internet security & e-commerce - set web security e-commerce.pdf · 2/28/2001 · – financial...
TRANSCRIPT
Maurizio Decina - Internet Security - Rome, February 28, 2001 1
Internet Security & E-commerce
Maurizio DècinaPolitecnico di Milano/CEFRIEL
‘Sicurezza, Informazione e Formazione’MAFRAU & TRAINET
Maurizio Decina - Internet Security - Rome, February 28, 2001 2
Network Security
• There Is No Such Thing As a 100% Secure Network System• Think About Security As a Triangle With Security, Performance,
and Usability at The Corners• You Cannot Be at All Corners at The Same Time, You Can Only
Optimize The Mix According to Your Specific Needs
Security
PerformanceUsability
Maurizio Decina - Internet Security - Rome, February 28, 2001 3
Requirements for E-commerce
• Confidentiality• Integrity• Authenticity• Non-repudiation• Availability
Maurizio Decina - Internet Security - Rome, February 28, 2001 4
Traditional Solutions
• Confidentiality ( Unauthorized Access)– Envelope
• Integrity (Protects Against Data Tampering)– Watermarks, Signatures
• Authenticity (Protects Against Masquerading)– Physical Presence, Notaries
• Non-repudiation (Protects Against Denial of Being a Party to a Transaction)– Receipts, Confirmations, Signatures
Maurizio Decina - Internet Security - Rome, February 28, 2001 5
Electronic Solutions
• Confidentiality– Data Encryption
• Integrity– Hash Algorithms, Message Digests, Digital Signatures
• Authenticity– Digital Signatures, Certificates
• Non-repudiation– Digital Signatures, Audit Logs
• Availability– Redundant Systems, Automatic Rescue Procedures
Maurizio Decina - Internet Security - Rome, February 28, 2001 6
Security Standards and Protocols
• IPSEC - Network Layer Security– Provides Security to IP Protocol– Key Distribution (DH)
• IKE (Internet Key Exchange)• ISAKMP (Internet Security
Association and Key Management Protocol)
– AH: Authentication Header• Authenticates Payload Only• Uses Keyed MD5 As a Default
for Data Integrity– ESP: Encapsulated Security
Payload• Uses DES-CBC As Default for
Encryption
AH ESP
TCP
HTTP FTP SMTP
Maurizio Decina - Internet Security - Rome, February 28, 2001 7
Security Standards and Protocols
• SSL - Session Layer Security– Protocol Independent– Available for HTTP, NNTP, SMTP
Available in Netscape Navigator, Microsoft IE, Most Servers
– HTTP - Port 443; SMTP - Port 563– SASL Framework– Key Exchange: RSA, DH,
FORTEZZA– Encryption Algorithms: RC2, RC4,
IDEA, DES, 3DES– Certificates: X.509 V3– Certificate Support Optional in
Clients (No Client Authentication to Servers)
IP
TCP
HTTP FTP SMTP
SSL
Maurizio Decina - Internet Security - Rome, February 28, 2001 8
Security Standards and Protocols
• S-HTTP and S/MIMEApplication Layer Security– Available in Some Servers– Encapsulates Existing HTTP
Data– Public Key Cryptography With
Encryption and Digital Signatures
– S-HTTP Is Not Widely SupportedIP
TCP
S-HTTP S/MIME
Maurizio Decina - Internet Security - Rome, February 28, 2001 9
Security Standards and Protocols
• PGP/SET - Content Based Security– Protocol Independent– PGP Secure Electronic
Messaging Based on Asymmetric and Symmetric Encryption
– SET Messaging Protocol to Secure Bank-card Transaction
IP
TCP
HTTP FTP SMTP
PGP SET
Maurizio Decina - Internet Security - Rome, February 28, 2001 10
Secret Key Cryptography
