Network Security Network security consists of the provisions and polices to prevent and monitor unauthorized access, misuse,

modification, network-accessible resources. Network security involves the authorization of access to data in a network. Network security covers a variety of computer networks, both public and private, that are used in everyday jobs conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access. Network security is involved in organizations, enterprises, and other types of institutions Security Requirements Confidentiality Integrity Authentication Non-repudiation Availability Access control

Passive Threats Release of a message contents:

Contents of a message are read. > A message may be carrying sensitive or confidential data.

Traffic analysis: An intruder makes inferences by observing message patterns. > Can be done even if messages are encrypted.

Active Threats Masquerade:

An entity pretends to be some other entity.

An entity captures an authentication sequence and replays it later to impersonate the original entity. Replay:

Involves capture of a data unit and its retransmission to produce an unauthorized effect. Modification of messages:

A portion of a legitimate message has been altered to produce an undesirable effect. Denial of service:

Inhibits normal use of computer and communications resources. > Flooding >Swamping of CPU or a server.

Passive vs. Active Attacks 1. Passive Attacks: o Eavesdropping on information without modifying it.

2. Active Attacks: o Involve modification or creation of info. Security Attacks Interruption: An asset of the system is destroyed or becomes unavailable or unusable. This is an attack on availability.

Examples: Destroying some H/W (disk or wire). Disabling file system. Swamping a computer with jobs or communication link with packets. Interception: An unauthorized party gains access to an asset. O This is an attack on confidentiality. Examples: >Wiretapping to capture data in a network. >Illicitly copying data or programs.

Modification: An unauthorized party gains access and tampers an asset. oThis is an attack on integrity. Examples: Changing data files. Altering a program. Altering the contents of a message.

Fabrication: An unauthorized party inserts a counterfeit object into the system. O This is an attack on authenticity. Examples: > Insertion of records in data files. > Insertion of spurious messages in a network. (message replay).

Cryptography Greek words for Secret Writing. Cipher vs. Code 1. Cipher: a character-to-character or bit-to-bit transformation . 2. Code: replace one word with another word or symbol. The art of devising ciphers is called cryptography The art of breaking ciphers is called cryptanalysis

Encryption Model

The Caesar cipher would work by taking each letter in the plaintext message and substituting the letter that is kletters later (allowing wraparound, i.e., having the letter "a" follow the letter "z") in the alphabet. For example if k=4, then the letter "a" in plaintext becomes "d" in ciphertext; "b" in plaintext becomes "e" in ciphertext, and so on. Here, the value of k serves as the key. As an example, the plaintext message I like it. becomes f ifhb fq." in ciphertext. if you knew that the Caesar cipher was being used, as there are only 25 possible key values. Monoalphabetic cipher An improvement to the Caesar cipher is the so-called monoalphabetic cipher that also substitutes one letter in the alphabet with another letter in the alphabet. However, rather than substituting according to a regular pattern.

plaintext letter: a b c d e f g h i f k l m n o p q r s t u v w x y z ciphertext letter:m n b v c x z a s d f g h j k l p o i u y t r e w q Transposition Ciphers A transposition cipher. Keyed by a phrase such as MEGABUCK. The letter in the key indicated the order of columns to be output. Plaintext horizontally read in, ciphertext read out column by column.

Two Fundamental Cryptographic Principles Redundancy: Messages must contains some redundancy. E.g., Last three bytes of encrypted packet content are product # and quantity. Recent fired employee can capture the packet replace the last three byte quantity field with a random number.

Freshness Some method is needed to foil replay attacks.

Three types of cryptography

Symmetric Cryptographic Algorithm

Public-Key Algorithms 1976 Dillfie and Hellman proposed crypto scheme with two keys; public key and private key. Requirement: Must be computationally easy to encipher/decipher msg using these keys. Must be computationally infeasible to derive the private key from public key. Must be computationally infeasible to determine the private key from a chosen plaintext attack.

RSA

RSA

Choose two large prime numbers, p and q. Compute n = pq and z = (p-1)(q-1). Choose a number, e, less than n, which has no common factors (other than 1) with z. (In this case, e and z are said to be relatively prime). The letter 'e' is used since this value will be used in encryption. Find a number, d, such that ed -1 is exactly divisible (i.e., with no remainder) by z. The letter 'd' is used because this value will be used in decryption. Put another way, given e, we

choose d such that the integer remainder when ed is divided by z is 1. (The integer remainder when an integer x is divided by the integer n, is denoted x mod n). The public key that Bob makes available to the world is the pair of numbers (n,e); his private key is the pair of numbers (n,d). C=me mod n M=cd mod n

Example of RSA

As a simple example of RSA, suppose p=5 and q=7 (admittedly, these values are far too small to be secure). Then n=35and z=24. e=5, since 5 and 24 have no common factors. Finally, d=29, since 5*29 - 1 (i.e., ed -1 ) is exactly divisible by 24.

