CSCE 813 Internet Security Fall 2006 Csilla Farkas farkascse'sc'edu

1
CSCE 813 Internet SecurityFall 2006Csilla
Farkasfarkas_at_cse.sc.edu
2
Reading Assignment
For Aug. 31 Form Modelling and Analysis of
Security Protocols Sections 0.8-0.12
3
Protocol

• Sequence of interactions between entities to
  achieve a certain end
• Types of protocols
• Diplomatic
• Communication
• Graduation
• Security
• Etc.

4
Security Objectives

• Confidentiality prevent/detect/deter improper
  disclosure of information
• Integrity prevent/detect/deter improper
  modification of information
• Availability prevent/detect/deter improper
  denial of access to services

5
Security Protocols

• Cryptographic protocols
• Services secrecy, integrity, authentication, key
  exchange, non-repudiation, etc.
• Components communicating parties (nodes),
  trusted third party, encryption algorithms, hash
  functions, timestamps, nonce, etc.

6
Security Properties Secrecy

• Non-interference Intruder should not be able to
  deduce anything about the legitimate users
  activities
• Message confidentiality intruder cannot derive
  the plaintext of messages passed between two
  legitimate nodes

7
Security Properties Authentication of Origin

• Verify
• Who sent the message?
• Who sent the message to whom?
• Who sent the message to whom and how many times?

8
Security Properties Entity Authentication

• Similar to authentication of origin but has
  timeliness
• Repeated form of origin authentication

9
Security Properties Integrity

• Data cannot be corrupted
• Content of output messages match the content of
  the input message

10
Security Properties Authenticated Key-Exchange
Im calling from your utilities company. We need
your SSN, billing address, and

• Share a secret key with another person and know
  for sure who this other person is

11
Security Properties Non-repudiation

• Legitimate participants
• Against possible cheating
• Signature-type mechanism

12
Security Properties Fairness

• Legitimate participants
• Prevents one of the participants to gain
  advantage over another by halting the protocol
  part-way through

13
Security Properties Anonymity

• Over some sets of events
• Shuffling the events will not change an
  observers view
• Occurrence of events?
• Accountability

14
Security Properties Availability

• To be able to achieve the goals

15
Cryptography

• Symmetric secret key
• Asymmetric public-key
• Hash functions
• Public-key certification
• Encryption modes
• Digital signatures
• Nonces, timestamps, and trusted third party

16
Types of Attacks

• Interruption an asset is destroyed, unavailable
  or unusable (availability)
• Interception unauthorized party gains access to
  an asset (confidentiality)
• Modification unauthorized party tampers with
  asset (integrity)
• Fabrication unauthorized party inserts
  counterfeit object into the system (authenticity)

17
Typical Attacks Against Security Protocols

• Man-in-the-middle
• Message replay
• Reflection
• Oracle
• Interleave
• Failure of forward secrecy
• Algebraic attacks

18
Protocol Evaluation

• Discussion
• Problem 1 interleaving attack on page 31
• Problem 2 protocol on page 3 to establish a new
  key between Anne and Bob, using Jeeves (trusted
  third party)