DSI - IP Telecom Security - PowerPoint PPT Presentation

Loading...

PPT – DSI - IP Telecom Security PowerPoint presentation | free to download - id: 3c64b4-MjQ2O



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

DSI - IP Telecom Security

Description:

Access Control Processes Access control is the heart of security Definitions: The ability to allow only authorized users, programs or processes system or resource ... – PowerPoint PPT presentation

Number of Views:346
Avg rating:3.0/5.0
Slides: 237
Provided by: ituIntIT
Learn more at: http://www.itu.int
Category:
Tags: dsi | security | telecom

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: DSI - IP Telecom Security


1
(No Transcript)
2
IP Cyber Security Unit 4 Access Control
3
UNIT 4
Content
  • Access and Authentication Technology
  • Authentication methods PPP, PAP, CHAP, EAP
  • AAA, RADIUS, TACACS, TACACS, Kerberos
  • Authentication Header (AH)
  • Encapsulating Security Payload (ESP)
  • Virtual Private Networks (VPN) VPN Architectures
  • Authentication On Wireless LANs

4
Access Control Processes
5
Access Control (AC)
  • Access control is the heart of security
  • Definitions
  • The ability to allow only authorized users,
    programs or processes system or resource access
  • The granting or denying, according to a
    particular security model, of certain permissions
    to access a resource
  • An entire set of procedures performed by
    hardware, software and administrators, to monitor
    access, identify users requesting access, record
    access attempts, and grant or deny access based
    on preestablished rules.

6
Access Control
  • Access Control
  • Access control is the policy-driven limitation of
    access to systems, data, and dialogs
  • Prevent attackers from gaining access, stopping
    them if they do

7
Access Control
  • What Access Permissions (Authorizations) Should
    They Have?
  • Access permissions (authorizations) define
    whether a role or individual should have any
    access at all
  • If so, exactly what the role or individual should
    be allowed to do to the resource.
  • Usually given as a list of permissions for users
    to be able to do things (read, change, execute
    program, etc.) for each resource

8
Access Control
  • How Should Access Control Be Implemented?
  • For each resource, need an access protection plan
    for how to implement protection in keeping with
    the selected control policy
  • For a file on a server, for instance, limit
    authorizations to a small group, harden the
    server against attack, use a firewall to thwart
    external attackers, etc.

9
Access Control
  • Policy-Based Access Control and Protection
  • Have a specific access control policy and an
    access protection policy for each resource
  • Focuses attention on each resource
  • Guides the selection and configuration of
    firewalls and other protections
  • Guides the periodic auditing and testing of
    protection plans

10
Access control lists (ACL)
  • A file used by the access control system to
    determine who may access what programs and files,
    in what method and at what time
  • Different operating systems have different ACL
    terms
  • Types of access (locks)
  • Read/Write/Create/Execute/Modify/Delete/Rename

11
AC is implemented for all IS components including
  • Hardware
  • Software
  • Application
  • Protocol (Kerberos, IPSec)
  • Physical
  • Logical (policies)

12
AC protect all IS components including
  • Data Unauthorized viewing, modification or
    copying
  • System Unauthorized use, modification or denial
    of service
  • It should be noted that nearly every network
    operating system (NT, Unix, Vines, NetWare) is
    based on a secure physical infrastructure

13
Access Control
  • First Steps
  • Enumeration of Resources
  • Sensitivity of Each Resource
  • Next, who Should Have Access?
  • Can be made individual by individual
  • More efficient to define by roles (logged-in
    users, system administrators, project team
    members, etc.)

14
Access Control
  • What Access Permissions (Authorizations) Should
    They Have (Keys)?
  • Access permissions (authorizations) define
    whether a role or individual should have any
    access at all
  • If so, exactly what the role or individual should
    be allowed to do to the resource.
  • Usually given as a list of permissions for users
    to be able to do things (read, change, execute
    program, etc.) for each resource

15
Access Control
  • How Should Access Control Be Implemented?
  • For each resource, need an access protection plan
    for how to implement protection in keeping with
    the selected control policy
  • For a file on a server, for instance, limit
    authorizations to a small group, harden the
    server against attack, use a firewall to thwart
    external attackers, etc.

16
Access Control
  • Policy-Based Access Control and Protection
  • Have a specific access control policy and an
    access protection policy for each resource
  • Focuses attention on each resource
  • Guides the selection and configuration of
    firewalls and other protections
  • Guides the periodic auditing and testing of
    protection plans

17
Access Control
  • Is the ability to limit and control the access
    to
  • the systems and application.
  • Tools
  • Physical access control
  • Finger Prints.
  • Eyes Recognition.
  • Voice Identification.
  • Smart Card.
  • Logical access control
  • Password.
  • Firewalls.

18
Access Control
  • Smart Cards

19
Access Control
  • Password

20
Personnel Identification and Authentication tools
21
Access Control
  • Finger Prints.
  • Token Ring

22
Password Hashing (or Encryption)
2. Hash My4Bad 11110000
1. User Aly Password My4Bad
3. Hashes Match
Client PC User Ali
Hashed Password File Ahmed 11001100 Ali 11110000 M
ohmd 00110011 Samir 11100010
4. Hashes Match, So User is Authenticated
23
One way Hash Function
24
Authentication
  • Steps
  • The user sends a request to the server seeking
    for permission to enter the secured website
  • The server asks for his username and password to
    check if that person is who he is declared to be
  • The user then signs in and sends the request back
    to the server
  • Server will verify his identity and check if he
    is an authorized user .
  • After confirming his identity, the server would
    send back an approval or a denial of access to
    the website..

