UNIT 5 NETWORK MANAGEMENT SECURITY

NETWORK MANAGEMENT The main purpose of network management is to monitor, manage and control a network. Network Management tasks can be characterized as follows : Fault management Configuration management Accounting management. Performance management Security management

Elements of Network Management Network management has three main components : 1. A Management Station 2. A Managed Device with agent 3. A Network Management Protocol. 4. The management station consists of the network administrator and his/her facilities. 5. A managed device is the network equipment, including its software that is controlled by managing center. Example :hub,bridge,server,router,printer, modem 6. The network management protocol is a policy between the managing center and the managed devices. What is SNMP? SNMP is a tool (protocol) that allows for remote and local management of items on the network including servers, workstations, routers, switches and other managed devices. Comprised of agents and managers Agent - process running on each managed node collecting information about the device it is running on.

pg. 1

 Manager - process running on a management workstation that requests information about devices on the network. Ports and UDP SNMP uses User Datagram Protocol (UDP) as the transport mechanism for SNMP messages SNMP is asynchronous request response protocol enhanced with trap directed polling SNMP uses two well-known ports to operate: UDP Port 161 - SNMP Messages UDP Port 162 - SNMP Trap Messages

Simple Network Management Protocol-SNMP The framework for network management consists of 3 main components: SMI-rules for describing the management information MIB-A virtual database containing information about managed devices. A map of the hierarchical order of all managed objects and how they are accessed SNMP-Protocol for communication between manager and agent of a managed device. Four Basic Operations Get Retrieves the value of a MIB variable stored on the agent machine (integer, string, or address of another MIB variable) GetNext Retrieves the next value of the MIB variable Set Changes the value of a MIB variable Trap An unsolicited notification sent by an agent to a management application (typically a notification of something unexpected, like an error)

pg. 2

Traps Traps are unrequested event reports that are sent to a management system by an SNMP agent process When a trappable event occurs, a trap message is generated by the agent and is sent to a trap destination (a specific, configured network address) Many events can be configured to signal a trap, like a network cable fault, failing NIC or Hard Drive, a General Protection Fault, or a power supply failure

Seven PDUs of SNMPv2 1. GetRequest is used to obtain a MIB value. 2. GetNextRequest is used to obtain the next value of a MIB object. 3. GetBulkRequest gets multiple values equivalent to multiple GetRequest but without using multiple overheads. 4. InformRequest is a manager-to-manager message that two communicating management centers are remote to each other. 5. SetRequest is used by managing center to initiate the value of a MIB object. 6. Response is a reply message to a request-type PDU. 7. Trap notifies a managing center that an unexpected event has occurred. SNMP Data Packet

pg. 3

The Get or Set PDU Format PDU Type indicates one of the seven PDU types. Request ID is an ID used to verify the response of a request. Thus a managing center can detect lost requests or replies. Error Status is used only by Response PDUs to indicate types of errors reported by an agent. Error Index is a parameter indicating to a network administrator which names has caused an error. Structure of Management Information (SMI) SMI specifies the format used for defining managed objects that are accessed via the SNMP protocol Abstract Syntax Notation One (ASN.1) used to define the format of SNMP messages and managed objects (MIB modules) using an unambiguous data description format Basic Encoding Rules (BER) used to encode the SNMP messages into a format suitable for transmission across a network Data types in SMI INTEGER -- signed 32-bit integer OCTET STRING-- A string of zero or more bytes with each byte having a value between 0 & 255 OBJECT IDENTIFIER (OID) A number that uniquely identifies a managed object in an SNMP network NULL -- not actually data type, but data value IpAddress -- OCTET STRING of size 4, in network byte order (B.E.) Counter -- unsigned 32-bit integer (rolls over) Gauge -- unsigned 32-bit integer (will top out and stay there) TimeTicks -- unsigned 32-bit integer Opaque -- used to create new data types not in SNMPv1

