Crypto8e Merged
Crypto8e Merged
Network Security
Eighth Edition
by William Stallings
Security
Security attack Security service
mechanism
A processing or
A process (or a device communication Intended to counter
Any action that security attacks, and
incorporating such a service that enhances
compromises the they make use of one
process) that is the security of the
security of or more security
designed to detect, data processing
information owned mechanisms to
prevent, or recover systems and the
by an organization provide the service
from a security attack information transfers
of an organization
• Data integrity: This category covers a variety of mechanisms used to assure the integrity of a data unit or
stream of data units.
• Digital signature: Data appended to, or a cryptographic transformation of, a data unit that allows a recipient of
the data unit to prove the source and integrity of the data unit and protect against forgery.
• Authentication exchange: A mechanism intended to ensure the identity of an entity by means of information
exchange.
• Traffic padding: The insertion of bits into gaps in a data stream to frustrate traffic analysis attempts.
• Routing control: Enables selection of particular physically or logically secure routes for certain data and allows
routing changes, especially when a breach of security is suspected.
• Notarization: The use of a trusted third party to assure certain properties of a data exchange
The recipient of the message plus the MAC can perform the same
calculation on the message; if the calculated MAC matches the MAC
accompanying the message, this provides assurance that the
message has not been altered
• Key exchange
• The process of securely distributing a symmetric key to two or more
parties
• User authentication
• The process of authenticating that a user attempting to access an
application or service is genuine and, similarly, that the application or
service is genuine
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved
Communications Security
• Deals with the protection of communications through
the network, including measures to protect against
both passive and active attacks
• Communications security is primarily implemented
using network protocols
• A network protocol consists of the format and procedures that
governs the transmitting and receiving of data between points in
a network
• A protocol defines the structure of the individual data units and
the control commands that manage the data transfer
• The primary security concerns are intruders that gain access to the system to perform
unauthorized actions, insert malicious software (malware), or overwhelm system resources
to diminish availability
Internet Society:
•ISOC is a professional membership society with worldwide organizational and individual membership. It provides
leadership in addressing issues that confront the future of the Internet and is the organization home for the groups
responsible for Internet infrastructure standards, including the Internet Engineering Task Force (IETF) and the Internet
Architecture Board (IAB). These organizations develop Internet standards and related specifications, all of which are
published as Requests for Comments (RFCs).
ITU-T:
•The International Telecommunication Union (ITU) is an international organization within the United Nations System in
which governments and the private sector coordinate global telecom networks and services. The ITU Telecommunication
Standardization Sector (ITU-T) is one of the three sectors of the ITU. ITU-T’s mission is the development of technical
standards covering all fields of telecommunications. ITU-T standards are referred to as Recommendations
ISO:
•The International Organization for Standardization (ISO) is a worldwide federation of national standards bodies from more
than 140 countries, one from each country. ISO is a nongovernmental organization that promotes the development of
standardization and related activities with a view to facilitating the international exchange of goods and services and to
developing cooperation in the spheres of intellectual, scientific, technological, and economic activity. ISO’s work results in
international agreements that are published as International Standards
b = 7; g = 14; h = 63; m = 3; n = 2
7 | 14 and 7 | 63.
To show 7 (3 * 14 + 2 * 63),
we have (3 * 14 + 2 * 63) = 7(3 * 2 + 2 * 9),
and it is obvious that 7 | (7(3 * 2 + 2 * 9)).
a = qn + r 0 ≤ r < n; q = [a/n]
n 2n 3n qn a (q + 1)n
15
0 15 30 45 60 70 75
= 2 15 = 3 15 = 4 15 = 5 15
11 mod 7 = 4; - 11 mod 7 = 3
• Congruent modulo n
• Two integers a and b are said to be congruent
modulo n if (a mod n) = (b mod n)
• This is written as a = b(mod n)2
• Note that if a = 0(mod n), then n | a
1. a = b (mod n) if n (a – b)
23 = 8 (mod 5) because 23 - 8 = 15 = 5 * 3
- 11 = 5 (mod 8) because - 11 - 5 = - 16 = 8 * (- 2)
81 = 0 (mod 27) because 81 - 0 = 81 = 27 * 3
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
Modular Arithmetic
• Modular arithmetic exhibits the following properties:
1. [(a mod n) + (b mod n)] mod n = (a + b) mod n
11 mod 8 = 3; 15 mod 8 = 7
[(11 mod 8) + (15 mod 8)] mod 8 = 10 mod 8 = 2
(11 + 15) mod 8 = 26 mod 8 = 2
[(11 mod 8) - (15 mod 8)] mod 8 = - 4 mod 8 = 4
(11 - 15) mod 8 = - 4 mod 8 = 4
[(11 mod 8) * (15 mod 8)] mod 8 = 21 mod 8 = 5
(11 * 15) mod 8 = 165 mod 8 = 5
Additive
and
Multiplicative
Inverse
Modulo 8
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
(This table can be found on page 33 in the textbook)
Table 2.3
Properties of Modular Arithmetic for Integers in Zn
a = p1 a1 * p2 a2 * . . . * pp1 a1
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. (This table can be found on page 40 in the textbook)
Fermat's Theorem
• States the following:
• If p is prime and a is a positive integer not
divisible by p then
ap-1 = 1 (mod p)
ap = a (mod p)
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. (This table can be found on page 44 in the textbook)
Euler's Theorem
aø(n) = 1(mod n)
aø(n)+1 = a(mod n)
4. • for j = 0 to k – 1 do
6. • return (“composite") ;
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. (This table can be found on page 53 in the textbook)
Table 2.8
Tables of Discrete Logarithms, Modulo 19
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. (This table can be found on page 56 in the textbook)
Summary
• Understand the concept of
divisibility and the division • Understand Fermat’s theorem
algorithm