25
Authentication Forms
1. What a client knows 2. What a client
has 3. Who a client is 4. What a client
produces
26
AUTHENTICATION METHODS
  • What a client knows This form of authentication
    deals with what the client knows. For example
    passwords and user IDs.
  • What a client has The second form of
    authentication deals with something that the
    client possesses. Such things include tokens and
    smart cards. Smart cards are cards that contain a
    computer chip to verify the user's identity.
    Tokens, on the other hand, are cards equipped
    with a computer chip and a liquid crystal display
    showing a computer-generated number sequence for
    remote login authentication
  • What a client is The third form of
    authentication is related to the characteristics
    of the supplicant. Such characteristics are
    fingerprint, iris pattern, hand geometry and
    retinal print. Because these characteristics are
    unique to every individual supplicant, it can be
    used by systems to authenticate its users
  • What a client produces The final form of
    authentication that we are covering addresses
    what the client produces. Such examples are
    technologies on signature or voice recognition,
    e.g. credit card payment system.

27
Biometric Authentication
28
Biometric Authentication
  • Biometric Authentication
  • Authentication based on body measurements and
    motions
  • Because you always bring your body with you
  • Biometric Systems
  • Enrollment
  • Later access attempts
  • Acceptance or rejection

29
Biometric Authentication System
1. Initial Enrollment
User Lee Scanning
User Lee Template (01101001)
Processing (Key Feature Extraction) A01, B101,
C001
Template Database Brown 10010010 Lee
01101001 Chun 00111011 Hirota 1101110

3. Match Index Decision Criterion (Close Enough?)
2. Subsequent Access
Applicant Scanning
User Access Data (01111001)
Processing (Key Feature Extraction) A01, B111,
C001
30
Biometric Authentication
  • Verification Versus Identification
  • Verification Are applicants who they claim to
    be? (compare with single template)
  • Identification Who is the applicant? (compare
    with all templates)
  • More difficult than verification because must
    compare to many templates
  • Watch list is this person a member of a specific
    group (e.g., known terrorists)
  • Intermediate in difficulty

31
Biometric Authentication
  • Verification Versus Identification
  • Verification is good for replacing passwords in
    logins
  • Identification is good for door access and other
    situations where entering a name would be
    difficult

32
Biometric Authentication
  • Precision
  • False acceptance rates (FARs) Percentage of
    unauthorized people allowed in
  • Person falsely accepted as member of a group
  • Person allowed through a door who should be
    allowed through it
  • Very bad for security

33
Biometric Authentication
  • Precision
  • False rejection rates (FRRs) Percentage of
    authorized people not recognized as being members
    of the group
  • Valid person denied door access or server login
    because not recognized
  • Can be reduced by allowing multiple access
    attempts
  • High FRRs will harm user acceptance because users
    are angered by being falsely forbidden

34
Biometric Authentication
  • Precision
  • Vendor claims for FARs and FRRs tend to be
    exaggerated because they often perform tests
    under ideal circumstances
  • For instance, having only small numbers of users
    in the database
  • For instance, by using perfect lighting,
    extremely clean readers, and other conditions
    rarely seen in the real world

35
Biometric Authentication
  • User Acceptance is Crucial
  • Strong user resistance can kill a system
  • Fingerprint recognition may have a criminal
    connotation
  • Some methods are difficult to use, such as iris
    recognition, which requires the eye to be lined
    up carefully.
  • These require a disciplined group

36
Biometric Authentication
  • Biometric Methods
  • Fingerprint recognition
  • Dominates the biometric market today
  • Based on a fingers distinctive pattern of
    whorls, arches, and loops
  • Simple, inexpensive, well-proven
  • Weak security can be defeated fairly easily with
    copies
  • Useful in modest-security areas

37
Biometric Authentication
  • Biometric Methods
  • Iris recognition
  • Pattern in colored part of eye
  • Very low FARs
  • High FRR if eye is not lined up correctly can
    harm acceptance
  • Reader is a cameradoes not send light into the
    eye!

38
Biometric Authentication
  • Biometric Methods
  • Face recognition
  • Can be put in public places for surreptitious
    identification (identification without citizen
    or employee knowledge). More later.
  • Hand geometry shape of hand
  • Voice recognition
  • High error rates
  • Easy to fool with recordings

39
Biometric Authentication
  • Biometric Methods
  • Keystroke recognition
  • Rhythm of typing
  • Normally restricted to passwords
  • Ongoing during session could allow continuous
    authentication
  • Signature recognition
  • Pattern and writing dynamics

40
Biometric Authentication
  • Biometric Standards
  • Almost no standardization
  • Worst for user data (fingerprint feature
    databases)
  • Get locked into single vendors

41
Biometric Authentication
  • Can Biometrics be Fooled?
  • Airport face recognition
  • Identification of people passing in front of a
    camera
  • False rejection rate rate of not identifying
    person as being in the database
  • Fail to recognize a criminal, terrorist, etc.
  • FRRs are bad

42
Biometric Authentication
  • Can Biometrics be Fooled?
  • Airport face recognition
  • 4-week trial of face recognition at Palm Beach
    International Airport
  • Only 250 volunteers in the user database
    (unrealistically small)
  • Volunteers were scanned 958 times during the
    trial
  • Only recognized 455 times! (47)
  • 53 FRR

43
Biometric Authentication
  • Can Biometrics be Fooled?
  • Airport face recognition
  • Recognition rate fell if wore glasses (especially
    tinted), looked away
  • Would be worse with larger database
  • Would be worse if photographs were not good

44
Biometric Authentication
  • Can Biometrics be Fooled?
  • DOD Tests indicate poor acceptance rates when
    subjects were not attempting to evade
  • 270-person test
  • Face recognition recognized person only 51
    percent of time
  • Even iris recognition only recognized the person
    94 percent of the time!