pg. 4

Management Information Base (MIB) MIB is an virtual database used to define the functional and operational aspects of network devices. The database should contain an object for each functional aspect of a device that needs to be managed. MIB is an information storage medium that contains managed objects reflecting the current status of the network. Objects are organized in a hierarchical manner and are identified by the abstract syntax notation one (ASN.1) object definition language. The hierarchy of object names known as ASN.1 object identifier, is an object identifier tree in which each branch has both a name and a number Information contained in an object Object Name Data type A human-readable description Type of access (read/write) An object identifier Remote Network Monitoring Remote management to obtain monitoring data A network monitor called probe collects data from the managed device Probe-stand alone or embedded in the device itself RMON agent Network Security The combination of low-cost powerful computing and high-performance networks is a twoedged sword: Many powerful new services and applications are enabled But computer systems and networks become highly susceptible to a wide variety of security threats Network security involves countermeasures to protect computer systems from intruders

pg. 5

 Firewalls, security protocols, security practices We will focus on security protocols Threats, Security Requirements, and Countermeasures Network Security Threats Eavesdropping, man-in-the-middle, client and server imposters Denial of Service attacks Viruses, worms, and other malicious code Network Security Requirements Privacy, Integrity, Authentication, Non-Repudiation Countermeasures Communication channel security Border security

Security Requirements Security threats motivate the following requirements: Privacy: information should be readable only by intended recipient Integrity: recipient can confirm that a message has not been altered during transmission Authentication: it is possible to verify that sender or receiver is who he claims to be Non-repudiation: sender cannot deny having sent a given message. Eavesdropping Information transmitted over network can be observed and recorded by eavesdroppers Information can be replayed in attempts to access server Requirements: privacy, authentication, non-repudiation Client Imposter Imposters attempt to gain unauthorized access to server

pg. 6

 Ex. bank account or database of personal records Requirements: privacy, authentication Denial of Service Attack Attacker can flood a server with requests, overloading the server resources Results in denial of service to legitimate clients Requirement: availability Server Imposter An imposter impersonates a legitimate server to gain sensitive information from a client E.g. bank account number and associated user password Requirements: privacy, authentication, non-repudiation Man-in-the-Middle Attack An imposter manages to place itself as man in the middle convincing the server that it is legitimate client convincing legitimate client that it is legitimate server gathering sensitive information and possibly hijacking session Requirements: integrity, authentication Malicious Code A client becomes infected with malicious code Opening attachments in email messages Executing code from bulletin boards or other sources Virus: code that, when executed, inserts itself in other programs Worms: code that installs copies of itself in other machines attached to a network Requirements: privacy, integrity, availability Countermeasures Secure communication channels

pg. 7

 Encryption Cryptographic checksums and hashes Authentication Digital Signatures Secure borders Firewalls Virus checking Intrusion detection Authentication Access Control Cryptography Encryption: transformation of plaintext message into encrypted (and unreadable) message called ciphertext Decryption: recovery of plaintext from ciphertext Cipher: algorithm for encryption & decryption A secret key is required to perform encryption & decryption Substitution Ciphers Substitution Cipher: Map each letter or numeral into another letter or numeral: abcdefghijklmnopqrstuvwxyz zyxwvutsrqponmlkjihgfedcba Example: hvxfirgb security Substitution ciphers are easy to break Take histogram of frequency of occurrence of letters in a ciphertext message Match to known frequencies of letters

pg. 8

Transposition Cipher Transposition Cipher: Rearrange order of letters/numerals in a message using a particular rearrangement: interchange character k with character k+1 Example: security esuciryt Transposition Ciphers are easy to break Suppose plaintext and ciphertext are known Matching of letters in plaintext and ciphertext will reveal transposition mapping Secret Key Cryptography Sender encrypts P by applying mapping EK which depends on secret key K: C = EK(P) Receiver decrypts C by applying inverse mapping DK which also depends on K: DK(EK(P)) = P What makes a good cipher? Algorithm should be easy to implement and deploy on large scale Algorithm should be difficult to break: 1. Number of keys should be very large Attacker cannot try all possible keys 2. The secret key should be very hard to derive from intercepted messages Even if a large number of plaintext & corresponding cyphertexts are known to the attacker Examples of secret key methods discussed later: Data Encryption Standard (DES) and Triple DES Advanced Encryption Standard (AES) Security using Secret Key Cryptography Privacy: secret key renders messages confidential Integrity: alteration of the cipher text will be detected, because the decrypted message will be gibberish