• Understand Euler’s theorem
• Understand how to use the
Euclidean algorithm to find the • Define Euler’s totient function
greatest common divisor
• Make a presentation on the
• Present an overview of the topic of testing for primality
concepts of modular arithmetic
• Explain the Chinese remainder
• Explain the operation of the theorem
extended Euclidean algorithm
• Define discrete logarithms
• Discuss key concepts relating to
prime numbers
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
Cryptography and
Network Security
Eighth Edition
by William Stallings
Cryptanalysis Cryptology
•Techniques used for •The areas of cryptography
deciphering a message and cryptanalysis
without any knowledge of
the enciphering details
Secure Channel
Key
Source
Symmetric,
single-key, secret-
Substitution Block cipher
key, conventional
encryption
Asymmetric, two-
Transposition key, or public-key Stream cipher
encryption
• Computationally secure
• The cost of breaking the cipher exceeds the
value of the encrypted information
• The time required to break the cipher
exceeds the useful lifetime of the
information
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
Brute-Force Attack
• A shift may be of any amount, so that the general Caesar algorithm is:
C = E(k , p ) = (p + k ) mod 26
p = D(k , C ) = (C - k ) mod 26
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
PHHW PH DIWHU WKH WR JD SDUWB
KEY
1 oggv og chvgt vjg vqic rctva
2 nffu nf bgufs uif uphb qbsuz
Figure 3.3 3
4
meet
ldds
me
ld
after
zesdq
the
sgd
toga
snfz
party
ozqsx
5 kccr kc ydrcp rfc rmey nyprw
6 jbbq jb xcqbo qeb qldx mxoqv
Brute-Force 7
8
iaap
hzzo
ia
hz
wbpan
vaozm
pda
ocz
pkcw
ojbv
lwnp u
kvmot
9 gyyn gy uznyl nby niau julns
Cryptanalysis 10 fxxm fx tymxk max mhzt itkmr
11 ewwl ew sxlwj lzw lgys hsjlq
of 12 dvvk dv rwkvi kyv kfxr grikp
13 cuuj cu qvjuh jxu jewq fqhjo
Caesar Cipher 14
15
btti
assh
bt
as
puitg
othsf
iwt
hvs
idvp
hcu o
epgin
dofhm
16 zrrg zr nsgre gur gbtn cnegl
17 yqqf yq mrfqd ftq fasm bmdfk
(This chart can be found on page 71 in the
textbook) 18 xppe xp lqepc esp ezrl alcej
19 wood wo kpdob dro dyqk zkbdi
20 vnnc vn jocna cqn cxpj yjach
21 ummb um inbmz bpm bwoi xizbg
22 tlla tl hmaly aol avnh whyaf
23 skkz sk glzkx znk zumg vgxze
24 rjjy rj fkyjw ymj ytlf ufwyd
25 qiix qi ejxiv xli xske tevxc
• Trigram
• Three-letter combination
• Most frequent is the
• Example:
key: deceptivewearediscoveredsav
plaintext: wearediscoveredsaveyourself
ciphertext: ZICVTWQNGKZEIIGASXSTSLVVWLA
• Even this scheme is vulnerable to cryptanalysis
• Because the key and the plaintext share the same
frequency distribution of letters, a statistical
technique can be applied
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
Vernam Cipher
• Use a random key that is as long as the message so that the key need
not be repeated
• Each new message requires a new key of the same length as the new
message
• Scheme is unbreakable
• Produces random output that bears no statistical relationship to the
plaintext
• Because the ciphertext contains no information whatsoever about the
plaintext, there is simply no way to break the code
• Understand the
operation of a
monoalphabetic
substitution cipher
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
Cryptography and
Network Security
Eighth Edition
by William Stallings
• Identity proofing:
• Establishes that a subject is who they claim to be to a stated level of certitude
• This process involves collecting, validating, and verifying information about a
person
• Digital authentication:
• The process of determining the validity of one or more authenticators used to
claim a digital identity
• Authentication establishes that a subject attempting to access a digital service
is in control of the technologies used to authenticate
• Successful authentication provides reasonable risk-based assurances that the
subject accessing the service today is the same as the subject that previously
accessed the service
Possession factor
Knowledge factor
(something the individual Inherence factor
(something the individual knows): possesses):
(something the individual is or does):
Requires the user to demonstrate Physical entity possessed by the
knowledge of secret information. Routinely authorized user to connect to the Refers to characteristics, called biometrics, that are
used in single-layer authentication client computer or portal. This type unique or almost unique to the individual. These
processes, knowledge factors can come in of authenticator used to be include static biometrics, such as fingerprint, retina,
the form of passwords, passphrases, referred to as a token, but that and face; and dynamic biometrics, such as voice,
personal identification numbers (PINs), or term is now deprecated. The term handwriting, and typing rhythm
answers to secret questions hardware token is a preferable
alternative. Possession factors fall
into two categories:
Connected hardware tokens are items that connect Disconnected hardware tokens are items that do not
directly connect to the client computer, instead requiring input
to a computer logically (e.g., via wireless) or physically in
from the individual attempting to sign in. Typically, a
order to authenticate identity. Items such as smart cards,
disconnected hardware token device will use a built-in screen to
wireless tags, and USB tokens are common connected
display authentication data that are then utilized by the user to
tokens used to serve as a possession factor
sign in when prompted
• Timestamps
• Requires that clocks among the various participants be synchronized
• Party A accepts a message as fresh only if the message contains a
timestamp that, in A’s judgment, is close enough to A’s knowledge of
current time
• Challenge/response
• Party A, expecting a fresh message from B, first sends B a nonce
(challenge) and requires that the subsequent message (response)
received from B contain the correct nonce value
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
Remote User-Authentication
Using Symmetric Encryption
A two-level hierarchy of symmetric keys can be used
to provide confidentiality for communication in a
distributed environment
•Strategy involves the use of a trusted key
distribution center (KDC)
•Each party shares a secret key, known as a master
key, with the KDC
•KDC is responsible for generating keys to be used
for a short time over a connection between two
parties and for distributing those keys using the
