Cryptography and Network Security

Module 2:Block Cipher and Public Key cryptography

Faculty Name : Dr. Gautam Borkar

Dr. Nilesh Marathe
Index -

Lecture 17:Key management – Diffie Hellman Key Algorthm 4

Lecture 18:Example: Man in Middle attacks

2
Module No: 2 Module name:Block Cipher and Public Key cryptography

Lecture No.17
Key management – Diffie Hellman Key
Algorithm
Diffie-Hellman Key Agreement

4 Lecture No.17 Key management – Diffie Hellman Key Algorthm

Example 1

Let us give a trivial example to make the procedure clear. Our example uses small
numbers, but note that in a real situation, the numbers are very large. Assume that g = 7
and p = 23. The steps are as follows:
1.Alice chooses x = 3 and calculates R1 = 73 mod 23 = 21.
2.Bob chooses y = 6 and calculates R2 = 76 mod 23 = 4.
3.Alice sends the number 21 to Bob.
4.Bob sends the number 4 to Alice.
5.Alice calculates the symmetric key K = 43 mod 23 = 18.
6.Bob calculates the symmetric key K = 216 mod 23 = 18.
7.The value of K is the same for both Alice and Bob;
gxy mod p = 718 mod 35 = 18.

5 Lecture No.17 Key management – Diffie Hellman Key Algorthm

Diffie-hellman idea

6 Lecture No.17 Key management – Diffie Hellman Key Algorthm

Security of Diffie-Hellman:Man-in-the-Middle Attack

7 Lecture No.17 Key management – Diffie Hellman Key Algorthm

Station to station key agreement

8 Lecture No.17 Key management – Diffie Hellman Key Algorthm

Module No: 2 Module name:Block Cipher and Public Key cryptography

Lecture No: 18
Example: Man in Middle
Attack
Man-in-The Middle Attack

•Background
•Man in the Middle
•Network level – heavily researched
•Web application level – sporadic research

•Outline
•Passive MitM attacks
•Active MitM attacks
•Penetrating an internal network
•Remediation

10 Lecture 18:Man in the middle attack

Man in the Middle Scenario

All laptop users connect to a public network

Wireless connection can easily be compromised or impersonated

Wired connections might also be compromised

Internet

11 Lecture 18:Man in the middle attack

Rules of Thumb – Don’ts …

Someone might be listening to the requests

Don’t browse sensitive sites
Don’t supply sensitive information

Someone might be altering the responses

Don’t trust any information given on web sites
Don’t execute downloaded code

12 Lecture 18:Man in the middle attack

Rules of Thumb – What Can You Do?

This leaves us with:

Browse your favorite news site

Browse your favorite weather site

Non-sensitive
Non-sensitive sites
sites

Boring
Boring

Sensitive
Sensitive sites
sites

Interesting
Interesting

13 Lecture 18:Man in the middle attack

Passive Man in the Middle Attacks

Attacker
Attacker views
Attacker
views the
the response
Attacker views
views the
responsethe request
request
Victim
Victim browses
browses to
to aa manipulates
manipulates manipulates
it
manipulates
it itit Server
Server returns
returns aa response
response
website
website and
and forwards
and
andto
forwards forwards
to victim
victim to
forwards to server
server

Other
Other servers
servers are
are not
not affected
affected

14 Lecture 18:Man in the middle attack

Active Man in the Middle Attack

TheVictim
attacker
Victim browses
browsesactively
to
Attacker addsdirects
to aa adds
Attacker an
an IFRAME
IFRAMEthe
Attack victim
transfers to
referencing
Attack transfers
referencing the an “interesting”
the
Server siteresponse
Server returns
returns aa response
“boring” site
“boring” site an “interesting”
request
an “interesting” site
request to the server
site to the server
The IFrame could be invisible

My Weather Channel
Other
Other servers
servers are
are not
not affected
affected

My Bank Site
Automatic
Automatic request
request sent
sent to
to the
the
interesting server
interesting server

15 Lecture 18:Man in the middle attack

16 Lecture 18:Man in the middle attack
Stealing Cookies*

Automatic
Automatic request
request contains
contains victim’s
victim’s
cookies
cookies

