Security in Fixed and Wireless Networks (eBook)

Guenter Schaefer, Professor, Technische Universität Ilmenau, Germany. After obtaining his Ph.D. degree (1998) he worked at Ecole Nationale Supérieure des Télécommunications, Paris, France (1999 - 2000). Between 2000 and 2005, he was researcher at Technische Universitaet Berlin, Germany where he was leading the network security laboratory. Since 2005 he is at his current post leading the Telematics/Computer Networks research group. His research interests lie in the areas of network security, networking protocols, mobile communications, and innovative communication services/architectures, and he regularly gives courses on network security, networking subjects and basics of computer science. Michael Rossberg, PostDoc Researcher, Technische Universität Ilmenau, Germany. In 2011 he obtained his Ph.D. in computer science with a thesis on peer-to-peer-based auto-configuration of large scale IPsec VPNs. His research interests lie in network security and performance evaluation/optimization. In 2010, Michael Rossberg and Guenter Schaefer were jointly awarded with the third prize of the German IT Security Award for their work on automatic configuration of large scale VPNs. Translated by Herbert Eppel at HE Translations, Leicester, UK (https://HETranslations.uk) DISCLAIMER: By including the link to this site, this does not mean the site is endorsed by Wiley

Cover 1
Title Page 5
Copyright 6
Contents 7
About the authors 15
Preface to the second edition 17
Preface to the first edition 19
Part I Foundations of Data Security Technology 21
Chapter 1 Introduction 23
1.1 Content and Structure of this Book 24
1.2 Threats and Security Goals 26
1.3 Network Security Analysis 29
1.4 Information Security Measures 33
1.5 Important Terms Relating to Communication Security 34
Chapter 2 Fundamentals of Cryptology 37
2.1 Cryptology, Cryptography and Cryptanalysis 37
2.2 Classification of Cryptographic Algorithms 38
2.3 Cryptanalysis 39
2.4 Estimating the Effort Needed for Cryptographic Analysis 41
2.5 Characteristics and Classification of Encryption Algorithms 43
2.6 Key Management 45
2.7 Summary 47
2.8 Supplemental Reading 48
2.9 Questions 49
Chapter 3 Symmetric Cryptography 51
3.1 Encryption Modes of Block Ciphers 51
3.2 Data Encryption Standard 57
3.3 Advanced Encryption Standard 63
3.4 RC4 Algorithm 68
3.5 The KASUMI algorithm 71
3.6 Summary 73
3.7 Supplemental Reading 74
3.8 Questions 75
Chapter 4 Asymmetric Cryptography 77
4.1 Basic Idea of Asymmetric Cryptography 77
4.2 Mathematical Principles 80
4.3 The RSA Algorithm 89
4.4 The Problem of the Discrete Logarithm 91
4.5 The Diffie-Hellman Key Exchange Algorithm 95
4.6 The ElGamal Algorithm 97
4.7 Security of Conventional Asymmetric Cryptographic Schemes 100
4.8 Principles of Cryptography Based on Elliptic Curves 101
4.8.1 Elliptic Curves over R 102
4.8.2 Elliptic Curves over Zp 104
4.8.3 Elliptic Curves over GF(2n) 106
4.8.4 Cryptographic Protocols Based on Elliptic Curves 108
4.8.5 Security of cryptographic techniques over elliptic curves 110
4.8.6 Current Developments in EC Cryptography 112
4.9 Summary 113
4.10 Supplemental Reading 114
4.11 Questions 115
Chapter 5 Cryptographic Check Values 117
5.1 Requirements and Classification 117
5.2 Modification Detection Codes 119
5.2.1 Attacks on Modification Detection Codes 120
5.2.2 General Structure of Cryptographic Hash Functions 123
