Upload
dhani-ahmad
View
115
Download
0
Tags:
Embed Size (px)
Citation preview
Transforming Lives. Inventing the Future. www.iit.edu
I ELLINOIS T UINS TI TOF TECHNOLOGY
ITM 578 1
Security Technologies
Ray TrygstadITM 478/578 Spring 2004Master of Information Technology & Management ProgramCenter for Professional Development
Slides based on Whitman, M. and Mattord, H., Principles of Information Security; Thomson Course Technology 2003
ITM 578 2
ILLINOIS INSTITUTE OF TECHNOLOGY
Learning Objectives:Upon completion of this lesson the student should be able to:– Define and identify the various types of firewalls.– Discuss the approaches to firewall
implementation.– Discuss the approaches to dial-up access and
protection.– Identify and describe the two categories of
intrusion detection systems.– Discuss the two strategies behind intrusion
detection systems.
ITM 578 3
ILLINOIS INSTITUTE OF TECHNOLOGY
Learning Objectives:Upon completion of this lesson the student should be able to:– Discuss scanning, analysis tools, and content
filters.– Understand trap and trace technologies.– Discuss the process of encryption and define key
terms.– Identify and discuss common approaches to
cryptography.– Compare and contrast symmetric and asymmetric
encryption.– Discuss various approaches to biometric access
control.
ITM 578 4
ILLINOIS INSTITUTE OF TECHNOLOGY
Introduction Information security: a discipline relying on
the synthesis of people, policy, education, training, awareness, procedures, and technology to improve protection of an organization’s information assets
Technical solutions can maintain– Confidentiality, Integrity & Availability of
information– In each of its three states
• Storage• Transmission• processing
ITM 578 5
ILLINOIS INSTITUTE OF TECHNOLOGY
Physical Design of the SecSDLC
The physical design phase of the SecSDLC is made up of two parts:– security technologies– physical security
Physical design takes the logical design, expressed by the information security blueprint and the contingency planning elements and extends the design to the next level
ITM 578 6
ILLINOIS INSTITUTE OF TECHNOLOGY
Physical Design of the SecSDLC
Ana lyze
Physica l Design:Security Technolog ies
Chapter 8
Physica l Design:Physica l Security
Chapter 9
Logica l Design
Implement
Mainta in
FIG URE 8-1 Ph ysical Design wit hin t he SecSDLCPhysical Design within the SecSDLC
ITM 578 7
ILLINOIS INSTITUTE OF TECHNOLOGY
Physical Design of the SecSDLC The physical design phase encompasses the
selection of technologies and processes to manage risk
At the end of the physical design phase you have:– Selected technologies needed to support the information
security blueprint– Defined what the successful solution for a secured
environment will encompass– Designed physical security measures that support the
technical solutions– Prepared to create project plans in the implementation
phase to follow
ITM 578 8
ILLINOIS INSTITUTE OF TECHNOLOGY
Firewalls A firewall is any device that prevents a
specific type of information from moving between the untrusted network outside and the trusted network inside
There are five recognized generations of firewalls
The firewall may be:– a separate computer system– a service running on an existing router or server– a separate network containing a number of
supporting devices
ITM 578 9
ILLINOIS INSTITUTE OF TECHNOLOGY
First Generation Called packet filtering firewalls Examines every incoming packet header and
selectively filters packets based on– address, packet type, port request, and others
factors The restrictions most commonly
implemented are based on:– IP source and destination address– Direction (inbound or outbound)– TCP or UDP source and destination port-requests
ITM 578 10
ILLINOIS INSTITUTE OF TECHNOLOGY
Packet Filtering FirewallPacket filtering router
used as a first generationfirewall Trusted network
Untrusted Network
FilteredFilteredData PacketsData Packets
UnrestrictedUnrestrictedData PacketsData Packets
BlockedBlockedData PacketsData Packets
FIGURE 8-2 Packet Filtering Firewall
ITM 578 11
ILLINOIS INSTITUTE OF TECHNOLOGY
Second Generation Called application-level firewall or proxy server Often a dedicated computer separate from the
filtering router With this configuration the proxy server, rather
than the Web server, is exposed to the outside world in the DMZ
Additional filtering routers can be implemented behind the proxy server
The primary disadvantage of application-level firewalls is that they are designed for a specific protocol and cannot easily be reconfigured to protect against attacks on protocols for which they are not designed
ITM 578 12
ILLINOIS INSTITUTE OF TECHNOLOGY
Third Generation Called stateful inspection firewalls Keeps track of each network connection
established between internal and external systems using a state table which tracks the state and context of each packet in the conversation by recording which station sent what packet and when
If the stateful firewall receives an incoming packet that it cannot match in its state table, then it defaults to its ACL to determine whether to allow the packet to pass
ITM 578 13
ILLINOIS INSTITUTE OF TECHNOLOGY
Third Generation
The primary disadvantage is the additional processing requirements of managing and verifying packets against the state table which can possibly expose the system to a DoS attack