pg. 9

 When privacy is not required, encryption of the entire message is overkill because much processing involved We will see that cryptographic checksums provide integrity and require less processing Authentication using Secret Key Cryptography Send message identifying self Reply with challenge that contains random number r, nonce = number once Send response with encrypted r Apply secret key to decrypt message. If decrypted number is r then the transmitter is authenticated Can now authenticate receiver by issuing a challenge Cryptographic Checksums and Hashes Transmitter calculates a fixed number of bits (crypto checksum/hash) that depends on secret key K: HK(P) Receiver recalculates hash from received message & compares to received hash Hash Algorithm Example The Secure Hash Algorithm 1 (SHA-1) is another example. SHA 1 was developed for use with the Digital Signature Standard (DSS) SHA 1 produces an 160 bit hash and is considered more secure than MD5. A general method of improving the strength of a given hash function is to use the Hashed Message Authentication Code (HMAC) method. Public Key Cryptography Public key cryptography provides privacy using two different keys: Public key K1 available to all for encrypting messages to a certain user: C = EK1(P) Private key K2 for user to decrypt messages: Why Public-Key Cryptography? developed to address two key issues: P = DK2(EK1(P))

pg. 10

 key distribution how to have secure communications in general without having to trust a KDC with your key digital signatures how to verify a message comes intact from the claimed sender What makes a good public key algorithm? EK1 and DK2 should be readily implementable Inverse relationship should hold: P = DK2(EK1(P)) and sometimes P = EK1(DK2(P)) K1 is a relatively small number of bits and K2 is usually a large number of bits It is extremely difficult to decrypt EK1(P) without K2 It should not be possible to deduce K2 from K1 Example: RSA public key cryptography (discussed later) Integrity using Public Key Cryptography Any one can send messages using public key, so integrity not assured directly For integrity, transmitter: 1. encodes P with its private key K2 to obtain 2. encodes P using receivers public key: Receiver: 1. decrypts C, DK2(EK1(P)) = P 2. decrypts P using transmitters public key, EK1(DK2(P)) = P 3. Only the transmitter could have sent this message. Asymmetric Key Authentication Public key cryptography can also be used for authentication Digital Signatures looks like this is a signed document --digsig James A. Donald P = DK2 (P) C = EK1(P)

pg. 11

 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYYYQdkGpbVqsJAyyv5lIJFe1xAnTgNcPuYuhMEASC N82VGAXQ6R2kNeMUedQsobPjpV9UNZzALxAC1 this is a signed document. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkGRG969XQ7CJhkpHmPcigu8yG+YhFGW1+Qrg tC4f5YXFqLPhvouhqn1OHNTWpDNc4UsqRjw4xnGJMT8 Digital Signatures using Public Key Cryptography Digital signature obtained as follows: Transmitter obtains a hash of the message Transmitter encrypts the hash using its private key; result is the digital signature Transmitter sends message and signature To check the signature: Receiver obtains hash of message Receiver decrypts signature using senders public key Receiver compares hash computed from message and hash obtained from signature Procedure also ensures message integrity Secret Key vs. Public Key Public key systems have more capabilities Secret key: privacy, integrity, authentication Public key: all of above + digital signature Public key algorithms are more complex Require more processing and hence much slower than secret key Key Distribution in Secret Key Systems Every pair of users requires a separate shared secret key N(N 1) keys for N users; Grows quickly with N Similar to full-mesh connections for N users

