ET4085/ET5085 Keamanan Jaringan Telekomunikasi ET4085/ET5085 Telecommunication Network Security

http://wp.me/P29YQz-k

TUTUN JUHANA TELECOMMUNICAT ION ENGINEERING

SCHOOL OF ELECTRICAL ENGINEERING & INFORMATIC SINST ITUT TEKNOLOGI BANDUNG

ht tp : / / t e l ecommun icat ion . i tb .ac . id /~tu tun /ET4085

ET4085/ET5085 Keamanan Jaringan Telekomunikasi

ET4085/ET5085 Telecommunication Network Security

Cryptography

Definition

Came from Greek cryptography krupto (hidden or secret) and grafh (written)Art of secret

writing

Services Provided by Cryptography

User Authentication

Data Authentication Data integrity

Data Integrity

Data origin authentication

He can claim that he is A

Non-repudiation of origin

Data confidentiality

Friends and enemies: Alice, Bob, Trudy

well-known in network security world Bob, Alice (lovers!) want to communicate

“securely”Trudy (intruder) may intercept, delete, add

messages

Who might Bob, Alice be?

Real-life Bobs and Alices!Web browser/server for electronic

transactions (e.g., on-line purchases)on-line banking client/serverDNS serversrouters exchanging routing table updatesetc.

The language of cryptography

m plaintext messageKA(m) ciphertext, encrypted with key KAm = KB(KA(m)) symmetric key crypto: sender, receiver keys identicalpublic-key crypto: encryption key public, decryption key secret

(private)

Symmetric key cryptography

symmetric key crypto: Bob and Alice share known same (symmetric) key: KAB e.g., key is knowing substitution pattern in mono

alphabetic substitution cipher

substitution cipher: substituting one thing for another monoalphabetic cipher: substitute one letter for

another

Deciphering techniques (attacks on a cryptosystem)

Cipher-text only attack: no clue about contents of message: statistical analysis

Known-plaintext attack: trudy has some plaintext for some ciphertext eg, in monoalphabetic cipher, trudy determines

pairings for a,l,i,c,e,b,oChosen-plaintext attack: trudy can get the

cyphertext for some chosen plaintext Eg, Trudy masquerades as Alice

Statistical analysis example

A typical distribution of letters in English language text

Suppose we have intercepted the cipher-text below, and it is known to be encrypted using a simple substitution cipher LIVITCSWPIYVEWHEVSRIQMXLEYVEOIEWHRXEXIPFEMVEWHKVSTYLXZIXLIKIIXPIJVSZEYPERRGERIM WQLMGLMXQERIWGPSRIHMXQEREKIETXMJTPRGEVEKEITREWHEXXLEXXMZITWAWSQWXSWEXTVEPMRXRSJ GSTVRIEYVIEXCVMUIMWERGMIWXMJMGCSMWXSJOMIQXLIVIQIVIXQSVSTWHKPEGARCSXRWIEVSWIIBXV IZMXFSJXLIKEGAEWHEPSWYSWIWIEVXLISXLIVXLIRGEPIRQIVIIBGIIHMWYPFLEVHEWHYPSRRFQMXLE PPXLIECCIEVEWGISJKTVWMRLIHYSPHXLIQIMYLXSJXLIMWRIGXQEROIVFVIZEVAEKPIEWHXEAMWYEPP XLMWYRMWXSGSWRMHIVEXMSWMGSTPHLEVHPFKPEZINTCMXIVJSVLMRSCMWMSWVIRCIGXMWYMX

For this example, uppercase letters are used to denote ciphertext, lowercase letters are used to denote plaintext (or guesses at such), and X~t is used to express a guess that ciphertext letter X represents the plaintext letter t.

We could use frequency analysis to help solve the message along the following lines: counts of the letters in the cryptogram show that I is the most common single letter, XL most common bigram, and XLI is the most common trigram. e is the most common letter in the English language, th is the most common bigram, and the is the most common trigram. This strongly suggests that X~t, L~h and I~e. The second most common letter in the cryptogram is E; since the first and second most frequent letters in the English language, e and t are accounted for, We guess that E~a, the third most frequent letter. Tentatively making these assumptions, the following partial decrypted message is obtained.

