Lecture 37 Computer Security

1
Lecture 37Computer Security

• Phillip G. Bradford
• Computer Science Department
• The University of Alabama

2
Gorgas House CS Party!

• Congratulate Seniors
• CS Advisory Board
• Thursday 1-May _at_ 600pm
• Gorgas House
• Check out
• http//www.cs.ua.edu/9-gorgas.htm

3
Announcements

• Talk Friday
• Professor Michiel Smid
• Carleton University
• Approximating geometric bottleneck shortest
  paths
• Prof. Smid will be discussing foundations of
  theory that lead to important applications

4
Announcements

• Click Here for a very important Announcement !
• Any students whom are interested, I will offer my
  full support!
• Please consider this!

5
Announcements

• Final Exam
• Comprehensive
• Outline
• Practice Exam
• Graduate Projects
• Im here to help
• Let me know what I can do!

6
Project

• How is it going?
• Team leads for Friday
• How to proceed
• Top-Down
• Start with the diagram on the slide of the last
  lecture!
• Build classes suiting the diagram

7
Cryptographic Systems

• Basics
• Negotiation of Security Parameters
• Mutual Authentication
• Private Key Exchange
• Communication
• Note TLS (SSL 3.1) is Transport Layer Security
• What about SUB-Transport layer?

8
Network Encryption

• Link-Level Encryption
• Pros traffic analyses
• Cons Decrypting at Routers
• End-to-End Encryption
• Pros Routers can be routers
• Cons traffic analyses

9
Introduction to IP Security

• Sub-Transport-Layer
• IPSec Architecture (RFC 1636)
• Examples for LAN and WAN
• Need to build VPNs
• Local Connectivity to secure ISPs
• Trusted Partners
• E-Commerce Security, payments, etc.

10
Introduction to IPSec

• Recall ISO Layers
• Physical cables
• Data-link physical frames of data
• Network address/route specifications
• Transport reliable end-to-end packets
• Internet TCP and UDP
• Session how a session is run
• Presentation presenting the data
• Application programs

11
Introduction to IPSec

• IPsec is before the transport layer
• Why?
• It is all physical security earlier
• Though, addressing could be free of geographical
  information
• Software uses TCP or UDP to transmit IP
  datagrams, so having IPSec before TCP and UDP
  makes it transparent!
• Easy to make VPNs, etc.
• Compare to TLS (SSL)

12
IPSec Parts

• Architecture
• ESP (Encapsulating Security Payload)
• AH (Authentication Header)
• Encryption Algorithm
• Authentication Algorithm
• Key Management

13
IPSec Modes

• Tunnel Mode
• Pack your IP packets in other IP packets
• Like Link-level encryption
• Maybe behind a firewall, etc.
• Routers cant get data or details
• Transport Mode
• End-to-End encryption
• For the data portion of the IP datagram
• AH mode authenticates parts of the IP header

14
AH Header

• Data integrity Authentication of IP datagrams
• Prevent modifications to packets
• What does this mean?
• Prevents Replay attacks
• Sequence number counter
• An SA only has 232 -1 packets in sequence
• Must establish another SA after it runs out

15
AH Header

• Receiving Window
• Receiver accepts packets stores them for
  sequencing
• Recall IP does not guarantee order or arrival
• UDP
• AH Message Digest
• Fixed IP fields
• Eg., no TTL (Time to live)
• All data

16
AH Function

• Must Implement
• HMAC-MD5-96 with 128 bit key
• HMAC-SHA-1-96
• Why these hash functions?
• Faster than many symmetric encryptions
• MD5 by Rivest
• No key, just message digest
• From 512 bits to 128 bits

17
AH Function MD5

• MD5, cont
• Every bit of hash output depends on every bit of
  input
• Rivests conjecture in RFC
• Challenge of finding two colliding inputs 264
  ops
• Pre-image Challenge of finding input given an
  output is 2128 ops
• Why are these different?
• SHA-1 Secure Hash Algorithm

18
AH Function HMAC

• MAC message authentication code
• HMAC uses some Hash function
• Hash functions dont have keys
• HMAC integrates a key into a specified Hash
  function
• HMACk H (K XOR opad) Y
• Y H(K XOR opad) M
• Where opad 010110101 b/8 times
• And ipad 00110110 b/8 times

19
ESP Format

• SPI security parameter index
• Sequence number
• Payload data
• Padding
• Padding length
• Next header
• Authentication data
• Denotes encrypted

20
ESP Ciphers

• Must have
• DES in CBC mode
• Other methods
• Three-key triple DES
• Three-key triple IDEA
• IDEA
• CAST
• Others

21
SA ESP

• Uses authentication data field for
  authentication, see AH
• ESP Transport Mode
• Encrypt IP datagrams
• ESP header in the data field of the IP datagram
• Authentication covers all of ESP data
• Including header

22
SA ESP

• Tunnel Mode ESP
• Used for VPNs
• Firewalls connecting a potential VPN
• Encapsulate ESP encrypted IP datagram packet
• Into other IP packets routed only to the VPN
  front-end firewalls

Internet
Proxy Firewall
Proxy Firewall
23
IPSec Key Management

• Manual
• Assign keys by hand to different parts of network
• Small Static situations
• Automated
• On-demand key generation
• ISAKMP/Oakley

24
IPSec Key Management

• Oakley Key Determination
• Uses Diffie-Hellman other measures
• ISAKMP Internet Security Association and Key
  Management Protocol
• Framework for Internet Key management

25
ISAKMP

• Allows Conference Calls
• Multiple key sets of Diffie-Hellman
• Authenticates Diffie-Hellman key exchanges
• Mechanisms for stopping
• Replay Attacks
• Clogging Attacks

26
Network IssuesPoints of Vulnerability

• Addressing Schemes
• IEEE 802 LAN 16 to 48 bit addressing
• Ethernet 48 bit addressing
• X.25 12 base-10 digit addressing
• IPv4 32 bits, source and destination each
• IPv6 128 bits, source and destination each
• Different Data Sizes