Embed Size (px)
DESCRIPTION
Security I – General principles. First, we will look at general methods of making a secure connection, which are widely applicable. Then, look at the specifics for grid computing, which has additional security requirements and constraints. Basic Principles. Secure Connections. - PowerPoint PPT Presentation
Citation preview
Security
I – General principles
• First, we will look at general methods of making a secure connection, which are widely applicable.
• Then, look at the specifics for grid computing, which has additional security requirements and constraints.
Basic Principles
Secure Connections
• Secure connections are needed in many computer related activities, including e-business and grid computing.
Dealing with users and resources
Two critically important factors are:
• Authentication– Process of deciding whether a particular
identity is who he says he is (applies to humans and systems)
• Authorization– Process of deciding whether a particular
identity can access a particular resource– Access control Broader aspect of
authorization controlling specific types of access.
Authentication
Password-Based
• User enters a user name and password.
• User name and password sent through network to server.
• Server validates name and password and responds.
Name and Password
• Consider a login prompt:
login% abwThere is no such userlogin%
Name and Password
• A different login prompt behavior:
login% abwpassword% ******authentication failedlogin%
• Second version a little more secure because it reveals less information to a potential intruder, but ...
Name and Password
• Since name and password sent in plain text, vulnerable to interference and being stolen.
• Need a system in which in one can be sure of sender.
Two aspects:
• Send information in an encrypted form.
• Have a trusted third party or some sure way of proving identity.
Data Confidentiality
• Information exchange needs to protected against eavesdroppers.
• Make data in a form that makes it unreadable except by the parties that are to read it.
CryptographyBasic idea:
Encryption• Convert the original message (clear text, or
plain text) to the encrypted message (ciphertext)
Decryption• Reverse process of retrieving plaintext from
encrypted text
Can either:
• Make encryption/decryption algorithm(s) hidden, so that an intruder cannot know it,
or, better:
• Use known algorithms and use a hidden key with the algorithms.
Cryptography algorithms with keys
• Converts data into scrambled binary patterns, using a large binary number called a key.
• A key is also used to convert the scrambled patterns back to the original data.
• Algorithms are well-known - it is a specific key(s) that must be kept secure.
Secret Key Cryptography• Sender and receiver has a same secret key in
their possession.
• Sender uses secret key to encrypt data.
• Receiver uses same key to decrypt data.
• Known as symmetric cryptography. Key is called a symmetric key.
Encryption and Decryption
My message that must be kept secret
Original data
Cipher data Original
data
Same key
1SEJGDAKLIRD4BNIOAWNM69CVPQEKTDGE
My message that must be kept secret
Simple Secret-Key ExampleData (“abra”) has binary representation:
01100001011000100011100101100001
Choose random string of bits as key:
10011101010010001111010101011100
Exclusive-OR patterns to get encrypted message:
11111100001010101000011100111101
To get original message back, use same algorithm and key! Practical algorithms much more complex.
Common Symmetric Key Cryptography Systems
• Data Encryption Standard (DES) 56-bit key plus 8 parity bits - IBM 1970’s.
• Triple-DES 112 bit key plus 16 parity bits or 168-bit plus 24 parity bits.
• RC2 and RC4 variable sized key, often 40 to 128 bits.
Problemswith Symmetric Key Cryptography
• Need a way of both sender and receiver to obtain secret key without anyone else knowing the key.
• Need a different key for each receiver that a sender may communicate with.
Advantagesof Symmetric Key Cryptography
• Fast encryption/decryption (compared to asymmetric key cryptography (see next).
Used because of speed in conjunction with asymmetric key cryptography.
Public-Key Cryptography• Public invention due to Whitfield Diffie & Martin
Hellman at Stanford Univ. in 1976 (known earlier in classified community, UK)
• Probably most significant advance in the 3000 year history of cryptography
• Uses clever application of number theoretic concepts of functions
• Complements rather than replaces secret key cryptography
Public Key Cryptography(Asymmetric key pair)
Two keys are formed:
• a public key to encrypt the transmission, and• a private key to decrypt the transmission
(or vice versa).