17 heVeTCSWPeYVaWHaVSReQMthaYVaOeaWHRtatePFaMVaWHKVSTYhtZetheKeetPeJVSZaYPaRRGaReM

WQhMGhMtQaReWGPSReHMtQaRaKeaTtMJTPRGaVaKaeTRaWHatthattMZeTWAWSQWtSWatTVaPMRtRSJ GSTVReaYVeatCVMUeMWaRGMeWtMJMGCSMWtSJOMeQtheVeQeVetQSVSTWHKPaGARCStRWeaVSWeeBtV eZMtFSJtheKaGAaWHaPSWYSWeWeaVtheStheVtheRGaPeRQeVeeBGeeHMWYPFhaVHaWHYPSRRFQMtha PPtheaCCeaVaWGeSJKTVWMRheHYSPHtheQeMYhtSJtheMWReGtQaROeVFVeZaVAaKPeaWHtaAMWYaPP thMWYRMWtSGSWRMHeVatMSWMGSTPHhaVHPFKPaZeNTCMteVJSVhMRSCMWMSWVeRCeGtMWYMt

Using these initial guesses, We can spot patterns that confirm our choices, such as "that". Moreover, other patterns suggest further guesses. "Rtate" might be "state", which would mean R~s. Similarly "atthattMZe" could be guessed as "atthattime", yielding M~i and Z~m. Furthermore, "heVe" might be "here", giving V~r. Filling in these guesses, We get:

hereTCSWPeYraWHarSseQithaYraOeaWHstatePFairaWHKrSTYhtmetheKeetPeJrSmaYPassGasei WQhiGhitQaseWGPSseHitQasaKeaTtiJTPsGaraKaeTsaWHatthattimeTWAWSQWtSWatTraPistsSJ GSTrseaYreatCriUeiWasGieWtiJiGCSiWtSJOieQthereQeretQSrSTWHKPaGAsCStsWearSWeeBtr emitFSJtheKaGAaWHaPSWYSWeWeartheStherthesGaPesQereeBGeeHiWYPFharHaWHYPSssFQitha PPtheaCCearaWGeSJKTrWisheHYSPHtheQeiYhtSJtheiWseGtQasOerFremarAaKPeaWHtaAiWYaPP thiWYsiWtSGSWsiHeratiSWiGSTPHharHPFKPameNTCiterJSrhisSCiWiSWresCeGtiWYit

18Chosen-Plaintext Attack example

Penjahat #1 merubahPIN yang dimilikinya (chosen plaintext)

cipher(key,PIN)

PIN di-enkripsi laludikirimkan ke bank

Penjahat #2 melakukanpenyadapan kemudianMempelajari ciphertext dari PIN baru tersebut

… diulangi untuk beberapa nilai PIN

Polyalphabetic encryption

The Alberti cipher by Leon Battista Alberti around 1467 was believed to be the first polyalphabetic cipher

But at 750 AD , Abu Yusuf Yaqub ibn Is-haq Al-Kindi, authored a book on cryptology the "Risalah fi Istikhraj al-Mu'amma" (Manuscript for the Deciphering Cryptographic Messages)

Leon Battista Alberti

Abu Yusuf Yaqub ibn Is-haq Al-Kindi

n monoalphabetic cyphers, M1,M2,…,MnCycling pattern:

e.g., n=4, M1,M3,M4,M3,M2; M1,M3,M4,M3,M2;For each new plaintext symbol, use

subsequent monoalphabetic pattern in cyclic pattern dog: d from M1, o from M3, g from M4

Key: the n ciphers and the cyclic pattern

21How this Cipher Works? Pick a keyword (for our example, the keyword will be "MEC"). Write your keyword across the top of the text you want to encipher,

repeating it as many times as necessary. For each letter, look at the letter of the keyword above it (if it was 'M',

then you would go to the row that starts with an 'M'), and find that row in the Vigenere table.

Then find the column of your plaintext letter (for example, 'w', so the twenty-third column)

Finally, trace down that column until you reach the row you found before and write down the letter in the cell where they intersect (in this case, you find an 'I' there).Keyword: M E C M E C M E C M E C M E C M E C M E C M

Plaintext: w e n e e d m o r e s u p p l i e s f a s tCiphertext: I I P Q I F Y S T Q W W B T N U I U R E U F

Symmetric: Stream Ciphers

Combine each byte of keystream with byte of plaintext to get b of ciphertext

p(i) = ith unit of messageks(i) = ith unit of

keystreamc(i) = ith unit of ciphertextc(i) = ks(i) ⊕ p(i)

(⊕ = exclusive or)p(i) = ks(i) ⊕ c(i)

Problems with stream ciphers

Known plain-text attackThere’s often predictable and repetitive

data in communication messagesattacker receives some cipher text c and

correctly guesses corresponding plaintext m

ks = m ⊕ cAttacker now observes c’m’ = (m ⊕ c) ⊕ c’

Even easierAttacker obtains two ciphertexts, c and c’,

generating with same key sequencec ⊕ c’ = m ⊕ m’There are well known methods for

decrypting 2 plaintexts given their XOR

Integrity problem toosupppose attacker knows m and c;want to change m to m’c’ = c ⊕ (m ⊕ m’)send c’ to destination

Example of stream cipher:A5 (for GSM)RC4

Symmetric encryption: block ciphers

Message to be encrypted is processed in blocks of bytes (8 or 16).