master keys to protect the distribution
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
Suppress-Replay Attacks
• The Denning protocol requires reliance on clocks that
are synchronized throughout the network
Scalable Transparent
• Ticket
• Created once the AS accepts the user as authentic; contains the user’s ID and
network address and the server’s ID
• Encrypted using the secret key shared by the AS and the server
Public-key encryption
Denning protocol Woo and Lam makes
for session key
using timestamps use of nonces
distribution
•Assumes each of the •Uses an •Care needed to
two parties is in authentication ensure no protocol
possession of the server (AS) to flaws
current public key of provide public-key
the other certificates
•May not be practical •Requires the
to require this synchronization of
assumption clocks
• In addition to the message, A sends B the signature encrypted with A’s private
key and A’s certificate encrypted with the private key of the authentication
server
• The recipient of the message first uses the certificate to obtain the sender’s
public key and verify that it is authentic and then uses the public key to verify
the message itself
• Alternatively, the entire message can be encrypted with a one-time secret key;
the secret key is also transmitted, encrypted with B’s public key
Could be provided as
part of the underlying
protocol suite and
Defined in RFC 5246 therefore be
transparent to
applications
Is an Internet standard
Is a general purpose
that evolved from a
service implemented as
commercial protocol
a set of protocols that
known as Secure
rely on TCP
Sockets Layer (SSL)
connection
•Every connection is associated with one session
Specifies the
bulk data
An arbitrary encryption
byte algorithm and A flag
An X509.v3
sequence The algorithm a hash 48-byte indicating
certificate of
chosen by the used to algorithm secret shared whether the
the peer; this
server to compress used for MAC between the session can
element of
identify an data prior to calculation; client and the be used to
the state may
active or encryption also defines server initiate new
be null
resumable cryptographic connections
session state attributes
such as the
hash_size
• Password
• The client sends a message containing a plaintext password, which is
protected by encryption by the Transport Layer Protocol
• Hostbased
• Authentication is performed on the client’s host rather than the client
itself
• This method works by having the client send a signature created with the
private key of the client host
• Rather than directly verifying the user’s identity, the SSH server verifies
the identity of the client host
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
Connection Protocol
• The SSH Connection Protocol runs on top of the SSH Transport
Layer Protocol and assumes that a secure authentication
connection is in use
• The secure authentication connection, referred to as a tunnel, is used
by the Connection Protocol to multiplex a number of logical channels
• Channel mechanism
• All types of communication using SSH are supported using separate
channels
• Either side may open a channel
• For each channel, each side associates a unique channel number
• Channels are flow controlled using a window mechanism
• No data may be sent to a channel until a message is received to
indicate that window space is available
• The life of a channel progresses through three stages: opening a
channel, data transfer, and closing a channel
X11
•Refers to the X Window System, a computer software system and network protocol that
provides a graphical user interface (GUI) for networked computers
•X allows applications to run on a network server but to be displayed on a desktop
machine
Forwarded-tcpip
•Remote port forwarding
Direct-tcpip
•Local port forwarding
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
Port Forwarding
• One of the most useful features of SSH
Interaction with
other systems
•It is easy to find and •An attacker can use
install third-party •Unless an organization has location information to
applications on mobile control of all the devices determine where the
devices and this poses involved in synchronization, device and user are
the risk of installing there is considerable risk of the located, which may be
malicious software organization’s data being of use to the attacker
stored in an unsecured
Use of applications location, plus the risk of the
Use of location
created by unknown introduction of malware
services
parties
• Wi-Fi
• The term used for certified 802.11b products
• Has been extended to 802.11g products
• Wi-Fi5
• A certification process for 802.11a products that was developed by the Wi-Fi
Alliance
Integration Distribution
•Enables transfer •The primary
of data between service used by
a station on an stations to
IEEE 802.11 LAN exchange
and a station on MPDUs when the
an integrated MPDUs must
IEEE 802.x LAN traverse the DS
•Takes care of any to get from a
address station in one
translation and BSS to a station
media in another BSS
conversion logic
required for the
exchange of data
BSS transition
another BSS within the same ESS
•In this case, delivery of data to the station requires that
the addressing capability be able to recognize the new
location of the station
ESS transition
ESS to a BSS within another ESS
•Maintenance of upper-layer connections supported by
802.11 cannot be guaranteed
•Disruption of service is likely to occur
Based on the
Contained major
current state of the Complex
weaknesses
802.11i standard
Is a text-based client-server
protocol
POP3 IMAP
• Post Office Protocol • Internet Mail Access Protocol
Content-Type
•Describes the data contained in the body with sufficient detail that the receiving user
agent can pick an appropriate agent or mechanism to represent the data to the user or
otherwise deal with the data in an appropriate manner
Content-Transfer-Encoding
•Indicates the type of transformation that has been used to represent the body of the
message in a way that is acceptable for mail transport
Content-ID
Content-Description
•A text description of the object with the body; this is useful when the object is not
readable
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. (Table is on page 584 in the textbook)
(Table is on page 586 in the textbook)
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
Formats
• Integrity-related threats
• Could result in unauthorized modification of email content