Now we have n=35 and e=5, public and keeps the value d=29 secret.

plaintext letter

m: numeric representation

me

ciphertext c = me mod n

12

248832

17

15

759375

15

22

5153632

22

3125

10

plaintext letter

m: numeric representation

me

ciphertext c = me mod n

12

248832

17

15

759375

15

22

5153632

22

3125

10

Digital Signatures digital signatures provide the ability to: verify sender`s, date & time of signature authenticate message contents at the time of signature The sender cannot later repudiate the content of the message. The receiver cannot possibly have concocted the message himself.

Symmetric-Key Signatures Public-Key Signatures Message Digests The Birthday Attack

Symmetric-Key Signatures Digital signatures with Big Brother (BB: a central authority trust by everyone; knows everything!). Everyone (i) carries secret key Ki to BBs office. Alice enciphers the following data with her secret key KA (B:Bobs ID, RA: a random number chosen by Alice, t: timestamp, P: plaintext msg.); send it to BB.

BB deciphers with KA; encrypted the data together with a signed msg KBB(A, t, P) using Bs secret key.

Public-Key Signatures Digital signatures using public-key cryptography. 1991, NIST proposed Digital Signature Standard (DSS) using variant of the EL Gamal public key algorithm (discrete logarithm). But it is too secret (NSA designed); too slow (10-40 times slower than RSA for checking signature); to new (not yet thoroughly analyzed); to insecure (fixed 512bits; later changed to 1024 bits)

Message Digests Authentication without encrypting the entire msg. 4 properties of Message Digest (MD hash function: arbitrarily long plaintext fixed-length bit string. Given P, it is easy to compute MD(P). Given MD(P), it is effectively impossible to find P. Given P no one can find P such that MD(P)=MD(P). A change to the input of even 1 bit produces a very different output.

For example, Instead of KBB(A, t, P) , we have KBB(A, t, MD(P))

Digital signatures using message digests.

The Birth Day Attack It takes 2m operations to attack m-bit MD. But it takes 2m/2 operations using birthday attack. Yuval 1979 paper on how to swindle Rabin Example: two tenure faculty up for promotion: Tom and Dick. Tom earlier by two years. Tom asks Dept. Chair, Marilyn to write recommendation letter: Secretary Ellen Loves Dick. She prepares two letters.

Official Letter 1 Dear Dean Smith, This [letter I message] is to give my [honest I frank] opinion of Prof. Tom Wilson, who is [a candidate I up] for tenure [now I this year]. I have [known I worked with] Prof. Wilson for [about I almost] six years. He is an [outstanding I excellent] researcher of great [talent I ability] known [worldwide I internationally] for his [brilliant I creative] insights into [many I a wide variety of] [difficult I challenging] problems. He is also a [highly I greatly] [respected I admired] [teacher I educator]. His students give his [classes I courses] [rave I spectacular] reviews. He is [our I the Department's] [most popular I best-loved] [teacher I instructor]. [In addition I Additionally] Prof. Wilson is a [gifted I effective] fund raiser. His [grants I contracts] have brought a [large I substantial] amount of money into [the I our] Department. [This money has I These funds have] [enabled I permitted] us to [pursue I carry out] many [special I important] programs, [such as I for example] your State 2000 program. Without these funds we would [be unable I not be able] to continue this program. which is so [important I essential] to both of us. I strongly urge you to grant him tenure. Fake Letter Dear Dean Smith. This [letter I message] is to give my [honest I frank] opinion of Prof. Tom Wilson, who is [a candidate I up] for tenure [now I this year]. I have [known I worked with] Tom for [about I almost] six years. He is a

[poor I weak] researcher not well known in his [field I area]. His research [hardly ever I rarely] shows [insight in I understanding of] the [key I major] problems of [the I our] day. Furthermore, he is not a [respected I admired] [teacher I educator]. His students give his [classes I courses] [poor I bad ] reviews. He is [our I the Department's] least popular [teacher I instructor], known [mostly I primarily] within [the I our] Department for his [tendency I propensity] to [ridicule I embarrass] students [foolish I imprudent] enough to ask questions in his classes. [In addition I Additionally] Tom is a [poor I marginal] fund raiser. His [grants I contracts] have brought only a [meager I insignificant] amount of money into [the I our] Department. Unless new [money is I funds are] quickly located, we may have to cancel some essential programs, such as your State 2000 program. Unfortunately, under these [conditions I circumstances] I cannot in good [conscience I faith] recommend him to you for [tenure I a permanent position].