45
Biometrics Authentication
  • Can Biometrics be Fooled?
  • Other research has shown that evasion is often
    successful for some methods
  • German ct magazine fooled most face and
    fingerprint recognition systems
  • Prof. Matsumoto fooled fingerprint scanners 80
    percent of the time with a gelatin finger created
    from a latent (invisible to the naked eye) print
    on a drinking glass

46
Password-Based Access Control
47
Server Password Cracking
  • Reusable Passwords
  • A password you use repeatedly to get access to a
    resource on multiple occasions
  • Bad because attacker will have time to learn it
    then can use it
  • Difficulty of Cracking Passwords by Guessing
    Remotely
  • Usually cut off after a few attempts
  • However, if can steal the password file, can
    crack passwords at leisure

48
Server Password Cracking
  • Hacking Root
  • Super accounts (can take any action in any
    directory)
  • Hacking root in UNIX
  • Super accounts in Windows (administrator) and
    NetWare (supervisor)
  • Hacking root is rare usually can only hack an
    ordinary user account
  • May be able to elevate the privileges of the user
    account to take root action

49
Server Password Cracking
  • Physical Access Password Cracking
  • l0phtcrack
  • Lower-case L, zero, phtcrack
  • Password cracking program
  • Run on a server (need physical access)
  • Or copy password file and run l0phtcrack on
    another machine.

50
Server Password Cracking
  • Physical Access Password Cracking
  • Brute-force password guessing
  • Try all possible character combinations
  • Longer passwords take longer to crack
  • Using more characters also takes longer
  • Alphabetic, no case (26 possibilities)
  • Alphabetic, case (52)
  • Alphanumeric (letters and numbers) (62)
  • All keyboard characters (80)

51
Password Length
Password Length In Characters
Alphanumeric Letters Digits (N62)
All Keyboard Characters (N80)
Alphabetic, Case (N52)
Alphabetic, No Case (N26)
1
62
80
52
26
2 (N2)
3,844
6,400
2,704
676
4 (N4)
14,776,336
40,960,000
7,311,616
456,976
6
56,800,235,584
2.62144E11
19,770,609,664
308,915,776
8
2.1834E14
1.67772E15
5.34597E13
2.08827E11
10
8.39299E17
1.07374E19
1.44555E17
1.41167E14
52
Server Password Cracking
  • Physical Access Password Cracking
  • Brute Force Attacks
  • Try all possible character combinations
  • Slow with long passwords length
  • Dictionary attacks
  • Try common words (password, ouch, etc.)
  • There are only a few thousand of these
  • Cracked very rapidly
  • Hybrid attacks
  • Common word with single digit at end, etc.

53
Server Password Cracking
  • Password Policies
  • Good passwords
  • At least 6 characters long
  • Change of case not at beginning
  • Digit (0 through 9) not at end
  • Other keyboard character not at end
  • Example triV6ial

54
Server Password Cracking
  • Password Policies
  • Testing and enforcing password policies
  • Run password cracking program against own servers
  • Caution requires approval! SysAdmins have been
    fired for doing this without permissionand
    should be
  • Password duration policies How often passwords
    must be changed

55
Server Password Cracking
  • Password Policies
  • Password sharing policies Generally, forbid
    shared passwords
  • Removes ability to learn who took actions loses
    accountability
  • Usually is not changed often or at all because of
    need to inform all sharers

56
Server Password Cracking
  • Password Policies
  • Disabling passwords that are no longer valid
  • As soon as an employee leaves the firm, etc.
  • As soon as contractors, consultants leave
  • In many firms, a large percentage of all accounts
    are for people no longer with the firm

57
Server Password Cracking
  • Password Policies
  • Lost passwords
  • Password resets Help desk gives new password for
    the account
  • Opportunities for social engineering attacks
  • Leave changed password on answering machine
  • Biometrics voice print identification for
    requestor (but considerable false rejection rate)

58
Server Password Cracking
  • Password Policies
  • Lost passwords
  • Automated password resets
  • Employee goes to website
  • Must answer a question, such as In what city
    were you born?
  • Problem of easily-guessed questions that can be
    answered with research

59
Server Password Cracking
  • Password Policies
  • Encrypted (hashed) password files
  • Passwords not stored in readable form
  • Encrypted with DES or hashed with MD5
  • In UNIX, etc/passwd puts x in place of password
  • Encrypted or hashed passwords are stored in a
    different (shadow) file to which only high-level
    accounts have access

60
Server Password Cracking
  • Password Policies
  • Windows passwords
  • Obsolete LAN manager passwords (7 characters
    maximum) should not be used
  • Windows NTLM passwords are better
  • Option (not default) to enforce strong passwords

61
Server Password Cracking
  • Shoulder Surfing
  • Watch someone as they type their password
  • Keystroke Capture Software
  • Professional versions of windows protect RAM
    during password typing
  • Consumer versions do not
  • Trojan horse throws up a login screen later,
    reports its finding to attackers

62
Server Password Cracking
  • Windows Client PC Software
  • Consumer version login screen is not for security
  • Windows professional and server versions provide
    good security with the login password
  • BIOS passwords allow boot-up security
  • Can be disabled by removing the PCs battery
  • But during a battery removal, the attacker will
    be very visible
  • Screen savers with passwords allow away-from-desk
    security after boot-up

63
UNIT 4
Content
  • Access and Authentication Technology
  • Authentication methods PPP, PAP, CHAP, EAP
  • AAA, RADIUS, TACACS, TACACS, Kerberos
  • Authentication Header (AH)
  • Encapsulating Security Payload (ESP)
  • Virtual Private Networks (VPN) VPN Architectures
  • Authentication On Wireless LANs

64
AUTHENTICATION METHODS
  • Authentication and authorization technologies
    (e.g., userID and password with PAP Password
    Authentication Protocol and CHAP Challenge
    Handshake Authentication Protocol, Kerberos,
    etc.)
  • Token cards
  • PPP Extensible Authentication Protocol (EAP)
  • Microsoft Point-to-Point Encryption (MPPE)
  • Key-management protocols, e.g., Internet Security
    Association and Key Management Protocol (ISAKMP),
    Internet Key Exchange (IKE), etc.
  • Digital certificates
  • Digital signatures
  • Message authentication codes (MACs)
  • Wireless Encryption Technologies (e.g., WEP,
    802.11i)

65
AUTHENTICATION METHODS
  • A number of other userID and password
    authentication technologies with improved
    security have also been designed, primarily to be
    employed during a user log-in process.
  • A good example is Password Challenge Handshake
    Authentication Protocol (CHAP). In a network
    environment, because the log-in process first
    authenticates the user and then establishes a
    session (a logical connection) for the user if
    the user is indeed authorized

66
PPP Authentication
No Authentication Is an Option
Server
Client
  • To establish communications over a point-to-point
    link, each end of the PPP link must first send
    link configuration packets to configure the data
    link during the Link Establishment Phase.
  • After the link has been established, PPP provides
    for an optional Authentication Phase before
    proceeding to the Network-Layer Protocol Phase.
  • The authentication protocols are intended for use
    by hosts and routers that connect to a PPP
    network server via switched circuits, dial-up
    lines, or dedicated links.

