Network Security

Protecting An
Organization’s Network
A Note About Security
 Humans are usually the most susceptible
point in any security scheme
 A worker who is malicious, careless, or
unaware of an organization’s information
policy can compromise the best security
• William Stallings
A Note About Security
 If your site has multiple access points,
the overall security of the site is only as
strong as the security of the least secure
access point
• Thus, you must ensure that all points of
access are secure
• Again, frequently the weakest link is people
• This includes such access points as E-Mail, their
personal web sites, etc.
A Note About Security
 A recent demonstration found that 24% of
passwords could be determined, by:
• Searching dictionaries of names, places, and other
words
• Using the username
• Using information about the user, such as their first
name
 A much higher percentage would result if
variations of the above were used
• e.g. marge123
Security Terminology
Authentication: The process of determining the
identify of a client or other entity
Encryption: The process of obfuscating data so
that it cannot be examined in its current form
Public key: An object used in the encryption
process that is publicly available
Private key: An object used in the encryption
process that is kept private within an
organization
Authentication: IPSec
 Uses IP datagrams to provide security
features such as authentication
 Authentication is provided for each
datagram
• An IP datagram, such as those used for TCP
connections will be assigned an
authentication header (AH)
 Authentication: IPSec

A normal TCP datagram:

IPH TCPH TCP Data

A TCP datagram with IPSec authentication information:

IPH AH TCPH TCP Data
Authentication Headers
 Each authentication header contains
authentication information that relates the
sender of the message to the message data
• If this data were static, it would be fairly simple to
‘forge’ datagrams with another entity’s authentication
information
• Clearly this data must be dynamic, relating to the data
in the message, and difficult to reproduce by another
entity
Authentication Headers

1 Next Header Points to the TCP header

1 Payload Length Length of the entire header

2 Unused Reserved for future use

4 Security Parameters Index The security scheme used

4 Sequence Number A unique number for each packet

? Data Data for the security scheme

Authentication Data
 The data portion of the authentication
header is where we place authentication
information
 This authentication must be difficult to
forge
• IPSec (and many other schemes) use
message digests for this purpose
Message Digests
 A message digest is a small piece of information
created by examining a larger piece of
information
• In this case, the larger bit of information is the data of the
datagram
 Sound familiar?
• It should, a checksum is very similar to a digest
• A digest normally is a larger entity so there is a higher
degree of detecting changes
 Various algorithms are used to create digests
• E.g. SHA-1, MD5
Authentication Information
 A well-known algorithm is used to
generate the digest
 So how is that valid authentication
information?
• Its not, the digest ensures the data received is
the same as the data sent
• The digest is encrypted using the sender’s
private key
Public Key Encryption
 Public key encryption (encrypting with pairs of
public and private keys) will be discussed at a
later time
 Suffice it to say, that either:
• The sender encrypts the data using the receiver’s
public key, and the receiver decrypts the data using its
own private key
• The sender encrypts the data using its own private
key, and the receiver decrypts the data using the
sender’s public key
 Public Key Encryption

A B

A’s B’s B’s A’s

Private Public Private Public
Key Key Key Key
 Public Key Encryption

A B

A’s B’s B’s A’s

Private Public Private Public
Key Key Key Key
 Public Key Encryption

A B

A’s B’s B’s A’s

Private Public Private Public
Key Key Key Key
 Public Key Encryption

A B

A’s B’s B’s A’s

Private Public Private Public
Key Key Key Key
Public Key Encryption
 Clearly, each key can be used to encrypt, and
each key can be used to decrypt
• Thus public key encryption is bi-directional
 The private key is used to encrypt when the
receive wants to ensure the data comes from
the correct recipient
• No-one else would have the private key
 The public key is used to encrypt when the
data must not be seen by external entities
• Only the private key can be used to decrypt
Authentication Information
 The private key of the sender is used to
encrypt the message digest
• Since only the sender would have the private key, the
resulting encrypted digest is unique
• Since the digest would change with even a minor
change to the data, the encrypted ensures data has
not been tampered with
 Thus this combination of digests and public
key encryption ensures data integrity and
provides authentication
Encryption in IPSec
 IPSec also supports encryption
• In IPSec, it is called Encapsulating Security
Payload (ESP)
 The operation is similar to how IPSec
handles authentication, except that the
datagram’s data portion is encrypted
• The ESP header describes the technique
used for encryption
Encryption in IPSec
 Since the sender normally would use its
private key to encrypt datagrams,
additional authentication is not normally
required
 Encryption schemes also normally
include methods for ensuring data
integrity
VPNs
 Recall that virtual private networks uses
encryption to keep their data secure
between sites
 VPNs frequently use IPSec’s ESP
feature to accomplish this
 The external router for each site would
employ IPSec ESP on incoming and
outgoing datagrams
VPNs
 The advantage of using IPSec to
implement VPNs is that it is a well-known
technology
• Thus it may be used, assuming the ubiquitous
nature of IPSec on the Internet
 Web Security

