Unit-V - Network Security
Unit-V - Network Security
Unit-V - Network Security
NETWORK SECURITY
Prof. A. Q. Ansari
Department of Electrical Engineering
Jamia Millia Islamia, New Delhi
1
SECURITY SERVICES
2
Security services related to the message or entity
3
MESSAGE CONFIDENTIALITY
4
MESSAGE INTEGRITY
6
DIGITAL SIGNATURE
8
MESSAGE CONFIDENTIALITY
9
Message confidentiality using symmetric keys in two directions
11
Problems with Asymmetric Cryptosystem
1. The method is based on long mathematical
calculations using long keys. This means that this
system is very inefficient for long messages.
2. The sender of the message still needs to be certain
about the public key of the receiver. e.g., in Alice-Bob
communication, Alice needs to be sure that Bob’s
public key is genuine; Eve may have announced her
public key in the name of Bob. THUS, A SYSYTEM OF
TRUST IS NEEDED.
12
MESSAGE INTEGRITY
Encryption and decryption provide secrecy, or
confidentiality, but not integrity. However, on occasion
we may not even need secrecy, but instead must have
integrity.
For example, Alice may write a will to distribute her estate upon
her death. The will does not need to be encrypted. After her
death, anyone can examine the will. The integrity of the will,
however, needs to be preserved. Alice does not want the content
of the will to be changed.
14
Note
15
Message and Message Digest
• The electronic equivalent of the document and fingerprint
pair is the message and message digest pair.
• To preserve the integrity of a message, the message is
passed through an algorithm called a hash function.
• The hash function creates a compressed image of the
message and that can be used as a fingerprint.
16
Note
17
Difference
The two pairs “document/ fingerprint” and “message/ message
digest” are similar with the following differences.
• The document and fingerprint are physically linked together; also,
neither needs to be kept secret.
• The message and message digest can be unlinked or sent
separately. And most importantly, the message digest needs to be
kept secret.
• The message digest is either kept secret in a safe place or
encrypted if we need to send through a communications channel.
Note
19
Hash Function Criteria
Answer
We cannot. A lossless compression method creates a compressed
message that is reversible. You can uncompress the compressed
message to get the original one. 20
Q: Can we use a checksum method as a hashing
function?
Answer
We can. A checksum function is not reversible; it meets
the first criterion. However, it does not meet the other
criteria.
21
Weak Collision Resistance
• It ensures that a message can not easily be forged.
• If Alice creates a message and a digest and sends both
to Bob, this criterion ensures that Eve cannot easily
create another message that hashes exactly to the same
digest.
• In other words, given a specific message and its digest,
it is impossible (or at least very difficult) to create another
message with the same digest.
• When two messages create the same digest, we say
there is a collision.
• In a weak collision, given a message digest, it is very
unlikely that someone can create a message with exactly
the same digest.
• A hash function must have weak collision resistance.
22
Strong Collision Resistance
23
Secure Hash Algorithm (SHA – 1):
24
Message digest creation
Note
• Bob then compares the MAC sent by Alice with the newly generated
MAC.
• If the two MACs are identical, the message has not been modified
and the sender of the message is definitely Alice.
29
Hashed MAC (HMAC)
• There are several implementation of MAC in use today.
• Some MACs have been designed using keyless hash function
such as SHA-1, known as hashed MAC (HMAC).
• HMAC creates a nested MAC by applying a keyless hash
function to the concatenation of the message and a symmetric
key.
• A copy of the symmetric key is prepended to the message.
• The combination is hashed using a keyless hash function,
such as SHA-1.
• The result of this process is an intermediate HMAC which is
again prepended with the key (the same key), and the result
is again hashed using the same algorithm.
• The final result is an HMAC.
30
•The receiver receives the final HMAC and the message.
•The receiver creates its own HMAC from the received
message and compares the two HMACs to validate the
integrity of the message and authenticate the data origin.
31
DIGITAL SIGNATURE
• Although a MAC can provide message integrity and
message authentication, it has a drawback.
• It needs a symmetric key that must be established between
the sender and the receiver.
• A digital signature on the other hand, can use a pair of
asymmetric keys ( a public one and a private one).
Note
In a cryptosystem, we use the private
and public keys of the receiver;
in digital signature, we use the private
and public keys of the sender. 33
Signing the Digest
• As the public key is very inefficient in a cryptosystem if the message is
long, so in digital signature, where the message is normally long, we sign
the digest of the message, rather than signing the message itself.
34
Services provided by the Digital Signature
• A digital signature can provide three out of the five
services for a security system.
1. Message Integrity: The integrity of the message is
preserved even if we sign the whole message because
we can not get the same signature if the message is
changed.
2. Message Authentication: Bob can verify that the
message is sent by Alice because Alice’s public key is
used in verification. Alice’s public key cannot create
the same signature as Eve’s private key.
3. Message Nonrepudiation: If Alice signs a message
and then denies it, Bob can later prove that Alice
actually signed it.
35
• With the signature scheme presented so far,
Bob may face some problem.
• Bob must save the signature on file and later
use Alice’s Public key to create the original
message to prove that the message in the file
and the newly created message are the same.
• This is not feasible because Alice may have
changed her private/ public key during this time.
She may also claim that the file containing the
signature is not authentic.
SOLUTION: A Trusted Third Party may solve
many other problems concerning security
services and key exchange.
36
Showing how a trusted party can prevent Alice from denying that she sent the message
• Alice creates a signature (SA) from her message M and sends the message, her
identity, Bob’s identity, and the signature to the CENTRE.
• The centre, after checking that Alice’s public key is valid, verifies through Alice’s
public key that the message comes from Alice.
• The centre then saves a copy of the message with the sender identity, recipient
identity, and a timestamp in its archive.
