Network Security Applications


Published on

A quick presentation with a brief introduction, an example of an authentication application, Kerberos, and a web security standard, SSL/TLS.

Published in: Technology, Education
  • Network Security Through Data Analysis: Building Situational Awareness ---
    Are you sure you want to  Yes  No
    Your message goes here
  • The Network Security Test Lab: A Step-by-Step Guide ---
    Are you sure you want to  Yes  No
    Your message goes here
  • Network Security For Dummies ---
    Are you sure you want to  Yes  No
    Your message goes here
  • how can I download the slides, as the links are disabled
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Network Security Applications

  1. 1. Network Security Applications Hatem Mahmoud
  2. 2. Agenda ▪ Introduction ▪ An Authentication Application ▪ A Web Security Standard ▪ Summary ▪ References Network Security Applications 2
  3. 3. Introduction Network Security Applications 3
  4. 4. Introduction Network security applications: ▪ Authentication Applications (Kerberos) ▪ Web Security Standards (SSL/TLS) ▪ Email Security ▪ IP Security Network Security Applications 4
  5. 5. Kerberos An Authentication Application Network Security Applications 5
  6. 6. Kerberos Overview ▪ Kerberos is a trusted third-party authentication protocol designed for TCP/IP networks (developed at MIT) ▪ A Kerberos service on the network acts as a trusted arbitrator ▪ Kerberos allows clients to access different entities (clients/servers) on the network Network Security Applications 6
  7. 7. Kerberos The Kerberos Model ▪ Kerberos keeps a database of clients and their secret keys ▪ Services requiring authentication, as well as their clients, register their secret keys with Kerberos Network Security Applications 7
  8. 8. Kerberos The Kerberos Model ▪ Kerberos creates a shared session key and gives it to client and server (or two clients) to encrypt messages ▪ Kerberos uses DES for encryption ▪ Kerberos Version 4 provided a weak nonstandard mode for authentication ▪ Kerberos Version 5 uses CBC mode Network Security Applications 8
  9. 9. Kerberos How Kerberos Works 1. A client requests a ticket for a TGS (Ticket- Granting Service) from Kerberos 2. Kerberos sends the ticket to the client, encrypted in client’s secret key 3. To use a particular service, client requests a ticket from TGS 4. TGS issues and send a ticket to the client, encrypted with server's secret key Network Security Applications 9
  10. 10. Kerberos How Kerberos Works - The ticket is used by server to ensure that it is the same client to whom the ticket was issued - Client can use the ticket multiple times to access the server until the ticket expires 5. Client presents ticket to server with an authenticator (the authenticator contains client’s name and a timestamp, encrypted with the shared session key) Network Security Applications 10
  11. 11. Kerberos How Kerberos Works - Unlike a ticket, an authenticator can only be used once - The client can generate authenticators as needed using the shared secret key 6. If client credentials (ticket + authenticator) are correct, server provides access to service Network Security Applications 11
  12. 12. Kerberos How Kerberos Works Kerberos TGS 2 3 1 4 Client Server 5 Network Security Applications 12
  13. 13. Kerberos Security of Kerberos  It may be possible to cache and replay old authenticators. Although timestamps are supposed to prevent this, replays can be done during the lifetime of the ticket  Authenticators assume all clocks in the network are synchronized. If a host is fooled about the correct time, an old authenticator can be replayed Network Security Applications 13
  14. 14. Kerberos Security of Kerberos  Password-guessing attacks: an intruder can collect tickets and then try to decrypt them. The average user doesn’t usually choose good passwords  Malicious software: Kerberos rely on that its software is trustworthy. It is possible to replace all client Kerberos software with a version that records passwords Network Security Applications 14
  15. 15. Kerberos Security of Kerberos  New enhancements to Kerberos include an implementation of public-key cryptography and a smart-card interface for key management Network Security Applications 15
  16. 16. SSL/TLS A Web Security Standard Network Security Applications 16
  17. 17. SSL/TLS Overview Web security threats: ▪ Location ● Server or client (System Security) ● Network traffic (Web Security) ▪ Type ● Passive attacks ● Active attacks Network Security Applications 17
