seguridad en sistemas de información verano 2004 francisco rodríguez henríquez security services...

Seguridad en Sistemas de Información

verano 2004Francisco Rodríguez Henríquez

Security Services in Information Systems



Antecedents and Motivation



What is this part of the course about?

In this part of the course we will discuss the following topics

– security needs– security services– security mechanisms and protocols

for data stored in computers and transmitted across computer networks



What we will/won’t cover?

• We will cover– security threats– security protocols in use with emphasis on Authentication– Certificates and PKI– Introduction to Wireless Security

• We will not cover– cryptography (just an overview will be given)– computer networks– operating systems– computers in general– how to hack



What security is about in general?

• Security is about protection of assets– D. Gollmann, Computer Security, Wiley

• Prevention– take measures that prevent your assets from being damaged

• Detection– take measures so that you can detect when, how, and by

whom an asset has been damaged

• Reaction– take measures so that you can recover your assets



Real world example

• Prevention– locks at doors, window bars, secure the walls

around the property, hire a guard

• Detection– missing items, burglar alarms, closed circuit TV

• Reaction– attack on burglar, call the police, replace stolen

items, make an insurance claim



Services, Mechanisms, Attacks

• 3 aspects of information security:– security attacks (and threats)

• actions that compromise security

– security services• services counter to attacks

– security mechanisms• used by services• E.g. secrecy is a service, encipherment is a mechanism



NETWORK SECURITY FUNDAMENTALS

•Security Attacks and Security Services

•A Model of Network Security

•Access Policies



SECURITY ATTACKSSECURITY ATTACKS

&&SECURITY SERVICESSECURITY SERVICES

•Unauthorised Access

•Unauthorised Disclosure of Information

•Unauthorised Modification of Information

•Unauthorised Denial of Service

Security Threads



Attacker resources and methods vary greatly

Resource Teenager Academic Org. Crime Gov’t

Time Limited Moderate Large Large

Budget ($) <$1000 $10K-$100K $100K+ Unknown

Creativity Varies High Varies Varies

Detectability High High Low Low

Target Challenge Publicity Money Varies

Number Many Moderate Few Unknown

Organized No No Yes Yes

Spread info? Yes Yes Varies No

Source: Cryptography Research, Inc. 1999, “Crypto Due Diligence”



Source: Blaze/Diffie/Rivest/Schneier/Shimoura/Thompson/Wiener: www.bsa.org/policy/encryption

Minimal key lengths for symmetric ciphers

Typeof attacker

Budget Tool Time and costper key recovered

Length needed forprotection in late 1995

40 bits 56 bits

Pedestrian Hacker

SmallBusiness

CorporateDepartment

Big Company

IntelligenceAgency

tiny

$400

$10.000

$300K

$10M

$300M

scavengedcomputer time

FPGA

FPGA

FPGA

ASIC

FPGA

ASIC

ASIC

1 week

5 hours($0.08)12 min($0.08)24 sec($0.08)18 sec

($0.001) 7 sec

($0.08)0.005 sec($0.001)

0.0002 sec($0.001)

infeasible

38 years($5,000)556 days($5,000)19 days($5,000)3 hours($38)

13 hours($5,000)

6 min($38)

12 sec($38)

45

50

55

60

70

75





Passive Attacks





Active Attacks





Attacks

Accidental Intentional•Software Errors

•Hardware Errors

•Poor Management of Resources

Passive Active•Release of Message content•Traffic Analysis

•Data Mod.•Data Delay•Data Blocking•Data Copy•Data Replay•Data Destruction



Security Mechanisms

• Basically cryptographic techniques/technologies – that serve to security services – to prevent/detect/recover attacks

• Encipherment– use of mathematical algorithms to transform data

into a form that is not readily intelligible• keys are involved



• Message Digest– similar to encipherment, but one-way (recovery not

possible)– generally no keys are used

• Digital Signatures– Data appended to, or a cryptographic transformation of, a

data unit to prove the source and the integrity of the data

• Authentication Exchange– ensure the identity of an entity by exchanging some

information

Security Mechanisms



• Notarization– use of a trusted third party to assure certain properties of a

data exchange

• Timestamping– inclusion of correct date and time within messages

• Non-cryptographic mechanisms– traffic padding (for traffic analysis)

– intrusion detection

– firewalls

Security Mechanisms



Security Services

• Confidentiality - protect info value • Authentication - protect info origin (sender)

• Identification - ensure identity of users

• Integrity - protect info accuracy • Non-repudiation - protect from deniability • Access control - access to info/resources • Availability - ensure info delivery



Relationships

Integrity

Authentication

Non-repudiation



Two references

• ITU-T X.800 Security Architecture for OSI– gives a systematic way of defining and providing

security requirements

• RFC 2828– over 200 pages glossary on Internet Security



Security Systems by layers

Computer Arithmetic : Addition, Squaring, multiplication, inversion and exponentiationComputer Arithmetic : Addition, Squaring, multiplication, inversion and exponentiation

Public Key Crypto Algorithms: RSA, ECCSymmetric Crypto Algorithms: AES, DES, RC4, etc.