• Symmetric Cryptography– Adding Confidentiality; Single Key, Shared Secret– Standards: DES (Digital Encryption Standard) and IDEA
(International Data Encryption Algorithm)– Fast, Easy to Implement, Reliable– Problem: Key Exchange in Un-trusted Networks
Secret key, Secure channelPlaintextmessage
Plaintextmessage
Encrypt Decrypt
Maurizio Decina - Internet Security - Rome, February 28, 2001 11
Public Key Cryptography
• Asymmetric (Public-key) Cryptography– Adding Confidentiality; 2 Keys Mathematically
Linked: Public and Private Keys (RSA, DH)– Either Can Be Used for Encryption/Decryption– Problem: Computationally Intensive
Recipient’sPublic Key Plaintext
messagePlaintextmessage
Encrypt Decrypt
Recipient’sPrivate key
Maurizio Decina - Internet Security - Rome, February 28, 2001 12
Public Key Cryptography
• Digital Signatures• Adding Authenticity, Integrity and Non-repudiation• Hash Functions (Result Cannot Be Reverted): Create
Unique Fingerprint of the Original Message
MessageDigest
Originator’sPrivate Key
Encrypt
Originator’sPublic Key
DecryptMessage
DigestMessage
Digest
Compare
Originator’s Message
Originator Recipient
Maurizio Decina - Internet Security - Rome, February 28, 2001 13
Public Key Infrastructure
• Certification Authority (CA)• Registration Authority (RA)• Certificate Repository• Certificate Revocation System (CRL Publication)• Backup and Recovery for Keys (Optional)• Management of Key Histories (Optional)• Automatic Update of Key Pairs and Certificates
(Optional)• Support for Non-repudiation of Digital Signatures• Support for Cross-certification• Support for Legacy Applications
Maurizio Decina - Internet Security - Rome, February 28, 2001 14
Cryptography
• Most Ciphers Consist of Public Algorithm and a Key Which Needs to Be Long to Be Safe (40, 56, 128 Bits)
• Encryption and Decryption Is Computationally Expensive
• Brute Force Attack:• If It Takes One Day for a Device to Break 40 Bit DES• It Takes 7 Years for the Same Device to Break 56 Bit DES• It Takes Several Billion Years to Break 112 Bit 3DES
Plaintext Ciphertext PlaintextEncryption Decryption
Maurizio Decina - Internet Security - Rome, February 28, 2001 15
Cryptography
• The Most Popular Symmetric Encryption Algorithms– DES - Data Encryption Standard (56 Bit + 8 Bit Checksum =
64 Bit)– 3DES - Triple Data Encryption Algorithm (112 Bit, 168 Bit) – IDEA - International Data Encryption Algorithm– RC4 - Rivest Cipher 4 (128 Bit)– AES - Advanced Encryption Standard ( New NIST Standard:
Rijndael, 128 Bit, 192 Bit, 256 Bit)• The Most Popular Asymmetric Encryption Algorithms
– DH - Diffie Hellman– RSA - Rivest Shamir Adleman (1024 Bit)– DSA - Digital Signature Algorithm (1024 Bit)– ECC - Elliptic Curve Cryptosystem (160 Bit)
Maurizio Decina - Internet Security - Rome, February 28, 2001 16
Security Innovations
• Public Key Cryptography– Truncated Polynomials Ring
• By NTRU Communications and Content Security– Quantum Computing
• Quantum Cryptolink, by IBM’s Almaden Research Center• Biometrics Techniques for Individuals Authentication
– Today Based On: Passwords, PINs, ID Cards, etc.– Biometric Technology Develops Recognition/Authentication
Systems That Recognize Individuals by Biological or Behavioral Characteristics
– Fingerprint Scans, Voice Authentication, Eye Iris Scans,… • Trusted Identity Systems