Securing the World Wide

Web
The Need
 The World Wide Web requires certain access
points
• If your site is to have a world wide web server, it
requires at least one port that external entities may
connect to
• e.g. 80 (HTTP), 443 (HTTPS), etc.
• If users on your site will access the web through a
client, it requires ports to do so
• This may be through a single machine, called an HTTP
proxy server
The Threats
 There are four kinds of web-related threats:
• Integrity threats: Data and/or system files are modified
or destroyed
• Confidentiality threats: Private data is examined by
the intruder
• Denial of Service: Web service is disrupted,
preventing other clients from using it
• Authentication: The identify of an entity is forged,
making it seem like a request or command is coming
from someone else
• Unchecked code attacks: User-supplied data is
assumed to be benign, but when used it could be code
which is executed (e.g. Javascript or SQL)
Integrity Threats
 Data integrity can be compromised in several
ways:
• Files stored on the server are modified
• Memory, containing data, is modified
• Network messages are modified
 The result is the loss of data, or some
compromised data
• This compromised data may include such things as
password files, malicious shell scripts, etc.
Integrity Threats
 The common theme to all of these threats is
that data is changed
 Checksums/digests make it possible to ensure
data is not changed
• If data is changed, the checksum/digest will indicate
the change
• That may not prevent loss of data alone, but it will (at
least) alert administrators (or automatic sentry
programs) of the change
 Example: Nimbda virus
Nimbda Virus
 Nimbda virus exploited a vulnerability in
Internet Information Server (a web
server) to modify files
• The outgoing web page was modified
• Actually, Nimbda virus is also an example of a
denial of service attack
 It is used as an example here, because
of its widespread effect and notoriety
Confidentiality Threats
 The types of confidentiality threats are:
• Reading files from the server
• Reading contents of a server’s memory
• Reading network messages
 The results are:
• Invasion of privacy
• Lost data (packets read are typically not
placed back on the network)
Confidentiality Threats
 Encryption prevents any data from being
interpreted
• Encryption allows only owners of the right
‘key’ to unlock the contained data
• Datagrams might be examined and removed
from the network, but timeouts would allow
that information to arrive, eventually
 Example: Packet sniffers, Spyware
Packet Sniffers
 Packet sniffers allow anyone on a
network to intercept any datagram
passing through a machine
 Instead of passing the datagram along,
first the packet sniffers read the packet’s
data
 Examples: SpyNet, CommView, Ethereal
Denial of Service Attacks
 Sometimes called overload attacks,
there are a few types:
• Overloading a server with connections or
requests
• Overloading the threads of a server
• Overloading the network connection to a
server (buffer overload)
• Overloading a disk
• Overloading memory
Denial of Service Attacks
 Overloading a server can cause the service to
become unavailable (thus ‘denial of service’)
 Example: Nimbda virus
• Once Nimbda virus infiltrates a site (using an integrity
attack), each incoming request executes a program
(part of the virus)
• This program attacks a number of other sites, trying to
install the virus there
• Eventually, the attacks themselves can cause denial
of service (DoS), even on machines where the Nimbda
virus could not install itself
Denial of Service Attacks
 DoS attacks can be reduced/avoided in a
variety of ways:
• Routers can filter out duplicate packets
• Reduce the effect of a request
• Attempt to recognize ‘bogus’ attacks and eliminate
any unnecessary processing as a result
• Require authenticated access wherever possible
• Although, authentication itself may be a target of DoS
 However, there is no way to make DoS
attacks impossible at this time
Authentication Attacks
 Sometimes used in combination with integrity
attacks
• Where data is modified and the identity of the sender
is forged, so that the data is accepted
 Authentication attacks typically involve users
modifying source IP addresses (and things like
IPSec authentication headers) to forge their
identities
• Although the authentication schemes used by IPSec
now make this difficult
Authentication Attacks
 Authentication can be accomplished
using techniques such as those used by
IPSec
• Including a message digest, encrypted with
the sender’s private key allows the receiver to
validate the identity of the sender
 Examples: Using a packet sniffer,
modifying the packets, placing them
back on the network
Unchecked Code Attacks
 User-supplied data should always be
validated
• Positive validation: Checking to make sure the
data meets your expectations
e.g. the expected format of an E-Mail address
• Negative validation: Checking for code,
special characters and other enablers which
might indicate that something malicious is in
the user data
e.g. a <script> tag
Unchecked Code Attacks
 Imagine a form that asks for an E-Mail address
• Please enter your E-Mail address and password to log
into our site
 Imagine that when the form submission fails,
the printed the E-Mail address in the browser
for verification
• Are you sure bsmith@abc.com the correct E-Mail
address?
 Now imagine that the user types in some nasty
JavaScript code (<script>…</script>)
• The code will be put into the response page, and
possibly executed
Guarding Against Attacks
 For each type of attack, I have suggested a
few examples of technologies that can be used
to prevent the attacks
 Of course, none of these solutions is fool proof
• Recall the comment about the weakest link in the
chain
• e.g. A private key falls into the wrong person’s hands
• e.g. A certificate is sent unencrypted via E-Mail
Guarding Against Attacks
 The combination of the following techniques may represent
a security scheme for a given site:
• Message digests
• Guards against integrity attacks
• Encrypting the digest with a private key
• Guards against authentication attacks
• Encrypting the message with a public key
• Guards against confidentiality attacks
• Employing duplicate-removing routers, and requiring
authenticated access wherever possible
• Guards against DoS attacks
• User input validation
• Guards against unchecked code attacks
Guarding Against Attacks
 One fact is always true about site security:
• An ounce of prevention is worth a pound of cure
 Frankly if attacks can be avoided or halted before they
occur, we will not need to deal with the side-effects of
intrusions
 The Code Red worm gives an example:
• The security hole was discovered by a popular security site,
and a patch was created by them many months in advance
• The security hole was made public by this site
• Many clones of the Code Red worm were created given this
new information, which also flourished on unpatched sites
• Microsoft subsequently released an official patch for IIS
more than 2 months before the code red worm became
prevalent
Another Attack Categorization
 The previous scheme categorized attacks by their purpose
 Another possibility is to categorize attacks by how
messages propagate:
• Interruption: Messages are removed from the network, so
they are never received
• Interception: Messages are read from the network without
interrupting the message reaching its destination
• Modification: Messages are removed from the network and
replaced by another, modified version
• Fabrication: Messages are created, usually in order to
appear to come from a different source, for a different
purpose
Encryption and
Authentication

