网络信息安全原理简介.ppt

1网络信息安全原理简介网络信息安全原理简介2OutlineFoundations: rwhat is security?rcryptographyrauthenticationrmessage integrityrkey distribution and certificationSecurity in practice:rapplication layer: secure e-mailrtransport layer: Internet commerce, SSL, SETrnetwork layer: IP security3Friends and enemies: Alice, Bob, Trudyrwell-known in network security worldrBob, Alice (lovers!) want to communicate “securely”rTrudy, the “intruder” may intercept, delete, add messagesFigure 7.1 goes here4What is network security?Secrecy: only sender, intended receiver should “understand” msg contentsmsender encrypts msgmreceiver decrypts msgAuthentication: sender, receiver want to confirm identity of each other Message Integrity: sender, receiver want to ensure message not altered (in transit, or afterwards) without detection5Internet security threatsPacket sniffing: mbroadcast mediampromiscuous NIC reads all packets passing bymcan read all unencrypted data (e.g. passwords)me.g.: C sniffs Bs packetsABCsrc:B dest:A payload6Internet security threatsIP Spoofing: mcan generate “raw” IP packets directly from application, putting any value into IP source address fieldmreceiver cant tell if source is spoofedme.g.: C pretends to be BABCsrc:B dest:A payload7Internet security threatsDenial of service (DOS): mflood of maliciously generated packets “swamp” receivermDistributed DOS (DDOS): multiple coordinated sources swamp receiverme.g., C and remote host SYN-attack AABCSYNSYNSYNSYNSYNSYNSYN8The language of cryptographysymmetric key crypto: sender, receiver keys identicalpublic-key crypto: encrypt key public, decrypt key secret Figure 7.3 goes hereplaintextplaintextciphertextKAKB9Symmetric key cryptographysubstitution cipher: substituting one thing for anothermmonoalphabetic cipher: substitute one letter for anotherplaintext: abcdefghijklmnopqrstuvwxyzciphertext: mnbvcxzasdfghjklpoiuytrewqPlaintext: bob. i love you. aliceciphertext: nkn. s gktc wky. mgsbcE.g.:Q: How hard to break this simple cipher?:brute force (how hard?)other?10Symmetric key crypto: DESDES: Data Encryption StandardrUS encryption standard NIST 1993r56-bit symmetric key, 64 bit plaintext inputrHow secure is DES?mDES Challenge: 56-bit-key-encrypted phrase (“Strong cryptography makes the world a safer place”) decrypted (brute force) in 4 monthsmno known “backdoor” decryption approachrmaking DES more securemuse three keys sequentially (3-DES) on each datummuse cipher-block chaining11Symmetric key crypto: DESinitial permutation 16 identical “rounds” of function application, each using different 48 bits of keyfinal permutationDES operation12Public Key Cryptographysymmetric key cryptorrequires sender, receiver know shared secret keyrQ: how to agree on key in first place (particularly if never “met”)?public key cryptographyrradically different approach Diffie-Hellman76, RSA78rsender, receiver do not share secret keyrencryption key public (known to all) rdecryption key private (known only to receiver)13Public key cryptographyFigure 7.7 goes here14Public key encryption algorithmsneed d ( ) and e ( ) such thatd (e (m) = m BBBB.need public and private keysfor d ( ) and e ( ).BBTwo inter-related requirements:12RSA: Rivest, Shamir, Adelson algorithm15RSA: Choosing keys1. Choose two large prime numbers p, q. (e.g., 1024 bits each)2. Compute n = pq, z = (p-1)(q-1)3. Choose e (with en) that has no common factors with z. (e, z are “relatively prime”).4. Choose d such that ed-1 is exactly divisible by z. (in other words: ed mod z = 1 ).5. Public key is (n,e). Private key is (n,d).16RSA: Encryption, decryption0. Given (n,e) and (n,d) as computed above1. To encrypt bit pattern, m, computec = m mod ne(i.e., remainder when m is divided by n)e2. To decrypt received bit pattern, c, computem = c mod nd(i.e., remainder when c is divided by n)dm = (m mod n)e mod ndMagichappens!17RSA example:Bob chooses p=5, q=7. Then n=35, z=24.e=5 (so e, z relatively prime).d=29 (so ed-1 exactly divisible by z. lettermmec = m mod nel12152483217cm = c mod nd1748196857210675091509141182522307200012cdletterlencrypt:decrypt:18AuthenticationGoal: Bob wants Alice to “prove” her identity to himProtocol ap1.0: Alice says “I am Alice”Failure scenario?19Authentication: another tryProtocol ap2.0: Alice says “I am Alice” and sends her IP address along to “prove” it.Failure scenario?20Authentication: another tryProtocol ap3.0: Alice says “I am Alice” and sends her secret password to “prove” it.Failure scenario?21Authentication: yet another tryProtocol ap3.1: Alice says “I am Alice” and sends her encrypted secret password to “prove” it.Failure scenario?I am Aliceencrypt(password)22Authentication: yet another tryGoal: avoid playback attackFailures, drawbacks?Figure 7.11 goes hereNonce: number (R) used onlyonce in a lifetimeap4.0: to prove Alice “live”, Bob sends Alice nonce, R. Alicemust return R, encrypted with shared secret key23Figure 7.12 goes hereAuthentication: ap5.0ap4.0 requires shared symmetric keymproblem: how do Bob, Alice agree on k