Encryption and Decryption
My message that must be kept secret
Original data
Cipher data
Original data
1SEJGDAKLIRD4BNIOAWNM69CVPQEKTDGE
My message that must be kept secretPublic
keyPrivate
Key
Receiver’s
Public Key and Private Key
• Public and private keys are pairs such that a message encrypted with the public key can only be decrypted with the private key (and vice versa).
• Public key, as name suggests, is available to all.
• Private key only known by it’s owner.
• Not possible to find the private key from the public key for all practical purposes.
Public-Key Cryptography
Public Key Cryptography
Example
Rivest, Shanir, and Adleman (RSA)
RSA algorithm invented by Ronald L. Rivest, Adi Shamir, and Leonard Adleman in 1977.
Variable sized key, usually between 512 - 2048 bits.
RSA Algorithm• Find P and Q, two large prime numbers
(e.g., 1024-bit).
• Choose E such that:
1. E is greater than 1,2. E is less than PQ, and3. E and (P-1)(Q-1) have no prime factors in
common (relatively prime).
E does not have to be prime, but it must be odd. (P-1)(Q-1) can't be prime because it's an even number.
RSA Algorithm (cont.)
• Compute D such that (DE - 1) is evenly divisible by (P-1)(Q-1).
Simply find an integer X that causes D = (X(P-1)(Q-1) + 1)/E to be an integer, then use that value of D.
RSA Algorithm (cont.)
Encryption function is:
C = (TE) mod PQwhere:– C is the encrypted message (ciphertext)
a positive integer),– T is the message being encrypted
plaintext (a positive integer).
T must be less than the modulus, PQ.
RSA Algorithm (cont.)Decryption function is:
T = (CD) mod PQwhere:
– C is the encrypted message (ciphertext) a positive integer),
– T is the message being encrypted plaintext (a positive integer).
RSA Algorithm (cont.)• Your public key is the pair (PQ, E).• Your private key is the number D (reveal it to
no one).
PQ called the modulusE is the public exponent.D is the secret exponent.
No known easy methods of calculating D, P, or Q given only (PQ, E) (your public key) if P and Q are very large (1024 bit or more).
• Though it is widely suspected to be true, it is not yet proven that no easy methods of factoring exist.
• It is not yet proven that the only way to crack RSA is to factor PQ.
• See http://en.wikipedia.org/wiki/RSA for interesting attempts to break code.
Example of the RSA AlgorithmFirst prime number: P = 61Second prime number Q = 53
Modulus: PQ = 3233 Public exponent: E = 17Private exponent: D = 2753
Destroy P and Q after computing E and D.
Your public key is (E, PQ). Your private key is D.
Example of the RSA Algorithm (cont.)
Encryption function
encrypt(T) = (TE) mod PQ = (T17) mod 3233
Decryption function
decrypt(C) = (CD) mod PQ = (C2753) mod 3233
Example of the RSA Algorithm (cont.)
To encrypt the plaintext value 123, do this:
encrypt(123) = (12317) mod 3233 = 855
To decrypt the ciphertext value 855, do this:
decrypt(855) = (8552753) mod 3233 = 123
Aside• Idea of public key schemes was published in
1977 by Diffie & Hellman.
• Concept previously described in a classified report in 1970 by James Ellis (UK). Subsequently declassified in 1987.
• In classified documents, RSA discovered first, then Diffie-Hellman, opposite to the order of public discovery!
How secure is public key encryption?
• Like secret key schemes, brute force exhaustive search attack is always theoretically possible
but
• Requires the use of very large numbers• Hence slower than secret key schemes
Aside
• One grid computing project done last year was breaking codes by exhaustive search.
Sequential Search
tst s/p
(a) Searching each sub-space sequentially
Start Time
t
Solution foundxts/p
Sub-spacesearch
From : Parallel Programming: Techniques and Application Using Networked Workstations and Parallel Computers 2nd edition, by Barry Wilkinson & Michael Allen, Prentice Hall 2004.
Using Multiple Identical Grid
Services
Solution found
t
(b) Searching each sub-space in parallel
Searching each sub-space in parallel
Solution found
Non-repudiation
• Public key cryptography can provide for non-repudiation
– Sender cannot deny they sent out a message if encrypted with their private key. Can be read with their public key.