Block cipher: huge lookup tableExample: 2-bit blocks and 2-bit keys

Each column should be a random permutation of all possible output strings

If block is 64 bits and key is 56 bits, have 264 rows, 256 columns, 2120 entries

Table too big: instead use function that simulates a randomly permuted table

c(i) = KAB(m(i)) : encrypt block m(i) using key ABm(i) = KAB(c(i)) : decrypt block c(i) using key ABProblem: if m(i) and m(j) same, c(i) and c(j) same

Attacker may be able to guess m(i) from context of message

Block ciphers: cipher block chaining

Don’t want same plaintext giving same ciphertext Have encryption of current block depend on result

of previous block c(i) = KAB( m(i) ⊕ c(i-1) ) m(i) = KAB( c(i) ⊕ c(i-1) )

How do we encrypt first block? Initialization vector (IV): random block = c(0) IVs do not have to be secret

Symmetric key crypto: DESDES: Data Encryption Standard

US encryption standard [NIST 1993] 56-bit symmetric key, 64-bit plaintext input Block cipher with cipher block chaining

How secure is DES? DES Challenge: 56-bit-key-encrypted phrase

decrypted (brute force) in less than a day No known good analytic attack

making DES more secure: 3DES: encrypt 3 times with 3 different keys

(actually encrypt, decrypt, encrypt)

31DES operation

initial permutation16 identical “rounds” of function application, each using different 48 bits of keyfinal permutation

AES: Advanced Encryption Standard

New (Nov. 2001) symmetric-key NIST standard, replacing DES

processes data in 128 bit blocks128, 192, or 256 bit keysbrute force decryption (try each key)

taking 1 sec on DES, takes 149 trillion years for AES

Key Distribution Center (KDC)

Alice, Bob need shared symmetric key.KDC: server shares different secret key with

each registered user (many users)Alice, Bob know own symmetric keys, KA-KDC KB-

KDC , for communicating with KDC.

Q: How does KDC allow Bob, Alice to determine shared symmetric secret key to communicate with each other?

Public Key Cryptography

symmetric key crypto requires sender,

receiver know shared secret key

Q: how to agree on key in first place (particularly if never “met”)?

public key cryptography radically different

approach [Diffie-Hellman76, RSA78]

sender, receiver do not share secret key

public encryption key known to all

private decryption key known only to receiver

Public key encryption algorithms

RSA: Choosing keys

RSA: Encryption, decryption

RSA example

RSA: another important property

RSA is slow

Exponentiation is computationally intensive

DES is at least 100 times faster than RSA

Session key, KSBob and Alice use RSA to exchange a

symmetric key KSOnce both have KS, they use DES

Message Authentication

Allows communicating parties to verify that received messages are authentic.Verify content of message has not been

altered Source is authenticMessage has not been artificially delayed

(playback attack)Sequence of messages is maintained

Why not use encryption?Often overkill, computationally

expensiveBroadcast message

Let’s first talk about message digests

Message Digests

Function H( ) that takes as input an arbitrary length message and outputs a fixed-length strength: “message signature”

Note that H( ) is a many to-1 function

H( ) is often called a “hash function”

Desirable properties:Easy to calculate Irreversibility: Can’t determine m from

H(m)Collision resistance: Computationally

difficult to produce m and m’ such that H(m) = H(m’)

Seemingly random output

Hash Function Algorithms

MD5 hash function widely used (RFC 1321)computes 128-bit message digest in 4-step

process.arbitrary 128-bit string x

appears difficult to construct msg m whose MD5 hash is equal to x.

SHA-1 is also used.US standard [NIST, FIPS PUB 180-1]160-bit message digest

Message Authentication Code (MAC)

Digital SignaturesCryptographic technique analogous to

handwritten signatures.sender (Bob) digitally signs document,

establishing he is document owner/creator.

verifiable, nonforgeable: recipient (Alice) can prove to someone that Bob, and no one else (including Alice), must have signed document

Digital Signature Standard

Certification Authorities

Certification authority (CA): binds public key to particular entity, E.