5.2.3 MD5 124
5.2.4 SHA-1 126
5.2.5 The SHA-2 Family 128
5.2.6 SHA-3 130
5.3 Message Authentication Codes 132
5.3.1 Schemes for the Computation of Message Authentication Codes 134
5.3.2 Security of CBC-based Algorithms 135
5.3.3 The CMAC Method 136
5.4 Message Authentication Codes Based on MDCs 136
5.5 Authenticated Encryption 137
5.5.1 The Galois/Counter Mode (GCM) 138
5.5.2 The SpongeWrap Method 140
5.6 Summary 141
5.7 Supplemental Reading 142
5.8 Questions 143
Chapter 6 Random Number Generation 145
6.1 Random Numbers and Pseudo-Random Numbers 145
6.2 Cryptographically Secure Random Numbers 146
6.3 Statistical Tests for Random Numbers 148
6.4 Generation of Random Numbers 149
6.5 Generating Secure Pseudo-Random Numbers 150
6.6 Implementation Security 153
6.7 Summary 154
6.8 Supplemental Reading 155
6.9 Questions 156
Chapter 7 Cryptographic Protocols 157
7.1 Properties and Notation of Cryptographic Protocols 157
7.2 Data Origin and Entity Authentication 159
7.3 Needham-Schroeder Protocol 163
7.4 Kerberos 167
7.5 International Standard X.509 175
7.5.1 X.509 Key Certificates 176
7.5.2 Direct Authentication Protocols Based on X.509 179
7.6 Security of Negotiated Session Keys 180
7.7 Advanced Password Authentication Methods 181
7.8 Formal Validation of Cryptographic Protocols 186
7.8.1 Classification of Formal Validation Methods 186
7.8.2 GNY Logic* 188
7.8.3 An Example of GNY Logic* 193
7.9 Summary 196
7.10 Supplemental Reading 197
7.11 Questions 198
Chapter 8 Secure Group Communication* 199
8.1 Specific Requirements for Secure Group Communication 199
8.2 Negotiation of Group Keys 201
8.2.1 Centralised Key Management 201
8.2.2 Decentralised Key Management 204
8.2.3 Distributed Key Management 205
Group Diffie-Hellman 205
Tree-Based Group Diffie-Hellman 207
8.3 Source Authentication 209
8.3.1 Block-by-block Authentication 210
8.3.2 Combinatorial Selection of Symmetric MACs 211
8.3.3 TESLA 212
8.4 Summary 213
8.5 Supplemental Reading 214
8.6 Questions 214
Chapter 9 Access Control 217
9.1 Definition of Terms and Concepts 217
9.2 Security Labels 219
9.3 Specification of Access Control Policies 221
9.4 Categories of Access Control Mechanisms 222
9.5 Summary 224
9.6 Supplemental Reading 224
9.7 Questions 225
Part II Network Security 227
Chapter 10 Integration of Security Services in Communication Architectures 229
10.1 Motivation 229
10.2 A Pragmatic Model 231
10.3 General Considerations for the Placement of Security Services 233
10.4 Integration in Lower Protocol Layers vs Applications 236
10.5 Integration into End Systems or Intermediate Systems 237
10.6 Summary 239
10.7 Supplemental Reading 239
10.8 Questions 239
Chapter 11 Link Layer Security Protocols 241
11.1 Virtual Separation of Data Traffic with IEEE 802.1Q 242
11.2 Securing a Local Network Infrastructure Using IEEE 802.1X 244
11.3 Encryption of Data Traffic with IEEE 802.1AE 246
11.4 Point-to-Point Protocol 248
11.4.1 Structure and Frame Formats 248
11.4.2 PPP Authentication Protocols 250
11.4.3 PPP Encryption 254
11.5 Point-to-Point Tunneling Protocol 256
11.5.1 Basic Versions of PPTP Packet Encapsulation 257
11.5.2 Development of PPTP and Alternative Approaches 259
11.6 Virtual Private Networks 262
11.7 Summary 263
11.8 Supplemental Reading 265
11.9 Questions 266
Chapter 12 IPsec Security Architecture 269
12.1 Short Introduction to the Internet Protocol Suite 269
12.2 Overview of the IPsec Architecture 273