67
PAP Password Authentication Protocol
  • PAP is a simple proprietary userID and password
    authentication protocol.
  • With PAP, the password is sent across the network
    to be compared against an encrypted password file
    on the access server. If the password matches the
    associated userID, the connection is established.
  • Because the password can potentially be
    intercepted by a hacker, PAP is not considered to
    be secure.

68
PPP Authentication
PAP Authentication
Authentication-Request Messages (Send Until
Response)
Authentication-Response Message
Server
Client
Poor Security Usernames and Passwords Are Sent
in the Clear
69
Password Challenge Handshake Authentication
Protocol (CHAP)
  • CHAP addresses the PAP deficiencies by having a
    server send a randomly generated challenge to
    the client along with the hostname.
  • The hostname is used by the client to look up the
    appropriate password, which is then combined with
    the challenge and encrypted using a one-way
    hashing function to produce a result that is then
    sent to the server along with the client userID.
  • The server performs the same computation using
    the password and compares the result with the
    result that has been sent back by the client.
  • If there is a match, the connection will be
    established. Because the challenge is different
    in every session, a hacker cannot replay the
    sequence.
  • The specific method to be used can be negotiated
    by a client when connecting to an RAS.
  • CHAP allows different types of encryption
    algorithms to be used. Most commercial RASs
    support Data Encryption Standard (DES) and
    Message Digest 5 (MD5).

70
(No Transcript)
71
MS-CHAP Challenge-Response Authentication Protocol
Note Both the client and the server know the
clients password.
1. Verifier creates Challenge Message
Challenge
2. Verifier sends Challenge Message
72
MS-CHAP Challenge-Response Authentication Protocol
  • 3.
  • Applicant (Supplicant)creates a Response
    Message
  • Adds password toChallenge Message
  • (b) Hashes the resultant bitstring (does not
    encrypt)
  • (c) The hash is theResponse Message

Challenge
Password
Hashing (Not Encryption)
Response
73
MS-CHAP Challenge-Response Authentication Protocol
4. Applicant sends Response Message without
encryption
Transmitted Response
74
MS-CHAP Challenge-Response Authentication Protocol
5. Verifier adds password to theChallenge
Message it sent. Hashes the combination.This is
the expectedResponse Message.
Challenge
Password
Hashing
Expected Response
75
MS-CHAP Challenge-Response Authentication Protocol
Expected Response
Transmitted Response
?
6. If the two Response Messages are equal,
the applicant knows the password and is
authenticated. Sever logs Client in.
7. Note that only hashing is involved. There is
no encryption.
76
PPP Authentication
CHAP Authentication
Challenge Message
Response Message Hash (Challenge Message Secret)
Server
Client
Server computes hash of challenge message plus
secret If equals the response message,
authentication is successful
77
PPP Authentication
MS-CHAP Authentication
Challenge Message
Response Message Hash (Challenge Message
Password)
Server
Client
CHAP, but with password as the secret. Widely
used because allows password authentication Standa
rd on Microsoft Windows client Only as secure as
password strength
78
PPP Extensible Authentication Protocol (EAP)
  • EAP is a general protocol for PPP authentication
    that supports multiple authentication mechanisms.
    EAP does not select a specific authentication
    mechanism at Link Control Phase, but rather
    postpones this until the Authentication Phase.
    This allows the authenticator to request more
    information before determining the specific
    authentication mechanism. This also permits the
    use of a back-end server that actually implements
    the various mechanisms, whereas the PPP
    authenticator merely passes through the
    authentication exchange.
  • The following are the basic steps involved in the
    EAP authentication process
  • After the Link Establishment phase is complete,
    the authenticator sends one or more Requests to
    authenticate the peer. The Request has a type
    field to indicate what is being requested.
    Examples of Request types include Identity,
    MD5-challenge, One-Time Passwords, Generic Token
    Card, etc. The MD5-challenge type corresponds
    closely to the CHAP authentication protocol.
    Typically, the authenticator will send an initial
    Identity Request followed by one or more Requests
    for authentication information. An initial
    Identity Request is not required, and may be
    bypassed in cases where the identity is presumed
    (leased lines, dedicated dial-ups, etc.).
  • The peer sends a Response packet in reply to each
    Request. As with the Request packet, the Response
    packet contains a type field that corresponds to
    the type field of the Request.
  • The authenticator ends the authentication phase
    with a Success or Failure packet.