pg. 12

 Solution: Introduce Key Distribution Centers Each users has shared key with the KDC User A has shared key KKA with KDC User B has shared key KKB with KDC KDC provides shared key when A & B need to communicate Key Distribution Center User A contacts the KDC to request a key for use with user B. KDC: Authenticates user A Selects a key KAB and encrypts it to produce EKA(KAB) and EKB(KAB). KDC sends both versions of the encrypted key to A. User A contacts user B and provides a ticket in the form of EKB(KAB) Users A & B both have KAB. Certification Authority (CA) Public key systems require only one pair of keys per user, but they still face the problem of how public key are to be distributed. The public keys must be certified somehow. One approach to address this problem is to establish a Certification Authority (CA). Function of CA To issue certificates that consist of signed message stating the name of given user, his or her public key, s serial number identifying the certificate and an expiration date Key Generation: Diffie-Hellman Exchange A & B pick p a large prime number, and generator g < p A picks x and sends T = gx to B; B picks y and sends R = gy Secret key is K = (gx)y = (gy)x which are calculated by A & B Eavesdropper that obtains p, g, T, R cannot obtain x and y because x = logg T and y = logg R are extremely difficult to solve

pg. 13

Man-in-the-Middle Attack Diffie-Hellman Exchange -Weakness The required exponentials need many multiplications for large prime numbers p It could produce a heavy computational burden on a machine and result in Denial Of Service to legitimate Client. Packet structure for authentication and integrity service

Packet structure for privacy service

Setting up a Security Association Series of message exchanges between two hosts to establish a security association. Exchange makes use of Digital Signature for authentication and features the use of a pair of Cookies generated by host to identify security association and to prevent flooding attack. Cookie generation must be fast and must depend on the source and destination address, date and time. Internet Key Exchange (IKE) protocol provides such a procedure

pg. 14

Header (HDR) contains the initiator cookie. The security association (SA) field in the message offers a set of choices regarding encryption alg,hash alg,authentication method The responder checks to see whether the initiators cookie is not already in use by the source address in the packet header. If not the responder generates its cookie Cr Upon receiving the response the initiator first checks the address and initiator cookie in the arriving packet against its list. From now the on the initiator will identify the security association by the pair (Ci , Cr). At this point it records the association as unauthenticated Next the initiator sends a key request message including its public Diffie Hellman value T = gx modulo p and a nonce Ni The responder host first checks the responder cookie in the arriving message. If the cookie is not valid, the message is ignored. If the cookie is valid, the security association will henceforth be identified by the pair (Ci , Cr). At this point it records the association as unauthenticated The responder sends a key response message including its public Diffie Hellman value R = gymodulo p and a nonce Nr After this exchange both initiator and responder hosts have a secret constant K=g xy modulo p. Both parties now compute a secret string of bits SKEYID known only to them SKEYID might be 128 bits long

pg. 15

IPSec The goal of IP Security (IPSec) is to provide a set of facilities that support security services such as authentication,integrity,confidentiality and access control at the IP Layer. IPSec uses two protocols to provide traffic security : Authentication Header (AH) and Encapsulating Security Payload (ESP) Each protocol can operate in transport mode or tunnel mode Example with IPv4 Authentication and integrity of an IP packet can be provided by an AH. The location of the AH is after the headers that are examined at each Hop and before any other headers that are examined at an intermediate hop. Protocol value in IP Header is 51

Secure Socket Layer and Transport Layer Security SSL operates on top of a reliable stream service such as TCP and provides secure connection for applications. The TLS protocol provides a secure connection with the attributes of privacy and reliability. The TLS protocol consists of protocols that operate at two layers : TLS Record Protocol, TSL Handshake protocol along with Change Cipher Spec Protocol and the Alert Protocol The TLS Handshake Protocol The client and server use the handshake protocol to negotiate a session that is specified by the following parameters. 1. Session Identifier 2. Peer Certificate 3. Compression Method 4. Cipher Spec 5. Master Secret

pg. 16

6. Is Resumable Step 1 The client and server exchange hello messages to negotiate algorithms exchange random values and initiate or resume the session. Hello Message consists of Current version of TLS protocol Current time and date Optional session id Ciphersuite List of compression algorithms Step 2 The client and server exchange cryptographic parameters to allow them to agree on a premaster secret. If necessary they exchange certificates and cryptographic information to authenticate each other. They then generate a master secret from the premaster secret and exchange random values Step 3 The client and server provide their record layer with the security parameters. The client and server verify that their peer has calculated the same security parameters and that the handshake occurred without tampering by an attacker

