1436ac348e3205221d0a372181396835.ppt
- Количество слайдов: 41
Chapter 20: Network Security Business Data Communications, 4 e
Security Threats Passive attacks n n Eavesdropping on, or monitoring, transmissions Electronic mail, file transfers, and client/server exchanges are examples of transmissions that can be monitored Active attacks n n Modification of transmitted data Attempts to gain unauthorized access to computer systems 2
資訊 安全之重點 機密性 (Confidentiality) 真實性 (Authentication) 完整性 (Integrity) 不可否認性 (Non-repudiation) 存取控制 (Access control) 可用性 (Availability) 3
Encryption Methods The essential technology underlying virtually all automated network and computer security applications is cryptography Two fundamental approaches are in use: n n conventional encryption, also known as symmetric encryption public-key encryption, also known as asymmetric encryption 4
Conventional Encryption The only form of encryption prior to late 1970 s Five components to the algorithm n n n Plaintext: The original message or data Encryption algorithm: Performs various substitutions and transformations on the plaintext. Secret key: Input to the encryption algorithm. Substitutions and transformations performed depend on this key Ciphertext: Scrambled message produced as output. depends on the plaintext and the secret key Decryption algorithm: Encryption algorithm run in reverse. Uses ciphertext and the secret key to produce the original plaintext. 5
Conventional Encryption Operation 6
Conventional Encryption Requirements & Weaknesses Requirements n n A strong encryption algorithm Secure process for sender & receiver to obtain secret keys Methods of Attack n n Cryptanalysis Brute force 7
Data Encryption Standard (DES) Adopted in 1977, reaffirmed for 5 years in 1994, by NBS/NIST Plaintext is 64 bits (or blocks of 64 bits), key is 56 bits Plaintext goes through 16 iterations, each producing an intermediate value that is used in the next iteration. DES is now too easy to crack to be a useful encryption method 8
Triple DES - TDEA Alternative to DES, uses multiple encryption with DES and multiple keys With three distinct keys, TDEA has an effective key length of 168 bits, so is essentially immune to brute force attacks Principal drawback of TDEA is that the algorithm is relatively sluggish in software 9
Triple DES - TDEA 10
Key Size Matters! Information Lifetime Centuries Decades 168 -bits Years 56 -bits Hours 40 -bits 100’s 10 K 1 M 10 M Budget ($) 100 M *Triple-DES (recommended for commercial & corporate information)
Average Time Required for Exhaustive Key Search 12
Public-Key Encryption Based on mathematical functions rather than on simple operations on bit patterns Asymmetric, involving the use of two separate keys Misconceptions about public key encryption n n it is more secure from cryptanalysis it is a general-purpose technique that has made conventional encryption obsolete 13
Public-Key Encryption Components Plaintext Encryption algorithm Public key Private key Ciphertext Decryption algorithm 14
Public-Key Encryption Operation 15
Public-Key Signature Operation 16
Characteristics of Public-Key Infeasible to determine the decryption key given knowledge of the cryptographic algorithm and the encryption key. Either of the two related keys can be used for encryption, with the other used for decryption. Slow, but provides tremendous flexibility to perform a number of security-related functions Most widely used algorithm is RSA 17
Key Length Symmetric Cipher (Conventional) 40 Bits 56 Bits 64 Bits 80 Bits 96 Bits 112 Bits 120 Bits 128 Bits 192 Bits Asymmetric (RSA/D-H) 274 Bits 384 Bits 512 Bits 1024 Bits 1536 Bits 2048 Bits 2560 Bits 3072 Bits 10240 Bits Performance 30~200 1 18
Hybrid Encryption Technology: PGP (Pretty Good Privacy) Hybrid Encryption Technique n n n First compresses the plaintext. Then creates a session key, which is a one-time-only secret key. Using the session key, apply a fast conventional encryption algorithm to encrypt the plaintext. The session key is then encrypted to the recipient’s public key. This public key-encrypted session key is transmitted along with the ciphertext to the recipient. 19
PGP Encryption 20
PGP Decryption The recipient uses its private key to recover the temporary session key Use the session key to decrypt the conventionally-encrypted ciphertext. 21
PGP Decryption 22
Location of Encryption Devices Link encryption n Each vulnerable communications link is equipped on both ends with an encryption device. All traffic over all communications links is secured. Vulnerable at each switch End-to-end encryption n the encryption process is carried out at the two end systems. Encrypted data are transmitted unaltered across the network to the destination, which shares a key with the source to decrypt the data Packet headers cannot be secured 23