In Depth
Authentication and Encryption
 These two technologies are frequently inter-
related
• Both can be closely related to private keys
 There are really two categories of encryption
techniques:
• Conventional (single-key) encryption: The same
key (shared by both sides) is used to encrypt and
decrypt the data
• Public key encryption: One key is used for
encryption (usually the private key), and another for
decryption (usually the public key)
Single Key Encryption
 Somehow, a shared key must be
distributed between both programs
 Single key encryption algorithms must be
symmetric:
• They must provide a means to use the same
key to decrypt and encrypt the data
• Usually this means there are two (reverse)
algorithms
Single Key Encryption
 To ensure security, the key exchange must
occur in some secure way
 If someone intercepts the key, the encrypted
message can be decrypted
• Assuming they have the decryption algorithm
 This separation of encryption algorithm from
the key is an advance in cryptography
• Encryption algorithms in the 30’s and 40’s involved
only an encryption algorithm
Terminology
 Plaintext: Data prior to the encryption process
• Or data after the decryption process
 Ciphertext: Data after the encryption process
 Cipher: An encryption algorithm
 Secret key: A piece of data used by the
encryption algorithm to generate ciphertext
• The secret key is also used by the decryption
algorithm to generate plaintext
Encryption Algorithms: Ancient
 Encryption methods (not applied to data per se, but to
spoken or telegraph/written messages) usually involved
the replacement of common parts of the messages with
other characters/words
• One common example is the replacement of letters with
some other letter in the alphabet
• This scheme was used by Julius Caesar, and as such it is
called the Caesar Cipher
 Later, these schemes employed some changing factor
• Such as a table containing mappings between letters
• This table represents a changeable key that both parties
must know
Caesar Cipher Problems
 If the relationship between ciphertext letters
and plaintext letters follows some pattern (as
they did in Caesar’s method), the key can be
easily determined
 One way to combat these problems is to
convert groups of letters at a time
 Thus AB might translate to XY, but AC might
translate to WV (not XV or something like that)
The Playfair Cipher