79
PPP Authentication
EAP Authentication
Authenticate
Defer authentication Will provide more
information
Server
Client
EAP defers authentication to a later process Such
as RADIUS authentication
80
PPP Encryption
New PPP Header. Plaintext.
Original PPP Frame. Encrypted.
New PPP Trailer. Plaintext.
PPP with EAP Encryption
New PPP Header. Plaintext.
EAP header
New PPP Trailer. Plaintext.
Code
Identifier
Length
81
PPP on Direct Links and Internets
PPP Frame
Connection over Direct Link
PPP Provides End-to-End Link
Applicant (Client)
Verifier (Server)
82
PPP on Direct Links and Internets
PPP Frame in IP Packet
Connection over Internet
PPP Limited to First Data Link (Network)
Router
Router
Applicant (Client)
Verifier (Server)
83
PPP on Direct Links and Internets
  • Note
  • Tunneling Places the PPP Frame in an IP Packet,
    Which Delivers the Frame.
  • To the Receiver, Appears to be a Direct Link.
  • Allows organization to continue using existing
    PPP-based security such as encryption and
    authentication

84
Layer 2 Tunneling Protocol (L2TP)
DSL Access Multiplexer (DSLAM) with L2TP
Client Running PPP
Internal Server
L2TP RAS
DSL
L2TP Tunnel
Local Network
Carrier Network
Note L2TP does not provide security. It
provides only tunneling. L2TP recommends the use
of IPsec for security.
85
UNIT 4
Content
  • Access and Authentication Technology
  • Authentication methods PPP, PAP, CHAP, EAP
  • AAA, RADIUS, TACACS, TACACS, Kerberos
  • Authentication Header (AH)
  • Encapsulating Security Payload (ESP)
  • Virtual Private Networks (VPN) VPN Architectures
  • Authentication On Wireless LANs

86
Point-to-Point Tunneling Protocol (PPP)
RADIUS Server
IP Protocol 47 (GRE) Data Connection
Local ISP Access (Not Secure)
Internet
Remote Corporate PC
RADIUS Server
PPTP RAS
ISP PPTP Access Concentrator
TCP Port 1723 Supervisory Connection (Vulnerable)
Corporate Site A
87
Point-to-Point Tunneling Protocol (PPP)
Direct connection between PC And RADIUS Server
IP Protocol 47 (GRE) Data Connection
Internet
Remote Corporate PC
RADIUS Server
PPTP RAS
TCP Port 1723 Supervisory Connection (Vulnerable)
Corporate Site A
88
PPTP Encapsulation for Data Frames
Enhanced General Routing Encapsulation (GRE)
Header Information About Encapsulated Packet
New IP Header Protocol47 IP Destination Address
Is That of Remote Access Server
Encapsulated Original IP Packet
89
RADIUS for Dial-Up Remote Access
Remote Corporate PC
1. Login Username And Password
2. OK?
Dial-Up Connection
RADIUS Server
RAS 1
Remote Corporate PC
Public Switched Telephone Network
Corporate Site A
Dial-Up Connection
RAS 2
90
RADIUS for Dial-Up Remote Access
Remote Corporate PC
Dial-Up Connection
3. OK
4. Welcome
RADIUS Server
RAS 1
Remote Corporate PC
Public Switched Telephone Network
Corporate Site A
Dial-Up Connection
RAS 2
91
Kerberos Authentication System
Kerberos Server Key Distribution Center (K)
Abbreviations A Applicant V Verifier K
Kerberos Server
Verifier (V)
Applicant (A)
92
Kerberos Authentication System
Kerberos Server Key Distribution Center (K)
TGT (Ticket-Granting Ticket) is encrypted in
a way that only K can decrypt.
Contains information that K will read later.
1. Request for Ticket-Granting Ticket
Key nA (Network Login Key for A) is encrypted
with As Master Key (Key mA). In future
interactions with K, A will use nA to limit the
master keys exposure.
2. Response TGT, Key nA
Verifier (V)
Applicant (A)
93
Kerberos Ticket-Granting Service Part 1
Authenticator is As IP address, user name, and
time stamp. This authenticator is encrypted with
Key nA to prove that A sent it.
Kerberos Server Key Distribution Center (K)
1. Request Ticket for V TGT Authenticator encr
ypted with Key nA
Key AV is a symmetric session key that A will
use with V.
2. Response Key AV encrypted with Key
nA Service Ticket
Verifier (V)
Applicant (A)
94
Kerberos Ticket-Granting Service Part 2
Authenticator (Auth) encrypted with Key
AV. Service Ticket contains Key AV encrypted
with the Verifiers master key, Key mV.
Kerberos Server Key Distribution Center (K)
3. Request for Connection Auth Service Ticket
5. Ongoing Communication with Key AV
4. V decrypts Service Ticket Uses Key AV to test
Auth
95
KERBEROS AUTHENTICATION ALGORITHM
  • Kerberos uses a conventional symmetric
    cryptography, meaning the encryption and
    decryption uses the same key for both processes.
  • It makes use of a third trusted party, which
    stores a database of secret keys, and is called a
    Key Distribution Centre (KDC).
  • It consists of an Authentication Server (AS) and
    a Ticket Granting Server (TGS), to verify the
    identity of the client.
  • There are 3 basic steps that are done in order to
    authenticate using Kerberos

96
  • Step 1
  • The client sends a request to the authenticating
    server (Kerberos).
  • The server then locates the client in the
    database and generates a session key (SK1) to
    start a session between the client and the
    ticket-granting server.
  • Using the clients secret key, Kerberos will
    encrypt the SK1, after which it will use the
    secret key generated by the TGS to create a
    ticket- granting ticket (TGT) and send it back to
    the client.

97
  • Step 2
  • The client decrypts the message sent by the
    authentication server and receives the session
    key.
  • It then uses it to create an authenticator which
    includes the users name, IP address and
    timestamp, which disallows others to steal the
    information from the ticket and the authenticator
    for later use, and sends it to the TGS together
    with the TGT it received.
  • The TGS uses the SK1 inside the TGT to decrypt
    the authenticator and then verifies the
    information it contains, including the ticket. If
    all are correct, the request is granted.
  • The TGS then creates a new session key (SK2) to
    start a session between the client and the target
    server. Using SK1, it encrypts this message, and
    sends it back to the client together with a new
    ticket containing the clients name, IP address,
    timestamp and an expiration time (all of which
    encrypted with the target servers secret key),
    as well as the name of the server.

