IS 2150 / TEL 2810 Introduction to SecurityObjectivesISO/OSI ModelProtocolsElectronic MailSecurity at the Application Layer: Privacy-enhanced Electronic MailDesign Considerations/goals for PEMPEM Basic DesignProtocolsISO/OSI Model IPSec: Security at Network LayerIPSec ProtocolsCases where IPSec can be usedCases where IPSec can be used (2)Security Association (SA)Security Association (2)Security Association DatabasesIPSec ModesAuthentication Header (AH)Preventing replayTransport Mode AHTunnel Mode AHESP – Encapsulating Security PayloadDetails of ESPTransport mode ESPTunnel mode ESPPerimeter DefenseSlide 27FirewallsWhat Firewalls can’t doVirtual Private Networks What is it?What is a VPN? (2)Tunneling in VPNSlide 33What is Authentication?Authentication System: DefinitionAuthentication System: PasswordsPasswordsAuthentication SystemAttacks on PasswordsPassword SelectionSlide 41Slide 42Authentication Systems: Challenge-ResponseSlide 44Authentication Systems: BiometricsAttacks on Biometrics1IS 2150 / TEL 2810Introduction to SecurityJames JoshiAssistant Professor, SISLecture 11Nov 15, 2007Network Security, Authentication, Identity2ObjectivesUnderstand/explain the issues related to, and utilize the techniques Security at different levels of OSI modelPrivacy Enhanced emailIPSecMisc.Authentication and identificationpassword3ISO/OSI ModelApplication LayerApplication LayerPresentation LayerPresentation LayerSession LayerSession LayerTransport LayerTransport LayerNetwork LayerNetwork LayerData Link LayerData Link LayerPhysical LayerPhysical LayerApplication LayerApplication LayerPresentation LayerPresentation LayerSession LayerSession LayerTransport LayerTransport LayerNetwork LayerNetwork LayerData Link LayerData Link LayerPhysical LayerPhysical LayerNetwork LayerNetwork LayerData Link LayerData Link LayerPhysical LayerPhysical LayerPeer-to-peerFlow of bits4ProtocolsEnd-to-end protocolCommunication protocol that involves end systems with one or more intermediate systemsIntermediate host play no part other than forwarding messagesExample: telnet Link protocolProtocol between every directly connected systemsExample: IP – guides messages from a host to one of its immediate hostLink encryptionEncipher messages between intermediate hostEach host share a cryptographic key with its neighborAttackers at the intermediate host will be able to read the messageEnd-to-end encryption Example: telnet with messages encrypted/decrypted at the client and serverAttackers on the intermediate hosts cannot read the message5Electronic Mail UA interacts with the senderUA hands it to a MTAMTAUAMTAUAMTAUAMessage TransferAgentsUser AgentAttacker can read email on any of the computer with MTAForgery possible6Security at the Application Layer:Privacy-enhanced Electronic MailStudy by Internet Research Task Force on Privacy or Privacy Research Group to develop protocols with following servicesConfidentiality, by making the message unreadable except to the sender and recipientsOrigin authentication, by identifying the sender preciselyData integrity, by ensuring that any changes In the message are easy to detectNon-repudiation of the origin (if possible)7Design Considerations/goalsfor PEMNot to redesign existing mail system protocolsTo be compatible with a range of MTAs, UAs and other computersTo make privacy enhancements available separately so they are not requiredTo enable parties to use the protocol to communicate without prearrangement8PEMBasic DesignDefines two keysData Encipherment Key (DEK) to encipher the message sentGenerated randomlyUsed only onceSent to the recipientInterchange key: to encipher DEKMust be obtained some other way than through the message9ProtocolsConfidential message (DEK: ks)Authenticated, integrity-checked messageEnciphered, authenticated, integrity checked messageAlice Bob{m}ks || {ks}kBobAlice Bobm || {h(m)}kAliceAlice Bob??10ISO/OSI Model IPSec: Security at Network LayerApplication LayerApplication LayerPresentation LayerPresentation LayerSession LayerSession LayerTransport LayerTransport LayerNetwork LayerNetwork LayerData Link LayerData Link LayerPhysical LayerPhysical LayerApplication LayerApplication LayerPresentation LayerPresentation LayerSession LayerSession LayerTransport LayerTransport LayerNetwork LayerNetwork LayerData Link LayerData Link LayerPhysical LayerPhysical LayerNetwork LayerNetwork LayerData Link LayerData Link LayerPhysical LayerPhysical LayerPeer-to-peerFlow of bits11IPSec ProtocolsAuthentication header (AH) protocolMessage integrityOrigin authenticationAnti-replay servicesEncapsulating security payload (ESP) protocolConfidentialityMessage integrityOrigin authenticationAnti-replay servicesInternet Key Exchange (IKE)Exchanging keys between entities that need to communicate over the InternetWhat authentication methods to use, how long to use the keys, etc.12Cases where IPSec can be usedInternet/IntranetEnd-to-end security between two hostsInternet/IntranetSG SGEnd-to-end security between two security gateways13Cases where IPSec can be used (2)InternetSG SGIntranetIntranetInternetSGIntranetEnd-to-end security between two hosts + two gatewaysEnd-to-end security between two hosts during dial-up14Security Association (SA)Unidirectional relationship between peersSpecifies the security services provided to the traffic carried on the SA Security enhancements to a channel along a pathIdentified by three parameters:IP Destination AddressSecurity Protocol IdentifierSpecifies whether AH or ESP is being usedSecurity Parameters Index (SPI)Specifies the security parameters associated with the SA15Security Association (2)Each SA uses AH or ESP (not both)If both required two SAs are createdMultiple security associations may be used to provide required security servicesA sequence of security associations is called SA bundleExample: We can have an AH protocol followed by ESP or vice versa16Security Association DatabasesIP needs to know the SAs that exist in order to provide security servicesSecurity Policy Database (SPD)IPSec uses SPD to handle messagesFor each IP packet, it decides whether an IPSec service is provided, bypassed, or if the packet is to be discardedSecurity Association Database (SAD)Keeps track of the sequence numberAH information (keys,
View Full Document