– Identrus LLC, and GTA - Global Trust Authority– Financial Liability of Parties Involved in Transactions
Maurizio Decina - Internet Security - Rome, February 28, 2001 17
Secure Electronic Messaging
• Requirements– Privacy, Authentication, Integrity, Availability, Virus
Checking, Support for Non-text Messages, Non-repudiation (Proof of Sending and Receiving)
• Standards– SMTP - Simple Mail Transfer Protocol– POP3 - Post Office Protocol 3– IMAP4 - Internet Message Access Protocol 4– MIME, S/MIME - Secure/ Multipurpose Internet Mail Extension– PGP - Pretty Good Privacy– SSL - Secure Socket Layer– X.400 - OSI E-mail Standard– X.509 V3 - Public Key Certificate Standard
Maurizio Decina - Internet Security - Rome, February 28, 2001 18
Secure Electronic MessagingPGP - Pretty Good Privacy
Plaintext
Sessionkey
ciphertext
Encryptedsession
key
Plaintext
Sessionkey
Encrypted withsession key
Decrypted withsession key
compressed
Recipientspublic key
Recipientsprivate key
Encryption Decryption
Maurizio Decina - Internet Security - Rome, February 28, 2001 19
Secure Electronic Messaging
• S/MIME – Seamlessly Integrated Into Software (Browsers,
Servers)
MIME header
Content
S/MIME header
EncryptedContent
Maurizio Decina - Internet Security - Rome, February 28, 2001 20
Credit Card Transaction
In The Real World • Card Owner Comes to a Supermarket, Gives His Credit
Card and Signs a Receipt in the Presence of a Merchant• Card Reader Calls the Bank Twice: Once for the
Individual Authorization and Then Again at the End of the Day for Settlement and Accounting
Card Holder (owner of the card)
Card Processing Network
(verifone reader in supermarket)
Issuing bank(represents a client)
Acquiring bank(represents a merchant)
Maurizio Decina - Internet Security - Rome, February 28, 2001 21
Payments on The Web
• Model Existing Systems• Technologies Such As SSL and SET Make
Purchasing Over the Internet Possible• Heavily Relies on SSL
– Users Can Authenticate Servers, but Not Vice Versa
– It Is Easier to Implement Certificates on the Server• Users Retrieve Server Certificate• Clients Use User ID and Passwords to
Authenticate to a Server
Maurizio Decina - Internet Security - Rome, February 28, 2001 22
Payments on the Web
Client Server
hello
User ID/password
Client Server
hello
Maurizio Decina - Internet Security - Rome, February 28, 2001 23
Secure Socket Layer
• SSL Does Not Assure That Merchant Is Authorized to Accept Credit Card
• Session Key Is Known Only to Browser and Server• Confidentiality Obtained Through Encryption (Privacy;
Prevents Eavesdropping)• Data Integrity Obtained Through Hashing (MD5)• Server Authentication Obtained Via Digital Certificates• (Optional) Client Authentication Via Digital Certificates• Credit Card Number Can Be Read Only by the
Merchant Server• SSL Session Involves Exchange Certificates and Keys
Maurizio Decina - Internet Security - Rome, February 28, 2001 24
Secure Electronic Transaction
• SET Messages Are Essentially the Same As Those That Have Been Used in the Traditional Banking Networks for Years. SET Allows Them to Flow Across the Insecure, Open Internet
• SET Defines All Necessary Communication Between Banks, Merchants, Cardholders, Whereas SSL Creates a Secure Connection Between 2 Computers.