98
  • Step 3
  • The client decrypts the message sent by the TGS
    and receives the second session key.
  • It then creates a new authenticator encrypted
    with SK2 and sends it to the target server,
    together with the session key encrypted using the
    target servers secret key.
  • The target server decrypts and checks all of the
    information received.
  • Applications that require 2-way authentication
    are returned a message with time stamp plus 1,
    encrypted with SK2.

99
Finally, the clients identity has been verified
by the server, and now both are able to
communicate securely using a shared encryption
key.
100
Smart card authentication
  • Cryptographic key is stored on the smart card,
    which is unlocked by the user using a special key
    pair.
  • In order to authenticate the user, he places his
    smart card into a special card reader attached to
    the system he is trying to log in to.
  • The key from the smart card is being read by the
    system.
  • The system asks the user for his password to
    unlock the key.
  • After the user key in the password, the system
    performs a cryptographic key exchange with the
    central server for verification of the key. The
    user is being authenticated when the key is
    verified.

101
Sender Policy Framework (SPF)
  • The Sender Policy Framework (SPF) is an extension
    to the Simple Mail Transfer Protocol (SMTP).
  • It is an e-mail authentication method that
    prevents the forgery of the sender address
    residing in the return-path of an e-mail.
    Malicious spammers tend to disguise their
    identity by making use of other e-mail addresses
    to send spam e-mails. In this way, these spammers
    could avoid being tracked down and get caught.
  • Secondly, they could avoid having their own
    mailbox filled with undelivered bounce e-mails.
    SPF helps to reduce such incidences of email
    address and domain spoofing by ensuring that
    e-mail receivers only receive e-mails from
    senders that use a legitimate server of a
    particular domain.

102
UNIT 4
Content
  • Access and Authentication Technology
  • Authentication methods PPP, PAP, CHAP, EAP
  • AAA, RADIUS, TACACS, TACACS, Kerberos
  • Authentication Header (AH)
  • Encapsulating Security Payload (ESP)
  • Virtual Private Networks (VPN) VPN Architectures
  • Authentication On Wireless LANs

103
Levels of Access Privilege
  • General users in an enterprise should be grouped
    at a minimum into the following three privilege
    levels
  • Employees as users with general access privileges
    for free access around the network to default
    network and systems resources
  • Partners as users with lower access privileges
    for access to some limited, predetermined network
    and systems resources
  • Outside users with authority to access very
    limited systems resources (probably only some
    pieces of data or applications) through some
    proxy servers.
  • Additional special privilege levels are likely
    needed, e.g., for administrators as users with
    higher access privileges, which are required to
    gain access to and to administer network and
    systems components like servers, routers, etc.

104
IP-AUTHENTICATION MECHANISMS
  • Because IP is by definition a connectionless
    transport technology utilizing datagram exchanges
    over the network, special facilities are needed
    to ensure user authentication for each of the IP
    packets transmitted and received.
  • Two IP authentication mechanisms
  • Authentication Header AH which provides
    integrity and authentication without
    confidentiality.
  • Encapsulating Security Payload ESP which always
    provides confidentiality and optionally also
    provides integrity and authentication.
  • Both AH and ESP use an authentication algorithm
    to generate authentication information known as
    the Integrity Check Value (ICV), which is placed
    in the authentication data field in the
    corresponding header.

105
Authentication Header AH
  • AH defines an Authentication Header that contains
    the authentication information for the particular
    IP datagram and is used to provide connectionless
    data integrity and source identity authentication
    for IP datagrams and protection against replays.
  • This latter, optional service may be selected by
    the receiver when a Security Association is
    established. (Although the default calls for the
    sender to increment the Sequence Number used for
    anti-replay, the service is effective only if the
    receiver checks the Sequence Number.)
  • AH provides authentication for as much of the IP
    header as possible, as well as for upper-level
    protocol data.
  • However, some IP header fields may change in
    transit, and the value of these fields, when the
    packet arrives at the receiver, may not be
    predictable by the sender.
  • The values of such fields cannot be protected by
    AH.
  • Thus, the protection provided to the IP header by
    AH is somewhat piecemeal.

106
Authentication Header AH
  • AH may be applied alone, in combination with ESP,
    or in a nested fashion through the use of a
    tunnel mode.
  • Security services can be provided between a pair
    of communicating hosts, between a pair of
    communicating security gateways, or between a
    security gateway and a host.
  • ESP may be used to provide similar security
    services as AH, and it also provides an added
    confidentiality (encryption) service.
  • The primary difference between the authentication
    capabilities provided by ESP and AH is the extent
    of the coverage offered by each. Specifically,
    ESP does not protect any IP header fields unless
    those with certain authenticating encryption
    algorithms. Adding the AH header to an IP
    datagram prior to encapsulating the datagram
    using ESP might be desirable for users wishing to
    have strong integrity, authentication, and
    confidentiality, and perhaps also for users who
    require strong non-repudiation.
  • When the two mechanisms are combined, the
    placement of the IP AH makes clear which part of
    the data is being authenticated.

107
Authentication Header AH
AH Header Format The IP protocol header (IPv4,
IPv6, or Extension) immediately preceding AH will
contain the value 51 in its Protocol (IPv4) or
Next Header (IPv6, Extension) field, where
108
AUTHENTICATION METHODS
109
UNIT 4
Content
  • Access and Authentication Technology
  • Authentication methods PPP, PAP, CHAP, EAP
  • AAA, RADIUS, TACACS, TACACS, Kerberos
  • Authentication Header (AH)
  • Encapsulating Security Payload (ESP)
  • Virtual Private Networks (VPN) VPN Architectures
  • Authentication On Wireless LANs