pg. 17

802.11 and Wired Equivalent Privacy WEP operates in data link layer encrypt the payload in individual frames. Sender and receiver share 40 bit key. A 24 bit Initialization vector (IV) is generated for each frame. IV is transmitted in plaintext along with encrypted frame. The Data Encryption Standard DES is the most widely used shared key cryptographic system. DES first divides the original message into blocks of 64 bits Each block of 64 bit plaintext is separately encrypted into block of 64 bit cipher text. DES uses a 56 bit secret key. The same steps with the same key are used to reverse the encryption. Electronic Codebook Book (ECB) message is broken into independent blocks which are encrypted each block is a value which is substituted, like a codebook, hence name each block is encoded independently of the other blocks Ci = DESK1(Pi) uses: secure transmission of single values Cipher Block Chaining (CBC) message is broken into blocks linked together in encryption operation each previous cipher blocks is chained with current plaintext block, hence name use Initial Vector (IV) to start process Ci = DESK1(Pi XOR Ci-1) C-1 = IV uses: bulk data encryption, authentication

pg. 18

Triple DES Uses two keys of 56 bits length It performs the following encryption algorithm C=EK1(DK2(EK1(P)) It performs the following decryption algorithm P=DK1(EK2(DK1(C)) Advanced Encryption Standard (AES) Uses keys of 128 bits length RSA (Rivest Shamir Adleman) The RSA scheme is a block Cipher in which the plaintext and ciphertext are integers between 0 and n-1 for some n. A typical size for n is 1024 bits or 309 decimal digits. RSA makes use of an expression with exponentials. The public and private keys are generated based on following rules : Plaintext is encrypted in blocks, with each block having a binary values less than some number n.. That is the block size must be less than or equal to log 2 (n). In practice the block size is k bits where 2k <n2k+1 Choose two large prime numbers p and q such that the product is equal to n. The plaintext P that is represented by a number must be less than n. in practice n is a few hundred bits long Choose two large prime numbers p and q such that the product is equal to n. The plaintext P that is represented by a number must be less than n. in practice n is a few hundred bits long. Find a number e that is relatively prime to (p-1)(q-1). Two numbers are said to be relatively prime if they have no common factors except 1. The public key consists of {e,n}. Find a number d such that de=1 mod ((p-1)(q-1)). In other words d and e are multiplicative inverses of each other modulo ((p-1)(q-1)). The private key consists of {d,n} The RSA algorithm is based on the fact that if n,p,q,d and e satisfy properties 1 to 3 above, then for any integer P< n the following key property holds : P de (mod n) = P (mod n) The RSA algorithm uses binary keys that are several hundred bits long, typically 512 bits.

pg. 19

 RSA takes a binary block of plaintext of length smaller than the key length and produces a ciphertext that is the same length of the key. Suppose that P is an integer that corresponds to a block of plaintext. RSA encrypts P as follows C = P e ( mod n ) The above calculation will yield an integer between 0 and n, and hence will require the same number of bits as the key. RSA decrypts the ciphertext C as follows C d (mod n ) = (P e ) d ( mod n ) = P de ( mod n ) = P ( mod n ) =P RSA Example p =5 q=11 N=pq =55 (p-1)(q-1) = 40 Find e that is relatively prime to 40 say 7 The multiplicative inverse of 7 modulo 40 yields 23. Public key {7,55} Private key {23,55} Message RSA is to be protected. So it is represented numerically as 18,19,1 Plaintext P1=18 P2=19 P3=1

ciphertext C1 = 18 7 mod 55 = 17 ciphertext C2 = 19 7 mod 55 = 24 ciphertext C1 = 1 7 mod 55 = 1 Decryption produces 17 23 mod 55 = 18 24 23 mod 55 = 19 1 23 mod 55 = 1

pg. 20