Chapter 5

Network Security

Network Security 8-1

Chapter 5: Network Security
Chapter goals:
 understand principles of network security:
 cryptography and its many uses beyond
“confidentiality”
 authentication
 message integrity

 security in practice:
 firewalls and intrusion detection systems
 security in application, transport, network, link
layers

Network Security 8-2

What is network security?
Confidentiality: only sender, intended receiver
should “understand” message contents
 sender encrypts message
 receiver decrypts message

Authentication: sender, receiver want to confirm

identity of each other
Message integrity: sender, receiver want to
ensure message not altered (in transit, or
afterwards) without detection
Access and availability: services must be
accessible and available to users

Network Security 8-3

Friends and enemies: Alice, Bob,
Trudy
 well-known in network security world
 Bob, Alice (lovers!) want to communicate “securely”
 Trudy (intruder) may intercept, delete, add messages

Alice Bob
data, control
channel
messages

data secure secure data

sender receiver

Trudy
Network Security 8-4
There are bad guys (and girls) out
there!
Q: What can a “bad guy” do?
A: a lot!
 eavesdrop: intercept messages
 actively insert messages into connection
 impersonation: can fake (spoof) source
address in packet (or any field in packet)
 hijacking: “take over” ongoing connection
by removing sender or receiver, inserting
himself in place
 denial of service: prevent service from
being used by others (e.g., by overloading
resources)
more on this later ……
Network Security 8-5
Message Integrity
Bob receives msg from Alice, wants to
ensure:
 message originally came from Alice
 message not changed since sent by Alice

Cryptographic Hash:
 takes input m, produces fixed length value, H(m)
 e.g., as in Internet checksum

 computationally infeasible to find two different

messages, x, y such that H(x) = H(y)
 equivalently: given m = H(x), (x unknown), can not
determine x.
 note: Internet checksum fails this requirement!

Network Security 8-6

 Internet checksum: poor crypto
hash function
Internet checksum has some properties of hash
function:
 produces fixed length digest (16-bit sum) of
message
But
 isgiven message with given hash value, it is easy
many-to-one
to find another message with same hash value:

message ASCII format message ASCII format

I O U 1 49 4F 55 31 I O U 9 49 4F 55 39
0 0 . 9 30 30 2E 39 0 0 . 1 30 30 2E 31
9 B O B 39 42 4F 42 9 B O B 39 42 4F 42
B2 C1 D2 AC different messages B2 C1 D2 AC
but identical checksums!
Network Security 8-7
 Message Authentication Code
(shared secret)
s
H(m+s)

(message) H(.)
m H(m+s) m
public
m append compare
Internet
H(m+s)
H(m+s)
H(.)
s
(shared secret)

Network Security 8-8

MACs in practice
 MD5 hash function widely used (RFC 1321)
 computes 128-bit MAC in 4-step process.
 arbitrary 128-bit string x, appears difficult to
construct msg m whose MD5 hash is equal to
x
• recent (2005) attacks on MD5
 SHA-1 is also used
 US standard [NIST, FIPS PUB 180-1]
 160-bit MAC

Network Security 8-9

Digital Signatures

cryptographic technique analogous to

hand-written signatures.
 sender (Bob) digitally signs document,
establishing he is document owner/creator.
 verifiable, nonforgeable: recipient (Alice) can
prove to someone that Bob, and no one else
(including Alice), must have signed document

Network Security 8-10

Secure sockets layer (SSL)
 provides transport layer security to any TCP-based
application using SSL services.
 e.g., between Web browsers, servers for e-commerce
(shttp)
 security services:
 server authentication, data encryption, client
authentication (optional)
Application
Application
SSL sublayer SSL
TCP TCP TCP socket
socket
IP IP
TCP API TCP enhanced with SSL

Network Security 8-11

SSL: three phases
TCP SYN
1. Handshake:
 Bob establishes TCP NA CK
TC P SY
connection to Alice
 authenticates Alice T C P A CK
via CA signed SSL hello
certificate
 creates, encrypts r tifi c ate
ce
(using Alice’s public
key), sends master create
secret key to Alice Master
 nonce exchange not Secret KA +(MS)
(MS) decrypt
shown
using KA-
to get MS