Conventional Encryption Key Distribution Both parties must have the secret key Key is changed frequently Requires either manual delivery of keys, or a third-party encrypted channel Most effective method is a Key Distribution Center (e. g. Kerberos) 24
Secure Conventional Key Distribution Session Key 25
Public-Key Encryption Key Distribution Parties create a pair of keys; public key is broadly distributed, private key is not To reduce computational overhead, the following process is then used: PGP 1. Prepare a message. 2. Encrypt that message using conventional encryption with a one-time conventional session key. 3. Encrypt the session key using public-key encryption with recipient’s public key. 4. Attach the encrypted session key to the message and send it. 26
Digital Signatures Digital signatures enable the recipient of information to verify the authenticity of the information’s origin, and also verify that the information is intact. Public key digital signatures provide n n n authentication data integrity non-repudiation Technique: public key cryptography 27
Simple Digital Signatures Sender’s Private Key Sender’s Public Key 28
Digital Signature Process MD 5 rfc 1321 29
Public Key Certificates 1. A public key is generated by the user and submitted to Agency X for certification. 2. X determines by some procedure, such as a face-to-face meeting, that this is authentically the user’s public key. 3. X appends a timestamp to the public key, generates the hash code of the result, and encrypts that result with X’s private key forming the signature. 4. The signature is attached to the public key. 30
Web Vulnerabilities Unauthorized alteration of data at the Web site Unauthorized access to the underlying operating system at the Web server Eavesdropping on messages passed between a Web server and a Web browser Impersonation 31
Methods for Improving Web Security Securing the Web site itself n n n install operating system security patches install the Web server software with minimal system privileges use a more secure platform Securing the Web application 32
Web Application Security Secure Hyper. Text Transfer Protocol (SHTTP) Secure Sockets Layer (SSL) Web server packages should incorporate both of these protocols 33
Virtual Private Networks (VPNs) The use of encryption and authentication in the lower protocol layers to provide a secure connection through an otherwise insecure network, typically the Internet. Generally cheaper than real private networks using private lines but rely on having the same encryption and authentication system at both ends. The encryption may be performed by firewall software or possibly by routers. 34
VPN (Virtual Private Network) 35
VPN技術 穿隧技術 (Tunneling) n n n IPSec (IP Security) PPTP (Point-to-Point Tunneling Protocol) L 2 TP (Layer 2 Tunneling Protocol) 加解密技術 (Encryption/Decryption) n Private/Public/Hybrid Key Encryption 密鑰管理 (Key Management) n n SKIP (Simple Key Management for IP) IKE (ISAKMP/Oakley) 使用者與設備身份認證技術 n n (Authentication) Username/Password + Token Number X. 509 Certificate by Certificate Authority (CA) 36
IPSec Can secure communications across a LAN, WANs, and/or the Internet Examples of use: n n Secure branch office connectivity over the Internet Secure remote access over the Internet Establishing extranet and intranet connectivity with partners Enhancing electronic commerce security 37
Benefits of IPSec When implemented in a firewall or router, provides strong security for all traffic crossing the perimeter IPSec in a firewall is resistant to bypass Runs below the transport layer (TCP, UDP) and so is transparent to applications Can be transparent to end users Can provide security for individual users if needed 38
IPSec Functions IPSec provides three main facilities n n n authentication-only function referred to as Authentication Header (AH) combined authentication/encryption function called Encapsulating Security Payload (ESP) a key exchange function For VPNs, both authentication and encryption are generally desired 39
ESP Encryption & Authentication 40
IPSec Key Management Manual n n System administrator manually configures each system with its own keys and with the keys of other communicating systems Practical for small, relatively static environments Automated n n Enables the on-demand creation of keys for SAs and facilitates the use of keys in a large distributed system Most flexible but requires more effort to configure and requires more software 41
1436ac348e3205221d0a372181396835.ppt