计算机网络自顶向下方法(第4版)英文原版课件第八章

8: Network Security,8-1,Chapter 8Network Security,Computer Networking: A Top Down Approach ,4th edition. Jim Kurose, Keith RossAddison-Wesley, July 2007.,8: Network Security,8-2,Chapter 8: Network Security,Chapter goals: understand principles of network security: cryptography and its many uses beyond “confidentiality”authenticationmessage integritysecurity in practice:firewalls and intrusion detection systemssecurity in application, transport, network, link layers,8: Network Security,8-3,Chapter 8,8.1 What is network security?8.2 Principles of cryptography8.3 Message integrity8.4 End point authentication8.5 Securing e-mail8.6 Securing TCP connections: SSL8.7 Network layer security: IPsec8.8 Securing wireless LANs8.9 Operational security: firewalls and IDS,8: Network Security,8-4,What is network security?,Confidentiality: only sender, intended receiver should “understand” message contentssender encrypts messagereceiver decrypts messageAuthentication: sender, receiver want to confirm identity of each other Message integrity: sender, receiver want to ensure message not altered (in transit, or afterwards) without detectionAccess and availability: services must be accessible and available to users,8: Network Security,8-5,Friends and enemies:,well-known in network security worldBob, Alice (lovers!) want to communicate “securely”Trudy (intruder) may intercept, delete, add messages,securesender,securereceiver,channel,data, control messages,data,data,Alice,Bob,Trudy,8: Network Security,8-6,Who might Bob, Alice be?, well, real-life Bobs and Alices!Web browser/server for electronic transactions (e.g., on-line purchases)on-line banking client/serverDNS serversrouters exchanging routing table updatesother examples?,8: Network Security,8-7,There are bad guys (and girls) out there!,Q: What can a “bad guy” do?A: a lot!eavesdrop: intercept messagesactively insert messages into connectionimpersonation: can fake (spoof) source address in packet (or any field in packet)hijacking: “take over” ongoing connection by removing sender or receiver, inserting himself in placedenial of service: prevent service from being used by others (e.g., by overloading resources),more on this later ,8: Network Security,8-8,Chapter 8 roadmap,8.1 What is network security?8.2 Principles of cryptography8.3 Message integrity8.4 End point authentication8.5 Securing e-mail8.6 Securing TCP connections: SSL8.7 Network layer security: IPsec8.8 Securing wireless LANs8.9 Operational security: firewalls and IDS,8: Network Security,8-9,The language of cryptography,symmetric key crypto: sender, receiver keys identicalpublic-key crypto: encryption key public, decryption key secret (private),plaintext,plaintext,ciphertext,encryptionalgorithm,decryption algorithm,Alices encryptionkey,Bobs decryptionkey,8: Network Security,8-10,Symmetric key cryptography,substitution cipher: substituting one thing for anothermonoalphabetic cipher: substitute one letter for another,plaintext: abcdefghijklmnopqrstuvwxyz,ciphertext: mnbvcxzasdfghjklpoiuytrewq,Plaintext: bob. i love you. alice,ciphertext: nkn. s gktc wky. mgsbc,E.g.:,Q: How hard to break this simple cipher?: brute force (how hard?) other?,8: Network Security,8-11,Symmetric key cryptography,symmetric key crypto: Bob and Alice share know same (symmetric) key: Ke.g., key is knowing substitution pattern in mono alphabetic substitution cipherQ: how do Bob and Alice agree on key value?,plaintext,ciphertext,encryptionalgorithm,decryption algorithm,A-B,plaintextmessage, m,K (m),A-B,8: Network Security,8-12,Symmetric key crypto: DES,DES: Data Encryption StandardUS encryption standard NIST 199356-bit symmetric key, 64-bit plaintext inputHow secure is DES?DES Challenge: 56-bit-key-encrypted phrase (“Strong cryptography makes the world a safer place”) decrypted (brute force) in 4 monthsno known “backdoor” decryption approachmaking DES more secure:use three keys sequentially (3-DES) on each datumuse cipher-block chaining,8: Network Security,8-13,Symmetric key crypto: DES,initial permutation 16 identical “rounds” of function application, each using different 48 bits of keyfinal permutation,8: Network Security,8-14,AES: Advanced Encryption Standard,new (Nov. 2001) symmetric-key NIST standard, replacing DESprocesses data in 128 bit blocks128, 192, or 256 bit keysbrute force decryption (try each key) taking 1 sec on DES, takes 149 trillion years for AES,8: Network Security,8-15,Block Cipher,one pass through: one input bit affects eight output bits,64-bit input,8bits,8 bits,8bits,8 bits,8bits,8 bits,8bits,8 bits,8bits,8 bits,8bits,8 bits,8bits,8 bits,8bits,8 bits,64-bit scrambler,64-bit output,loop for n rounds,multiple passes: each input bit afects all output bits block ciphers: DES, 3DES, AES,8: Network Security,8-16,Cipher Block Chaining,cipher block: if input block repeated, will produce same cipher text:,t=1,m(1) = “HTTP/1.1”,blockcipher,c(1) = “k329aM02”,cipher block chaining: XOR ith input block, m(i), with previous block of cipher text, c(i-1)c(0) transmitted to receiver in clearwhat happens in “HTTP/1.1” scenario from above?,m(i),c(i),t=17,m(17) = “HTTP/1.1”,blockcipher,c(17) = “k329aM02”,blockcipher,c(i-1),8: Network Security,8-17,Public key cryptography,symmetric key cryptorequires sender, receiver know shared secret keyQ: how to agree on key in first place (particularly if never “met”)?,public key cryptographyradically different approach Diffie-Hellman76, RSA78sender, receiver do not share secret keypublic encryption key known to allprivate decryption key known only to receiver,8: Network Security,8-18,Public key cryptography,plaintextmessage, m,ciphertext,encryptionalgorithm,decryption algorithm,Bobs public key,plaintextmessage,K,B,+,Bobs privatekey,K,B,-,8: Network Security,8-19,Public key encryption algorithms,need K ( ) and K ( ) such that,B,B,.,.,given public key K , it should be impossible to compute private key K,B,B,Requirements:,RSA: Rivest, Shamir, Adleman algorithm,+,-,+,-,8: Network Security,8-20,RSA: Choosing keys,1. Choose two large prime numbers p, q. (e.g., 1024 bits each),2. Compute n = pq, z = (p-1)(q-1),3. Choose e (with eAlice data encryption keyEA: Alice-Bob data encryption keyMB: Bob-Alice MAC keyMA: Alice-Bob MAC keyencryption and MAC algorithms negotiable between Bob, Alicewhy 4 keys?,8: Network Security,8-61,SSL: three phases,3. Data transfer,MB,b1b2b3 bn,d,EB,TCP byte stream,block n bytes together,compute MAC,encrypt d, MAC, SSL seq. #,SSL seq. #,Type Ver Len,SSL record format,encrypted using EB,unencrypted,8: Network Security,8-62,Chapter 8 roadmap,8.1 What is network security?8.2 Principles of cryptography8.3 Message integrity8.4 End point authentication8.5 Securing e-mail8.6 Securing TCP connections: SSL8.7 Network layer security: IPsec8.8 Securing wireless LANs8.9 Operational security: firewalls and IDS,8: Network Security,8-63,IPsec: Network Layer Security,network-layer secrecy: sending host encrypts the data in IP datagramTCP and UDP segments; ICMP and SNMP work-layer authenticationdestination host can authenticate source IP addresstwo principal protocols:authentication header (AH) protocolencapsulation security payload (ESP) protocol,for both AH and ESP, source, destination handshake:create network-layer logical channel called