Network security concepts and

mechanisms
Chapter 4

1
Web Security Threats

Prepared by: Dr. Oliver 2

Web Security Approaches

Prepared by: Dr. Oliver 3

• IPSec (IP Security)
– Transparent to end-users and applications
– Includes filtering capability so selected traffic incur
overhead of IPSec processing
• Secure Sockets Layer (SSL)/Transport Layer (TLS)
– As part of the underlying protocol suite
– Embedded in specific packages
• Application-specific security services
– Embedded within the particular application
– Service can be tailored to specific needs of application

Prepared by: Dr. Oliver 4

 Concepts
• Authentication
• Encryption

Prepared by: Dr. Oliver 5

 Public Key Cryptography

symmetric key crypto public key crypto

• requires sender, receiver  radically different
know shared secret key approach [Diffie-
• Q: how to agree on key in Hellman76, RSA78]
first place (particularly if  sender, receiver do not
never “met”)? share secret key
 public encryption key
known to all
 private decryption key
known only to receiver
 Public key cryptography
+ Bob’s public
K
B key

- Bob’s private
K
B key

plaintext encryption ciphertext decryption plaintext

message, m algorithm + algorithm message
K (m) - +
B m = KB (K (m))
B

7
 Modular Arithmetic
• Most of the public key algorithms are based
on modular arithmetic.
• Modular arithmetic uses the non-negative
integers less than some positive integer n,
performs ordinary arithmetic operations such
as addition and multiplication, and then
replaces the result with its remainder when
divided by n.
• The result is said to be modulo n or mod n.

Prepared by: DR. OLIVER 8

Modular Addition

Prepared by: DR. OLIVER 9

Modular Multiplication

Prepared by: DR. OLIVER 10

Modular Exponentiation

Prepared by: DR. OLIVER 11

 Public Key Cryptography
• Uses two keys for every simplex logical
communication link.
– Public key (KU)
– Private key (KR )
• The use of two keys has profound
consequences in the areas of:
– Confidentiality
– Key distribution
– Authentication

Prepared by: DR. OLIVER 12

 Basic ingredients of the scheme:
• Plaintext (P)
– Message to be encrypted
• Public Key (KU) and Private Key (KR)
– One with the sender and the other with the receiver.
• Ciphertext (C)
– Message after encryption
• Encryption algorithm
– Uses P and KU
• Decryption algorithm
– Uses C and KR
Prepared by: DR. OLIVER 13
Uses of Public Key Cryptography

Prepared by: DR. OLIVER 14

Encryption

Prepared by: DR. OLIVER 15

Key Usage for Encryption

Prepared by: DR. OLIVER 16

Authentication

Prepared by: DR. OLIVER 17

Key Usage for Authentication

Prepared by: DR. OLIVER 18

 Requirements
• Computationally easy for a party B to generate
a key pair
– Public key KUB
– Private key KRB
• Easy for sender to generate ciphertext:
C = E (M, KUB)
• Easy for the receiver to decrypt ciphertext using
private key:
M = D (C, KRB) = D (E (M, KUB), KRB)
Prepared by: DR. OLIVER 19
 Cont…
• Computationally infeasible to determine KRB
knowing KUB.
• Computationally infeasible to recover message
M, knowing KUB and ciphertext C.
• Either of the two keys can be used for
encryption, with the other used for
decryption:
M = D (E (M, KUB), KRB) = D (E (M, KRB), KUB)

Prepared by: DR. OLIVER 20

 The RSA Public Key Algorithm
• RSA Algorithm
– Developed by Ron Rivest, Adi Shamir and Len
Adleman at MIT, in 1977.
– A block cipher. (but the size is not fixed)
– The most widely implemented.

Prepared by: DR. OLIVER 21

 RSA : Key Generation
1. Select p, q p and q both prime
2. Calculate n=px q
3. Calculate Φ(n) = (p-1) (q-1)
4. Select integer e gcd (Φ(n),e)=1; 1<e< Φ(n)
5. Calculate d de = 1 (mod n)
6. Public Key KU = {e,n}
7. Private Key KR = {d,n}
Φ(n) is the number of positive numbers less than n and
relatively prime to n (called Euler totient)

Prepared by: DR. OLIVER 22

 RSA : Encryption
• Plaintext: M<n

• Ciphertext C = Me (mod n)

Prepared by: DR. OLIVER 23

 RSA : Decryption
• Ciphertext: C

• Plaintext: M = Cd (mod n)

Prepared by: DR. OLIVER 24

 Example
• Select two prime numbers, p=7 and q=17.
• Calculate n=p x q = 7 x 17 = 119.
• Calculate Φ(n) = (p-1)(q-1) = 96
• Select e such that it is relatively prime to Φ(n)=96,
and less than Φ(n).
– i.e. e=5
• Determine d such that de = 1 (mod 96) and d<96.
– d=77, because 77x5 = 385 = 4x96+1
• Public key KU = {5,119}
• Private key KR = {77,119}
Prepared by: DR. OLIVER 25
• Encryption process:
– Say, plaintext M = 19.
– Ciphertext C = 195 (mod 119)
= 2,476,099 (mod 119)
= 66
• Decryption process:
– M = 6677 (mod 119) = 19

Prepared by: DR. OLIVER 26

 The Security of RSA
• RSA is secure since
• We use large number of bits in e and d.
• The problem of factoring n into two prime
factors is computationally very difficult.
– Knowing p and q will allow us to know Φ(n).
– This will help an intruder to know the values of e
and d.
• Key sizes in the range of 1024 to 2048 bits
seems safe.

Prepared by: DR. OLIVER 27

• Until recently, this was felt to be infeasible for
numbers in the range of 100 decimal digits or
so (approximately 300 bits).
• A worldwide team cooperating over the
internet and using 1600 computers recently
cracked the code in eight months.
• Currently, a 1024-bit key size (about 300
decimal digits) is considered strong enough for
virtually all applications.

