Theory and Design of Network Security

1
Theory and Design of Network Security

• Part III Network Protocols
• Unit 8 Secure Network Protocols

2
Reference

• Wenbo Mao. Modern Cryptography Theory and
  Practice. Prentice Hall, 2003.

3
Basic Authentication Techniques

• Challenge-Response Mechanisms

4
Manipulation Detection Code
5
Applying Asymmetric Cryptographic Technique
Nonce Importance
6
Standardization of the Challenge-Response
Mechanism
Unilateral entity authentication
ISO Two-Pass Unilateral Authentication Protocol
7
Using a Cryptography Check Function (CCF)
8
ISO Public Key Two-Pass Unilateral Authentication
Protocol
9
Timestamp Mechanism
10
Using MDC
11
Applying Asymmetric Cryptographic Techniques
12
Standardization of Timestamp Mechanism
ISO Symmetric Key One-Pass Unilateral
Authentication Protocol
13
CCF Public Key Techniques
14
Non-standard Mechanisms
15
Mutual Authentication
16
Wieners Attack
17
Involving Trusted Third Party
The Woo-Lam Protocol
18
Password-based Authentication
19
Needhams Password Protocol
20
A One-time Password Scheme
21
Attack of S/KEY Man-in-the-Middle Attack

• Page 371

22
Encrypted Key Exchange (EKE) (1)
Off-line Dictionary Attack
23
Encrypted Key Exchange (EKE) (2)
24
Authenticated Key Exchange

• The Station-to-Station (STS) Protocol
• Mutual Entity Authentication
• Mutually Authenticated Key Agreement
• Mutual Key Confirmation
• Perfect Forward Secrecy (PFS)
• Anonymity (Deniability)

25
STS Protocol
26
A Flaw in a Simplified STS protocol (1)
27
A Flaw in a Simplified STS protocol (2)
28
A minor Flaw of the STS Protocol
Perfect denial of service attack
29
Typical Attacks on Authentication Protocols

• Message Replay Attack (page 43,44)

30
Message Replay Attack
31
Parallel Session Attack (1)
32
Parallel Session Attack (2)
33
Reflection Attack
34
Attack Due to Type Flaw (1)
35
Attack Due to Type Flaw (2)
36
Attack Due to Name Omission
37
Attack Due to Misuse of Cryptographic Services

• Attack due to absence of data-integrity
  protection
• Confidentiality failure due to absence of
  semantic security protection

38
A Minor Variation of the Otway-Rees Protocol
39
An Attack
40
Authentication Protocols for Internet Security

• Internet Protocol Security (IPSec)

41
Confidentiality Protection in IPSec

• Encapsulating Security Payload (ESP)

42
The Internet Key Exchange (IKE) Protocol (1)
43
The Internet Key Exchange (IKE) Protocol (2)
44
Authentication Failure
45
Signature-based IKE Phase 1 Aggressive Mode
46
A Plausible Deniability Feature in IKE
Plausible Deniability Permit an entity to deny
plausibly the existence of a connection with
a Communication partner
47
The Secure Shell (SSH) Remote Login Protocol (1)

• The SSH Architecture
• The SSH Transport Layer Protocol
• Unilaterally authenticated secure channel from
  the server to the client
• The SSH User Authentication Protocol
• Unilateral authentication protocols to achieve
  entity authentication from a client-side user to
  the server
• The SSH Connection protocol

48
The Secure Shell (SSH) Remote Login Protocol (2)
49
The Secure Shell (SSH) Remote Login Protocol (3)
50
The Secure Shell (SSH) Remote Login Protocol (4)