Non-repudiation
My message that must be kept secret
Original data
Cipher data
Original data
1SEJGDAKLIRD4BNIOAWNM69CVPQEKTDGE
My message that must be kept secretPrivate
key
Public Key
Sender’s
Question - Why is it not sufficient to simply encrypt with receiver’s public key and decrypt with receiver’s private key:
My message that must be kept secret
Original data
Cipher data
Original data
1SEJGDAKLIRD4BNIOAWNM69CVPQEKTDGE
My message that must be kept secretPublic
keyPrivate
Key
Receiver’s
Answer
• Anyone has access access to the public key and could send the message.
Public Key CryptographyDouble Encryption
My message that must be kept secret
My message that must be kept secret
yuicfhkh[pa2354mghdas67f
Receiver’s public key
Receiver’s private Key
Original data
Transmitted data
Original data
Sender Receiver
Sender’s public
key
Sender’s private
Key
Slow but secure.
Problem with Public Key Cryptography used alone
• Slow
• Can only send encrypted data for decryption to one destination at a time (not broadcast).
This aspect does not seem to be addressed in the literature. Maybe not a big deal.
Problem with Public Key Cryptography used alone
• If you want to send data to a destination that only it could decrypt, one would use its public key to encrypt, but:
Cannot be sure that a particular sender is sending the message encrypted with the public key as everyone knows this key.
Data Confidentially and Data Integrity
Data Confidentially and Data Integrity
• Data Confidentiality - information exchange needs to protected against eavesdroppers.
• Data Integrity - need to assure that message was not modified in transit (intentionally or by accident).
Achieving Data Confidentially and Data Integrity
• “Encrypt” data in a form that makes it unreadable except by the parties that are to read it, and
• Attach a binary pattern with the message computed from the message, which changes if the message has been altered.
Digital Signatures
• A way of achieving authentication and data integrity.
• Uses a hash function to create a message digest, a “footprint” of the message, which is encrypted with sender’s private key to create a digital signature.
• Digital signature attached to message.
Hash Function
• Applying hash function to data will create a small fixed sized block of data, called in this in text a message digest.
• Cannot obtain original data from the digest - hence one-way.
• Changes to the data will usually alter the message digest.
Digital Signature
my message that must be kept secret
asthf12934
Hash function Sender’s
Private Key
DataMessage
Digest
Digital Signature
Attach digital signature to message (data)
Checking digital signatureReceiver can do the following:
1. Create a message digest from message using same hash function.
2. Decrypt message digest with sender’s public key.
3. Compare two message digests - if same message should be from sender and not altered.
Checking digital signature
This is my message
Public keyPrivate Key
Original data
Network Original data
Digital signature
Hash
Hash
If same, data ok
• Digital signature alone not sufficient to ensure data not altered and is from the sender.
• Possible that public key is a fake. Still could get matching digital signatures.
Certificates
• A digital document belonging to the “End-Entity” listing its specific public key.
• A trusted party (a certificate authority, CA) certifies that the public key does in fact belong to the end-entity on the certificate.
• Certificate comparable to a Driver’s license or passport.
Certificate
Certificate
This certificate belongs to: Barry Wilkinson
Public key of certificate owner:
Signature of Certificate Authority: MyCAOther information also on certificate, see later.
Certificate Authority
• Certificate Authority has to first create it’s own certificate to identify itself (keeping its private key protected).
• End-Entities submit their details to CA for CA to issue a certificate back to End-Entity.
Types of Certificates
• X.509 most widely used.
• Defined by International Telecommunications Union (ITU)
• Version 1 defined in 1988
• Version 2 , Version 3 (1996) adds fields, see next slide.
X.509 Format (version 3)
Certificate version
Certificate serial number
Issuer signature algorithm ID
Issuer X-500 name
Validity period
Subject X-500 name
Subject public key information: Algorithm ID; Public key value
Issuer unique ID
Subject unique ID
Extensions
Issuer digital signature
Public Key CertificatesIf• you trust the Certificate Authorityand• you are confident that the key that you have is
really the public key of the Certificate Authoritythen• you can decrypt the certificate with confidence to
obtain the public key of the sender.