These firewalls can track connectionless packet traffic such as UDP and remote procedure calls (RPC) traffic
ITM 578 14
ILLINOIS INSTITUTE OF TECHNOLOGY
Fourth Generation A dynamic packet filtering firewall allows only a
particular packet with a particular source, destination, and port address to enter through the firewall
Does this by understanding how the protocol functions, and opening and closing “doors” in the firewall, based on the information contained in the packet header
In this manner, dynamic packet filters are an intermediate form, between traditional static packet filters and application proxies
ITM 578 15
ILLINOIS INSTITUTE OF TECHNOLOGY
Fifth GenerationThe final form of firewall is the kernel
proxy, a specialized form that works under the Windows NT Executive, which is the kernel of Windows NT
It evaluates packets at multiple layers of the protocol stack, by checking security in the kernel as data is passed up and down the stack
ITM 578 16
ILLINOIS INSTITUTE OF TECHNOLOGY
Packet-filtering RoutersMost organizations with an Internet
connection have some form of a router as the interface at the perimeter between the organization’s internal networks and the external service provider
Many of these routers can be configured to filter packets that the organization does not allow into the network
ITM 578 17
ILLINOIS INSTITUTE OF TECHNOLOGY
Packet-filtering RoutersThis is a simple but effective means
to lower the organization’s risk to external attack
The drawback to this type of system includes a lack of auditing and strong authentication
The complexity of the access control lists used to filter the packets can grow and degrade network performance
ITM 578 18
ILLINOIS INSTITUTE OF TECHNOLOGY
Screened-Host Firewall Systems Combine the packet-filtering router with a separate,
dedicated firewall such as an application proxy server
Allows the router to pre-screen packets to minimize the network traffic and load on the internal proxy
Application proxy examines an application layer protocol, such as HTTP, and performs the proxy services
This separate host often referred to as a bastion-host, as it represents a single, rich target for external attacks, and should be very thoroughly secured
ITM 578 19
ILLINOIS INSTITUTE OF TECHNOLOGY
FilteredData
Packets
Screened-Host Firewall
Trusted network
Untrusted Network
UnrestrictedData Packets
BlockedData Packets
FIGURE 8-3 Screened Host Firewall
Bastion-host
Application Level Firewall
Proxy access
ITM 578 20
ILLINOIS INSTITUTE OF TECHNOLOGY
Dual-homed Host Firewalls The bastion-host contains two NICs (network
interface cards) One NIC connected to the external network,
and one connected to the internal network With two NICs all traffic must physically go
through the firewall to move between the internal and external networks
A technology known as network-address translation (NAT) is commonly implemented with this architecture to map from real, valid, external IP addresses to ranges of internal IP addresses that are non-routable
ITM 578 21
ILLINOIS INSTITUTE OF TECHNOLOGY
Dual-homed Host Firewall
Trusted network
Untrusted Network
UnrestrictedData Packets
Blocked ExternalData Packets
FIGURE 8-4 Dual-homed Host Firewall
Dual-homed Host used as a firewall providing Network Address Translation
(NAT)External
filtering router
Internalfiltering router
Public IP Addresses NAT assigned local addresses
Blocked InternalData Packets
Proxy Access
ITM 578 22
ILLINOIS INSTITUTE OF TECHNOLOGY
Screened-Subnet Firewalls (with DMZ)
Consists of two or more internal bastion-hosts, behind a packet-filtering router, with each host protecting the trusted network
The first general model consists of two filtering routers, with one or more dual-homed bastion-host between them
ITM 578 23
ILLINOIS INSTITUTE OF TECHNOLOGY
Screened-Subnet Firewalls (with DMZ)
The second general model involves the connection from the outside or untrusted network going through this path:– Through an external filtering router– Into and then out of a routing firewall to the
separate network segment known as the DMZ Connections into the trusted internal
network are allowed only from the DMZ bastion-host servers
ITM 578 24
ILLINOIS INSTITUTE OF TECHNOLOGY
Screened-Subnet Firewall
Trusted network
Untrusted Network
BlockedData Packets
Proxy access
FIGURE 8-5 Screened Subnet (DMZ)
External filtering router Internal
filtering router
Controlled access
Demilitarized zone (DMZ)
ServersServers
ITM 578 25
ILLINOIS INSTITUTE OF TECHNOLOGY
SOCKS Servers The SOCKS system is a proprietary circuit-level
proxy server that places special SOCKS client-side agents on each workstation
Places the filtering requirements on the individual workstation, rather than on a single point of defense (and thus point of failure)
This frees the entry router of filtering responsibilities, but then requires each workstation to be managed as a firewall detection and protection device
A SOCKS system can require additional support and management resources to configure and manage possibly hundreds of individual clients, versus a single device or set of devices
ITM 578 26
ILLINOIS INSTITUTE OF TECHNOLOGY
Selecting the Right Firewall What type of firewall technology offers the
right balance of protection features and cost for the needs of the organization?
