第十讲协议安全.pptVIP

Protocols and Security (Ⅰ) school of computer mengbo mengscuec@ Protocol Human protocols ? the rules followed in human interactions Example: Asking a question in class Networking protocols ? rules followed in networked communication systems Examples: HTTP, FTP, TCP/IP,etc. Security protocol ? the (communication) rules followed in a security application Examples: SSL, IPSec, Kerberos, SET, etc. Protocols Protocol flaws can be very subtle Several well-known security protocols have serious flaws Including IPSec, GSM and WEP Common to find implementation errors Such as IE implementation of SSL Difficult to get protocols right… Authentication Protocols Authentication Alice must prove her identity to Bob Alice and Bob can be humans or computers May also require Bob to prove he’s Bob (mutual authentication) May also need to establish a session key May have other requirements, such as Use only public keys Use only symmetric keys Use only a hash function Anonymity, plausible deniability, etc., etc. Authentication Authentication on a stand-alone computer is relatively simple “Secure path” is the primary issue Main concern is an attack on authentication software (we discuss software attacks later) Authentication over a network is much more complex Attacker can passively observe messages Attacker can replay messages Active attacks may be possible (insert, delete, change messages) Simple Authentication Simple and may be OK for standalone system But insecure for networked system Subject to a replay attack (next 2 slides) Bob must know Alice’s password Authentication Attack Authentication Attack This is a replay attack How can we prevent a replay? Simple Authentication More efficient… But same problem as previous version Better Authentication Better since it hides Alice’s password From both Bob and attackers But still subject to replay Challenge-Response To prevent replay, challenge-response used Suppose Bob wants to authenticate Alice Challenge sent from Bob to Alice Only Alice c