Network Security

Computer Security 101 Dr. Miguel Sanchez Department of Computer Engineering Polytechnic University of Valencia, Spain [email_address]

Outline Information Security Concepts Wireless Networks (in)Security The attacker's tool kit

Risks It is important to properly identify the risks. Without that, it's impossible to think of an effective way of shielding your system against Risks are somehow subjective and change over time: you may not care about anyone accessing your car's ABS status till you have a crash information can be devastating or useless depending on the circumstances

Computer Security Physical access steal, destroy Operating System log-in, file access Networked systems remote access Systems on the 'Net botnets

Non-networked System User's physical-access control can I get in the computer's room? Operating System access control do I have a user/password? Boot control can I restart the system to boot from other media? Patched Operating System can I use a local OS (or application) vulnerability?

The user/pass dilemma Many systems require users to provide a valid user name and password Such information may be stolen people write it down on post-it under the keyboard Others can figure it out too!! predictable user names dictionary of passwords | brute force It may be zeroed if boot is permitted

What is a strong password? Number of characters (password length) fifteen characters is a good start Set of characters (the larger, the better) CAPS, lower case, numbers, symbols, (hex?) Randomness (not easily guessable) avoid dictionary words, mix caps and symbols Only for one system do not use the same password for several systems Limited time span (just in case  )

Networked Systems It is like putting your safe on the street: anybody can try to pick it Physical access is no longer a requirement: as far as the network is working Firewalls may help here: but they are not a silver bullet Intrusion Detection Systems can help too System logs can be paramount for lawsuit

Network technologies Dial-up GPRS/3G Ethernet Wi-Fi etc Each network may have its own access control policies Users may get connected to a local network or to the Internet

Meet Alice and Bob Most literature uses them as the good guys Alice and Bob are the valid users communicating through the network And the bad ones are ... Eve can eavesdrop the communication only (passive attacker) Trudy may even change exchanged messages on the fly (active attacker) ALICE BOB EVE TRUDY

User Authentication Authentication : To establish the authenticity of, prove genuine, to confirm Alice wants to send a message to Bob Bob wants to be sure the message comes from Alice Alice needs to authenticate to Bob How can this be done? Who?

Authentication case Alice and Bob are not sure they are alone ... ALICE EVE TRUDY BOB

Different approaches Alice tells Bob it is her but Eve or Trudy could do the same Alice tells Bob it is her and sends her password as a proof of identity Both Eve and Trudy just learned Alice's password, they can later do the same (now they know it too) Alice tells Bob it is her and sends her password encrypted as a proof of identity Eve and Trudy may not decrypt it nor they need to

Doing it right Alice tells Bob it is her Bob chooses a random number, N, and sends it back to Alice Alice encrypts N with a key (known only to Alice and Bob) and sends it back to Bob Bob checks the received value with his own calculation, if they match Alice has proved Bob it is her or somebody else who also knew the key 

Confidentiality Confidentiality : spoken, written, acted on, etc., in strict privacy or secrecy; secret Sometimes, like in the authentication example, we need to keep eavesdroppers away Encryption has been used to do this Encrypt : To alter (a file, for example) using a secret code so as to be unintelligible to unauthorized parties. There are many ciphers out there

Message Integrity Alice is sending a message to Bob. Is Bob receiving exactly what Alice is sending? ALICE TRUDY BOB

Integrity Integrity : a sound, unimpaired, or perfect condition Active attackers may change message contents. Adding a message integrity code (MIC) to our data will enable receiver to verify received message integrity but ... Trudy may change it !!!

Ensuring Message Integrity MIC is a known function of the message MIC = f ( message ) Bob compares received and calculated check although message is plain text, MIC needs protection (encrypt check or add secret) ALICE BOB message + MIC verify MIC MIC is a 1-way function

Message Encryption An [encrypted] equivalent message is created A secret is used in the process Encrypted message is transmitted

Encryption algorithms Many of them. Two basic types: secret key public key Public key algorithms are a very recent idea, while secret key ones were used since long ago Caesar DES AES RC4 Enigma Navajo RSA

Secret Key Ciphers Only Alice and Bob know the secret key required to decipher the message ALICE BOB EVE ???

Basic Ciphers Two basic building blocks: 1 1 1 1 0 0 0 0 0 1 1 0 0 0 1 0 substitution look-up table SUBSTITUTION 1 1 1 1 0 0 0 0 0 1 0 0 1 1 0 1 TRANSPOSITION

Substitution ciphers One symbol of plain text is replaced by another symbol They can be mono-alphabetic one look-up table Or poly-alphabetic several look-up tables used alternatively The Caesar cipher is one of the oldest known

Caesar's still being used ... ... wrote notes using an encryption scheme similar to the one used by Julius Caesar more than 2,000 years ago ...

