Transport Layer Discussion Board
Chapter 13 Network Encryption
Chapter 13 Overview
Role of crypto in communications security
Impact of using crypto at different protocol layers
Network key distribution techniques
Application, network, and link layer crypto
Policy guidance for crypto applications
Network Encryption
Role of crypto in communications security
Impact of using crypto at different protocol layers
Network key distribution techniques
Application, network, and link layer crypto
Policy guidance for crypto applications
Communications Security
Physical protection works for local networks
Impractical for long-distance communications
Types of attacks
Passive – eavesdropping or sniffing
Active – maliciously create or modify data
Crypto techniques protect data when outside our physical control
Confidentiality, integrity
Authenticity, nonrepudiation
Crypto by Layers
Applying Crypto Layers
We get different results when we apply crypto at different layers
Different key distribution requirements
Data protected in different places and ways
Transparency – does crypto interfere?
Network transparency: Can the network still carry our traffic with the crypto applied?
Application transparency: Is crypto applied without affecting the application?
Layer 2: Link Encryption
Layer 3: Network Encryption
Layer 4: Transport Encryption
Layer 7: Application Encryption
Administrative and Policy Issues
Scope of sniffing protection
Traffic filtering – does the crypto interfere?
Automatic encryption – must we rely on the end user to enable crypto for sensitive data?
Access to Internet sites – full, automatic encryption makes Internet access impossible
End-to-end crypto – do we need to associate crypto operations with end users?
Keying – do end users need to manage keys?
We will review all of these at the end
Crypto Keys on the Network
The key management problem
Ensure that the right people have keys
Prevent attackers from uncovering keys
Key distribution objectives
Ensure that keys are changed periodically
Change keys when access rights change
The default keying risk: Keys installed by vendor
Default keys work “out of the box”
Attackers also have copies of the default keys
Key Distribution Strategies
One big cryptonet – share the same secret key with everyone who must communicate safely
Groups of cryptonets – share the same key among smaller communities of users
Pairwise key sharing – one per endpoint pair
Key distribution center – a shared server that distributes working keys to approved users
Public key distribution – use public key techniques to distribute keys
Key Distribution Techniques
Manual keying
Distribute all keys “by hand” in person or via trustworthy couriers – often a starting point
Simple rekeying
Unreliable tricks to replace an existing key
Secret-key techniques
Wrapping, KDCs, hashing
Public-key techniques
Diffie-Hellman, RSA
Simple Rekeying: Weak
Self-rekeying
Use a PRNG to transform the current key into a new one
Separate endpoints can apply the same PRNG to yield the same key
New keys encrypted with old
Generate a new, random key
Use previous key to encrypt it for distribution
Both techniques may leak all traffic if old keys are disclosed
Stronger Secret Key Building Blocks
Key wrapping
Use wrapping technique from Chapter 8 to protect keys carried in network messages
Traffic encrypting key (TEK) wrapped by KEK
Key distribution center (KDC)
The center distributes wrapped keys
Authorized users share a secret with the KDC
Shared secret hashing
Generate a new key using a one-way hash
Key Wrapping
Key Distribution Center
Shared Secret Hashing
Public Key Building Blocks
Anonymous Diffie-Hellman secret sharing
D-H inherently constructs a shared secret
We can use it to construct a temporary shared secret for any two endpoints
RSA key wrapping (encapsulation)
One endpoint (the client) creates a secret key shared with the other endpoint (the server)
Only the server needs a public key pair
Client needs a copy of the server's public key
Anonymous Diffie-Hellman
RSA Key Wrapping
Trade-Off: Public and Secret Keys
Secret Key
Limited resources
Clearly defined user community
Revocation must be timely and reliable
Small user community
Trustworthy servers are available
Public Key
User community can't be identified ahead of time
Large community, and untrustworthy server computer
Inefficient revocation is an acceptable risk
Application Layer Encryption
Email Key Wrapping and Encryption
25
Transport Layer Security: SSL/TLS
Secure Sockets Layer (SSL)
Developed by Netscape in 1994
Part of commercial client/server Web package
First really successful public-key application
Inherited by the IETF
Now called Transport Layer Security (TLS)
Three-part protocol
Handshake protocol – key exchange
Record protocol – data exchange
Alert protocol – errors and session shutdown
SSL Handshake Protocol
SSL Key Construction
SSL Record Transmission
Network Layer Encryption
Provides both application transparency and network transparency
Primary use: Virtual Private Networks (VPNs)
Network carries plaintext inside a site
VPN gateway encrypts data between sites
“Proxy encryption”
Remote users use VPN crypto to access site
IPsec – IP Security Protocol
Used for Internet VPNs
Example VPN
Encryption by an IPsec Gateway
IPsec Encrypted Packet
Internet Key Exchange (IKE) Protocol
Wireless LAN Encryption
Wireless Equivalent Privacy (WEP)
Introduced with early Wi-Fi products
Used RC4 and 40-bit keys
Later increased to 128-bit keys (WEP 2)
Successful attacks in early 2000s
Wireless Protected Access (WPA, WPA2)
First WPA designed to work with existing Wi-Fi hardware (still used RC4)
WPA2 uses AES, improved integrity protection, and improved key exchange
WPA2 Crypto Format
Crypto Policy: Sniffing
Crypto Policy: Automatic Encryption
Crypto Policy: Others