• Confidentiality-related threats
• Could result in unauthorized disclosure of sensitive
information
• Availability-related threats
• Could prevent end users from being able to send or receive
mail
Table 19.3
Email Threats and Mitigations
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. (Table can be found on page 587 in the textbook)
Threat Impact on Purported Sender Impact on Receiver Mitigation
Table 19.3
Email Threats and Mitigations
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. (Table can be found on page 587 in the textbook)
Counter Threat Protocols
• SP800-177 recommends use of a variety of standardized
protocols as a means for countering threats:
• STARTTLS
• An SMPT security extension that provides authentication,
integrity, non-repudiation and confidentiality for the entire SMTP
message by running SMTP over TLS
• S/MIME
• Provides authentication, integrity, non-repudiation and
confidentiality of the message body carried in SMTP messages
• DNS Security Extensions (DNSSEC)
• Provides authentication and integrity protection of DNS data, and
is an underlying tool used by various email security protocols
• DNS-based Authentication of Named Entities (DANE)
• Is designed to overcome problems in the certificate authority (CA)
system by providing an alternative channel for authenticating
public keys based on DNSSEC, with the result that the same trust
relationships used to certify IP addresses are used to certify
servers operating on those addresses
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
Secure/Multipurpose Internet Mail
Extension (S/MIME)
• A security enhancement to the MIME Internet e-mail
format standard based on technology from RSA Data
Security
For each recipient, encrypt the session key with the recipient’s
public RSA key
Prepare a block
known as
Encrypt the SignerInfo
message digest that contains the
with the signer’s signer’s public-key
private key certificate, an
Compute the identifier of the
message digest message digest
(hash function) of algorithm, an
the content to be identifier of the
signed algorithm used to
Select a message encrypt the
digest algorithm message digest,
(SHA or MD5) and the encrypted
message digest
The user of some related A user’s public key must be A user requires access to a
administrative utility must be registered with a certification local list of certificates in
capable of generating separate authority in order to receive an order to verify incoming
Diffie-Hellman and DSS key pairs X.509 public-key certificate signatures and to encrypt
and should be capable of outgoing messages
generating RSA key pairs
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. (Table is on page 600 in the textbook)
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
DNSSEC
• DNS Security Extensions
Mandatory policy field. May take values none or quarantine or reject. This allows for a gradually tightening policy where the
p= (Policy) sender domain recommends no specific action on mail that fails DMARC checks (p=none), through treating failed mail as
suspicious (p=quarantine), to rejecting all failed mail (p=reject), preferably at the SMTP transaction stage.
Values are r (default) for relaxed and s for strict SPF domain enforcement. Strict alignment requires an exact match between
the From address domain and the (passing) SPF check must exactly match the MailFrom address (HELO address). Relaxed
aspf= (SPF Policy)
requires that only the From and MailFrom address domains be in alignment. For example, the MailFrom address domain
smtp.example.org and the From address [email protected] are in alignment, but not a strict match.
Table 19.7
Optional. Values are r (default) for relaxed and s for strict DKIM domain enforcement. Strict alignment requires an exact
adkim = (DKIM
match between the From domain in the message header and the DKIM domain presented in the d= DKIM tag. Relaxed
Policy)
requires only that the domain part is in alignment (as in aspf). DMARC Tag and
Value Descriptions
Optional. Ignore if a ruf argument is not also present. Value 0 indicates the receiver should generate a DMARC failure report if
all underlying mechanisms fail to produce an aligned pass result. Value 1 means generate a DMARC failure report if any
fo= (Failure
underlying mechanism produces something other than an aligned pass result. Other possible values are d (generate a DKIM
reporting options)
failure report if a signature failed evaluation), and s (generate an SPF failure report if the message failed SPF evaluation).
These values are not exclusive and may be combined.
ruf= Optional, but requires the fo argument to be present. Lists a series of URIs (currently just mailto:<emailaddress>) that list
where to send forensic feedback reports. This is for reports on message specific failures.
Optional list of URIs (like in ruf=, using the mailto: URI) listing where to send aggregate feedback back to the sender. These
rua=
reports are sent based on the interval requested using the ri= option, with a default of 86400 seconds if not listed.
ri= (Reporting
Optional with the default value of 86400 seconds. The value listed is the reporting interval desired by the sender.
interval)
Optional with the default value of 100. Expresses the percentage of a sender’s mail that should be subject to the given DMARC
pct= (Percent) policy. This allows senders to ramp up their policy enforcement gradually and prevent having to commit to a rigorous policy
before getting feedback on their existing policy.
sp= (Receiver Optional with a default value of none. Other values include the same range of values as the p= argument. This is the policy to
policy) be applied to mail from all identified subdomains of the given DMARC RR.
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. (Table is on page 607 in the textbook)
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
DomainKeys Identified Mail (DKIM)
• A specification for cryptographically signing e-mail
messages, permitting a signing domain to claim
responsibility for a message in the mail stream
Mandatory policy field. May take values none or quarantine or reject. This allows for a gradually tightening policy
where the sender domain recommends no specific action on mail that fails DMARC checks (p=none), through
p= (Policy)
treating failed mail as suspicious (p=quarantine), to rejecting all failed mail (p=reject), preferably at the SMTP
transaction stage.