What features are included in the base price? What features are available at extra cost? Are all cost factors known?
How easy is it to set up and configure the firewall? How accessible are staff technicians with the mastery to do it well?
Can the candidate firewall adapt to the growing network in the target organization?
ITM 578 27
ILLINOIS INSTITUTE OF TECHNOLOGY
Configuring and Managing Firewalls
Each firewall device will have its own set of configuration rules that regulate its actions
Simple mistakes can turn the device into a choke point
When security rules conflict with the performance of business, security loses since organizations are much more willing to live with a potential risk than a certain failure
ITM 578 28
ILLINOIS INSTITUTE OF TECHNOLOGY
Firewall Recommended Practices All traffic from the trusted network is allowed out The firewall device is always inaccessible directly
from the public network Allow Simple Mail Transport Protocol (SMTP) data
to pass through your firewall, but insure it is all routed to a well-configured SMTP gateway to filter and route messaging traffic securely
All Internet Control Message Protocol (ICMP) data should be denied
Block telnet (terminal emulation) access to all internal servers from the public networks
When Web services are offered outside the firewall, deny HTTP traffic from reaching your internal networks by using some form of proxy access or DMZ architecture
ITM 578 29
ILLINOIS INSTITUTE OF TECHNOLOGY
Dial-Up Protection While internal network connection via
private networks are now less popular due to the high cost of installation, maintenance, and protection, dial-up connections are still quite common
Unsecured, dial-up access represents a substantial exposure to attack– An attacker who suspects that an organization
has dial-up lines can use a device called a war-dialer to locate the connection points
For the most part, simple username and password schemes are the only means of authentication
ITM 578 30
ILLINOIS INSTITUTE OF TECHNOLOGY
Remote Authentication Dial-in User Service RADIUS system centralizes management of user
authentication by placing the responsibility for authenticating each user in the central RADIUS server
Radius serverRemote access server (RAS)
1. Remote worker dials RAS and submits username and password2. RAS passes username and password to RADIUS server3. RADIUS server approves or rejects request and provides access authorization4. RAS provides access to authorized remote worker
(1) (2)
(3)(4)
Tele-worker
FIGURE 8-6 RADIUS Configuration
ITM 578 31
ILLINOIS INSTITUTE OF TECHNOLOGY
Terminal Access Controller Access Control System
TACACS contains a centralized database, such as RADIUS, and validates the user’s credentials at the TACACS server
There are three versions of TACACS– TACACS– Extended TACACS– TACACS+
ITM 578 32
ILLINOIS INSTITUTE OF TECHNOLOGY
Intrusion Detection Systems (IDSs) IDSs work like burglar alarms IDSs require complex configurations to
provide the level of detection and response desired
An IDS operates as either network-based, when the technology is focused on protecting network information assets, or host-based, when the technology is focused on protecting server or host information assets
IDSs use one of two detection methods, signature-based or statistical anomaly-based
ITM 578 33
ILLINOIS INSTITUTE OF TECHNOLOGY
Intrusion Detection System
External Router
Host IDS: Examines the data in files stored on host and alerts systems administrators to any any changes
Network IDS: Examines packets on network and alerts admin to unusual patterns.