Public Key Crypto Algorithms: RSA, ECCSymmetric Crypto Algorithms: AES, DES, RC4, etc.

Crypto User Functions: Encrypt/Decrypt, Sign/verify

Crypto User Functions: Encrypt/Decrypt, Sign/verify

Security Services: Confidentiality, Data Integrity, Data Authentication, Non-Repudiation

Security Services: Confidentiality, Data Integrity, Data Authentication, Non-Repudiation

Communication Protocols : SSL, TLS, WTLS, WAP, etc.

Communication Protocols : SSL, TLS, WTLS, WAP, etc.

Applications: Secure e-mail, Digital Money, Smart Cards, Firewalls, etc.

Applications: Secure e-mail, Digital Money, Smart Cards, Firewalls, etc.



Fundamental Dilemma of Security

• Security unaware users have specific security requirements but no security expertise.– from D. Gollmann– Solution: level of security is given in predefined

classes specified in some common criteria



Fundamental Tradeoff

• Absolutely secure systems do no exist

• To half your vulnerability you have to double your expenditure

• Cryptography is typically bypassed not penetrated.



The Three Laws of Security

• Security unaware users have specific security requirements but no security expertise.– from D. Gollmann– Solution: level of security is given in predefined

classes specified in some common criteria



Kerckhkoffs’s Principle

While assessing the strength of a cryptosystem, one should always assume that the enemy knows the cryptographicalgorithm used.

The security of the system, therefore, should be based on

* the quality (strength) of the algorithm but not its obscurity* the key space (or key length)



A Cryptosystem Classification

• Public key cryptography (RSA, ECC, NTRU)

• Secret key Cryptography (DES, AES, RC4)

• Block ciphers (DES, IDEA, RSA) 64-128 bits

• Stream ciphers (A5, RC4, SEAL) encryption in a bit to

bit basis.



A Simplified Model of Conventional Encryption



Message Digest

• A message digest, also known as a one-way hash function, is a fixed length computionally unique identifier corresponding to a set of data. That is, each unit of data (a file, a buffer, etc.) will map to a particular short block, called a message digest. It is not random: digesting the same unit of data with the same digest algorithm will always produce the same short block.

• A good message digest algorithm possesses the following qualities– The algorithm accepts any input data length.

– The algorithm produces a fixed length output for any input data.

– The digest does not reveal anything about the input that was used to

generate it. – It is computationally infeasible to produce data that has a specific digest.

– It is computationally infeasible to produce two different unit of data that produce the same digest.



Hash Algorithms

• Reduce variable-length input to fixed-

length (128 or 160bit) output

• Requirements

– Can't deduce input from output

– Can't generate a given output

– Can't find two inputs which produce the

same output



Hash Algorithms

• Used to

– Produce fixed-length fingerprint of arbitrary-length data

– Produce data checksums to enable detection of modifications

– Distill passwords down to fixed-length encryption keys

• Also called message digests or fingerprints



Message Authentication Code MAC

• Hash algorithm + key to make hash value dependant on the key

• Most common form is HMAC (hash MAC)

– hash( key, hash( key, data ))

• Key affects both start and end of hashing process

• Naming: hash + key = HMAC-hash

– MD5 HMAC-MD5

– SHA-1 HMAC-SHA (recommended)



An Example



Digital Signature/Verification Schemes



Seven-Layer OSI Model





OSI Security Services•Authentication

•Access Control

•Data Confidentiality

•Traffic Flow Confidentiality

•Data Integrity

•Non-Repudiation of both Origin and Delivery of Data





OSI Security Mechanisms•Encipherment•Digital Signatures•Access Control Mechanisms•Data Integrity Mechanisms•Authentication Exchange Mechanisms•Traffic Padding Mechanisms•Notarisation Mechanisms•Routing Control Mechanisms



Inter-network Protocol (IP)

seguridad en sistemas de información verano 2004 francisco rodríguez henríquez security services...

Documents

computer security

wireless security

informacin verano

attacks security mechanisms

seguridad en sistemas

assets slide

motivation slide

mechanism slide