The picture can't be displayed.
Values are r (default) for relaxed and s for strict SPF domain enforcement. Strict alignment requires an exact
match between the From address domain and the (passing) SPF check must exactly match the MailFrom address
aspf= (SPF
(HELO address). Relaxed requires that only the From and MailFrom address domains be in alignment. For
Policy)
example, the MailFrom address domain smtp.example.org and the From address [email protected] are in
alignment, but not a strict match.
Optional. Values are r (default) for relaxed and s for strict DKIM domain enforcement. Strict alignment requires
adkim = (DKIM
an exact match between the From domain in the message header and the DKIM domain presented in the d=
Policy)
DKIM tag. Relaxed requires only that the domain part is in alignment (as in aspf).
Optional. Ignore if a ruf argument is not also present. Value 0 indicates the receiver should generate a DMARC
fo= (Failure failure report if all underlying mechanisms fail to produce an aligned pass result. Value 1 means generate a
reporting DMARC failure report if any underlying mechanism produces something other than an aligned pass result. Other
options) possible values are d (generate a DKIM failure report if a signature failed evaluation), and s (generate an SPF
failure report if the message failed SPF evaluation). These values are not exclusive and may be combined.
Table 19.7
DMARC Tag and Value Descriptions
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. (Table is on page 615 in the textbook)
Tag (Name) Description
Optional, but requires the fo argument to be present. Lists a series of URIs (currently just
ruf=
mailto:<emailaddress>) that list where to send forensic feedback reports. This is for reports on
message specific failures.
Optional list of URIs (like in ruf=, using the mailto: URI) listing where to send aggregate feedback
rua= back to the sender. These reports are sent based on the interval requested using the ri= option,
The picture can't be displayed.
ri= (Reporting Optional with the default value of 86400 seconds. The value listed is the reporting interval
interval) desired by the sender.
Optional with the default value of 100. Expresses the percentage of a sender’s mail that should
be subject to the given DMARC policy. This allows senders to ramp up their policy enforcement
pct= (Percent)
gradually and prevent having to commit to a rigorous policy before getting feedback on their
existing policy.
Optional with a default value of none. Other values include the same range of values as the p=
sp= (Receiver
argument. This is the policy to be applied to mail from all identified subdomains of the given
policy)
DMARC RR.
Table 19.7
DMARC Tag and Value Descriptions
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. (Table is on page 615 in the textbook)
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
Summary
• Understand the basic
• Summarize the key functional mechanisms of STARTTLS
components of the Internet and its role in email security
mail architecture
• Understand the basic
• Explain the basic functionality mechanisms of DANE and its
of SMTP, POP3, and IMAP role in email security
Essential
Network Access Elasticity Service Self-Service
Resource Pooling
Infrastructure
Software as a Platform as a as a service
service (SaaS) service (PaaS) (IaaS)
• The cloud service user does not manage or control the resources of the underlying cloud
infrastructure but has control over operating systems, deployed applications, and
possibly limited control of select networking components
• IaaS provides virtual machines (VMs) and other virtualized hardware and operating
systems
• IaaS offers the customer processing, storage, networks, and other fundamental
computing resources so that the customer is able to deploy and run arbitrary software,
which can include operating systems and applications
• IaaS enables customers to combine basic computing services, such as number crunching
and data storage, to build highly adaptable computer systems
• Typically, customers are able to self-provision this infrastructure, using a Web- based
graphical user interface that serves as an IT operations management console for the
overall environment
Security
Privacy
IaaS Service
Security Aggregation
Resource Abstraction Provisioning/
Audit
and Control Layer Configuration Service
Privacy Physical Resource Layer Arbitrage
Impact Audit
Hardware Portability/
Performance Interoperability
Facility
Audit
Cloud Carrier
Compliance
Understand the various types of laws and regulations that impose security and privacy obligations
Table 22.2
on the organization and potentially impact cloud computing initiatives, particularly those involving data
location, privacy and security controls, records management, and electronic discovery requirements.
Review and assess the cloud provider’s offerings with respect to the organizational requirements to
be met and ensure that the contract terms adequately meet the requirements.
NIST Guidelines
Ensure that the cloud provider’s electronic discovery capabilities and processes do not compromise the
privacy or security of data and applications.
on Cloud Security
and Privacy
Trust
Ensure that service arrangements have sufficient means to allow visibility into the security and Issues and
privacy controls and processes employed by the cloud provider, and their performance over time.
Establish clear, exclusive ownership rights over data. Recommendations
Institute a risk management program that is flexible enough to adapt to the constantly evolving and
shifting risk landscape for the lifecycle of the system.
Continuously monitor the security state of the information system to support ongoing risk
management decisions.
Architecture
Understand the underlying technologies that the cloud provider uses to provision services, including
the implications that the technical controls involved have on the security and privacy of the system, over
the full system lifecycle and across all system components.
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. (Table is on pages 692-693 in the textbook)
Software isolation
Understand virtualization and other logical isolation techniques that the cloud provider employs in
its multi-tenant software architecture, and assess the risks involved for the organization.
Data protection
Evaluate the suitability of the cloud provider’s data management solutions for the organizational
data concerned and the ability to control access to data, to secure data while at rest, in transit, and in use,
and to sanitize data.
Take into consideration the risk of collating organizational data with those of other organizations
whose threat profiles are high or whose data collectively represent significant concentrated value.
Fully understand and weigh the risks involved in cryptographic key management with the facilities
available in the cloud environment and the processes established by the cloud provider.