Network Security 8-12

SSL: three phases

2. Key Derivation:
 Alice, Bob use shared secret (MS) to generate 4
keys:
 EB: Bob->Alice data encryption key
 EA: Alice->Bob data encryption key
 MB: Bob->Alice MAC key
 MA: Alice->Bob MAC key
 encryption and MAC algorithms negotiable
between Bob, Alice

Network Security 8-13

SSL: three phases
3. Data transfer
TCP byte stream b1b2b3 … bn

block n bytes together d MB

.
H( )
compute
MAC

d H(d) EB

.
H( ) SSL
encrypt d,
MAC, SSL
seq. #
seq. #
d H(d)

SSL record
format Type Ver d H(d)
Len
unencryptedencrypted using EB
Network Security 8-14
 IPsec: Network Layer Security
 network-layer secrecy:
 for both AH and ESP,
 sending host encrypts the
data in IP datagram source, destination
 TCP and UDP segments; handshake:
 create network-layer
ICMP and SNMP
messages. logical channel called a
 network-layer authentication security association (SA)
 destination host can  each SA unidirectional.
authenticate source IP  uniquely determined by:
address  security protocol (AH or
 two principal protocols:
ESP)
 authentication header  source IP address
(AH) protocol  32-bit connection ID
 encapsulation security
payload (ESP) protocol

Network Security 8-15

Authentication Header (AH) Protocol
 provides source AH header includes:
authentication, data  connection identifier
integrity, no confidentiality
  authentication data:
AH header inserted
between IP header, data source- signed message
field. digest calculated over
 protocol field: 51 original IP datagram.
 intermediate routers  next header field:
process datagrams as specifies type of data
usual
(e.g., TCP, UDP, ICMP)

IP header AH header data (e.g., TCP, UDP segment)

Network Security 8-16

ESP Protocol
 provides secrecy, host  ESP authentication
authentication, data field is similar to AH
integrity.
authentication field.
 data, ESP trailer encrypted.
 Protocol = 50.
 next header field is in ESP
trailer.

authenticated
encrypted
ESP ESP ESP
IP header TCP/UDP segment
header trailer authent
.

Network Security 8-17

802.11i: improved security
 numerous (stronger) forms of
encryption possible
 provides key distribution
 uses authentication server separate
from access point

Network Security 8-18

 802.11i: four phases of
operation
STA: AP: access point AS:
client station wired Authentication
network server

1 Discovery of
security capabilities

2 STA and AS mutually authenticate, together

generate Master Key (MK). AP servers as “pass through”

3 STA derives 3 AS derives

Pairwise Master
same PMK,
Key (PMK)
sends to AP

4 STA, AP use PMK to derive

Temporal Key (TK) used for message
encryption, integrity Network Security 8-19
EAP: extensible authentication
protocol
 EAP: end-end client (mobile) to
authentication server protocol
 EAP sent over separate “links”
 mobile-to-AP (EAP over LAN)
 AP to authentication server (RADIUS over UDP)

wired
network

EAP TLS
EAP
EAP over LAN (EAPoL) RADIUS
IEEE 802.11 UDP/IP
Network Security 8-20
Firewalls
firewall
isolates organization’s internal net from larger
Internet, allowing some packets to pass,
blocking others.

administered public
network Internet

firewall

Network Security 8-21

Firewalls: Why
prevent denial of service attacks:
 SYN flooding: attacker establishes many bogus TCP
connections, no resources left for “real” connections
prevent illegal modification/access of internal data.
 e.g., attacker replaces CIA’s homepage with
something else
allow only authorized access to inside network (set of
authenticated users/hosts)
three types of firewalls:
 stateless packet filters
 stateful packet filters
 application gateways

Network Security 8-22

Stateless packet filtering
Should arriving
packet be allowed
in? Departing
packet let out?

 internal network connected to Internet via

router firewall
 router filters packet-by-packet, decision to
forward/drop packet based on:
 source IP address, destination IP address
 TCP/UDP source and destination port numbers
 ICMP message type
 TCP SYN and ACK bits
Network Security 8-23
Stateless packet filtering: example
 example 1: block incoming and outgoing
datagrams with IP protocol field = 17 and
with either source or dest port = 23.
 all incoming, outgoing UDP flows and
telnet connections are blocked.
 example 2: Block inbound TCP segments with
ACK=0.
 prevents external clients from making TCP
connections with internal clients, but
allows internal clients to connect to
outside.

