffer_t msg_token )

• It returns GSS_S_COMPLETE if it completes
  successfully.

57
Cntd

• The following function verifies message integrity
  code (MIC).
• OM_uint32 gss_verify_mic (
• OM_uint32 minor_status,
• const gss_ctx_id_t context_handle,
• const gss_buffer_t message_buffer,
• const gss_buffer_t token_buffer,
• gss_qop_t qop_state)
• It returns GSS_S_COMPLETE if it completes
  successfully.

58
Data Protection Confidentiality

• Messages can be encrypted using the following
  function It also provides a MIC encrypts a
  given message.
• OM_uint32 gss_wrap (
• OM_uint32 minor_status,
• const gss_ctx_id_t context_handle,
• int conf_req_flag,
• gss_qop_t qop_req
• const gss_buffer_t input_message_buffer,
• int conf_state,
• gss_buffer_t output_message_buffer )

59
Data Protection Confidentiality

• Messages can be decrypted using the following
  function.
• OM_uint32 gss_unwrap (
• OM_uint32 minor_status,
• const gss_ctx_id_t context_handle,
• const gss_buffer_t input_message_buffer,
• gss_buffer_t output_message_buffer,
• int conf_state
• gss_qop_t qop_state )
• It returns GSS_S_COMPLETE if the message was
  successfully decrypted.

60
(No Transcript)