1

Link Encryption

What is Link Security?Link security objectives by link encryption

In-line encryptor hardware

Point to point deployment

IP-routed developmentKey Recovery from Internet Cryptograph chapter 3

22

ISO/OSI Layer Review – 7 layersInternational Standard Organisation/Open System Interconnection

The 7-layer is shown on right.

There are many protocols in each layer.

For example, High Level Data link Control (HDLC) in Data link layer

33

Internet Protocol – 5 layers

Internet protocol reduces to five layers.

Link Security refers to the security measure in data link layer (ISO/OSI, layer 2) or Network Interface (Internet Protocol, layer 2)

44

Internet Cryptographic ProtocolsProtocol PurposeCyberCash (5) Electronic funds transactions

DNSSEC (5) Domain Name System

IPSec (layer 3) Packet-level encryption

PCT TCP/IP level encryption

PGP (layer 5) E-mail

S-HTTP (layer 5) Web browsing

Secure RPC Remote procedure calls

SET (layer 4) Electronic funds transactions

SSL (layer 4) TCP/IP level encryption

55

What is a protocol? It means “The proper way of handling data transfer

between two parties. “ Assume two parties, Sender and Receiver are sending

message. Below is the proper procedure inlcuding the error handling (in this case, retransmit)

66

What is link security protocol?

It is designed to hide secrets (means, encrypt for you)

It intends to protect data against forgery (false data).

It can simply fit into existing Internet applications.

In Data link layer (ISO/OSI layer 2) or Network Interface

77

Security Objectives of link security (1)

Maintain confidentiality on an isolated set of computers. The computer contains sensitive data

and needs to exchange with others. Use a simple but secure protocol

Communications with outsiders is unwanted and to be blocked To prevent the data from happening

through accident, carelessness or overt (公開 ) attempt.

Purpose

Reason

88

Security Objectives (2)

Hide data traffic as much as possible Shield everything possible about

the data sentSafety and familiarity is more

important than cost Use a well-established technique

that is simple to understand and implement.

Action

99

In-line Encryptor – must be a pair

It is a building block for link encryption. It is a hardware device (not a software)One port accepts plaintext, while the

other produce ciphertext. (vice versa)

iomegaIn te rn e t

In- line Enc rypto r

P lain text Cipher tex t

1010

Example of a pair of in-line encryptor through the Internet, usually it is used through a leased line (from PCCW)

1111

In-line Encryptor (real products)

Code encryptor

(a small device with two network data link connections.)

In-line encryptor

1212

Inside in-line encryptor

S end a m es s ageof "G rade A toChan T ai M an"

Enc rypt

D ec rypt

uy78& 454

c ipher tes tin terfac e

P lain tex tin terfac e

90iu^&N o problemIn-line Enc ryptor

1313

Features of in-line encryptorSeparate the plaintext and ciphertext

ports (that is why there are two ports)Use a stream cipher or block cipher In practice, a block cipher such as RC4

is used in commercial setting. (it uses DES (data encryption standard algorithm)

1414

Link level Vulnerabilities (means weakness)

There are a few attacks, Below are some of them:

Replay Attacks Rewrite Attacks Convert Signalling Attacks

1515

Replay Attacks – resend a few times

If the message is an encrypted, why should we care about replay?

The reason is that: If an outsider captures the encrypted

message and re-send it, he/she might attack the system.

1616

Example of Replay Attacks

S end a m es s age of"pay Chan T ai M an 1000"

$% & *(

P ay Chan T ai M an 1000

P ay Chan T ai M an 1000

P ay Chan T ai M an 1000

$% & *(

$% & *(

Alic e

P lay- it-aganS am

Bob and h is c o lleagues

Bo gusC o p ies

G enuine

Falsecopies

1717

Example of Replay Attacks - Explanation

Alice sends a message of “pay Chan Tai Man” to Bob. She sends one genuine (true) message.

Play-it-again Sam captures the encrypted message and re-sends twice to Bob.

Bob and his colleagues will then pay Chan Tai Man three times.

Of course, Sam will have certain benefits of doing this.

1818

How to solve this? – Replay attack

Each plaintext message must have an extra information such as message number.

If the receiver receives a duplicated message, it is discarded.

This will solve it in TCP/IP (layers 3 & 4). It has this feature to solve this problem.

data22 3 data3

2 data2 2 data2

1919

Rewrite Attacks If an hacker knows the contents, he/she

can modify the encrypted message.Say for example, the encrypted

message of pay 1000 is 89^&oiu, he/she can modify 89^&aiu by changing o to a. The resulting plaintext message is 9000. (This assumes that 89^&aiu will produce 9000.)

2020

Example of Rewrite

S end a m es s age of"pay Chan T ai M an 1000"

P ay Chan T ai M an 9000

$% & *(

Alic eBob and h is c o lleagues

G enuine

89^& oiu

89^& aiu

S w i t c h e r

Here, the encrypted message is modified via a switcher.

2121

How to resolve this? - rewriteThere are many methods. Below are some of them1. Avoid products using other modes. Always

use block ciphers or Vernam techniques. (crude rewrite attacks are still possible with block mode.); or

2. Insert a random number into each packet, include it in the packet checksum and encrypt the resulting packet; or

3. Use Message Digest that you learnt in lecture 4; or

4. Use digital signature to authenticate the source of data. (the message is signed)

2222

Convert Signaling AttacksThe attack is done by inserting a

subverted program (spy software) into a host on the plaintext side of an encryptor

The program collects sensitive data and then transmits it to the program outside the security boundary.