Network Security 8-24

Stateless packet filtering: more
examples
Policy Firewall Setting

No outside Web access. Drop all outgoing packets to any IP

address, port 80

No incoming TCP connections, Drop all incoming TCP SYN packets

except those for institution’s to any IP except 130.207.244.203,
public Web server only. port 80

Prevent Web-radios from eating Drop all incoming UDP packets -

up the available bandwidth. except DNS and router broadcasts.

Prevent your network from Drop all ICMP packets going to a

being used for a smurf DoS “broadcast” address (eg
attack. 130.207.255.255).

Prevent your network from Drop all outgoing ICMP TTL expired
being tracerouted traffic

Network Security 8-25

Access Control Lists
 ACL: table of rules, applied top to bottom to
incoming packets: (action, condition) pairs
source dest source dest flag
action protocol
address address port port bit
222.22/1 outside of any
allow TCP > 1023 80
6 222.22/16
outside
allow of 222.22/16
TCP 80 > 1023 ACK
222.22/1
6
222.22/1 outside of
allow UDP > 1023 53 ---
6 222.22/16
outside
allow of 222.22/16
UDP 53 > 1023 ----
222.22/1
6
deny all all all all all Security all8-26
Network
Stateful packet filtering
 stateless packet filter: heavy handed tool
 admits packets that “make no sense,” e.g., dest
port = 80, ACK bit set, even though no TCP
connection established:
source dest source dest flag
action protocol
address address port port bit

allow outside of 222.22/16

TCP 80 > 1023 ACK
222.22/16

 stateful packet filter: track status of every TCP connection

 track connection setup (SYN), teardown (FIN): can determine
whether incoming, outgoing packets “makes sense”
 timeout inactive connections at firewall: no longer admit packets

Network Security 8-27

Stateful packet filtering
 ACL augmented to indicate need to check
connection state table before admitting
packet
source dest source dest flag check
action proto
address address port port bit conxion
outside of any
allow 222.22/16 TCP > 1023 80
222.22/16

allow outside of 222.22/16 x

TCP 80 > 1023 ACK
222.22/16

outside of
allow 222.22/16 UDP > 1023 53 ---
222.22/16

allow outside of 222.22/16 x

UDP 53 > 1023 ----
222.22/16

deny all all all all all all

Network Security 8-28
Application gateways gateway-to-remote
host telnet session
host-to-gateway
telnet session
 filters packets on
application data as well application
gateway
router and filter

as on IP/TCP/UDP fields.
 example: allow select
internal users to telnet
outside.

1. require all telnet users to telnet through gateway.

2. for authorized users, gateway sets up telnet connection
to dest host. Gateway relays data between 2
connections
3. router filter blocks all telnet connections not originating
from gateway.

Network Security 8-29

 Limitations of firewalls and gateways

 IP spoofing: router  filters often use all or

can’t know if data nothing policy for
“really” comes from UDP.
claimed source  tradeoff: degree of
 if multiple app’s. need
communication with
special treatment,
outside world, level
each has own app.
of security
gateway.
 many highly
 client software must
know how to contact protected sites still
gateway. suffer from attacks.
 e.g., must set IP address
of proxy in Web browser

Network Security 8-30

Intrusion detection systems
 packet filtering:
 operates on TCP/IP headers only
 no correlation check among sessions

 IDS: intrusion detection system

 deep packet inspection: look at packet
contents (e.g., check character strings in
packet against database of known virus,
attack strings)
 examine correlation among multiple packets
• port scanning
• network mapping
• DoS attack
Network Security 8-31
 Intrusion detection systems
 multiple IDSs: different types of
checking at different locations

application firewall
gateway

Internet
internal
network Web
IDS server DNS
sensors server
FTP
server demilitarized
zone
Network Security 8-32
Thank You

Network Security 8-33