CSCE 790: Computer Network Security - PowerPoint PPT Presentation

1 / 41

About This Presentation

Title:

CSCE 790: Computer Network Security

Description:

Using Soft Sequence Numbers. 10/2 ... Routing Information Protocol (RIP) ... Better than custom security mechanisms that have been proposed for some protocols ... – PowerPoint PPT presentation

Number of Views:18

Avg rating:3.0/5.0

Slides: 42

Provided by: chintse

Learn more at: http://www.cse.sc.edu

Category:

more less

Transcript and Presenter's Notes

Title: CSCE 790: Computer Network Security

1
CSCE 790Computer Network Security

Chin-Tser Huang
huangct_at_cse.sc.edu
University of South Carolina

2
A Security Problem in Network

An adversary that has access to a network can
insert new messages, modify current messages, or
replay old messages in the network
These inserted, modified, and replayed messages
can go undetected until they cause severe damage
to network
The physical location of the adversary in network
may never be determined
Example denial-of-service attacks

3
Denial-of-Service (DoS) Attacks

Aimed to deny normal service provided by the
target computer
Communication-stopping attacks
ARP spoofing attack
Resource-exhausting attacks
Smurf attack
SYN attack

4
Ping Protocol

Allow any computer to check whether any other
computer in the Internet is up
Any computer x can send a ping message to any
computer y which replies by sending back a pong
message (thus x knows y is up)
In ping message src x and dst y
In pong message src y and dst x

ping(x, y)
x
y
pong(y, x)
5
Broadcast Ping Protocol

If in ping message dst all, a copy of ping is
broadcast to every computer
Each computer replies by sending back a pong, and
x is flooded with pong messages
In ping message src x and dst all
In pong message src y and dst x

y
pong(y,x)
ping(x,all)
x
y
pong(y, x)
6
Smurf Attack

An adversary pretends to be x and broadcasts a
ping message where src x and dst all
Thus, x is flooded with pong messages that it has
not requested denial-of-service attack at x

y
a
ping(x,all)
pong(y,x)
x
y
pong(y, x)
7
Countering Smurf Attack

Make each router check the src of each received
message and discard the message if the src is
suspicious

srcx shouldnt come to me
y
a
ping(x, all)
x
y
8
Clever Smurf Attack

An adversary inserts a ping(x, all) message
between routers R2 and R3
R3 thinks the message was forwarded by R2 and so
accepts the message

a
y
ping(x, all)
x
y
9
Countering Clever Smurf Attack

When R3 receives a message, R3 needs to determine
whether message was indeed sent by R2, or was
modified or replayed by an adversary between R3
and R2
If use IPSec, will need to set up SAs between
each pair of adjacent routers too expensive
Our solution use hop integrity protocol between
each pair of adjacent routers

10
Hop Integrity

Let p, q be routers connected to same subnetwork
Detection of Message Modification
when q receives a message m supposedly from p, q
can check that m was not modified after sent
Detection of Message Replay
when q receives a message m supposedly from p, q
can check that m was not a replay of an old
message

11
Adversary vs. Routers

The adversary can perform three types of actions
to disrupt communication between two routers
Message loss
Message modification
Message replay
The routers are assumed to be secure and cannot
be compromised by the adversary
The routers will execute hop integrity protocols
that can detect and defeat the adversary actions

12
Hop Integrity Protocol

Each pair of adjacent routers need to share a
secret S, which is updated periodically by the
two routers using a secret exchange protocol
To each IP message sent between two adjacent
routers, add a sequence number sq, and an
integrity check d

d MD(S hd sq txt) d 16 bytes if MD5 20
bytes if SHA-1 MD MD5 or SHA-1 sq 4 bytes
hd
txt
IP message
hd
txt
sq
d
13
Architecture of Hop Integrity Protocols

router p

router q

Applications

Application
s

Transport

Transport

secret

qe

pe
exchange

secrets
secrets
layer

Network

Network

integrity

check

qw

or

qs

pw

or

ps

layer

Subnetwork

Subnetwork

.

14
Component of Hop Integrity Protocols

Three protocols between each pair of adjacent
routers
secret exchange protocol
weak integrity protocol
strong integrity protocol

15
Secret Exchange Protocol

Each router p has a secret S that it uses for
computing the digest of every msg sent to an
adjacent router q
Both p and q need to know S
S is updated by q every T hours
If q does not receive acknowledgment from p for t
seconds, q retransmits the secret update message

16
Secret Exchange Protocol
S0
q
p
S
S1
S0 S1 S
S0 old S1 new
Bp?S0, S1?
if S S0 ? S S1 then S S1
Bq?S?
if S1 S then S0 S1
S0 S1 S
T hours
S0 old S1 new
Bp?S0, S1?
if S S0 ? S S1 then S S1
Bq?S?
if S1 S then S0 S1
S0 S1 S
17
Recovery in Secret Exchange Protocol
S0
q
p
S
S1
S0 S1 S
S0 old S1 new
Bp?S0, S1?
t seconds
S0 S ? S1
Bp?S0, S1?
if S S0? S S1 then S S1
Bq?S?
t seconds
S1 S ? S0
Bp?S0, S1?
if S S0? S S1 then S S1
Bq?S?
if S1 S then S0 S1
S0 S1 S
18
Weak Integrity Protocol