12.3 Use of Transport and Tunnel Modes 281
12.4 IPsec Protocol Processing 283
12.5 The ESP Protocol 287
12.6 The AH Protocol 293
12.7 The ISAKMP Protocol 299
12.8 Internet Key Exchange Version 1 306
12.8.1 Negotiation of an ISAKMP-SA 308
12.8.2 Negotiation of IPsec SAs 312
12.9 Internet Key Exchange Version 2 313
12.10 Other Aspects of IPsec 317
12.10.1 Interaction with Compression 317
12.10.2 Interaction with Firewalls and Intrusion Detection Systems 317
12.10.3 Handling of Network Address Translation 318
12.11 Summary 319
12.12 Supplemental Reading 320
12.13 Questions 321
Chapter 13 Transport Layer Security Protocols 323
13.1 Secure Socket Layer 323
13.1.1 Security Services and Protocol Architecture 324
13.1.2 The Record Protocol 326
13.1.3 The Handshake Protocol 327
13.1.4 Authentication and Negotiation of Session Keys 330
13.1.5 A Shortcoming in the Handshake Protocol 333
13.2 Transport Layer Security 335
13.2.1 Cryptographic Algorithms used in TLS 335
13.2.2 Attacks on Selectable Initialisation Vectors 337
13.2.3 Renegotiation Attack 338
13.2.4 Problems with Compression in TLS 340
13.2.5 Timing Attacks on the CBC Mode in TLS 341
13.3 Datagram Transport Layer Security 342
13.4 Secure Shell 343
13.4.1 SSH Transport Protocol 344
13.4.2 Parameter Negotiation and Server Authentication 345
13.4.3 Client Authentication 347
13.4.4 Connection Control Within A Session 348
13.5 Summary 352
13.6 Supplemental Reading 353
13.7 Questions 354
Part III Secure Wireless and Mobile Communications 355
Chapter 14 Security Aspects of Mobile Communication 357
14.1 Threats in Mobile Communication Networks 357
14.2 Protecting Location Confidentiality 358
14.2.1 Broadcast Communication 360
14.2.2 Temporary Pseudonyms 361
14.2.3 Communication Mixes 362
14.3 Summary 363
14.4 Supplemental Reading 363
14.5 Questions 363
Chapter 15 Security in Wireless Local Area Networks 365
15.1 The IEEE 802.11 Standard for WLANs 365
15.2 Entity Authentication 367
15.2.1 Shared Key Authentication 368
15.2.2 Simultaneous Authentication of Equals 369
15.3 Wired Equivalent Privacy 373
15.3.1 Operation and Linearity of CRC 373
15.3.2 Operation of the WEP Protocol 374
15.3.3 Flaws in the WEP Protocol 375
15.4 Robust Secure Networks 378
15.4.1 Temporal Key Integrity Protocol 381
15.4.2 CTR with CBC-MAC Protocol 383
15.5 Security in Public WLANs 385
15.6 Summary 387
15.7 Supplemental Reading 388
15.8 Questions 389
Chapter 16 Security in Mobile Wide-Area Networks 391
16.1 Global System for Mobile Communication 391
16.2 Universal Mobile Telecommunications System 398
16.3 Long-Term Evolution 405
16.4 Summary 409
16.5 Supplemental Reading 410
16.6 Questions 411
Part IV Protecting Communications Infrastructures 413
Chapter 17 Protecting Communications and Infrastructure in Open Networks 415
17.1 Systematic Threat Analysis 416
17.2 Security of End Systems 419
17.2.1 Buffer Overflows 421
17.2.2 Format String Attacks 424
17.2.3 Exploiting Race Conditions and Confidence in the Operating System Environment 424
17.2.4 SQL Injections and Cross-site Scripting 425
17.2.5 Malware 426
17.3 Summary 431
17.4 Supplemental Reading 431
17.5 Questions 432
Chapter 18 Availability of Data Transport 433
18.1 Denial-of-Service Attacks 433
18.1.1 Denial-of-Service Attacks with Permanent Effects 434
Permanent Destruction and Reservation of Resources 435
Illegitimate Resource Reservation 436
18.1.2 Resource Exhaustion 436
Memory Exhaustion Attacks 437