Availability
Understand the contract provisions and procedures for availability, data backup and recovery, and
disaster recovery, and ensure that they meet the organization’s continuity and contingency planning
requirements.
Ensure that during an intermediate or prolonged disruption or a serious disaster, critical operations
can be immediately resumed, and that all operations can be eventually reinstituted in a timely and
organized manner.
Incident response
Understand the contract provisions and procedures for incident response and ensure that they meet
the requirements of the organization.
Ensure that the cloud provider has a transparent response process in place and sufficient
mechanisms to share information during and after an incident.
Ensure that the organization can respond to incidents in a coordinated fashion with the cloud
provider in accordance with their respective roles and responsibilities for the computing environment.
Table 22.2
NIST Guidelines on Cloud Security and Privacy Issues and Recommendations
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. (Table is on pages 692-693 in the textbook)
1. Data Breaches
3. Insecure APIs
The Cloud Security
4. System and Application Vulnerabilities
Alliance lists 12 top
5. Account Hijacking
cloud-specific
security threats, in 6. Malicious Insiders
11. Denial-of-Service
• Countermeasures include:
(1) Analyzing the security model of CSP interfaces
(2) Ensuring that strong authentication and access controls are
implemented in concert with encrypted transmission
(3) Understanding the dependency chain associated with the API
Countering system
vulnerabilities is an
ongoing technical and System vulnerabilities can
management process that be exploited by hackers
involves and malicious software
•Risk analysis and management across a shared cloud
•Regular vulnerability detection environment
•Patch management
•IT staff training
APT attacks
A network attack APTs differ from
target
in which an other types of
The intention of organizations in
unauthorized attack by their
an APT attack is sectors with
person gains careful target
to steal data high-value
access to a selection, and
rather than to information,
network and persistent, often
cause damage to such as national
stays there stealthy,
the network or defense,
undetected for a intrusion efforts
organization manufacturing,
long period of over extended
and the financial
time periods
industry
This may be
supplemented by a
cloud-to-premise
To counter this threat, backup so that a recent
the CSC should be copy is available at the
assured that the CSP has customer site
Data loss refers to the a thorough redundancy
permanent loss of CSC scheme with regular
data that are stored in backups, including
the cloud through geographic redundancy
accidental or malicious
deletion of data and
backup copies from
cloud storage
E-mail security
Web security
Intrusion
management
• The principal objective is the enable creating and managing huge groups of virtual
private servers in a cloud computing environment
• OpenStack is embedded, to one degree or another, into data center infrastructure and
cloud computing products offered by Cisco, IBM, Hewlett-Packard, and other vendors
• It provides multi-tenant IaaS, and aims to meet the needs of public and private clouds
regardless of size
• The modular design is such that the components are generally capable of being used
independently
• It is the fourth generation that is usually thought of as the IoT, and which
is marked by the use of billions of embedded devices
Cloud Fog
Location of Center Edge
processing/storage resources
Latency High Low
Access Fixed or wireless Mainly wireless
Support for mobility Not applicable Yes
Control Centralized/hierarchical (full Distributed/hierarchical
control) (partial control)
Service access Through core At the edge/on handheld
device
Availability 99.99% Highly volatile/highly
redundant
Number of users/devices Tens/hundreds of millions Tens of billions
Main content generator Human Devices/sensors
Content generation Central location Anywhere
Content consumption End device Anywhere
Software virtual Central enterprise servers User devices
infrastructure
Tamper resistant
Tamper detection
• Sensors
• Temperature and radiation sensors can detect environmental
changes. Voltage and power sensors can detect electrical attacks
• Circuitry
• It is possible to wrap components with flexible circuitry,
resistance wire, or fiber optics so as to detect a puncture or break
• Both schemes use OCB with a counter that is input along with the plaintext into the
encryption algorithm
• The least significant bits of the counter are also sent as plaintext to enable
synchronization
• Each packet includes the encrypted data block, the OCB authentication tag, and the
MiniSec counter
• MiniSec-U employs synchronized counters, which require the receiver to keep a local
counter for each sender
• Once a receiver observes a counter value, it rejects packets with an equal or smaller
counter value; therefore, an attacker cannot replay any packet that the receiver has
previously received
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
Operating Modes
• MiniSec-U cannot be directly used to secure broadcast communication
• It would be too expensive to run the counter resynchronization protocol
among many receivers
• If a node were to simultaneously receive packets from a large group of sending
nodes, it would need to maintain a counter for each sender, resulting in high
memory overhead
• If the message is not replayed, it is stored in the bloom filter; else, the
node drops it
https://pgptool.org/
Session 5 Page 1
Session 5 Page 2
https://www.computerhistory.org/timeline/1946/
1946, 1957, 1977
Session 5 Page 3
Session 5 Page 4
Session 5 Page 5
https://cybermap.kaspersky.com/
https://www.bloorresearch.com/technology/encryptio
n/
Session 5 Page 6
Session 5 Page 7
Session 5 Page 8
Session 5 Page 9
Session 5 Page 10
Session 5 Page 11
Session 5 Page 12
Session 5 Page 13
Session 5 Page 14
Session 5 Page 15
http://www.formaestudio.com/rijnd
aelinspector/
Session 5 Page 16
Session 5 Page 17
Session 5 Page 18
Session 5 Page 19
Session 5 Page 20
https://csrc.nist.gov/projects/hash-
functions
Session 5 Page 21
functions
Session 5 Page 22
Session 5 Page 23
https://www.passwordsgenerators.net/sha256-hash-generator/
Session 5 Page 24
Session 5 Page 25
Session 5 Page 26
Complexity Length
3 1
Session 5 Page 27
Source: https://www.linkedin.com/learning/learning-cryptography-and-network-security-2/providing-
security-services?autoplay=true&resume=false&u=2218586
Session 5 Page 28
Week 9
November 17, 2022 11:28 AM
Session 5 Page 1
Session 5 Page 2
Session 5 Page 3
Session 5 Page 4
Session 5 Page 5
Session 5 Page 6
http://www.digitalattackmap.com
Session 5 Page 7
Session 5 Page 8
Session 5 Page 9
Session 5 Page 10
Session 5 Page 11
Session 5 Page 12
This is how hackers hack you using simple social engineering
Session 5 Page 13
Session 5 Page 14
Session 5 Page 15
Session 5 Page 16
Session 5 Page 17
Session 5 Page 18
Session 5 Page 19
Session 5 Page 20
Session 5 Page 21
Session 5 Page 22
Session 5 Page 23
Session 5 Page 24
Session 5 Page 25
https://informationisbeautiful.