Some common ciphers Data Encryption Standard (DES, 1975) 64 data bits, 56 key bits International Data Encryption Algorithm (IDEA, 1991) 64 data bits, 128 key bits Advanced Encryption Standard (AES, 2001) 128 data bits, 128 (or 192 or 256 ) key bits ciphertext = f ( data , key )

Algorithms secrecy Most encryption algorithms are public Public scrutiny can help pinpointing faults Keys are kept secret by interested parties i.e. digital TV broadcasting smartcards Ciphers use a combination of: substitutions & transpositions arithmetic & logic functions

Distribution of the keys How do Alice and Bob agree on the keys they are about to use? What if Alice and Bob have never met before? What if the key exchange is eavesdropped? ALICE BOB EVE

Public Key Cryptography Proposed by W. Diffie and M. Hellman in 1976 Why do not keep the key public? so the key distribution problem disappears But ... public algorithm + public key = nil It is a new system private key (secret)

Public Key algorithms It is not symmetric encryption and decryption are different Private and public keys are related and different for each one Each user publishes his public key and keeps secret his private key Private key cannot be obtained from public key Module-N arithmetic is one of the foundations large numbers are difficult to deal with (>10 100 )

RSA algorithm Public key are two numbers e and n Private key is number d (n is already public) Message (m) encryption is done by: c = m e mod n And decryption is done by: m = c d mod n e , d and n are chosen to meet some rules you really do not want to know 

RSA details Each user has his own pair of keys (private, public) Alice will use Bob's public key to cipher a message intended to him Bob will decipher Alice's message by using his own private key. Only Bob can do this. private key (secret) ALICE BOB

Digital signature It is a side-effect of RSA algorithm: if we use the opposite keys it still works It allows message sender authentication Anyone can verify Alice sent the message No one can fake a signed message from Alice public key ALICE BOB Warning: Anyone can decipher this special ciphertext.

Message digest Digital signatures use to be applied to a [shorter] message digest Hash-functions are used to get a fixed-length digest from an arbitrarily long message Some common Hash-functions are: SHA, SHA-1, MD4, MD5 Problem of hash-collision documented attacks to all of them !!! (SHA-256 and SHA -256 safe yet) SHA1("The quick brown fox jumps over the lazy dog") = 2fd4e1c67a2d28fced849ee1bb76e7391b93eb12

Public Key Distribution problem Err ... It was not supposed to be gone? Bob has no way to tell whether it is Alice or not BOB EVE public key Bob, This is Alice. Let me send you my public key

Identity certificates A third-party is used to validate anybody's identity claim Providing a strong security for that party is crucial A certificate is a digitally-signed document that binds a user identity with a public key It's signed by the third-party (Certification Authority) ALICE + fa54a1234

Crypto wars Why public key cryptography did not wipe out secret key cryptography? public key algorithms are computationally expensive (slow) secret key algorithms can be implemented on cheap hardware: wire speed Actually, a combination of both types of encryption is mostly used

What layer Security is on? It can and (it will appear) at different layers of the TCP/IP communication architecture. For example: Physical-layer: spread spectrum Link-layer: WEP Network-layer: IPSec Transport-layer: Secure Socket Layer (SSL) Application-layer: Secure Shell (SSH)

Wi-Fi security Ethernet does not cipher transmitted packets (wired network) Wi-Fi networks may encrypt transmitted data (wireless network) Risks of Wi-Fi: EVE: eavesdropping TRUDY: man-in-the-middle attacks Encryption is needed to secure Wi-Fi network attackers do not need access to premises !!!

Brief history of Wi-Fi security It was not initially considered a requirement It was decided later to include optional encryption: Wired Equivalent Privacy (WEP) WEP design was seriously flawed software tools to exploit flaws were released Wi-Fi Alliance (and IEEE 802.11) worked on a fix: Wi-Fi Protected Access (WPA1 & WPA2) and 802.11i

What is WEP? It offers: user Authentication traffic Encryption Based on RC4 patented algorithm RC4 used as stream cipher Valid users share a secret key scalability problem

RC4 algorithm It creates a pseudo-random sequence of bytes that depends on the key (initial state) i := 0 j := 0 while GeneratingOutput: i := (i + 1) mod 256 j := (j + S[i]) mod 256 swap(S[i],S[j]) output S[(S[i] + S[j]) mod 256]

RC4 in WEP IV: Initial vector IV RC4 WEP key IV ciphered packet original packet checksum

Risks in WEP Let Z = RC4(IV,k) = {K} RC4 output sequence Encryption is done by C = P  Z And decryption by P = C  Z But an attacker may learn Z = P  C Which is bad if Z is used more than once IV should avoid this, but ... IV wraps around !!!

WEP authentication It uses the “secure” scheme we presented before Eve can obtain a sample of P and C so she can calculate Z Later, she can use Z to encrypt the random number she gets and be authenticated Eve do not know the WEP key! It was soon abandoned ...

More authentication problems Same key is used for encryption and authentication Access points are not authenticated rogue access points Authentication only happens at the beginning Authentication is not robust (as we mentioned) no reply protection

WEP encryption blues Several papers since 2000 to 2001 signalled WEP flaws FMS paper was the last nail in WEP's coffin more key bits will not help either When implemented in software, FMS attack allows automatic extraction of the secret key just eavesdropping encrypted network traffic AirSnort, aircrack, ...