E (person, router) registers its public key with CA. E provides “proof of identity” to CA. CA creates certificate binding E to its public key. certificate containing E’s public key digitally signed by

CA CA says “this is E’s public key”

When Alice wants Bob’s public key: gets Bob’s certificate (Bob or elsewhere). apply CA’s public key to Bob’s certificate, get Bob’s

public key

Certificates: summary

Primary standard X.509 (RFC 2459)Certificate contains:

Issuer nameEntity name, address, domain name, etc.Entity’s public keyDigital signature (signed with issuer’s

private key)

End-point authentication

Goal: Bob wants Alice to “prove” her identity to him

Protocol ap1.0: Alice says “I am Alice”

Goal: Bob wants Alice to “prove” her identity to him

Protocol ap1.0: Alice says “I am Alice”

End-point authentication: another try

Protocol ap2.0: Alice says “I am Alice” in an IP packet containing her source IP address

End-point authentication: another try

Protocol ap3.0: Alice says “I am Alice” and sends her secret password to “prove” it.

End-point authentication: yet another try

Protocol ap3.1: Alice says “I am Alice” and sends her encrypted secret password to “prove” it.

End-point authentication: yet another try

Goal: avoid playback attackNonce: number (R) used only once-in-a-

lifetimeap4.0: to prove Alice “live”, Bob sends Alice

nonce, R. Alice must return R, encrypted with shared secret key

End-point authentication: ap5.0

ap4.0 requires shared symmetric keycan we authenticate using public key

techniques?ap5.0: use nonce, public key cryptography

ap5.0: security hole

Man (woman) in the middle attack: Trudy poses as Alice (to Bob) and as Bob (to Alice)

ap5.0: security hole

Man (woman) in the middle attack: Trudy poses as Alice (to Bob) and as Bob (to Alice)

ET4085/ET5085 Keamanan Jaringan Telekomunikasi ET4085/ET5085 Telecommunication Network Security

Documents

TEE 843 – Sistem Telekomunikasi · 2020. 2. 23. · – Jartel & Jarkom (Jartelkom), Rekayasa Trafik, Manjartel, Rekayasa Internet, Keamanan Jartel, dll. • Teori Informasi dan

keamanan jaringan telekomunikasi berbasis …...3. Berkoordinasi dengan pihak-pihak terkiat di dalam maupun luar negeri didalam menjalankan tugas pengamanan jaringan telekomunikasi

BAB I PENDAHULUAN · Mengamankan operasi dan keamanan seluruh jaringan telekomunikasi Pemerintah Daerah ; h. Melakukan pembinaan operator, peralatan sandi dan telematika ; i. Melakukan

ELEKTRONIKA TELEKOMUNIKASI

JARINGAN TELEKOMUNIKASI

Dasar Telekomunikasi

PDF17 - · PDF filetentang Telekomunikasi ... kepada pemilik menara telekomunikasi untuk ... (4) Penyedia menara yang bukan penyelenggara telekomunikasi,

Telekomunikasi Analog

telekomunikasi polinema

Dasar Telekomunikasi - Slide week 2a jaringan dasar telekomunikasi

S1 Teknik Telekomunikasi Fakultas Teknik Elektro … · 2018-04-28 · KEAMANAN JARINGAN | TTH3K3 | Kur. 2016 | 2017/2018 SSL/TLS (Transport Layer Security) Outlines : ... highest

dasr telekomunikasi

Krida telekomunikasi

Telekomunikasi Pedesaan

SK Gubernur Jabar Tentang UMK 2013 - betterwork.org...Rotan, pengolahan Kayu, Perhutanan dan Industri Pengolahannya Jasa Pos, Telekomunikasi dan Keamanan Industri Engineering, Manufaktur

Telekomunikasi Radio

TELEKOMUNIKASI: Konsep Fundamental Telekomunikasi · telekomunikasi adalah seluruh unsur/elemen baik infrastruktur telekomunikasi, perangkat telekomunikasi, sarana dan prasarana telekomunikasi,

Sinyal Telekomunikasi

denpasarkota.go.id Pembangunan...PENGENDALIAN PERANGKAT DAN MENARA TELEKOMUNIKASI ... Peraturan Pemerintah Nomor 3 Tahun 2001 tentang Keamanan dan Keselamatan ... dan Tata Kerja Dinas

Perkembangan Telekomunikasi Indonesialilik/seminar/5_DirjenPosTel_BasukYusufIskandar.pdf · telekomunikasi dan pengguna jasa telekomunikasi yJaringan ini akan terintegrasi dengan