Distributed Systems Security - Distributed Operating Systems - Lecture Slides, Slides of Computer Science

Download Distributed Systems Security - Distributed Operating Systems - Lecture Slides and more Slides Computer Science in PDF only on Docsity! Case Study On Distributed Systems Security Docsity.com Historical context: the evolution of security needs 1965-75 1975-89 1990-99 Current Platforms Multi-user timesharing computers Distributed systems based on local networks The Internet, wide- area services The Internet + mobile devices Shared resources Memory, files Local services (e.g. NFS), local networks Email, web sites, Internet commerce Distributed objects, mobile code Security requirements User identification and authentication Protection of services Strong security for commercial transactions Access control for individual objects, secure mobile code Security management environment Single authority, single authorization database (e.g. /etc/ passwd) Single authority, delegation, repli- cated authorization databases (e.g. NIS) Many authorities, no network-wide authorities Per-activity authorities, groups with shared responsibilities Docsity.com Definitions • Asymmetric algorithm – public/private key cryptography that utilizes a trap-door function, such as RSA • Availability - system services are available when they are needed • Certificate - an electronic document containing a statement signed by a principal • Confidentiality - secrecy, information is only disclosed according to security policy • Integrity - information is not destroyed or corrupted and the system performs data operations correctly • DES - Data Encryption Standard adopted by National Bureau of Standards in 1977; famous cryptosystem that uses a 56-bit secret key • Digital Signature - emulates a conventional signature by using cryptography to verify to a third party that a message or document is produced by the signer • RSA - Rivest, Shamir, Adleman encryption algorithm; first public-key cryptosystem; based on the use of trap door function of two very large prime numbers • Symmetric algorithm – secret-key cryptography that uses a common key and a one-way encryption function, such as DES Docsity.com Alice and Bob share a secret key KAB. 1. Alice uses KAB and an agreed encryption function E(KAB, M) to encrypt and send any number of messages {Mi}KAB to Bob. 2. Bob reads the encrypted messages using the corresponding decryption function D(KAB, M). Alice and Bob can go on using KAB as long as it is safe to assume that KAB has not been compromised. Features Scenario 1: Secret communication with shared secret key Issues: Key distribution: How can Alice send a shared key KAB to Bob securely? Freshness of communication: How does Bob know that any {Mi} isn’t a copy of an earlier encrypted message from Alice that was captured by Mallory and replayed later? * Docsity.com Bob is a file server; Sara is an authentication service. Sara shares secret key KA with Alice and secret key KB with Bob. 1. Alice sends an (unencrypted) message to Sara stating her identity and requesting a ticket for access to Bob.  2. Sara sends a response to Alice. {{Ticket}KB, KAB}KA. It is encrypted in KA and consists of a ticket (to be sent to Bob with each request for file access) encrypted in KB and a new secret key KAB. 3. Alice uses KA to decrypt the response. 4. Alice sends Bob a request R to access a file: {Ticket}KB, Alice, R. 5. The ticket is actually {KAB, Alice}KB. Bob uses KB to decrypt it, checks that Alice's name matches and then uses KAB to encrypt responses to Alice. Features Scenario 2: Authenticated communication with a server • A ticket is an encrypted item containing the identity of the principal to whom it is issued and a shared key for a communication session. • This is a simplified version of the Needham and Schroeder (and Kerberos) protocol. * Docsity.com Features X509 Certificate format S u b jec t D i s t i n g u is he d N a m e, Pu b l ic K e y Iss ue r D i s t i n g u is he d N a m e, Si g n at u r e Pe ri o d o f v a li d i t y N o t Be f o r e Da t e, No t A f t e r D ate A d m i ni str a t ive i n fo rma ti o n V er si o n , S e r i a l N u mb e r Ex t en d e d I n f or m a t i o n Certificate: a statement signed by an appropriate authority. Certificates require: • An agreed standard format • Agreement on the construction of chains of trust • Expiry dates, so that certificates can