110
IPsec ESP and AH Protection
Encapsulating Security Payload
IP Header
ESP Header
Protected
ESP Trailer
Protocol 50
Protocol 51
IP Header
Authentication Header
Protected
Authentication Header
111
Modes and Protections
112
Digital Signature for Message-by-Message
Authentication
To Create the Digital Signature 1. Hash the
plaintext to create a brief message digest this
is NOT the Digital Signature. 2. Sign (encrypt)
the message digest with the senders private key
to create the digital signature. 3. Transmit the
plaintext digital signature, encrypted
with symmetric key encryption.
Plaintext
Hash
MD
Sign (Encrypt) with Senders Private Key
DS
113
Digital Signature for Message-by-Message
Authentication
4. Encrypted with Session Key
Sender
Receiver
114
Digital Signature for Message-by-Message
Authentication
To Test the Digital Signature 5. Hash the
received plaintext with the same hashing
algorithm the sender used. This gives the message
digest. 6. Decrypt the digital signature with
the senders public key. This also should give
the message digest. 7. If the two match,
the message is authenticated.
5.
6.
Received Plaintext
DS
Decrypt with True Partys Public Key
Hash
MD
MD
7. Are they equal?
115
Public Key Deception
Impostor I am the True Person. Here is TPs
public key. (Sends Impostors public key) Here
is authentication based on TPs private
key. (Really Impostors private key) Decryption
of message from Verifier encrypted with
Imposters public key, so Impostor can decrypt it
Verifier Must authenticate True
Person. Believes now has TPs public
key Believes True Person is authenticated based
on Impostors public key True Person, here is a
message encrypted with your public key.
Critical Deception
116
Important X.509 Digital Certificate Fields
Field
Description
Version Number
Version number of the X.509. Most certificates
follow Version 3. Different versions have
different fields. This figure reflects the
Version 3 standard.
Issuer
Name of the Certificate Authority (CA).
Serial Number
Unique serial number for the certificate, set by
the CA.
117
Important X.509 Digital Certificate Fields
Field
Description
Subject
The name of the person, organization, computer,
or program to which the certificate has been
issued. This is the true party.
Public Key
The public key of the subjectthe public key of
the true party.
Public Key Algorithm
The algorithm the subject uses to sign messages
with digital signatures.
118
Important X.509 Digital Certificate Fields
Field
Description
Valid Period
The period before which and after which the
certificate should not be used. Note Certificate
may be revoked before the end of this period.
Digital Signature
The digital signature of the certificate, signed
by the CA with the CAs own private
key. Provides authentication and certificate
integrity. User must know the CAs public key
independently.
119
Important X.509 Digital Certificate Fields
Field
Description
Signature Algorithm Identifier
The digital signature algorithm the CA uses to
sign its certificates.
120
Digital Signature and Digital Certificate in
Authentication
Digital Certificate
Digital Signature
Public Key of True Party
Signature to Be Tested with Public Key of True
Party
Authentication
121
Public Key Infrastructure (PKI) with a
Certificate Authority
Certificate Authority PKI Server
Verifier (Cheng)
6. Request Certificate Revocation List (CRL)
3. Request Certificate for Lee
7. Copy of CRL
5. Certificate for Lee
4. Certificate for Lee
  • Create
  • Distribute
  • Private Key
  • and
  • (2) Digital Certificate

Applicant (Lee)
Verifier (Brown)
122
Public Key Infrastructure (PKI)
  • Goals of PKI
  • Authenticate the user/system at the sending end
    of a transaction
  • Authenticate the user/system at the receiving end
    of a transaction
  • Non-repudiation
  • PKI components
  • Certification Authority (CA)
  • Registration Authority (RA)
  • Certificate Repository
  • Certificate Archive

123
Certification Authority (CA) The CA acts like a
trusted third-party which is made up of hardware,
software and the people operating it. It is in
charge of issuing, managing, authenticating,
signing and revoking of digital certificates.
Digital certificates are like evidence that shows
the binding between an entity and its public key.
Every CA is identified by its name and public
key. Therefore, certificates are signed by the CA
using its name and encrypted with its private key
to prove their authenticity. Verification of the
certificates is done by decrypting with the CAs
public key therefore, the CA must adequately
protect its private key. Registration Authority
(RA) Not everyone is entitled to possess a
digital certificate. The RA is set up to assist
the CA in verifying an entitys identity and
determines if it is eligible to have a public key
certificate issued.
124
Certificate Repository This is a database that
stores all the active digital certificates
managed by the CA. The repository is publicly
readable, but the CA is the only authorized
entity that can modify or update it. The
certificate repository also consists of a
Certificate Revocation List (CRL) which is
issued, time-stamped and signed by the CA. A CRL
contains unique information about revoked
certificates to enable relying entities to
determine a particular certificates
validity. Certificate Archive It contains old
certificates that were issued by the CA and valid
at that point in time. Therefore, if there are
any verification disputes on signatures of old
documents, archived certificates can be retrieved
to prove the authenticity of these documents.
125
Authentication using Public Key Infrastructure
(PKI) In order for authentication to take
place, there must be some sort of cryptography
system to be put in place. PKI supports the
authentication of users and systems by making use
of public key cryptography, which is the
cryptography system that PKI is based on.
126
Implementation of PKI
127
Cross Certification of PKIs
128
Digital Signature for Message-by-Message
Authentication
To Create the Digital Signature 1. Hash the
plaintext to create a brief message digest this
is NOT the Digital Signature. 2. Sign (encrypt)
the message digest with the senders private key
to create the digital signature. 3. Transmit the
plaintext digital signature, encrypted
with symmetric key encryption.
Plaintext
Hash
MD
Sign (Encrypt) with Senders Private Key
DS
129
Digital Signature for Message-by-Message
Authentication
4. Encrypted with Session Key
Sender
Receiver
130
Digital Signature for Message-by-Message
Authentication
To Test the Digital Signature 5. Hash the
received plaintext with the same hashing
algorithm the sender used. This gives the message
digest. 6. Decrypt the digital signature with
the senders public key. This also should give
the message digest. 7. If the two match,
the message is authenticated.
5.
6.
Received Plaintext
DS
Decrypt with True Partys Public Key
Hash
MD
MD
7. Are they equal?
131
Public Key Deception
Impostor I am the True Person. Here is TPs
public key. (Sends Impostors public key) Here
is authentication based on TPs private
key. (Really Impostors private key) Decryption
of message from Verifier encrypted with
Imposters public key, so Impostor can decrypt it
Verifier Must authenticate True
Person. Believes now has TPs public
key Believes True Person is authenticated based
on Impostors public key True Person, here is a
message encrypted with your public key.
Critical Deception
132
Important X.509 Digital Certificate Fields
Field
Description
Version Number
Version number of the X.509. Most certificates
follow Version 3. Different versions have
different fields. This figure reflects the
Version 3 standard.
Issuer
Name of the Certificate Authority (CA).
Serial Number
Unique serial number for the certificate, set by
the CA.
133
Important X.509 Digital Certificate Fields
Field
Description
Subject
The name of the person, organization, computer,
or program to which the certificate has been
issued. This is the true party.
Public Key
The public key of the subjectthe public key of
the true party.
Public Key Algorithm
The algorithm the subject uses to sign messages
with digital signatures.
134
Important X.509 Digital Certificate Fields
Field
Description
Valid Period
The period before which and after which the
certificate should not be used. Note Certificate
may be revoked before the end of this period.
Digital Signature
The digital signature of the certificate, signed
by the CA with the CAs own private
key. Provides authentication and certificate
integrity. User must know the CAs public key
independently.
135
Important X.509 Digital Certificate Fields
Field
Description
Signature Algorithm Identifier
The digital signature algorithm the CA uses to
sign its certificates.
136
Digital Signature and Digital Certificate in
Authentication
Digital Certificate
Digital Signature
Public Key of True Party
Signature to Be Tested with Public Key of True
Party
Authentication
137
Public Key Infrastructure (PKI) with a
Certificate Authority
Certificate Authority PKI Server
Verifier (Cheng)
6. Request Certificate Revocation List (CRL)
3. Request Certificate for Lee
7. Copy of CRL
5. Certificate for Lee
4. Certificate for Lee
  • Create
  • Distribute
  • Private Key
  • and
  • (2) Digital Certificate