• The centre uses its private key to create another signature (ST) from the message.
• The centre then sends the message, the new signature, Alice’s identity, and Bob’s
identity to Bob.
• Bob verifies the message using the public key of the center. 37
• If in the future Alice denies that she sent the message, the centre can show
a copy of the saved message.
• If Bob’s message is a duplicate of the message saved at the center, Alice
will lose the dispute.
• To make everything confidential, a level of encryption/ decryption can be
added to the scheme.
38
ENTITY AUTHENTICATION
39
Difference between Message Authentication and
Entity Authentication
1. Message Authentication may not happen in real time,
entity authentication does.
In Message Authentication, Alice sends a message to Bob.
When Bob authenticates the message, Alice may or may
not be present in the communication process.
On the other hand, when Alice requests Entity
Authentication, there is no real message communication
involved until Alice is authenticated by Bob. Alice needs
to be online and take part in the process.
Message authentication is required when an email is sent
from Alice to Bob. Entity authentication is required when
Alice gets a cash from Automatic Teller Machine (ATM).
40
2. Message Authentication simply authenticates one message; the
process needs to be repeated for each new message.
Entity Authentication authenticates the claimant for the entire
duration of a session.
IN Entity Authentication, the claimant must identify herself to the
verifier. This can be done with one of three kinds of witnesses:
• Something Known: This is a secret known only by the
claimant that can be checked by the verifier. e.g., password,
PIN number, a secret key, and private key.
• Something Possessed: This is something that can prove the
claimant’s identity. e.g., passport, driver’s license, ID card,
credit card, smart card etc.
• Something Inherent: This is an inherent characteristic of the
claimant. e.g., conventional signature, fingerprints, voice,
facial characteristic, retinal pattern, handwriting etc.
41
PASSWORDS
• The simplest and the oldest method of entity authentication
is the password, something that the claimant possesses.
• There are two types of Authentication Schemes –
1. Fixed Password
2. One-time password
FIXED PASSWORD: The same password is used over and over
for every access. This approach is subject to several
attacks.
1. Eavesdropping/ Shoulder surfing : Eve can watch Alice
when she types her password.
2. Stealing a password: Don’t write it anywhere.
3. Accessing a File where the password is stored.
4. Guessing: Don’t keep a short password.
ONE TIME PASSWORD: A password is used only once. A one-
time password makes eavesdropping and stealing useless.
However, this approach is very complex.
42
CHALLENGE RESPONSE (Entity Authentication)
• In password authentication, the claimant proves her identity
by demonstrating that she knows a secret, the password.
• However, since the claimant reveals this secret, the secret is
susceptible to interception by the adversary.
In challenge-response authentication,
the claimant proves that she knows a
secret without revealing it.
1. The first message is not the part of challenge-response, it only informs the
verifier that the claimant wants to be challenged.
2. The second message is the challenge. And RB is the nonce randomly chosen
by the verifier to challenge the claimant.
3. The claimant encrypts the nonce using the shared secret key and sends the
result to the verifier.
4. The verifier decrypts the message. If the nonce obtained from decryption is the
same as sent by the verifier, Alice is granted access. 45
2. Challenge/ Response Authentication Using a Timestamp
The challenge message is the current time sent from the verifier to
the claimant. This supposes that the client and the server clocks are
synchronized.
Since the claimant knows the current time, there is no need for the
challenge message.
The first and third message can be combined.
As a result the authentication can be done using one message: the
response to an implicit challenge, the current time.
46
3. Challenge/ Response Authentication Using a Keyed-hash Function
47
4. Challenge-response Authentication Using Asymmetric-key
•Here the claimant uses her private key for signing instead of
using it for decryption.
•Bob uses a plaintext challenge.
•Alice signs the response.
49
KEY MANAGEMENT
52
Key Distribution Center (KDC):
54
Creating a session key between Alice and Bob using KDC
1. Alice sends a message to the KDC to obtain a symmetric session key. This is an
unencrypted message that includes the registered identities of Alice and Bob.
2. The KDC creates a TICKET that includes the identities of Alice and Bob and the
session key, KAB. The ticket is encrypted using Bob’s key (KB). The encrypted
ticket along with a copy of the session key is again encrypted using Alice’s key
and sent to her. Alice decrypts this message and extracts the session key. She
can not decrypt the ticket as she does not have the Bob’s key.
3. Alice sends the ticket to Bob. Bob opens the ticket and knows that Alice needs to
send messages to him using KAB as the session key. 55
Public-Key (Asymmetric-Key) Distribution
56
Announcing a public key
57
Trusted center
58
Controlled trusted center
•A higher level of security can be achieved if there are added controls on the
distribution of the public key.
•The public-key announcements can include a timestamp and be signed by an
authority to prevent interception and modification of the response.
•If Alice needs to know Bob’s public key, she can send a request to the center
including Bob’s name and timestamp.
•The center responds with Bob’s public key, the original request, and the
timestamp signed with the private key of the centre.
•Alice uses the public key of centre known by all, to decrypt the message and
59
extract Bob’s public key.
CERTIFICATION AUTHORITY
• The Controlled Trusted Centre approach can create a
heavy load on the centre if the number of requests is large.
• The alternative is to create public-key certificates.
• Bob wants two things:
1. He wants people to know his public key, and
2. He wants no one to accept a public key forged as his.
• For this Bob can go to a Certification Authority (CA).
• The CA binds a public key to an entity and issues a
certificate.
• The CA has a well-known public key itself that can not be
forged.
• The CA checks Bob’s identification (using a picture ID along
with other proof).
• It then asks for Bob’s public key and writes it on the
certificate.
• To prevent the certificate itself from being forged, the CA
signs the certificate with its private key.
60
Certification authority
62