be revoked. Docsity.com Certificates as credentials • Certificates can act as credentials – Evidence for a principal's right to access a resource • The two certificates shown could act as credentials for Alice to operate on her bank account – She would need to add her public key certificate * Docsity.com Features Certificates 1. Certificate type : Account number 2. Name : Alice 3. Account : 6262626 4. Certifying authority : Bob’s Bank 5. Signature : {Digest(field 2 + field 3)} KBpriv Alice’s bank account certificate Public-key certificate for Bob's Bank 1. Certificate type : Public key 2. Name : Bob’s Bank 3. Public key : KBpub 4. Certifying authority : Fred – The Bankers Federation 5. Signature : {Digest(field 2 + field 3)} KFpriv * Docsity.com Symmetric encryption algorithms These are all programs that perform confusion and diffusion operations on blocks of binary data DES: The US Data Encryption Standard (1977). No longer strong in its original form. 56-bit key Triple-DES: applies DES three times with two different keys. 112-bit key AES: A proposed US Advanced Encryption Standard (1997). 128/256-bit key. * Docsity.com Asymmetric encryption algorithms RSA: The first practical algorithm (Rivest, Shamir and Adelman 1978) and still the most frequently used. Key length is variable, 512-2048 bits. Asymmetric algorithms are ~1000 x slower and are therefore not practical for bulk encryption, but their other properties make them ideal for key distribution and for authentication uses. Depend on the use of trap-door functions A trap-door function is a one-way function with a secret exit - e.g. product of two large numbers; easy to multiply, very hard to factor * Docsity.com Implementation Digital signatures Requirement: – To authenticate stored document files as well as messages – To protect against forgery – To prevent the signer from repudiating a signed document (denying their responsibility) Encryption of a document in a secret key constitutes a signature - Impossible for others to perform without knowledge of the key - Strong authentication of document - Strong protection against forgery - Weak against repudiation (signer could claim key was compromised) * Docsity.com Implementation Low-cost signatures with a shared secret key Signing Verifying M K M K h = h'?authentic:forged h M signed doc H(M+K) h h' H(M+K) * Signer and verifier share a secret key K MAC: Message Authentication Code Docsity.com Performance of encryption and secure digest algorithms Key size/hash size (bits) Extrapolated speed (kbytes/sec.) Optimized speed (kbytes/s) TEA 128 700 - DES 56 350 7746 Triple-DES 112 120 2842 IDEA 128 700 4469 RSA 512 7 - RSA 2048 1 - MD5 128 1740 62425 SHA 160 750 25162 Algorithm Public key Secret key Digest speeds are for a Pentium II processor at 330 MHZ Docsity.com Application Kerberos authentication and key distribution service • Secures communication with servers on a local network – Developed at MIT in the 1980s to provide security across a large campus network > 5000 users – Based on Needham - Schroeder protocol • Standardized and now included in many operating systems – Internet RFC 1510, OSF DCE – BSD UNIX, Linux, Windows 2000, NT, XP, etc. – Available from MIT • Kerberos server creates a shared secret key for any required server and sends it (encrypted) to the user's computer • User's password is the initial secret shared with Kerberos * Docsity.com SSL protocol stack SSL Handshake protocol SSL Change Cipher Spec SSL Alert Protocol Transport layer (usually TCP) Network layer (usually IP) SSL Record Protocol HTTP Telnet SSL protocols: Other protocols: * negotiates cipher suite, exchanges certificates and key masters changes the secure channel to a new spec implements the secure channel Docsity.com Client A Server B ClientHello ServerHello SSL handshake protocol Establish protocol version, session ID, cipher suite, compression method, exchange random start values Certificate Certificate Request ServerHelloDone Optionally send server certificate and request client certificate Certificate Certificate Verify Send client certificate response if requested Change Cipher Spec Finished Change Cipher Spec Finished Change cipher suite and finish handshake Docsity.com SSL record protocol Application data abcdefghi abc def ghi Record protocol units Fragment/combine Compressed units Compress MAC Hash Encrypted Encrypt TCP packet Transmit * Docsity.com