Tables of Contents for Network Security

ISBN.nu

search for books and compare prices

Chapter/Section Title

Page #

Page Count

Acknowledgments

xxv

Introduction

Roadmap to the Book

What Type of Book Is This?

Terminology

Notation

Primer on Networking

OSI Reference Model

IP, UDP, and TCP

Directory Service

Replicated Services

Packet Switching

Network Components

Destinations: Ultimate and Next-Hop

Address Structure

Active vs. Passive Attacks

Layers and Cryptography

Authorization

Tempest

Key Escrow for Law Enforcement

Key Escrow for Careless Users

Viruses, Worms, Trojan Horses

Where Do They Come From?

Spreading Pests from Machine to Machine

Virus Checkers

What Can We Do Today?

Wish List for the Future

The Multi-level Model of Security

Mandatory (Nondiscretionary) Access Controls

Levels of Security

Mandatory Access Control Rules

Covert Channels

The Orange Book

Successors to the Orange Book

Legal Issues

Patents

Export Controls

CRYPTOGRAPHY

Introduction to Cryptography

What Is Cryptography?

Computational Difficulty

To Publish or Not to Publish

Secret Codes

Breaking an Encryption Scheme

Ciphertext Only

Known Plaintext

Chosen Plaintext

Types of Cryptographic Functions

Secret Key Cryptography

Security Uses of Secret Key Cryptography

Transmitting Over an Insecure Channel

Secure Storage on Insecure Media

Authentication

Integrity Check

Public Key Cryptography

Security Uses of Public Key Cryptography

Transmitting Over an Insecure Channel

Secure Storage on Insecure Media

Authentication

Digital Signatures

Hash Algorithms

Password Hashing

Message Integrity

Message Fingerprint

Downline Load Security

Digital Signature Efficiency

Homework

Secret Key Cryptography

Introduction

Generic Block Encryption

Data Encryption Standard (DES)

DES Overview

The Permutations of the Data

Generating the Per-Round Keys

A DES Round

The Mangler Function

Weak and Semi-Weak Keys

What's So Special About DES?

International Data Encryption Algorithm (IDEA)

Primitive Operations

Key Expansion

One Round

Odd Round

Even Round

Inverse Keys for Decryption

Does IDEA Work?

Advanced Encryption Standard (AES)

Basic Structure

Primitive Operations

What about the inverse cipher?

Key Expansion

Rounds

Inverse Rounds

Optimization

RC4

Homework

Modes of Operation

Introduction

Encrypting a Large Message

Electronic Code Book (ECB)

Cipher Block Chaining (CBC)

CBC Threat 1---Modifying Ciphertext Blocks

CBC Threat 2---Rearranging Ciphertext Blocks

100

Output Feedback Mode (OFB)

101

Cipher Feedback Mode (CFB)

102

Counter Mode (CTR)

104

Generating MACs

105

Ensuring Privacy and Integrity Together

106

CBC with a Weak Cryptographic Checksum

107

CBC Encryption and CBC Residue with Related Keys

108

CBC with a Cryptographic Hash

108

Offset Codebook Mode (OCB)

108

Multiple Encryption DES

109

How Many Encryptions?

111

Encrypting Twice with the Same Key

111

Encrypting Twice with Two Keys

111

Triple Encryption with only Two Keys

112

CBC Outside vs. Inside

113

Homework

114

Hashes and Message Digests

117

Introduction

117

Nifty Things to Do with a Hash

121

Authentication

123

Computing a MAC with a Hash

123

Encryption with a Message Digest

125

Generating a One-Time Pad

125

Mixing In the Plaintext

126

Using Secret Key for a Hash

126

UNIX Password Hash

126

Hashing Large Messages

127

MD2

128

MD2 Padding

129

MD2 Checksum Computation

129

MD2 Final Pass

131

MD4

133

MD4 Message Padding

133

Overview of MD4 Message Digest Computation

133

MD4 Message Digest Pass 1

135

MD4 Message Digest Pass 2

135

MD4 Message Digest Pass 3

136

MD5

136

MD5 Message Padding

137

Overview of MD5 Message Digest Computation

137

MD5 Message Digest Pass 1

138

MD5 Message Digest Pass 2

138

MD5 Message Digest Pass 3

139

MD5 Message Digest Pass 4

139

SHA-1

140

SHA-1 Message Padding

140

Overview of SHA-1 Message Digest Computation

140

SHA-1 Operation on a 512-bit Block

141

HMAC

142

Homework

143

Public Key Algorithms

147

Introduction

147

Modular Arithmetic

148

Modular Addition

148

Modular Multiplication

149

Modular Exponentiation

151

RSA

152

RSA Algorithm

152

Why Does RSA Work?

153

Why Is RSA Secure?

153

How Efficient Are the RSA Operations?