Read http://docs.sun.com/source/816-6154-10/contents.htm, section starting with Certificates and Authentication
Public Key and Secret Key Cryptography Together
• Public Key and Secret Key Cryptography generally used together.
• Public key Cryptography with Certificates and a Certificate Authority (CA) used to establish a secure authenticated connection between parties. Then:– Secret key passed between parties.– Secret key cryptography used to encrypt data, which is
much faster than public key cryptography.
Use of Public Key Infrastructure(PKI)
• Several network protocols have embedded public key and/or secret key cryptographic algorithms.
• Most notable is SSL (Secure Socket Layer) Protocol), which can be added on top of protocols such as http (i.e. https), FTP (sftp), and telnet. – described later
Others include:
• S/MIME (Secure Multipurpose Internet Mail Extensions) -- for secure email, developed by RSA Data Security Inc, see:
http://www.rsa.com/smime
• SET (Secure Electronic Transaction) -- for
secure e-commerce, developed jointly by Visa, Mastercard, IBM, and other companies, for secure credit card transactions over the Internet, see:
http://www.setco.org
Certificate Authorities• Commercial Certificate Authorities exist, such as:
– VeriSign Inc.– Entrust Technologies Inc.,
• Web browsers have built-in recognition such trusted CAs, allowing SSL and other secure connections.
General Public Key Infrastructure
From: “Deploying a Public Key Infrastructure,” IBM Redbook, SG24-5512-00.
Certificate Repository
• Used to store:– Issued certificates– Revoked certificates (CRLs - Certificate
Revocation List)– Might be accessed through LDAP
(Lightweight Directory Access Protocol)
Registration Authority
• Acts for CA for some management functions (see IBM Redbooks).
• Not strictly necessary as CA could do all functions.
CA’s own certificateCA needs it own certificate identify itself• First it generates key pair.• It protect its private key. (This is vitally important!)• It then creates a
certificate and signsit with its private key:
CA’s public key
Certificate
CA’s digital signature
CA’s X-500 name
Requesting a certificate from a CA
• Usually the requesting client generates a public/private key pair and then submits an unsigned certificate to the CA.
• The certificate returned signed by the CA contains the public key.
QuestionWhy usually does the CA not generate the public/private key pair for the requester?
Answer
Because it would require the private key to be sent to the requester.If the requester generates the private key, it is more secure as it does not leave requester.
Using a signed certificate to send a secure message
• One can attached it to your message.• Alternatively, the message is sent without a
certificate and the receiver has to retrieve the certificate from a public place.
Either way, the receiver checks the signature. It has to be CA it can trust.
CertificateLifetime
• Certificates have a limited lifetime for security purposes, i. e. certificates are issued with an expiration date.
• Have a renewal process but user will normally have same public/private key pair.
Systems/protocols using security mechanisms
SSL (Secure Socket Layer) Protocol
• Uses public/private keys.
• Introduced by Netscape and widely adopted.
• Supported by both Netscape and Microsoft Internet Explorer browser.
• TLS (Transport Layer Security) newer but similar.
• Requires several message to be exchanged between client and server
• Described here in four phases.
Phase I
• Client starts handshake and sends:– a random number, X.– list of supported ciphers and compression
algorithms
Phase II
• Server selects cipher and compression algorithm, and notifies client. Then it sends:– another random number, Y.– a server certificate which includes public
key
Phase III
• Client sends:– a “premaster” secret encrypting it with
server public key– possibly a client certificate
Phase IV• Handshake finished. Message sent to inform client.
• Server and client each generate a master secret by combining random numbers X and Y, and the premaster secret.
• Several secret keys are generated from the master secret, one to encrypt the data.
• Encrypted data then sent to client.
SSLEnsures:
• Authentication (by verifying certificates)
• Confidentiality ((by encrypting data with secret key)
• Integrity (by digesting data)
Non-repudiation not ensured because Message Authentication Code (MAC) of transmitted data calculated with common secret key.
Globus Grid Security Infrastructure(GSI)
• Uses public key cryptography.• Secure communication for authentication etc.• Task communication can be encrypted with
shared key if required.• Security across organizational boundaries• Proxies provide “single sign-on”.
Next set of slides (Grid computing Security).