Header0100101011Untrusted
Network
FIGURE 8-7 Intrusion Detection Systems
ITM 578 34
ILLINOIS INSTITUTE OF TECHNOLOGY
Host-based IDSs Resides on a particular computer or server
(known as the host) and monitors activity on that system.
Most work on principle of configuration or change management, in which the systems record the file sizes, locations, and other attributes, and reports when one or more of these attributes changes, when new files are created, and when existing files are deleted.
Can also monitor systems logs for pre-defined events.
ITM 578 35
ILLINOIS INSTITUTE OF TECHNOLOGY
Host-based IDSs Maintains own log files so when hackers
successfully modify a systems log the IDS provides independent verification of the attack Once properly configured, host-IDSs are very reliable.
Managed host-based IDS can monitor multiple computers simultaneously. – Stores a client file on each monitored host – Has that host report back to the master console
(usually located on the sysadmin’s computer)
ITM 578 36
ILLINOIS INSTITUTE OF TECHNOLOGY
Host-based IDS
Host-based IDS
FIGURE 8-8
ITM 578 37
ILLINOIS INSTITUTE OF TECHNOLOGY
Network-based IDSs Works differently than its host-based
counterpart; monitors network traffic When a pre-defined condition occurs, it
responds and notifies the appropriate administrator
Must match known and unknown attack strategies against knowledge base to determine if an attack has occurred
Result in more false positive readings than do host-based IDSs– System is attempting to read into the pattern of
activity on the network to determine what is normal and what is not
ITM 578 38
ILLINOIS INSTITUTE OF TECHNOLOGY
Network-based IDS
Network-based IDS
FIGURE 8-8
ITM 578 39
ILLINOIS INSTITUTE OF TECHNOLOGY
Signature-based IDSs AKA knowledge-based IDS; examines data
traffic looking for something that matches signatures, which are pre-configured, predetermined attack patterns
Problem: signatures must be continually updated as new attack strategies are identified
Attackers who are slow and methodical may slip undetected through the IDS, as actions may not match the signature that includes factors based on duration of the events
ITM 578 40
ILLINOIS INSTITUTE OF TECHNOLOGY
Statistical Anomaly-based IDSsAKA behavior-based IDS Collects data from normal traffic and
establishes a baselineOnce the baseline is established,
periodically samples network activity, based on statistical methods, and compares samples to baseline
If activity is outside baseline parameters (known as a clipping level), IDS notifies administrator
ITM 578 41
ILLINOIS INSTITUTE OF TECHNOLOGY
Statistical Anomaly-based IDSs Advantage: system able to detect new types of
attacks as it looks for abnormal activity of any type
Unfortunately require much more overhead and processing capacity than signature-based versions, as they must constantly attempt to pattern matched activity to the baseline
Also may not detect minor changes to systems variables can generate many false positives
ITM 578 42
ILLINOIS INSTITUTE OF TECHNOLOGY
Scanning And Analysis Tools Used to collect information needed by an
attacker to succeed One of the preparatory parts of an attack is
collection of information about a potential target, a process called footprinting– Organized research of the Internet addresses
owned or controlled by a target organization Attacker uses public Internet data sources to
perform keyword searches to identify the network addresses of the organization
This research augmented with browsing organization’s Web pages
ITM 578 43
ILLINOIS INSTITUTE OF TECHNOLOGY
Scanning And Analysis ToolsNext phase of the pre-attack data
gathering process: fingerprinting Systematic examination of all Internet
addresses of the organization (collected during the footprinting)
Accomplished with tools discussed in the next section, fingerprinting reveals useful information for the anticipated attack
ITM 578 44
ILLINOIS INSTITUTE OF TECHNOLOGY
Scanning And Analysis ToolsScanners, sniffers, and other analysis
tools are invaluable to security administrators; enables them to see what the attacker sees
Can find vulnerabilities in systems, holes in security components, and unsecured aspects of the network – Unfortunately, they cannot detect the
unpredictable behavior of people.
ITM 578 45
ILLINOIS INSTITUTE OF TECHNOLOGY
Scanning And Analysis ToolsMany of these tools have distinct
signatures & some Internet service providers (ISPs) scan for these signatures. – If an ISP discovers someone using
“hacker tools” it can pull access privileges– Best to establish working relationship
with the ISP & notify them of the purpose and extent of the signatures.