To detect insertion and modification
Each sent msg from p to q is as follows
(hd d txt)
where p computes d as
d MD(S hd txt)
On receiving a msg, q checks
if d MD(S0 hd txt) ?
d MD(S1 hd txt)
then q forwards msg
else q discards msg

19
Weak Integrity Protocol
S0
q
p
S
S1
(hd d txt)
. .
20
Strong Integrity

To detect replay, successive sequence numbers are
attached to all sent msgs from p to q
Problem with reset
If p is reset, unbounded number of fresh messages
are discarded by q
If q is reset, it can accept unbounded number of
replayed messages
Two solutions to overcome reset
Soft sequence numbers
Hard sequence numbers

21
Soft Sequence Numbers

Successive sequence numbers are attached to all
sent msgs from p to q
(hd sq txt)
q maintains two variables
exp sequence number of next msg
c msgs received
On receiving a msg, q checks
if (exp ? sq) ? (c random value cmax)
then q forwards msg
else q discards msg
fi q updates exp, c, cmax

22
Soft Sequence Numbers
exp
q
p
sq
c
cmax
sq
(hd sq txt)
sq1
. .
23
Strong Integrity ProtocolUsing Soft Sequence
Numbers

Each sent msg from p to q is as follows
(hd sq d txt)
where p computes d as
d MD(S hd sq txt)
On receiving a msg, q checks
if (d MD(S0 hd sq txt) ?
d MD(S1 hd sq txt) ) ?
(exp ? sq ? c random value cmax)
then q forwards msg
else q discards msg
fi q updates exp, c, cmax

24
Hard Sequence Numbers

To overcome reset, use two operations SAVE and
FETCH
When SAVE is executed, the last sequence number
will be stored in persistent memory
When FETCH is executed, the last stored sequence
number will be loaded from persistent memory into
memory

25
Strong Integrity ProtocolUsing Hard Sequence
Numbers

Each sent msg from p to q is as follows
(hd sq d txt)
where p computes d as
d MD(S hd sq txt)
On receiving a msg, q checks
if (d MD(S0 hd sq txt) ?
d MD(S1 hd sq txt) ) ? (exp ? sq)
then q forwards msg
else q discards msg
fi q updates exp
p and q executes SAVE periodically
When waking up from a reset, p (or q) executes
FETCH to fetch last stored seq, executes SAVE to
store next seq, and continues after SAVE
finishes

26
Other Applications of Hop Integrity

Mobile IP
Secure multicast
Security of routing protocols

27
Mobile IP

A mobile computer c can visit a foreign network F
other than its home network H
Msgs destined for c will be received by its home
agent (HA) and forwarded to its foreign agent (FA)

m
m
home agent (HA)
c
Internet
m
F
H
foreign agent (FA)
28
Problem with Mobile IP

Mobile computer c can send a msg thru FA
However, this msg may be filtered out by next
router q because its source address is strange

?
m
home agent (HA)
q
c
Internet
m
H
F
foreign agent (FA)
29
Mobile IP with Hop Integrity

With integrity check d added to msg m, q can
check that m was indeed forwarded by FA
Thus, q ignores strange source of msg m and
forwards m toward its ultimate destination

m
d
m
d
home agent (HA)
q
c
Internet
m
d
H
F
foreign agent (FA)
30
Multicast

Multicast msgs are forwarded through a spanning
tree from root to every multicast destination
If a destination receives a multicast msg, then
each destination receives a copy of same msg with
high probability

31
Multicast

Multicast msgs are forwarded through a spanning
tree from root to every multicast destination
If a destination receives a multicast msg, then
each destination receives a copy of same msg with
high probability

32
Multicast

Multicast msgs are forwarded through a spanning
tree from root to every multicast destination
If a destination receives a multicast msg, then
each destination receives a copy of same msg with
high probability

33
Multicast

Multicast msgs are forwarded through a spanning
tree from root to every multicast destination
If a destination receives a multicast msg, then
each destination receives a copy of same msg with
high probability

34
Security Problem with Multicast

If adversary inserts or modifies a multicast msg
between two routers in middle of tree, then only
a small fraction of multicast destinations
receive the inserted or modified msg

35
Multicast with Hop Integrity

With hop integrity, an inserted or modified
multicast message will be detected and discarded
at its first hop in the spanning tree

36
Routing Information Protocol (RIP)

Every 30 seconds, RIP process in router R sends
its routing table in a response msg to RIP
process in each adjacent R
R updates its routing table when it receives a
response msg from any adjacent R
Security problem

R?
R
RIP
RIP
UDP
IP
IP
37
RIP with Hop Integrity

With hop integrity, the response msgs are
protected against message modification,
insertion, and replay

R?
R
RIP
RIP
UDP
Secret Update
Secret Update
IP
IP
Integrity Check
Integrity Check
38
Security of Routing Protocols

Hop integrity can also provide uniform protection
(against message modification, insertion, and
replay) for other routing protocols
OSPF protocols (Hello, Exchange, Flood)
RSVP
Better than custom security mechanisms that have
been proposed for some protocols

39
Implementation of Hop Integrity