• Set Provides Merchants With Assurance That the Card Holder Will Not Say “It Is Not Me”. The Bank Has Evidence That Holder Made a Purchase
• SET Provides a Card Holder With Assurance That the Merchant Is Legitimate
Maurizio Decina - Internet Security - Rome, February 28, 2001 25
Secure Electronic Transaction
Consumer
CA
BankNetPayment Gateway
MerchantTransaction
Certificate Certificate
Authorization
Settlement
DigitalWallet
Maurizio Decina - Internet Security - Rome, February 28, 2001 26
Computer Crimes
• Computer Crimes– First Network Attack: 1988 (Worm; Robert Morris, Cornell)– Attackers: Hackers Vs. Crackers ( Vandals, Spies)– Hackers Are Proud of What They Are Doing and Publish
Their Achievements - Crackers Are Hacking for Profit
• Attacks– Social Engineering Method (Obtaining Username and
Password From Another Person), Shoulder Surfing– Exploits (Buffer Overflows), Trojan Horses and System
Modifications (Modified Login, Telnet, FTP, …)– (Distributed) Denial of Service, Resource Exhaustion
Maurizio Decina - Internet Security - Rome, February 28, 2001 27
Threats
• Hacker Attacks (Vandalism, Springboard)• Denial of Service (Competition)• Theft (Software, Ideas, Money)• Damage to Public Image (Companies,
People)
Maurizio Decina - Internet Security - Rome, February 28, 2001 28
Security IncidentsSecurity Incidents (CERT)
0
1000
2000
3000
4000
5000
6000
7000
8000
9000
1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999
Year
Num
ber
IncidentsVulnerabilities
Maurizio Decina - Internet Security - Rome, February 28, 2001 29
Security Incidents
• Intruder Tools More and More Sophisticated• Widely Available Over the Net• More Increasingly User Friendly
– Unsophisticated User Can Easily Use Them and Gain Access to Corporate Key Servers (OSS, Billing System, Etc.)
• Automation of Discovery and Compromise of Systems– Up to 10000 Host in 1 Hour
• Encryption Tools• Scheduling Tools
Maurizio Decina - Internet Security - Rome, February 28, 2001 30
Attacks & Intruders
Maurizio Decina - Internet Security - Rome, February 28, 2001 31
Malicious Programs
• Trojan Horse: Secret Undocumented Routine Embedded Within a Program
• Virus: Code Embedded Within a Program That Causes a Copy of Itself to Be Inserted in One or More Other Programs
• Worm: Program That Replicate Itself and Send Copies Across a Network
• Bacteria: Program That Consumes System Resources by Replicating Itself
• Logic Bomb: When Certain Conditions Are Met the Program Executes Some Functions in Unauthorized Actions
• Trapdoor: Secret Undocumented Entry Point Into a Program
Maurizio Decina - Internet Security - Rome, February 28, 2001 32
Some Attacks
• Denial of Service - Servers or Services Stop Running• IP Spoofing - Hacker Poses As a Legitimate Host
Using a Fabricated IP Address• Session Hijacking - Stealing Sessions• Web Spoofing - Creating Fake Web Sites• DNS Hijacking - Redirect DNS• Password Sniffing - Tools Like TCP Grab or
Passfinder• Buffer Overflow - Holes in Commercial and Public
Domain Software (Sendmail, Various Servers, Etc.)
Maurizio Decina - Internet Security - Rome, February 28, 2001 33
Attack
Distributed DOS Attacks Some DDOS Tools• Trinoo
• Attacker Uses TCP; Masters and Daemons Use UDP
• Stacheldraht• Attacker Uses Encrypted TCP to
Master; Masters and Daemons Use TCP and ICMP ECHO REPLY; RPC Used for Auto-update
• TFN• Attacker Uses Shell to Invoke
Master; Masters and Daemons Use ICMP ECHOREPLY
• TFN2K• Configurable (UDP/ICMP/TCP)
Intruder
Master
Daemon
Target
Configure
Activate
Maurizio Decina - Internet Security - Rome, February 28, 2001 34
Typical Network Attack
Maurizio Decina - Internet Security - Rome, February 28, 2001 35
e-Gap @ DMZ & Back Office
Maurizio Decina - Internet Security - Rome, February 28, 2001 36
Aspects of Security
• Attack– Action That Compromises the Security of Information Owned
by an Organisation• Security Policy
– The Set of Desired Security Goals• Security Procedures
– The Way Security Goals Are Achieved• Security Services
– Services That Enhance the Security• Security Mechanisms
– Mechanisms Designed to Detect, Prevent or Recover From an Attack