net/visualizations/worlds-
biggest-data-breaches-hacks/
Session 5 Page 26
Session 5 Page 27
Session 5 Page 28
Session 5 Page 29
Session 5 Page 30
Session 5 Page 31
Session 5 Page 32
Session 5 Page 33
https://www.nytimes.com/interactive/2017/05/12/world/europe/wannacry -ransomware-map.html
Session 5 Page 34
https://support.google.com/chrome/answer/95617?hl=en
Session 5 Page 35
Session 5 Page 36
Session 5 Page 37
Session 5 Page 38
about:preferences#privacy
Session 5 Page 39
Session 5 Page 40
Session 5 Page 41
Session 5 Page 42
Session 5 Page 43
Session 5 Page 44
Session 5 Page 45
Session 5 Page 46
Session 5 Page 47
Session 5 Page 48
Cryptography and
Network Security
Eighth Edition
by William Stallings
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. (Table is on page 515 in the textbook)
What is TCP/IP?
1.The application layer provides applications with standardized data exchange. Its
protocols include HTTP, FTP, Post Office Protocol 3, Simple Mail Transfer
Protocol and Simple Network Management Protocol. At the application layer, the
payload is the actual application data.
3.The network layer, also called the internet layer, deals with packets and connects
independent networks to transport the packets across network boundaries. The
network layer protocols are IP and Internet Control Message Protocol, which is used
for error reporting.
4.The physical layer, also known as the network interface layer or data link layer,
consists of protocols that operate only on a link -- the network component that
interconnects nodes or hosts in the network. The protocols in this lowest layer
include Ethernet for local area networks and Address Resolution Protocol.
(a) Network
TCP Level (b) Transport
TCP Level UDP (c) Application Level
TCP
IP/IPSec IP IP
SSL (or TLS) could be provided as part of the underlying protocol suite and
therefore be transparent to applications
Application-specific security services (S/MIME, Kerberos, etc are embedded within the
particular application. Figure 17.1c shows examples of this architecture. The advantage of
this approach is that the service can be tailored to the specific needs of a given
application.
What is IPsec?
- "IP" stands for "Internet Protocol" and "sec" for "secure." The
Internet Protocol is the main routing protocol used on the
Internet
Key exchange: Keys are necessary for encryption; a key is a string of random
characters that can be used to "lock" (encrypt) and "unlock" (decrypt) messages.
IPsec sets up keys with a key exchange between the connected devices, so that
each device can decrypt the other device's messages.
Packet headers and trailers: All data that is sent over a network is broken down
into smaller pieces called packets. Packets contain both a payload, or the actual
data being sent, and headers, or information about that data so that computers
receiving the packets know what to do with them. IPsec adds several headers to
data packets containing authentication and encryption information. IPsec also
adds trailers, which go after each packet's payload instead of before.
Encryption: IPsec encrypts the payloads within each packet and each packet's IP
header (unless transport mode is used instead of tunnel mode — see below). This
keeps data sent over IPsec secure and private.
Transmission: Encrypted IPsec packets travel across one or more networks to their
destination using a transport protocol. At this stage, IPsec traffic differs from
regular IP traffic in that it most often uses UDP as its transport protocol, rather
than TCP. TCP, the Transmission Control Protocol, sets up dedicated connections
between devices and ensures that all packets arrive. UDP, the User Datagram
Protocol, does not set up these dedicated connections. IPsec uses UDP because
this allows IPsec packets to get through firewalls.
Decryption: At the other end of the communication, the packets are decrypted,
and applications (e.g. a browser) can now use the delivered data.
© 2020 Pearson Education, Inc.,
Hoboken, NJ. All rights reserved.
What is TLS?
- is a cryptographic protocol that provides end-to-end security of data sent
between applications over the Internet.
- TLS evolved from Secure Socket Layers (SSL) which was originally
developed by Netscape Communications Corporation in 1994 to secure
web sessions. SSL 1.0 was never publicly released, whilst SSL 2.0 was
quickly replaced by SSL 3.0 on which TLS is based.
- It should be noted that TLS does not secure data on end systems. It simply
ensures the secure delivery of data over the Internet, avoiding possible
eavesdropping and/or alteration of the content.
- symmetric cryptography, data is encrypted and decrypted with a secret key known
to both sender and recipient; typically 128 but preferably 256 bits in length
(anything less than 80 bits is now considered insecure). Symmetric cryptography is
efficient in terms of computation, but having a common secret key means it needs
to be shared in a secure manner.