2323

Example – subverted program

In t e r n e t

S e cu irty bo u n da ry

C o lle cts e n s it iv eda ta

2424

Deployment – Point to point between sender and receiver

This deployment uses a pair of trusted lines between a pair of hosts.

There is no need to connect to the Internet. For example, you can apply for a leased line

via Pacific Century Cyber Work (PCCW) between two computers (example from Central to Kowloon Tong). Now, it uses VPN, a pair of encryptors through the Internet)

Arrangement

2525

Point to point – Connection

S e cu irty bo u n da ry

In- line Enc rypto r

P lain tex t

iomega

In- line Enc rypto r

P lain tex t

iomega

Un pro te cte dbu t u n re a da bleciph e rte x t m e s s a g e

7 6 % 7 h u i

Each host’s data link is connected to the plaintext port of in-line encryptor. It is commonly used in military applications.

Protect

2626

Point to point limitation

It is hard to use as it limits between two in-line encryptors. (between two points)

You don’t have any choice on the encryption.

In- line E nc rypto r

P lain text

iomega

In- l ine Enc rypto r

P lain text

iomega

En cry pt io n with in th is bo u n da ry

2727

Deployment Example: Ip routed Link encryption can also be applied to links carrying IP traffic. (means network layer)

This yields a flexible networking environment. (any workstation in the network can access.)

For example, assume that there are two networks that are connected by a pair of routers.

Any workstation, server etc can access the remote networking components through the leased line that is protected by the in-line encryptors.

2828

Ip routed network diagram (to any host within the network) This arrangement is more flexible

In- line Enc rypto r

iomega

W infram e S erver

N e tw o rk C a b le

N etw ork S erver M ainfram e

P lain tex t

In- line Enc rypto r

iomega

W infram e S erver

N e tw o rk C a b le

N etw ork S erver M ainfram e

IP router

P lain text

Ip R o ute r

Le a s e d line

a cc e

s s p

a th

c iphertext

2929

Site protection – Ip routedGiven in the previous slide, the

machines (server and workstations) are within the protected boundary of the site.

The in-line encryptors are used to further to protect from unnecessary physical access. (messages are encrypted.)

3030

Site Protection – Unsafe arrangement

The workstation out of physical protection is unsafe.

In- line Enc rypto r

iomega

W infram e S erver

N e tw ork C a ble

N etw ork S erverM ainfram e

P lain text

In- line Enc rypto r

iomega

W infram e S erver

N e tw o rk C a b le

N etw ork S erver M ainfram e

IP router

P lain text

Ip R o ute r

Le a se d line

a cc e

s s p

a th

c ipher tex t

Site P ro te c tio n

P hys ic a l pro te c tion

uns afe, as au thoris edpeople c an us e it

3131

Key Recovery – how to get the key

The protection of in-line encryptors lies in the key used.

Key recovery means the keys that are used to encrypt the data is recovered by someone else without notice.

S end a m es s ageof "G rade A toChan T ai M an"

Enc rypt

D ec rypt

uy78& 454

c ipher tes tin terfac e

P lain tex tin terfac e

90iu^&N o problemIn-line Enc ryptor

3232

Escrowed Encryption Escrowed encryption is the system or method

by which secret keys are stored to be used for key recovery.

That is to say, the secret keys are held in escrow (a separate organisation) until an authorised person (FBI or CIA in US) accesses it.

There is no commercial value as the encryption lasts for the transfer of data, but is used by government to decrypt the encrypted message (for anti-terrorism).

No need to memorise

3333

Example – sequence no need to memorise

The FBI first stores the ciphertext and then uses the family key (product of in-line encryptor) to obtain the session key.

Different manufacturer will produce different family keys for their products

FBI then approaches escrow agency to obtain the sender’s key based on device ID.

FBI then use the key to together with the session key to decrypt the ciphertext.

3434

Example – picture

Law enforc em entac c es s f ield

C iphe r te xt

fam ily keydifferentproduc tsm ight havedifferent key

D ec rypt

D evic e ID S es s ion key Chec ks umChec ks um

D ec rypt

Es c row edKeyfromes c row agenc y

D ec rypt

P lain tex t

3535

Summary Link Security – between two parties, layer 2 Link security objectives – extend the security

coverage In-line encryptor – a pair of devices, to

encrypt/decrypt message, there is no need to configure, and no need to encrypt document, it is done by the in-line encryptors.

Point to point – there is a limitation of the use of in-line encryptor, only to known location, The solution is to extend by IP routed

Key Recovery - less common in business, but is required by U.S. law to recover ciphertext for in-line encryptors

Link Security – between two parties, layer 2 Link security objectives – extend the security

coverage In-line encryptor – a pair of devices, to

encrypt/decrypt message, there is no need to configure, and no need to encrypt document, it is done by the in-line encryptors.

Point to point – there is a limitation of the use of in-line encryptor, only to known location, The solution is to extend by IP routed

Key Recovery - less common in business, but is required by U.S. law to recover ciphertext for in-line encryptors

3636

Next Week

IPSec (Security at the IP Layer, Layer 3)

In-line encryptor

This Week