  18. 18. SSL/TLS Overview ▪ Passive attacks include accessing network traffic between browser and server, accessing restricted information on a website, etc. ▪ Active attacks includes impersonating another user, altering messages in traffic, altering information on a website, etc. Network Security Applications 18
  19. 19. SSL/TLS Overview ▪ Netscape originated the SSL (Secure Socket Layer) protocol to provide a reliable secure service on TCP ▪ TLS (Transport Layer Service) is the Internet standard version of SSL ▪ TLS is very similar to SSLv3 Network Security Applications 19
  20. 20. SSL/TLS Connections and Sessions ▪ A connection is a transport that provides a suitable type of service ▪ An session is an association between a client and a server ▪ Sessions define a set security parameters which can be shared among multiple connections Network Security Applications 20
  21. 21. SSL/TLS Connections and Sessions ▪ A number of states are associated with each session ▪ During the handshake, pending read and write states are created ▪ Upon successful conclusion of the handshake, the pending states become the current states Network Security Applications 21
  22. 22. SSL/TLS SSL Architecture ▪ Layer1 (provides basic security services to higher-layer protocols such as HTTP): ● Record Protocol ▪ Layer 2 (manages SSL exchanges): ● Handshake Protocol ● Change Cipher Spec Protocol ● Alert Protocol Network Security Applications 22
  23. 23. SSL/TLS SSL Architecture Network Security Applications 23
  24. 24. SSL/TLS 1. Record Protocol Provides: ▪ Confidentiality: a shared secret key is used for encryption ▪ Message Integrity: a shared secret key is used to form a MAC (message authentication code) Network Security Applications 24
  25. 25. SSL/TLS 1. Record Protocol 1)Fragments data into blocks 2)Compresses the data (optional) 3)Applies a MAC 4)Encrypts using a symmetric encryption such as AES and RC4 5)Adds a header (length, SSL version, etc.) 6)Transmits in a TCP segment Network Security Applications 25
  26. 26. SSL/TLS 1. Record Protocol Received data are: 1)Decrypted 2)Verified 3)Decompressed 4)Reassembled 5)Delivered to higher levels Network Security Applications 26
  27. 27. SSL/TLS 1. Record Protocol Network Security Applications 27
  28. 28. SSL/TLS 2. Handshake Protocol  Used before any data is transmitted  Allows the server and client to authenticate each other through a series of messages. Each message has:  Type: one of 10 types  Length: length in bytes  Content: session id, version, hash, etc. Network Security Applications 28
  29. 29. SSL/TLS 2. Handshake Protocol Network Security Applications 29
  30. 30. SSL/TLS 2. Handshake Protocol Network Security Applications 30
  31. 31. SSL/TLS 3. Change Cipher Spec  Consists of a single message which consists of a single byte with the value 1  Copies the pending state into the current state, which updates the cipher suite to be used on this connection Network Security Applications 31
  32. 32. SSL/TLS 4. Alert Protocol  Conveys SSL-related alert messages  Each message consists of two bytes: ● Severity – Warning (1): certificate_expired, etc. – Fatal (2) - terminates the connection: handshake_failure, bad_record_mac, etc. ● Code Network Security Applications 32
  33. 33. SSL/TLS SSL Protocols Network Security Applications 33
  34. 34. SSL/TLS TLS vs SSLv3 Differences include:  Version number: 3.x vs 3  MAC algorithm  Pseudorandom function for key generation and validation  Alert Codes Network Security Applications 34
  35. 35. Summary Network Security Applications 35
  36. 36. Summary ▪ Kerberos is a trusted third-party authentication protocol that enables clients and servers to establish authenticated communication ▪ SSL provides security services between TCP and applications that use TCP ▪ TLS is the Internet standard version Network Security Applications 36
  37. 37. Summary ▪ SSL/TLS provides confidentiality using symmetric encryption and message integrity using a MAC ▪ SSL/TLS enables two TCP users to determine the security mechanisms and services they will use Network Security Applications 37
  38. 38. References Network Security Applications 38
  39. 39. References ▪ Cryptography and Network Security Principles and Practices, 4th Edition, William Stallings ▪ Applied Cryptography, 2nd Edition, Bruce Schneier Network Security Applications 39
  40. 40. Thank You! Hatem Mahmoud Network Security Applications 40