Introduction To Network Security, Authentication Applications
Introduction To Network Security, Authentication Applications
Introduction To Network Security, Authentication Applications
UNIT-05
Introduction to Network Security, Authentication Applications
Information: is defined as “knowledge obtained from investigation, Study or
Instruction, Intelligence, news, facts, data, a Signature or Character representing
data”.
Computer security: With the introduction of the computer, the need for automated
tools for protecting files and other information stored on the computer became
evident. This is especially the case for a shared system, and the need is even more
acute for systems that can be accessed over a public telephone network, data
network, or the Internet. The generic name for the collection of tools designed to
protect data and to thwart hackers is computer security.
Security attack: Any action that compromises the security of information owned by
an organization.
Security mechanism: A process (or a device incorporating such a process) that is
designed to detect, prevent, or recover from a security attack.
Attack: An assault on system security that derives from an intelligent threat; that is,
an intelligent act that is a deliberate attempt (especially in the sense of a method or
technique) to evade security services and violate the security policy of a system.
Security Attacks:
Security attacks, used both in X.800 and RFC 2828, are classified as passive attacks
and active attacks.
A passive attack attempts to learn or make use of information from the system but
does not affect system resources.
An active attack attempts to alter system resources or affect their operation.
Passive Attacks:
Passive attacks are in the nature of eavesdropping on, or monitoring of,
transmissions. The goal of the opponent is to obtain information that is being
transmitted. Two types of passive attacks are release of message contents and
traffic analysis.
A second type of passive attack, traffic analysis, is subtler (Figure 1.3b). Suppose that we
had a way of masking the contents of messages or other information traffic so that opponents,
even if they captured the message, could not extract the information from the message. The
common technique for masking contents is encryption. If we had encryption protection in
place, an opponent might still be able to observe the pattern of these messages. The opponent
could determine the location and identity of communicating hosts and could observe the
frequency and length of messages being exchanged. This information might be useful in
guessing the nature of the communication that was taking place.
Passive attacks are very difficult to detect because they do not involve any alteration of the
data. Typically, the message traffic is sent and received in an apparently normal fashion and
neither the sender nor receiver is aware that a third party has read the messages or observed
the traffic pattern. However, it is feasible to prevent the success of these attacks, usually by
means of encryption. Thus, the emphasis in dealing with passive attacks is on prevention
rather than detection.
Active Attacks:
Active attacks involve some modification of the data stream or the creation of a false stream
and can be subdivided into four categories: Masquerade, Replay, Modification of messages,
and Denial of service.
A masquerade takes place when one entity pretends to be a different entity masquerade
attack usually includes one of the other forms of active attack. For example,
authentication sequences can be captured and replayed after a valid authentication sequence
has taken place, thus enabling an authorized entity with few privileges to obtain
extraprivileges by impersonating an entity that has those privileges.
Replay involves the passive capture of a data unit and its subsequent retransmission to
produce an unauthorized effect
Modification of messages simply means that some portion of a legitimate message is altered,
or that messages are delayed or reordered, to produce an unauthorized effect
For example, a message meaning "Allow John Smith to read confidential file
accounts" is modified to mean "Allow Fred Brown to read confidential file accounts."
The denial of service prevents or inhibits the normal use or management of communications
facilities This attack may have a specific target; for example, an entity may suppress all
messages directed to a particular destination (e.g., the security audit service).
Another form of service denial is the disruption of an entire network, either by disabling the
network or by overloading it with messages so as to degrade performance.
Security Services:
Security Mechanisms
A message is to be transferred from one party to another across some sort of internet. The
two parties, who are the principals in this transaction, must cooperate for the exchange
to take place. A logical information channel is established by defining a route through the
internet from source to destination and by the cooperative use of communication protocols
(e.g., TCP/IP) by the two principals. Security aspects come into play when it is necessary or
desirable to protect the information transmission from an opponent who may present a threat
to confidentiality, authenticity, and so on. All the techniques for providing security have two
components:
A security-related transformation on the information to be sent. Examples include the
encryption of the message, which scrambles the message so that it is unreadable by the
opponent, and the addition of a code based on the contents of the message, which can be used
to verify the identity of the sender
Some secret information shared by the two principals and, it is hoped, unknown to the
opponent. An example is an encryption key used in conjunction with the transformation to
scramble the message before transmission and unscramble it on reception. The general model
shows that there are four basic tasks in designing a particular security service:
3. Develop methods for the distribution and sharing of the secret information.
4. Specify a protocol to be used by the two principals that makes use of the security
algorithm and the secret information to achieve a particular security service.