 The Playfair cipher was created to convert

groups of two letters at a time
• Thus each translation occurs on two letters, so there are
262 (or 676) combinations
• This method is more difficult to crack since all 676
combinations must be found to be able to crack all
messages
• However, if a partial list of mappings is known, it may
reveal the message (or part of it), which will reveal more
mappings
• mee? me a? ??e barn => meet me at the barn
The Playfair Cipher
 The details of the Playfair cipher are irrelevant to
this discussion, since the key can easily be
determined
 This scheme does, however, remove some of
the structure of the message (e.g. word
groupings), which is a good idea
• For example, we cannot examine the ciphertext, looking
for commonly used letters, to determine which represent
common letters in the plaintext (such as R,S,T,E)
 We need to maximize this effect in order to make
it more difficult to determine the key
Encryption Algorithms: Single Key
 Keys have to be complicated enough that the encryption
algorithm could be well-known and the ciphertext is still
relatively secure
 While overly simplistic, the Caesar Cipher (as well as other
ancient algorithms) represents a symmetric algorithm, as
required by single key encryption
• One shortcoming is that the key can easily be determined
through iteration
• Ciphertext should never be enough information to determine
the secret key
 Algorithms which do not suffer from this include:
• DES (Data Encryption Standard), IDEA (International Data
Encryption Algorithm), BlowFish, RC5, RC2, CAST-128
DES Algorithm
 DES is a complicated algorithm, the details of
which are not important here
 Suffice it to say that DES is more secure than
the other (ancient) algorithms discussed here
 However, DES is vulnerable to brute-force
attacks
• Attacks where various key values are tried until the
message appears to be decrypted
DES Algorithm
 One solution for this, is to apply the DES
algorithm multiple times
• If the code breaker finds one of the keys, it will be hard
for him/her to realize it, since the output will be ciphertext
again
• Applying DES twice makes it difficult to break using brute
force, however techniques exist for cracking double DES
• Thus, an alternative to DES is triple DES, where DES is
applied three times
• Thus the two parties must share 3 different keys
• This scheme is called Triple-DES or 3DES
Key Distribution
 Single key encryption relies on the secrecy of
the key in order to work
 There are a few ways to transfer secret keys:
• The key is generated by A, and delivered (physically)
to B
• For example, a floppy disk may be used for this
purpose
• Once one key is securely transferred to B, A or B
could send the other a new key, by encrypting the new
key using the old key
• The keys are generated simultaneously using the
same (private) algorithm and some shared data
Key Generation
 Generating a secret key is fairly simple,
random sequences of characters are usually
sufficient
 However, care must be taken to avoid pseudo-
randomly generated keys
• These can be identified and keys may be found using
prediction algorithms
• Computers are incapable of generating truly random
numbers, but algorithms which generate very difficult
to predict sequences can be used above easy to
predict ones
Public Key Cryptography

Cryptography Using Keys

Which Are Publicly
Distributed
Public Key Cryptography
 Public key cryptography involves ciphers that
use different keys for encryption than
decryption
 PKC uses a key pair:
• A public key, which is made publicly available
• A private key, which is kept secret
• Since there are two keys, the private key need never
be transferred, so there is less likelihood of it being
discovered
Key Pairs
 In some systems, keys have a sort of symmetry
• Either key can decrypt data encrypted with the other key
• e.g. RSA encryption
 Thus if the private key is used to encrypt, anyone with the
public key can decrypt the data
• This does not keep data private
• However, only the owner of the true private key could have
generated the encrypted data
 If the public key is used to encrypt, only someone who has the
private key can decrypt the data
• This keeps the data private
• However, it is possible for anyone to replace the data with other
encrypted data
Key Pairs
 Thus there are two uses for PKC:
• Encryption using the private key for authentication
• Encryption using the public key for data encryption
 Key pairs must be carefully generated to
support this symmetry
• The details of generating key pairs is usually specific
to each PKC technique
• e.g. RSA
RSA
 The RSA PKC scheme is very popular, and is
used by many technologies:
• PGP (Pretty Good Privacy): An implementation of an
encryption scheme (typically used for E-Mail)
 One useful feature of the RSA algorithm is that
it uses variable sized keys
• Larger keys can be used where additional security is
required
• Smaller keys can be used for short periods (too short
for the private key to be ‘broken’) and where
computation and/or network bandwidth is a concern
RSA
 428 bit RSA keys can be cracked by old desktop
PC in less than 1 year
• Info: Athlon XP 1900+ CPU (~4000 MIPS)
 So why the heck do banks (and other sites that
use SSL) use only 128 bit encryption?
• Firstly, the US government will not allow larger keys
• They mandate that because they must be able to crack
private keys when necessary
• Secondly, SSL-enabled browsers generates these keys
for each SSL session
• Sessions typically last minutes or hours, not months
A Problem
 RSA (and other PKC schemes) suffer from one
problem, similar to the distribution of the secret
key in SKC:
• How do we export public keys?
 At first glance, this may seem like an easy
problem
• Public keys need not be hidden, since little damage
can be done with them
• The danger is not with reading the public key, but
replacing it (i.e. an integrity attack on the public key)
A Problem
 If a 3rd party replaced the public key with
their own, they could use their own
private key to decrypt data and for
authentication
• Thus the site would grant full access to the 3 rd