Applicant (Lee)
Verifier (Brown)
138
Public Key Infrastructure (PKI)
  • Goals of PKI
  • Authenticate the user/system at the sending end
    of a transaction
  • Authenticate the user/system at the receiving end
    of a transaction
  • Non-repudiation
  • PKI components
  • Certification Authority (CA)
  • Registration Authority (RA)
  • Certificate Repository
  • Certificate Archive

139
Certification Authority (CA) The CA acts like a
trusted third-party which is made up of hardware,
software and the people operating it. It is in
charge of issuing, managing, authenticating,
signing and revoking of digital certificates.
Digital certificates are like evidence that shows
the binding between an entity and its public key.
Every CA is identified by its name and public
key. Therefore, certificates are signed by the CA
using its name and encrypted with its private key
to prove their authenticity. Verification of the
certificates is done by decrypting with the CAs
public key therefore, the CA must adequately
protect its private key. Registration Authority
(RA) Not everyone is entitled to possess a
digital certificate. The RA is set up to assist
the CA in verifying an entitys identity and
determines if it is eligible to have a public key
certificate issued.
140
Certificate Repository This is a database that
stores all the active digital certificates
managed by the CA. The repository is publicly
readable, but the CA is the only authorized
entity that can modify or update it. The
certificate repository also consists of a
Certificate Revocation List (CRL) which is
issued, time-stamped and signed by the CA. A CRL
contains unique information about revoked
certificates to enable relying entities to
determine a particular certificates
validity. Certificate Archive It contains old
certificates that were issued by the CA and valid
at that point in time. Therefore, if there are
any verification disputes on signatures of old
documents, archived certificates can be retrieved
to prove the authenticity of these documents.
141
Authentication using Public Key Infrastructure
(PKI) In order for authentication to take
place, there must be some sort of cryptography
system to be put in place. PKI supports the
authentication of users and systems by making use
of public key cryptography, which is the
cryptography system that PKI is based on.
142
Implementation of PKI
143
Cross Certification of PKIs
144
UNIT 4
Content
  • Access and Authentication Technology
  • Authentication methods PPP, PAP, CHAP, EAP
  • AAA, RADIUS, TACACS, TACACS, Kerberos
  • Authentication Header (AH)
  • Encapsulating Security Payload (ESP)
  • Virtual Private Networks (VPN) VPN Architectures
  • Authentication On Wireless LANs

145
VPN
  • VPN is used to provide secure network links
    across networks
  • VPN is constructed on top of existing network
    media and protocols
  • On protocol level IPsec is the first choice
  • Other protocols are PPTP, L2TP

146
VPN
147
VPN? Whats that?
A VPN is a service that simulates a PRIVATE link
over a PUBLIC network (usually a SP).
Ideally
Private Line (leased)
148
VPN? Whats that?
149
Access VPN Client Initiated
Internet
Encrypted IP
CorporateNetwork
  • Encrypted tunnel from the remote clientto the
    corporate network
  • Independent of broadband access technology
  • Standards compliant
  • IPSec encapsulated tunnel
  • IKE key management

150
VPN Types Intranet VPN
Remote Office
Main Office
POP
Internet/ IP VPNs
POP
Remote Office
POP
Service Provider
  • Extends the connectionlessIP model across a
    shared WAN
  • Reduces application development time
  • Reduces support costs
  • Reduces line costs

151
VPN Types Extranet VPN
Remote Office
Business Partner
POP
Internet/ IP VPNs
POP
Remote Office
Main Office
POP
Service Provider
Supplier
Customer
  • Extend connectivity to suppliers, customers, and
    business partners
  • Over a shared infrastructure
  • Using dedicated connections
  • While ensuring proper level of authorized access

152
Requirements for a VPN
3.Data should not be altered (any
change should be detectable) (DATA INTEGRITY)
1.Identify and authenticate the other
party (AUTHENTICATION) 2.Un-authorized person
should not be able to intercept, record or
e
About PowerShow.com