- Asymmetric cryptography uses key pairs – a public key, and a private key. The
public key is mathematically related to the private key, but given sufficient key
length, it is computationally impractical to derive the private key from the public
key. This allows the public key of the recipient to be used by the sender to encrypt
the data they wish to send to them, but that data can only be decrypted with the
private key of the recipient.
- For this reason, TLS uses asymmetric cryptography for securely generating and
exchanging a session key. The session key is then used for encrypting the data
transmitted by one party, and for decrypting the data received at the other end.
Once the session is over, the session key is discarded.
Could be provided as
part of the underlying
protocol suite and
Defined in RFC 5246 therefore be
TLS version 1.2 transparent to
applications
Is an Internet standard
Is a general purpose
that evolved from a
service implemented as
commercial protocol
a set of protocols that
known as Secure
rely on TCP
Sockets Layer (SSL)
Record Protocol
TCP
IP
The SSL protocol consists of two layers of protocols: the SSL record
protocol at the lower layer and the SSL handshake protocol, the change
cipher spec protocol, and the alert protocol at the upper layer.
Specifies the
bulk data
An arbitrary encryption
byte algorithm and A flag
An X509.v3
sequence The algorithm a hash 48-byte indicating
certificate of
chosen by the used to algorithm secret shared whether the
the peer; this
server to compress used for MAC between the session can
element of
identify an data prior to calculation; client and the be used to
the state may
active or encryption also defines server initiate new
be null
resumable cryptographic connections
session state attributes
such as the
hash_size
Fragment
Compress
Add MAC
Encrypt
Append TLS
Record Header
The Record Protocol takes an application message to be transmitted, fragments the data
into manageable blocks, optionally compresses the data, applies a MAC, encrypts,
adds a header, and transmits the resulting unit in a TCP segment. Received data
are decrypted, verified, decompressed, and reassembled before being delivered to
higher-level users.
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
Application Data
Fragment
Compress
encrypted
■■ Compressed Length (16 bits): The (optionally
compressed)
Plaintext
encrypted
(optionally
compressed)
Record Protocol
TCP
IP
The SSL protocol consists of two layers of protocols: the SSL record
protocol at the lower layer and the SSL handshake protocol, the change
cipher spec protocol, and the alert protocol at the upper layer.
ate
certific
ge
key _exchan
server_ Phase 2
Server may send certificate, key exchange,
te_req uest
certifica
and request certificate. Server signals end
of hello message phase.
e
he llo_don
server_
Time
certifica
te
client_k Phase 3
e y_ e xc h
an ge Client sends certificate if requested. Client
sends key exchange. Client may send
certifica
te_verif certificate verification.
y
change_
cipher_
spec
finished
Phase 4
Change cipher suite and finish
spec
cipher_ handshake protocol.
change_
finished
Record Protocol
TCP
IP
The SSL protocol consists of two layers of protocols: the SSL record
protocol at the lower layer and the SSL handshake protocol, the change
cipher spec protocol, and the alert protocol at the upper layer.
Record Protocol
TCP
Transmission control protocol provides reliable, connection-
oriented end-to-end delivery.
IP
Internet protocol provides datagram delivery across
multiple networks.
SSH-protoversion-softwareversion
Identification string
exchange SSH-protoversion-softwareversion
SSH_MSG_KEXINIT
Algorithm
negotiation SSH_MSG_KEXINIT
Key Exchange
SSH_MSG_NEWKEYS
End of
key exchange SSH_MSG_NEWKEYS
Service SSH_MSG_SERVICE_REQUEST
request
payload Fragment
Compress
Add MAC
COMPRESS
Encrypt
Append TLS
Record Header
ENCRYPT MAC
ciphertext
SSH Packet
• Password
• The client sends a message containing a plaintext password, which is
protected by encryption by the Transport Layer Protocol
• Hostbased
• Authentication is performed on the client’s host rather than the client
itself
• This method works by having the client send a signature created with the
private key of the client host
• Rather than directly verifying the user’s identity, the SSH server verifies
the identity of the client host
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
Connection Protocol
• The SSH Connection Protocol runs on top of the SSH Transport
Layer Protocol and assumes that a secure authentication
connection is in use
• The secure authentication connection, referred to as a tunnel, is used
by the Connection Protocol to multiplex a number of logical channels
• Channel mechanism
• All types of communication using SSH are supported using separate
channels
• Either side may open a channel
• For each channel, each side associates a unique channel number
• Channels are flow controlled using a window mechanism
• No data may be sent to a channel until a message is received to
indicate that window space is available
• The life of a channel progresses through three stages: opening a
channel, data transfer, and closing a channel
SSH_MSG_CHANNEL_OPEN
Open a
channel SSH_MSG_CHANNEL_OPEN_CONFIR MATION
SSH_MSG_CHANNEL_DATA
SSH_MSG_CHANNEL_DATA
Data
transfer
SSH_MSG_CHANNEL_DATA
SSH_MSG_CHANNEL_DATA
Close a SSH_MSG_CHANNEL_CLOSE
channel
X11
•Refers to the X Window System, a computer software system and network protocol that
provides a graphical user interface (GUI) for networked computers
•X allows applications to run on a network server but to be displayed on a desktop
machine
Forwarded-tcpip
•Remote port forwarding
Direct-tcpip
•Local port forwarding
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
Port Forwarding
• One of the most useful features of SSH
Client Server
Application Application
x y
TCP Unsecure TCP connection TCP
entity entity
Client Server
Application Application
x y
Secure SSH Tunnel
SSH SSH
entity entity
a b
TCP Unsecure TCP connection TCP
entity entity