* A similar attack was presented by Mike Perry – SideJacking

17 Lecture 18:Man in the middle attack

DEMO

 Result
– Attacker can execute scripts on any domain she desires
– Scripts can fully interact with any “interesting” website
 Limitations
– Will only work for non SSL web sites

Attacker
Attacker forwards
forwards the
the
Victim
Victim surfs
surfs to
to aa Attacker
Attacker injects
injects an
an IFRAME
IFRAME automatic
automatic request to the
request to the
“boring” site
“boring” site with the directing
directing to an “interesting” site
to an “interesting” site
Script
Script executes
executes with the “interesting”
“interesting” server
server
“interesting”
“interesting” server’s
server’s restrictions
restrictions

Automatic
Attacker
Automatic
Attacker adds request
request sent
adds aa malicious
malicioussent to
script
to
script
the
to
to interesting
thethe
interesting
the response server
responseserver “Interesting”
“Interesting” server
server
returns a response
returns a response

18 Lecture 18:Man in the middle attack

Secure Connections

Login Mechanism

19 Lecture 18:Man in the middle attack

Secure
PleaseConnections
Login Successful
Login
Victim
Victim fills
and
fills login
login details,
and submits the
submits
details,
the form
form

 Pre-login action sent in clear text

Usernam jsmith  Attacker could alter the pre-login response to make the login
eHello John request sent unencrypted
Password ********
Smith, Victim
Victim browses
browses to
to site
site
http://www.webmail.site
http://www.webmail.site
SUBMIT

Login
Login request
request is
is sent
sent through
through aa
secure channel
secure channel Site
Site returns
returns aa response
response
with
with login
login form
form

20 Lecture 18:Man in the middle attack

 Stealing Auto Completion Information

 Result
– Attacker can steal any auto-completion information she desires
 Limitations
– Will only work for pre-login pages not encrypted
– Will not work seamlessly in IE

Attacker
AttackerAttacker
returns
returns redirect
Attacker the
the original
victim
original
redirect login
to
to aa
login
victim
form
form together
request
together with
withto
request toaaaamalicious
pre-login
pre-loginscript
malicious page
script
page
Script
Script accesses
accesses the
the auto-completion
auto-completion
information
information using the
using the DOM
DOM

* A passive version of this attack was described by RSnake in his blog

21 Lecture 18:Man in the middle attack

 Cryptography and Network Security
Module 3: Cryptographic Hashes, Message Digest and Digital Certificates

Faculty Name : Mrs. Soumi Banerjee

Ms. Anita Patil
Index -

Lecture 19:Authentication requirement – Authentication function 4

Lecture 20: Types of Authentication

23
Module No: 3 Module name:Cryptographic Hashes, Message Digest and
Digital Certificates

Lecture No.19
Authentication Requirement-
Authentication Function
Message Authentication

 Message authentication is concerned with:

 Protecting the integrity of a message
 Validating identity of originator
 Non-repudiation of origin (dispute resolution)
 Will consider the security requirements
 Then three alternative functions used:
 Hash function
 Message encryption
 Message authentication code (MAC)

Lecture 19:Authentication requirement – Authentication

25 function
Message Security Requirements

 Disclosure
 Traffic analysis
 Masquerade
 Content modification
 Sequence modification
 Timing modification
 Source repudiation
 Destination repudiation

Lecture 19:Authentication requirement – Authentication

26 function
Authentication requirement

•Message authentication
•A procedure to verify that messages come from the alleged source and have not
been altered
•Message authentication may also verify sequencing and timeliness
•Digital signature
•An authentication technique that also includes measures to counter repudiation
by either source or destination

Lecture 19:Authentication requirement – Authentication

27 function
 Authentication requirement

Measures to deal with first two attacks:

In the realm of message confidentiality, and are addressed with encryption
Measures to deal with items 3 thru 6
Message authentication
Measures to deal with items 7
Digital signature
• Masquerade
•Disclosure • Content • Source
•Traffic modification repudiation
analysis • Sequence • Destination
modification repudiation
• Timing
modification
Lecture 19:Authentication requirement – Authentication
28 function
Authentication function

•Message authentication or digital signature mechanism can be

viewed as having two levels
•At lower level: there must be some sort of functions
producing an authenticator – a value to be used to
authenticate a message
•This lower level functions is used as primitive in a higher
level authentication protocol