ITM 578 46
ILLINOIS INSTITUTE OF TECHNOLOGY
Port Scanners Port scanners fingerprint networks to find
ports and services and other useful information
Why secure open ports? – An open port can be used to send commands to a
computer, gain access to a server, and exert control over a networking device
– The general rule of thumb is to remove from service or secure any port not absolutely necessary for the conduct of business
ITM 578 47
ILLINOIS INSTITUTE OF TECHNOLOGY
Well-known Port NumbersPort numbers Description20 and 21 File Transfer Protocol (FTP)25 Simple Mail Transfer Protocol (SMTP)53 Domain Name Services (DNS)67 and 68 Dynamic Host Configuration Protocol (DHCP)80 Hypertext Transfer Protocol (HTTP)110 Post Office Protocol (POP3)161 Simple Network Management Protocol (SNMP)194 IRC Chat port (used for device sharing)443 HTTP over SSL8080 Used for proxy services
Table 8-2 Well-known Port Numbers
ITM 578 48
ILLINOIS INSTITUTE OF TECHNOLOGY
Source:http://support.gfi.com/manuals/en/lanscan2/analyzingthescanresults.htm
FIGURE 8-11
LANGuardNetwork Scanner
LANguard Network Scanner
ITM 578 49
ILLINOIS INSTITUTE OF TECHNOLOGY
Vulnerability Scanners
Vulnerability scanners are capable of scanning networks for very detailed information
As a class, they identify exposed usernames and groups, show open network shares, expose configuration problems, and other vulnerabilities in servers
ITM 578 50
ILLINOIS INSTITUTE OF TECHNOLOGY
Source:http://www.insecure.org/nmap/images/nmapfe.gif
Nmap Vulnerability ScannerFIGURE 8-12
Nmap Vulnerability Scanner
ITM 578 51
ILLINOIS INSTITUTE OF TECHNOLOGY
Packet Sniffers A network tool that collects copies of
packets from the network and analyzes them
Can be used to eavesdrop on the network traffic
To use a packet sniffer legally, you must be: – on a network that the organization owns – under direct authorization of the owners of the
network – have knowledge and consent of the content
creators (users)
ITM 578 52
ILLINOIS INSTITUTE OF TECHNOLOGY
Source http://www.ethereal.com/docs/user-guide/x885.html
Ethereal Sample ScreenFIGURE 8-13
EtherealSample Screen
ITM 578 53
ILLINOIS INSTITUTE OF TECHNOLOGY
Content Filters
Although technically not a firewall, a content filter is a software filter that allows administrators to restrict accessible content from within a network
The content filtering restricts Web sites with inappropriate content
ITM 578 54
ILLINOIS INSTITUTE OF TECHNOLOGY
Trap and Trace Software designed to entice individuals
illegally perusing the internal areas of a network
Better known as honey pots, they distract the attacker while notifying the administrator
Trace: attempt to determine the identity of someone using unauthorized access– Main purpose: capture system abusers internal to
the network
ITM 578 55
ILLINOIS INSTITUTE OF TECHNOLOGY
Cryptography and EncryptionSophisticated approach to security Many security-related tools use
embedded encryption technologiesEncryption is the process of converting
an original message into a form that is unreadable by unauthorized individuals
The science of encryption, known as cryptology, encompasses cryptography and cryptanalysis
ITM 578 56
ILLINOIS INSTITUTE OF TECHNOLOGY
Encryption Definitions Algorithm: the mathematical formula used to
convert an unencrypted message into an encrypted message.
Cipher: the transformation of the individual components (characters, bytes, or bits) of an unencrypted message into encrypted components.
Ciphertext or cryptogram: the unintelligible encrypted or encoded message resulting from an encryption.
Code: the transformation of the larger components (words or phrases) of an unencrypted message into encrypted components.
ITM 578 57
ILLINOIS INSTITUTE OF TECHNOLOGY
Encryption Definitions Cryptosystem: the set of transformations necessary
to convert an unencrypted message into an encrypted message.
Decipher: to decrypt or convert ciphertext to plaintext.
Encipher: to encrypt or convert plaintext to ciphertext.
Key or cryptovariable: the information used in conjunction with the algorithm to create ciphertext from plaintext.
Keyspace: the entire range of values that can possibly be used to construct an individual key.