Exhaustion of Computing Resources 438
Bandwidth Exhaustion 438
18.2 Distributed Denial-of-Service Attacks 440
18.3 Countermeasures 442
18.3.1 Cookies and Stateless Protocol Design 443
18.3.2 Client Puzzles 445
18.3.3 Filtering, Partitioning and Redundancy 446
18.3.4 IP Traceback* 447
Logging of Packets in Gateway Systems 449
Reconstruction of Network Paths by the Receiver 451
Conclusion Regarding IP Traceback 452
18.4 Summary 453
18.5 Supplemental Reading 454
18.6 Questions 455
Chapter 19 Routing Security 457
19.1 Cryptographic Protection of BGP 461
19.1.1 Authentication of Data Transmission 462
19.1.2 The Secure Border Gateway Protocol 464
19.1.3 The Secure Origin Border Gateway Protocol 467
19.1.4 Interdomain Route Validation 468
19.1.5 BGPSEC and the Resource Public Key Infrastructure 469
19.2 Identification of Routing Anomalies* 470
19.2.1 Geographic Filtering 471
19.2.2 Temporary Withholding of Unknown Routes 472
19.2.3 Automated Revocation of Illegitimate Routes 474
19.3 Summary 475
19.4 Supplemental Reading 476
19.5 Questions 477
Chapter 20 Secure Name Resolution 479
20.1 The DNS Operating Principle 479
20.2 Security Objectives and Threats 481
20.3 Secure Use of Traditional DNS 487
20.4 Cryptographic Protection of DNS 489
20.4.1 TSIG 489
20.4.2 DNSSEC 490
Resource Records of DNSSEC 491
Security Discussion 494
20.4.3 DNSCurve* 495
The DNSCurve Operating Principle 496
Security and Functionality Implications 497
20.4.4 Distributed Name Resolution* 498
Peer Name Resolution Protocol 499
GNU Name System 500
20.5 Summary 501
20.6 Supplemental Reading 502
20.7 Questions 503
Chapter 21 Internet Firewalls 505
21.1 Tasks and Basic Principles of Firewalls 505
21.2 Firewall-Relevant Internet Services and Protocols 507
21.3 Terminology and Building Blocks 510
21.4 Firewall Architectures 511
21.5 Packet Filtering 515
21.6 Bastion Hosts and Proxy Servers 520
21.7 Other Aspects of Modern Firewall Systems 522
21.8 Summary 523
21.9 Supplemental Reading 524
21.10 Questions 525
Chapter 22 Automated Attack Detection and Response 527
22.1 Operating Principle and Objectives of Intrusion Detection Systems 528
22.2 Design and operation of network-based IDSs 532
22.2.1 Signature-based Identification 533
22.2.2 Detection of Deviations from Defined Behaviour Models 536
22.2.3 Self-learning Systems for Anomaly Detection 538
22.3 Response to Attacks and Automatic prevention 541
22.4 Techniques for Evading NIDSs 544
22.5 Summary 546
22.6 Supplemental Reading 547
22.7 Questions 548
Chapter 23 Management of Complex Communication Infrastructures* 549
23.1 Automatic Certificate Management 549
23.1.1 Mirroring of Certificate Revocation Lists 551
23.1.2 Online Certificate Status Protocol 552
23.1.3 Server-based Certificate Validation Protocol 552
23.1.4 Simple Certificate Enrollment Protocol 553
23.1.5 Certificate Management over CMS 555
23.1.6 Enrollment over Secure Transport 555
23.1.7 Certificate Management Protocol 556
23.2 Automatic VPN Configuration 556
23.2.1 Centralised Distribution of VPN Policies 560
23.2.2 Group Encrypted Transport VPN 560
23.2.3 DNSSEC-based VPN 563
23.2.4 Dynamic Multipoint VPN and FlexVPN 564
23.2.5 Tunnel Endpoint Discovery 565
23.2.6 Proactive Multicast-Based IPSEC Discovery Protocol 566
23.2.7 Secure Overlay for IPsec Discovery 567
23.3 Summary 570
23.4 Supplemental Reading 572
23.5 Questions 574
Bibliography 575
Abbreviations 605
Index 615
EULA 621