party
 Obviously we want to avoid this
• We need to distribute public keys in such a
way as to eliminate this possibility
Public Key Distribution
 Secure public key distribution really boils
down to one problem:
• How do we know that the public key we
receive is really from who we think?
 The answer is simple: certificates
• Certificates provide a way of distributing
public keys, while also providing source
authentication
Certificates
 Certificates are quite simple:
• They are an encrypted version of your public key
 Certificates are encrypted using the private key of
a certification authority (CA)
• Public keys of CAs are well known
• In fact, the public keys of several CAs are built into browsers
for SSL
• Since the public key of a CA is well known, we do not
need to transfer it (and thus run the risk of it being
tampered with)
• The CA public key can be used to decrypt the certificate,
and thus extract the public key of the owner of the certificate
Certification Authorities
 CAs job is to create certificates
 The certificate (i.e. public key) of at least one well-known CA is
installed into browsers
• For other (non-browser) uses of PKC, the certificate/public key of a
CA must be known
 If the incoming certificate is issued by (encrypted using the
private key of) a different CA, the certificate can still be verified
• The public key of the certificate’s CA can be downloaded (they are
also publicly available), and used to extract the public key in the
certificate
• The CA’s public key is contained in a certificate authorized by
another CA
• Eventually, through a chain of certificates, the certificate can be
validated, and the public key extracted
 SSL

A Common Scheme
Secure Socket Layer (SSL)
 SSL was designed to create a
communication model similar to that
available through TCP
 However, SSL employs additional
security techniques, such as encryption
• Thus SSL gives the appearance of normal
socket communication, while providing
security features
SSL
 SSL can use several different encryption
algorithms, including IDEA, DES, 3DES
 However, due to the streaming nature of
TCP, normally uses one of the schemes
that encrypts a stream byte by byte:
RC4
• This includes key sizes of 40 (RC4-40) and
128 bits (RC4-128)
SSL Operation
 SSL begins when clients connect to servers
• This stage is marked by each side exchanging hello
messages
 Next, certificates are exchanged
• The server sends its certificate to the client, followed by
the client sending its certificate to the server
 Then, the two agree upon an encryption
algorithm and parameters
• Now, it is possible for the client and server to exchange
information using the agreed encryption algorithm and
the certificates (which contain public keys)
E-Mail Security
E-Mail Security
 There are two aspects to E-Mail security:
1. E-Mail privacy
 Using encryption (or some other means) to keep
data contained in E-Mail private
2. Virus protection
 Since E-Mail is a simple portal through which any
entity may send messages, those messages must
not affect the user’s system or the network
E-Mail Privacy
 The most common way to ensure data
privacy through E-Mail is to use PGP
 PGP: Pretty Good Privacy
• A freeware tool that uses single key cryptography
(and public key cryptography) to encrypt text
• It uses public key cryptography for digital signatures
(obviously)
• The tool allows users to choose the encryption
method: 3DES, IDEA (SKC), RSA (PKC)
E-Mail Virus Protection
 Microsoft recently release a “patch” for
Outlook, which Outlook 2002 (shipped with
Office XP) had already preinstalled
• This patch essentially prevents receiving any files
which are suspect (.EXE, .COM, etc.)
 Other (better) solutions are to have virus
checkers virus scan all incoming files
• Norton Antivirus, McAfee, PC-cillin, and others
already perform these scans, if configured to do so
Malicious Programs
 A program with 2 goals; to propagate itself to other machines,
and to do some harm to this machine, possibly:
• Trap door: A modification that allows a secret entry point to a
system (accidental or purposeful; by an employee?)
• Logic bomb: Code hidden within a seemingly harmless program
that will activate when certain conditions are met (e.g. a time
elapses)
• Trojan horse: A program that appears to be useful, but actually
has some unwanted behaviour
• Virus: A program that propagates itself by embedding its own
code into other executable programs
• Worm: A program that uses network connections to propagate
• Bacteria: A program that does no harm, except propagate