Prepared by: DR. OLIVER 28

 I. IP Security (IPSec)
• IPSec is a capability that can be added to either
current version of Internet Protocol (IPv4 and IPv6)
by additional headers.
• It encompasses three areas: authentication,
confidentiality and key management.
• Authentication can be applied to entire original IP
packet (tunnel mode) or to all packets except IP
header (transport mode)
• Confidentiality is provided by an encryption format
known as encapsulating security payload.
Prepared by: Dr. Oliver 29
Prepared by: Dr. Oliver 30
IP Security Scenario

31
 IPSec Services
• IPSec uses two protocols to provide security:
1. Authentication Header (AH): an
authentication protocol.
2. Encapsulating Security Payload (ESP): a
combined encryption and authentication
protocol.

32
 Transport vs. Tunnel Mode
• AH and ESP support two modes:
Transport and tunnel.
1. Transport Mode:
>Protection extends to the payload of an IP
packet.
>Used for end-to-end communication between
two hosts (client and server, or two
workstations).

33
 Transport vs. Tunnel Mode
2. Tunnel Mode:
>Provides protection to the entire IP packet.
>After AH or ESP fields are added, the entire
packet plus security fields are treated as a
payload of a new IP packet.
>A new IP header is attached.

34
End-to-end versus End-to-Intermediate
Authentication

35
 Transport vs. Tunnel Mode
• Both AH and ESP have two modes
1. Transport mode:
>Encryption is provided directly between two
hosts.
>Packet header is not encrypted.
>Protection extends to the payload of an IP
packet.

36
 Transport vs. Tunnel Mode…
2. Tunnel Mode:
>Entire packet is treated as a payload of a new
IP packet.
>A new IP header is attached.
>The new IP packet is tunneled from one
gateway to another.
>Hosts avoid implementing security capabilities.

37
 Transport Mode ESP
• Used to encrypt and authenticate (optional)
data in an IP packet.
• In IPv4:
>ESP header is inserted after the IP header.
>ESP trailer (Padding, Padding length, Next
Header) is placed at the end of the packet.
>If authentication is used, authentication data is
put after the ESP trailer.

38
 Transport Mode ESP…
• In IPv6:
>ESP header is inserted after the IP header and extension
headers.
>ESP trailer (Padding, Padding length, Next Header) is
placed at the end of the packet.
>If authentication is used, authentication data is put after
the ESP trailer.
>Encryption covers: entire ciphertext.
>Authn. Covers: ciphertext + ESP header.

39
ESP Encryption and Authentication

40
 Tunnel Mode ESP
• Entire IP packet is encrypted.
• A new IP header is used to help routing.
• In IPv4:
>ESP header is inserted after the new IP header.
>ESP trailer (Padding, Padding length, Next Header) is
placed at the end of the packet.
>If authentication is used, authentication data is put
after the ESP trailer.

41
 Tunnel Mode ESP…
• In IPv6:
>ESP header is inserted before the original IP header.
>ESP trailer (Padding, Padding length, Next Header) is
placed at the end of the packet.
>If authentication is used, authentication data is put
after the ESP trailer.
>Encryption covers: entire ciphertext.
>Authn. Covers: ciphertext + ESP header.

42
ESP Encryption and Authentication

43
II. SSL Architecture

Prepared by: Dr. Oliver 44

 SSL Concepts
– Connection is a transport that provides a
suitable type of service. Every connection is
associated with once session.
– Session is an association between a client
and a server. It is created by Handshake
protocol.

Prepared by: Dr. Oliver 45

• SSL Record Protocol provides basic security
services to various higher-layer protocols (HTTP)
• Three SSL-specific protocols (Handshake,
Change Cipher Spec and Alert) are used in the
management of SSL exchanges.

Prepared by: Dr. Oliver 46

 SSL Record Protocol
• Provides two services for SSL Connections:
– Confidentiality – Handshake protocol defines a
shared secret key used for encryption of SSL
payloads.
– Message Integrity – Handshake protocol also
defines a shared secret key used to form a
message authentication code (MAC)

Prepared by: Dr. Oliver 47

Prepared by: Dr. Oliver 48
 SSL Record Protocol operation
• Fragmentation – message is fragmented into
blocks of 16384 bytes or less.
• Compression – must be lossless and not
increase content length by 1024 bytes.
• Compute Message Authentication Code
(MAC) using a secret key.
• Compressed message plus MAC are encrypted
using symmetric encryption. Should not
increase the content length by 1024 bytes.
Prepared by: Dr. Oliver 49
Prepared by: Dr. Oliver 50
 Change Cipher Spec Protocol
• Simplest of the SSL-Specific protocols
• It is consists of a single message that is
consists of a single byte with the value 1.
• The purpose of this message is to cause the
pending state to be copied into the current
state, which updates the cipher suite to be
used in the connection.

Prepared by: Dr. Oliver 51

 Alert Protocol
• Used to convey SSL-related alerts to the peer
entity.
• Each message in this protocol consists of two
bytes:
– First byte takes the value warning (1) or fatal (2) to
convey the severity of the message.
– Second byte contains a code that indicates the
specific alert.

Prepared by: Dr. Oliver 52

Alerts

Prepared by: Dr. Oliver 53

 Handshake Protocol
• Allows the server and client to authenticate
each other.
• To negotiate an encryption and MAC
algorithm and cryptographic keys to be used.
• This protocol is used before any application
data is transmitted.

Prepared by: Dr. Oliver 54

Prepared by: Dr. Oliver 55
Prepared by: Dr. Oliver 56
 END

Prepared by: Dr. Oliver 57