Countermeasures? MAC-based access control lists SSID broadcast can be disabled Application or transport layer encryption lots of data still leaks to eavesdroppers Avoidance of “weak keys” requires firmware upgrade Still, WEP offers no help against session replay WEP cannot guarantee integrity either

How bad is it? WEP is no longer a secure method for Wi-Fi networks Some FBI guys shown at a conference a network break-in in a few minutes traffic may be “stimulated” to speed things up It still requires some time and determination from attackers before they get in it depends mostly on the attacker's skill WEP is better than no encryption (at first)

Life after WEP WPA was a trade-off Industry did not want to tell customers to scrap existing hardware WPA was designed to be a firmware/driver upgrade WPA may use RC4 (but the right way this time) all the holes were patched WPA may use either RC4 (TKIP) or AES (CCMP) encryption WPA can work with a secret key (PSK) or with an authentication server (802.1x)

802.1x corporate network + Internet Authentication network 802.1x Mutual authentication possible (optional)

Virtual Private Networks VPNs may be a solution when you need to use WEP Nintendo DS anyone? VPN server may easily become the bottleneck Lower network performance increased delay and jitter Can be done cheaply Network VPN server

WPA-PSK users beware! While WPA is considered safe PSK relies on a pass-phrase it purposely avoids the term password If yours is a few characters then it can be attacked

Meet the bad guys Different people with different motivations: disgruntled employee (revenge) hacker would-be (intelligence challenge) mobster (cash) free-loader (save) Your data or your network may be targeted

Attacker's tools Network traffic sniffer/recorder (ethereal) Network scanner (nmap) Wireless network scanner (kismet) WEP cracking software (aircrack) Vunerability scanner (Nessus) Operating System and application faults (mail lists) Users (social engineering)

What is a sniffer? It is a software that records the traffic on your network (lots of info will be revealed!!) The attacker needs to connect to the network to do this Some protocols do not encrypt data exchange It can be done from a compromised system Your switched network is not as safe as you think: ARP poisoning

What is ARP poisoning? Attacker sends specially crafted (spoofed) ARP replies Alice and Bob will write wrong information on their ARP tables Alice and Bob will send their traffic to Trudy unsuspectingly through the switch The attacker will forward Alice's and Bob's traffic to each other to keep things smooth man-in-the-middle attack over a switched net

What is a network scanner? It is a program that pings each possible address of a network I t registers any received answer It may check which services are available on each detected system It may guess the OS of each system

What is a Wi-Fi scanner? A program that listens all the channels to detect Wi-Fi networks operating nearby It may also use special probe messages NetStumbler : most popular for Windows (iStumbler for OSX) Kismet for Linux

What is a WEP cracker? A program that, given a large piece of recorded Wi-Fi traffic, can recover the WEP key It does so by reducing the key search space because of WEP vulnerabilities Airodump/aircrack can be used on several platforms to record and later break some WEP networks Success is probabilistic, not 100% guaranteed unauthorised access is illegal in some countries

What is a security scanner? A program that checks known vulnerabilities against a set of systems, reporting the results to the user It may be used by both the good (admin) and the bad guys. Some experts recommend its use on a daily basis: have you ever installed Windows XP (pre-SP2) while connected to the Internet open wide?

What is a security mail list? There are many forums on the Internet where people exchange information about computer security Full Disclosure -- An unmoderated high-traffic forum for disclosure of security information. Fresh vulnerabilities sometimes hit this list many hours before they pass through the Bugtraq moderation queue. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. Unfortunately 80% of the posts are worthless drivel, so finding the gems takes patience

What is social engineering? It is a popular but silly (IMHO) term Social engineering is just fooling people: you call them on the phone pretending to be anybody else you set-up certain scenarios where others fall for it you dress up so you can trigger a given reaction It use to exploit the wrong assumptions made on the other end It allows attackers to collect inside information

What can we do then? There is not a single golden rule, but if you need one: trust nobody A reasonable level of security can be achieved using supported software: do not delay patches Default configurations may be insecure: check Watch your people: 75% inside attackers Do not put all the eggs on the same box ... and ... do I need to remind you to do back-ups?

Anything else? The question is not if but when your system is going to be hacked? Attackers may want your computer for lots of reasons (maybe your data is not one of them) If you plan what to do when your system is hacked then you will know what to do: Log files are crucial here If you do not know what attackers did, strongly consider reporting to the authorities ( before they knock to your door )

Isn't my FW/AV/... the fix? No, it is not. Firewalls and Anti-virus software are useful components of your security strategy but they are not enough nowadays most trojans, worms and viruses enter via email Corporate email AV scanning is good, too Please, do not hide file name extensions

Thank you It could be longer ... but you all have to go. Don't you?

Network Security

More Related Content

What's hot (20)

Similar to Network Security (20)

Recently uploaded (20)

Network Security