Lecture 19:Authentication requirement – Authentication

29 function
Symmetric Message Encryption

 Encryption can also provides authentication

 If symmetric encryption is used then:
 Receiver know sender must have created it
 Since only sender and receiver know key used
 Know content cannot have been altered...
 ... If message has suitable structure, redundancy or a suitable checksum to
detect any changes

Lecture 19:Authentication requirement – Authentication

30 function
Public-Key Message Encryption

 If public-key encryption is used:

 Encryption provides no confidence of sender
•Since anyone potentially knows public-key
 However if
•Sender signs message using their private-key
•Then encrypts with recipients public key
•Have both secrecy and authentication
 Again need to recognize corrupted messages
 But at cost of two public-key uses on message

Lecture 19:Authentication requirement – Authentication

31 function
Public-Key Message Encryption

 Dirty little detail on PKCS

•Every time you encrypt, size expands
•Due to protections in PKCS#1
 So signing (by encryption) then encrypting, the size is more than doubled!

Lecture 19:Authentication requirement – Authentication

32 function
Authentication function

•Three classes of functions that may be used to produce an

authenticator
•Message encryption
•Ciphertext itself serves as authenticator
•Message authentication code (MAC)
•A public function of the message and a secret key that produces a fixed-
length value that serves as the authenticator
•Hash function
•A public function that maps a message of any length into a fixed-length hash
value, which serves as the authenticator

Lecture 19:Authentication requirement – Authentication

33 function
Module No: 3 Module name:Cryptographic Hashes, Message Digest and
Digital Certificates

Lecture No. 20
Type of Authentication
Type of Authentication

User authentication

Password authentication, salt

Challenge-response authentication protocols

Biometrics

Token-based authentication

Authentication in distributed systems (multi service providers/domains)

Single sign-on, Microsoft Passport

Trusted Intermediaries

35 Lecture 20: Type of Authentication

Example: Hash based and Challenge Response

a. Hash based authentication

b. Challenge Response

36 Lecture 20: Type of Authentication

Password Based authentication

 Basic idea
 User has a secret password
 System checks password to authenticate user
 Issues
 How is password stored?
 How does system check password?
 How easy is it to guess a password?
 Difficult to keep password file secret, so best if it is hard to guess password
even if you have the password file
(https://www.unix-ninja.com/p/Password_DNA)

37 Lecture 20: Type of Authentication

SOME COMMON PASSWORD

38
Basic password scheme

User
Password file
kiwifruit

exrygbzyf
kgnosfix
hash function ggjoklbsz
…
…

39 Lecture 20: Type of Authentication

Token-based Authentication

Object user possesses to authenticate, e.g.

memory card (magnetic stripe)
smartcard

With embedded CPU and memory

Carries conversation w/ a small card reader
Various forms
PIN protected memory card
Enter PIN to get the password
Cryptographic challenge/response cards
Computer create a random challenge
Enter PIN to encrypt/decrypt the challenge w/ the card

40 Lecture 20: Type of Authentication

Memory Card

Store but do not process data

Magnetic stripe card, e.G. Bank card

Electronic memory card

Used alone for physical access (e.G., Hotel rooms)

Some with password/pin (e.G., Atms)

Drawbacks of memory cards include:

Need special reader

Loss of token issues

User dissatisfaction (ok for atm, not ok for computer access)

41 Lecture 20: Type of Authentication

Smartcard

Credit-card like
Has own processor, memory, I/O ports
ROM, EEPROM, RAM memory
Executes protocol to authenticate with reader/computer
Static: similar to memory cards
Dynamic: passwords created every minute; entered manually by user or
electronically
Challenge-response: computer creates a random number; smart card provides its
hash (similar to PK)
Also have USB dongles

42 Lecture 20: Type of Authentication

Electronic identify cards

An important application of smart cards

A national e-identity (eID)

Serves the same purpose as other national ID cards (e.g., a driver’s licence)

Can provide stronger proof of identity

A German card

Personal data, Document number, Card access number (six digit random
number), Machine readable zone (MRZ): the password
Uses: ePass (government use), eID (general use), eSign (can have private
key and certificate)

43 Lecture 20: Type of Authentication

User authentication with eID

44 Lecture 20: Type of Authentication

Google Data Center Security

45
Thank You