ITM 578 58
ILLINOIS INSTITUTE OF TECHNOLOGY
Encryption Definitions Link encryption: a series of encryptions and
decryptions between a number of systems, whereby each node decrypts the message sent to it and then re-encrypts it using different keys and sends it to the next neighbor, until it reaches the final destination.
Plaintext: the original unencrypted message that is encrypted and results from successful decryption.
Steganography: the process of hiding messages in a picture or graphic.
Work factor: the amount of effort (usually in hours) required to perform cryptanalysis on an encoded message.
ITM 578 59
ILLINOIS INSTITUTE OF TECHNOLOGY
Cryptography & Encryption-Based Solutions
Simple forms of encryption are based on two concepts: the block cipher and the exclusive OR operation
With the block cipher method– the message is divided into blocks, i.e., 8 or 16 bit – and then each block is transformed using the
algorithm and key The “exclusive or operation” (XOR) is a
function of Boolean algebra
ITM 578 60
ILLINOIS INSTITUTE OF TECHNOLOGY
Exclusive OR Operations
Bit 1 Bit 2 Exclusive OR result
0 0 0
0 1 1
1 0 1
1 1 0
Exclusive OR OperationsTABLE 8-3
ITM 578 61
ILLINOIS INSTITUTE OF TECHNOLOGY
Encryption Algorithms In encryption the most commonly used
algorithms include two functions: substitution and transposition
In a substitution cipher, you substitute one value for another
This type of substitution is based on a monoalphabetic substitution, since it only uses one alphabet
More advanced substitution ciphers use two or more alphabets, and are referred to as polyalphabetic substitutions
ITM 578 62
ILLINOIS INSTITUTE OF TECHNOLOGY
Encryption Operations Just like the substitution operation, the
transposition cipher is simple to understand but can be complex to decipher if properly used
Unlike the substitution cipher, the transposition cipher (or permutation cipher) simply rearranges the values within a block to create the ciphertext
This can be done at the bit level or at the byte (character) level - transposition ciphers move these bits or bytes to another location in the block, so that bit 1 becomes bit 4, bit 2 becomes bit 7 etc
ITM 578 63
ILLINOIS INSTITUTE OF TECHNOLOGY
Vernam Cipher Also known as the one-time pad, the Vernam
cipher was developed at AT&T and uses a one-use set of characters, the value of which is added to the block of text
The resulting sum is then converted to text When the two are added, if the values
exceed 26, 26 is subtracted from the total (Modulo 26) - the corresponding results are then converted back to text
ITM 578 64
ILLINOIS INSTITUTE OF TECHNOLOGY
Book or Running Key Cipher Another method, made popular by spy
movies, is the use of text in a book as the algorithm to decrypt a message
The key consists of – knowing which book to use– a list of codes representing the page number, line
number, and word number of the plaintext word Dictionaries and thesauruses make the most
popular sources as they guarantee every word needed, although almost any book will suffice
ITM 578 65
ILLINOIS INSTITUTE OF TECHNOLOGY
Symmetric Encryption The same key, also known as a secret key
used to conduct both encryption and decryption of the message
Can be extremely efficient, requiring minimal processing to either encrypt or decrypt the message
Problem: both sender & receiver must own the encryption key– If either copy of the key is compromised, an
intermediate can decrypt and read the messages Challenges: get copy of the key to the
receiver, a process that must be conducted out-of-band to avoid interception
ITM 578 66
ILLINOIS INSTITUTE OF TECHNOLOGY
Symmetric Encryption
ITM 578 67
ILLINOIS INSTITUTE OF TECHNOLOGY
Data Encryption Standard (DES)
Developed in 1977 by IBM Based on the Data Encryption
Algorithm (DEA)Uses a 64-bit block size and a 56-bit
keyWith a 56-bit key, the algorithm has
256 possible keys to choose from (over 72 quadrillion)
ITM 578 68
ILLINOIS INSTITUTE OF TECHNOLOGY
Data Encryption Standard (DES) DES is a federally approved standard for
non classified data RSA put a bounty on the algorithm offering
$10,000 to the team to crack the algorithm Fourteen thousand users collaborated over
the Internet to finally break the encryption On 19 October 1997 at 1325 UTC, the 56 bit
DES algorithm was cracked by a distributed processing system coordinated by a computer in my lab at IIT’s Main Campus
ITM 578 69
ILLINOIS INSTITUTE OF TECHNOLOGY
Triple DES (3DES) Developed as an improvement to DES Uses up to three keys in succession and also
performs three different encryption operations:– 3DES encrypts the message three times with
three different keys, the most secure level of encryption possible with 3DES
In 1998, it took a dedicated computer designed by the Electronic Freedom Frontier (www.eff.org) over 56 hours to crack DES
ITM 578 70
ILLINOIS INSTITUTE OF TECHNOLOGY
Advanced Encryption Standard (AES)The successor to 3DES is Advanced
Encryption Standard (AES), based on the Rijndael Block Cipher, a block cipher with a variable block length and a key length of either128, 192, or 256 bits
It would take the same computer approximately 4,698,864 quintillion years to crack AES
ITM 578 71
ILLINOIS INSTITUTE OF TECHNOLOGY
Asymmetric Encryption Best known as public key encryption Uses two different keys Either key can be used to encrypt or decrypt
the message, however, if Key A is used to encrypt the message, only Key B can decrypt, and if Key B is used to encrypt a message, only Key A can decrypt it.