Kerberos:
Kerberos is a key distribution and user authentication service developed at MIT. In particular, the
following three threats exist:
1. A user may gain access to a particular workstation and pretend to be another user operating from
that workstation.
2 A user may alter the network address of a workstation so that the requests sent from the altered
workstation appear to come from the impersonated workstation.
3. A user may eavesdrop on exchanges and use a replay attack to gain entrance to a server or to
disrupt operations.
Kerberos provides a centralized authentication server whose function is to authenticate users to
servers and servers to users. Kerberos relies exclusively on symmetric encryption, making no use of
public-key encryption
Kerberos Version 4
Version 4 of Kerberos makes use of DES, in a rather elaborate protocol, to provide the
authentication service.
A Simple Authentication Dialogue
In an unprotected network environment, any client can apply to any server for service.
The obvious security risk is that of impersonation.
An opponent can pretend to be another client and obtain unauthorized privileges on server
machines.
To counter this threat, servers must be able to confirm the identities of clients who request
service.
In this scenario, the user logs on to a workstation and requests access to server V.
The client module C in the user’s workstation requests the user’s password and then sends a
message to the AS that includes the user’s ID, the server’s ID, and the user’s password.
The AS checks its database to see if the user has supplied the proper password for this user
ID and whether this user is permitted access to server V.
If both tests are passed, the AS accepts the user as authentic and must now convince the
server that this user is authentic.
To do so, the AS creates a ticket that contains the user’s ID and network address and the
server’s ID.
This ticket is encrypted using the secret key shared by the AS and this server.
This ticket is then sent back to C.
Because the ticket is encrypted, it cannot be altered by C or by an opponent.
With this ticket, C can now apply to V for service.
C sends a message to V containing C’s ID and the ticket.
V decrypts the ticket and verifies that the user ID in the ticket is the same as the unencrypted
user ID in the message.
If these two match, the server considers the user authenticated and grants the requested
service.
First, we would like to minimize the number of times that a user has to enter a
password.
The second problem is that the earlier scenario involved a plaintext transmission of the
password. An eavesdropper could capture the password and use any service accessible
to the victim.
To solve these additional problems, we introduce a scheme for avoiding plaintext
passwords and a new server, known as the ticket-granting server (TGS).
The new (but still hypothetical) scenario is shown above table
Deficiencies of version 4
1. Double encryption that tickets provided to clients are encrypted twice—once with
the secret key of the target server and then again with a secret key known to the client. The
second encryption is not necessary and is computationally wasteful.
2. PCBC encryption Encryption in version 4 makes use of a nonstandard mode of DES
known as propagating cipher block chaining (PCBC). It has been demonstrated that this
mode is vulnerable to an attack involving the interchange of ciphertext blocks.
3. Session keys Each ticket includes a session key that is used by the client to encrypt
the authenticator sent to the service associated with that ticket. However, because the same
ticket may be used repeatedly to gain service from a particular server, there is the risk that
an opponent will replay messages from an old session to the client or the server.
4. Password attacks Both versions are vulnerable to a password attack. The message
from the AS to the client includes material encrypted with a key based on the client’s
password. An opponent can capture this message and attempt to decrypt it by trying various
passwords.
• Version: Differentiates among successive versions of the certificate format; the default is
version 1. If the Issuer Unique Identifier or Subject Unique Identifier are present, the value
must be version 2. If one or more extensions are present, the version must be version
• Serial number: An integer value, unique within the issuing CA, that is unambiguously
associated with this certificate.
• Signature algorithm identifier: The algorithm used to sign the certificate, together with
any associated parameters. Because this information is repeated in the Signature field at the
end of the certificate, this field has little, if any, utility.
• Issuer name: X.500 name of the CA that created and signed this certificate.
• Period of validity: Consists of two dates: the first and last on which the certificate is valid.
• Subject name: The name of the user to whom this certificate refers. That is, this certificate
certifies the public key of the subject who holds the corresponding private key.
Subject’s public-key information: The public key of the subject, plus an identifier of the
algorithm for which this key is to be used, together with any associated parameters.
• Issuer unique identifier: An optional bit string field used to identify uniquely the issuing CA
in the event the X.500 name has been reused for different entities.
• Subject unique identifier: An optional bit string field used to identify uniquely the subject
in the event the X.500 name has been reused for different entities.
• Extensions: A set of one or more extension fields. Extensions were added in version 3 and
are discussed later in this section.
• Signature: Covers all of the other fields of the certificate; it contains the hash code of the
other fields encrypted with the CA’s private key. This field includes the signature algorithm
identifier.