Professional Documents
Culture Documents
• X.800 defines it as: a service provided by a • Authentication - assurance that the communicating entity
protocol layer of communicating open systems, is the one claimed
which ensures adequate security of the systems • Access Control - prevention of the unauthorized use of a
or of data transfers resource
• Data Confidentiality –protection of data from
• RFC 2828 defines it as: a processing or unauthorized disclosure
communication service provided by a system to • Data Integrity - assurance that data received is as sent
give a specific kind of protection to system by an authorized entity
resources • Non-Repudiation - protection against denial by one of the
• X.800 defines it in 5 major categories parties in a communication
1
11/13/2013
Classical Encryption
Types of Attacks
Techniques
Many savages at the present day regard their
names as vital parts of themselves, and
therefore take great pains to conceal their
real names, lest these should give to evil-
disposed persons a handle by which to
injure their owners. —The Golden Bough,
Sir James George Frazer
Bill Figg 7 Bill Figg 8
2
11/13/2013
3
11/13/2013
• cipher needs to completely obscure statistical • Horst Feistel devised the feistel cipher
properties of original message – based on concept of invertible product cipher
• a one-time pad does this • partitions input block into two halves
• more practically Shannon suggested combining – process through multiple rounds which
elements to obtain: – perform a substitution on left data half
• diffusion – dissipates statistical structure of – based on round function of right half & subkey
plaintext over bulk of ciphertext – then have permutation swapping halves
• confusion – makes relationship between • implements Shannon’s substitution-permutation
ciphertext and key as complex as possible network concept
Bill Figg 23 Bill Figg 24
4
11/13/2013
5
11/13/2013
• symmetric schemes require both parties • given parties A and B have various key
to share a common secret key distribution alternatives:
1. A can select key and physically deliver to B
• issue is how to securely distribute this 2. third party can select & deliver key to A & B
key 3. if A & B have communicated previously can use
previous key to encrypt a new key
• often secure system failure due to a 4. if A & B have secure communications with a
break in the key distribution scheme third party C, C can relay key between A & B
Bill Figg 35 Bill Figg 36
6
11/13/2013
7
11/13/2013
• public-key encryption helps address • certificates allow key exchange without real-
time access to public-key authority
key distribution problems • a certificate binds identity to public key
• have two aspects of this: – usually with other info such as period of validity, rights
of use etc
– distribution of public keys • with all contents signed by a trusted Public-Key
or Certificate Authority (CA)
– use of public-key encryption to
• can be verified by anyone who knows the public-
distribute secret keys key authorities public-key
Bill Figg 45 Bill Figg 46
• generated by an algorithm that creates a small • condenses arbitrary message to fixed size
fixed-sized block • usually assume that the hash function is public
– depending on both message and some key
– like encryption though need not be reversible and not keyed
• appended to message as a signature – cf. MAC which is keyed
• receiver performs same computation on message • hash used to detect changes to message
and checks it matches the MAC • can use in various ways with message
• provides assurance that message is unaltered • most often to create a digital signature
and comes from sender
Bill Figg 47 Bill Figg 48
8
11/13/2013
• have desire to create a MAC using a hash function • must depend on the message signed
rather than a block cipher • must use information unique to sender
– because hash functions are generally faster – to prevent both forgery and denial
– not limited by export controls unlike block ciphers • must be relatively easy to produce
• hash includes a key along with the message • must be relatively easy to recognize & verify
• be computationally infeasible to forge
• original proposal: – with new message for existing digital signature
KeyedHash = Hash(Key|Message) – with fraudulent digital signature for given message
– some weaknesses were found with this • be practical save digital signature in storage
• eventually led to development of HMAC
Bill Figg 49 Bill Figg 50
9
11/13/2013
• Web now widely used by business, government, • transport layer security service
individuals • originally developed by Netscape
• but Internet & Web are vulnerable
• version 3 designed with public input
• have a variety of threats
– integrity • subsequently became Internet standard known as
– confidentiality TLS (Transport Layer Security)
– denial of service • uses TCP to provide a reliable end-to-end service
– authentication • SSL has two layers of protocols
• need added security mechanisms
Bill Figg 55 Bill Figg 56
• allows server & client to: • a choke point of control and monitoring
– authenticate each other • interconnects networks with differing trust
– to negotiate encryption & MAC algorithms • imposes restrictions on network services
– to negotiate cryptographic keys to be used – only authorized traffic is allowed
• comprises a series of messages in phases • auditing and controlling access
– Establish Security Capabilities – can implement alarms for abnormal behavior
– Server Authentication and Key Exchange
– Client Authentication and Key Exchange
• is itself immune to penetration
– Finish • provides perimeter defence
Bill Figg 57 Bill Figg 58
• simplest of components
• foundation of any firewall system
• examine each IP packet (no context) and permit or
deny according to rules
• hence restrict access to services (ports)
• possible default policies
– that not expressly permitted is prohibited
– that not expressly prohibited is permitted
Bill Figg 59 Bill Figg 60
10
11/13/2013
Summary
• information security is increasingly important
• have varying degrees of sensitivity of information
– cf military info classifications: confidential, secret etc
• subjects (people or programs) have varying rights of access
to objects (information)
• want to consider ways of increasing confidence in systems to
enforce these rights
• known as multilevel security
– subjects have maximum & current security level
– objects have a fixed security level classification
Bill Figg 63
11