Public key is stored in a public location, where anyone can use it
Private key is a secret known only to the owner of the key pair
ITM 578 72
ILLINOIS INSTITUTE OF TECHNOLOGY
Using Public Keys
ITM 578 73
ILLINOIS INSTITUTE OF TECHNOLOGY
Digital Signatures An interesting thing happens when the
asymmetric process is reversed, that is the private key is used to encrypt a short message
The public key can be used to decrypt it, and the fact that the message was sent by the organization that owns the private key cannot be refuted
This is known as nonrepudiation, which is the foundation of digital signatures
Digital Signatures are encrypted messages that are independently verified by a central facility (registry) as authentic
ITM 578 74
ILLINOIS INSTITUTE OF TECHNOLOGY
RSA One of the most popular public key
cryptosystems Stands for Rivest-Shamir-Aldeman, its
developers First public key encryption algorithm
developed and published for commercial use Part of Web browsers from both Microsoft
and Netscape 56 bit version is not secure; 128 bit version is
acceptable
ITM 578 75
ILLINOIS INSTITUTE OF TECHNOLOGY
PKI or Public Key Infrastructure Public Key Infrastructure is the entire set of
hardware, software, and cryptosystems necessary to implement public key encryption
PKI systems are based on public-key cryptosystems and include digital certificates and certificate authorities (CAs) and can:– Issue digital certificates– Issue crypto keys– Provide tools to use crypto to secure information– Provide verification and return of certificates
ITM 578 76
ILLINOIS INSTITUTE OF TECHNOLOGY
PKI Benefits
PKI protects information assets in several ways: – Authentication– Integrity– Privacy– Authorization– Nonrepudiation
ITM 578 77
ILLINOIS INSTITUTE OF TECHNOLOGY
Digital Certificates & Certificate Authorities
A digital certificate is an electronic document, similar to a digital signature, attached to a file certifying that this file is from the organization it claims to be from and has not been modified from the original format
A Certificate Authority is an agency that manages the issuance of certificates and serves as the electronic notary public to verify their worth and integrity
ITM 578 78
ILLINOIS INSTITUTE OF TECHNOLOGY
Hybrid Systems In practice, pure asymmetric key encryption not
widely used except in the area of certificates More often used in conjunction with symmetric
key encryption creating a hybrid system Use the Diffie-Hellman Key Exchange method
that uses asymmetric techniques to exchange symmetric keys to enable efficient, secure communications based on symmetric keys
Diffie-Hellman provided the foundation for subsequent developments in public key encryption
ITM 578 79
ILLINOIS INSTITUTE OF TECHNOLOGY
Hybrid Encryption Example
ITM 578 80
ILLINOIS INSTITUTE OF TECHNOLOGY
Securing E-mail Encryption cryptosystems have been
adapted to inject some degree of security into e-mail:– S/MIME builds on the Multipurpose Internet
Mail Extensions (MIME) encoding format by adding encryption and authentication
– Privacy Enhanced Mail (PEM) was proposed by the Internet Engineering Task Force (IETF) as a standard to function with the public key cryptosystems
– PEM uses 3DES symmetric key encryption and RSA for key exchanges and digital signatures
– Pretty Good Privacy (PGP), developed by Phil Zimmerman, uses the IDEA Cipher along with RSA for key exchange
ITM 578 81
ILLINOIS INSTITUTE OF TECHNOLOGY
Securing the Web
Secure Electronic Transactions (SET) Secure Socket Layer (SSL)Secure Hypertext Transfer Protocol
(SHTTP) Secure Shell (SSH) IPSec
ITM 578 82
ILLINOIS INSTITUTE OF TECHNOLOGY
IPSec IP Security (IPSec) is the cryptographic
authentication and encryption product of the IETF’s IP Protocol Security Working Group
Defined in RFC 1825, 1826, and 1827 Used to create Virtual Private Networks
(VPNs) and is an open framework for security development within the TCP/IP family of protocol standards
Combines several different cryptosystem elements and includes: – the IP Security Protocol itself– the Internet Key Exchange
ITM 578 83
ILLINOIS INSTITUTE OF TECHNOLOGY
IPSec Operations IPSec works in two modes of operation:
– In transport mode only the IP data is encrypted, not the IP headers themselves
– In tunnel mode, the entire IP packet is encrypted and is then placed as the payload in another IP packet
The implementation of these technologies is very popular through a process known as Virtual Private Networks (VPNs)
In the most common implementation, a VPN allows a user to turn the Internet into a private network between points on the public network
ITM 578 84
ILLINOIS INSTITUTE OF TECHNOLOGY
Kerberos Scenario: Initial Login
ITM 578 85
ILLINOIS INSTITUTE OF TECHNOLOGY
Kerberos Scenario: Request for Services
ITM 578 86
ILLINOIS INSTITUTE OF TECHNOLOGY
Sesame To solve some of the problems associated
with Kerberos, a new project, the Secure European System for Applications in a Multivendor Environment (SESAME), was developed as a European research and development project, partly funded by the European Commission
SESAME is similar in part to Kerberos in that the user is first authenticated to an authentication server to receive a token
ITM 578 87
ILLINOIS INSTITUTE OF TECHNOLOGY
Access Control Devices To insure secure operation, access control needs
strong authentication (two-factor authentication) Consist of the user’s personal password or
passphrase but requires at least one other factor to represent strong authentication
Frequently a physical device is used for the second factor
When considering access control you address: – What you know– What you have– Who you are– What you produce
ITM 578 88
ILLINOIS INSTITUTE OF TECHNOLOGY
What You Are - Biometrics Most of the technologies that scan human
characteristics convert these images to some form of minutiae
Minutiae are unique points of reference that are digitized and stored in an encrypted format
Each subsequent scan is also digitized and then compared with the encoded value to determine if users are who they claim to be
The problem is that some human characteristics can change over time, due to normal development, injury, or illness
ITM 578 89
ILLINOIS INSTITUTE OF TECHNOLOGY
Voice recognition
Signature recognitionHandgeometryHand and palm
Fingerprint Irisrecognition
RetinalRecognition
Facialgeometry
Recognition Characteristics
FIGURE 8-20Recognition Characteristics
ITM 578 90
ILLINOIS INSTITUTE OF TECHNOLOGY
Effectiveness of Biometrics
Biometric technologies are evaluated on three basic criteria:– False Reject Rate– False Accept Rate– Crossover Error Rate
ITM 578 91
ILLINOIS INSTITUTE OF TECHNOLOGY
False Reject Rate (FRR)The percentage or value associated
with the rate at which authentic users are denied or prevented access to authorized areas, as a result of a failure in the biometric device
Type I errorProbably of the least concern to
security
ITM 578 92
ILLINOIS INSTITUTE OF TECHNOLOGY
False Accept Rate (FAR)
The percentage or value associated with the rate at which fraudulent or non-users are allowed access to systems or areas, as a result of a failure in the biometric device
Type II errorThis type of error is unacceptable to
security, as it represents a clear breach
ITM 578 93
ILLINOIS INSTITUTE OF TECHNOLOGY
Crossover Error Rate (CER)The crossover error rate is the point
at which the number of false rejections equals the false acceptances, also known as the equal error rate
It is possibly the most common and important overall measure of the accuracy of a biometric system
The optimal setting is somewhere near the equal error rate or CER
ITM 578 94
ILLINOIS INSTITUTE OF TECHNOLOGY
Acceptability of Biometrics
While the use of one authentication area is necessary to access the system, the more devices used the better
To obtain strong authentication, the systems must use two or more authentication areas
ITM 578 95
ILLINOIS INSTITUTE OF TECHNOLOGY
The End…
Questions?