154

Exponentiating with Big Numbers

154

Generating RSA Keys

156

Finding Big Primes p and q

156

Finding d and e

158

Having a Small Constant e

158

Optimizing RSA Private Key Operations

160

Arcane RSA Threats

161

Smooth Numbers

161

The Cube Root Problem

162

Public-Key Cryptography Standard (PKCS)

163

Encryption

163

Encryption---Take 2

164

Signing

165

Diffie-Hellman

166

The Bucket Brigade/Man-in-the-Middle Attack

167

Defenses Against Man-in-the-Middle Attack

169

Published Diffie-Hellman Numbers

169

Authenticated Diffie-Hellman

169

Encryption with Diffie-Hellman

170

ElGamal Signatures

170

Diffie-Hellman Details---Safe Primes

171

Digital Signature Standard (DSS)

172

The DSS Algorithm

172

Why Does the Verification Procedure Work?

174

Why Is This Secure?

174

The DSS Controversy

175

Per-Message Secret Number

176

How Secure Are RSA and Diffie-Hellman?

177

Elliptic Curve Cryptography (ECC)

178

Zero Knowledge Proof Systems

179

Zero Knowledge Signatures

181

Homework Problems

182

Number Theory

185

Introduction

185

Modular Arithmetic

185

Primes

186

Euclid's Algorithm

187

Finding Multiplicative Inverses in Modular Arithmetic

189

Chinese Remainder Theorem

190

Zn*

192

Euler's Totient Function

194

Euler's Theorem

194

A Generalization of Euler's Theorem

195

Homework Problems

195

Math with AES and Elliptic Curves

197

Introduction

197

Notation

197

Groups

198

Fields

200

Polynomials

201

Finite Fields

204

What Sizes Can Finite Fields Be?

205

Representing a Field

205

Mathematics of Rijndael

206

A Rijndael Round

207

Elliptic Curve Cryptography

209

Homework

210

AUTHENTICATION

Overview of Authentication Systems

215

Password-Based Authentication

215

Off- vs. On-Line Password Guessing

217

Storing User Passwords

217

Address-Based Authentication

219

Network Address Impersonation

221

Cryptographic Authentication Protocols

222

Who Is Being Authenticated?

223

Passwords as Cryptographic Keys

223

Eavesdropping and Server Database Reading

224

Trusted Intermediaries

226

KDCs

227

Certification Authorities (CAs)

228

Certificate Revocation

229

Multiple Trusted Intermediaries

230

Multiple KDC Domains

230

Multiple CA Domains

232

Session Key Establishment

233

Delegation

234

Homework

236

Authentication of People

237

Passwords

238

On-Line Password Guessing

238

Off-Line Password Guessing

241

How Big Should a Secret Be?

243

Eavesdropping

244

Passwords and Careless Users

245

Using a Password in Multiple Places

246

Requiring Frequent Password Changes

246

A Login Trojan Horse to Capture Passwords

247

Non-Login Use of Passwords

248

Initial Password Distribution

249

Authentication Tokens

250

Physical Access

253

Biometrics

253

Homework

255

Security Handshake Pitfalls

257

258

Shared Secret

258

One-Way Public Key

262

Mutual Authentication

264

Reflection Attack

264

Password Guessing

266

Public Keys

267

Timestamps

268

Integrity/Encryption for Data

269

Shared Secret

269

Two-Way Public Key Based Authentication

271

One-Way Public Key Based Authentication

272

Privacy and Integrity

272

Mediated Authentication (with KDC)

274

Needham-Schroeder

275

Expanded Needham-Schroeder

277

Otway-Rees

278

Nonce Types

280

Picking Random Numbers

282

Performance Considerations

284

Authentication Protocol Checklist

285

Homework

288

Strong Password Protocols

291

Introduction

291

Lamport's Hash

292

Strong Password Protocols

295

The Basic Form

295

Subtle Details

296

Augmented Strong Password Protocols

298

SRP (Secure Remote Password)

299

Strong Password Credentials Download Protocols

300

Homework

301

STANDARDS

Kerberos V4

307

Introduction

307

Tickets and Ticket-Granting Tickets

308

Configuration

309

Logging Into the Network

310

Obtaining a Session Key and TGT

310

Alice Asks to Talk to a Remote Node

311

Replicated KDCs

314

Realms

315

Interrealm Authentication

316

Key Version Numbers

317

Encryption for Privacy and Integrity

318

Encryption for Integrity Only

320

Network Layer Addresses in Tickets

321

Message Formats

322

Tickets

324

Authenticators

325

Credentials

326

AS_REQ

328

TGS_REQ

328

AS_REP and TGS_REP

329

Error Reply from KDC

331

AP_REQ

331

AP_REP

332

Encrypted Data (KRB_PRV)

333

Integrity-Checked Data (SAFE)

333

AP_ERR

335

Homework

336

Kerberos V5

337

ASN.1

337

Names

339

Delegation of Rights

339

Ticket Lifetimes

342

Renewable Tickets

342

Postdated Tickets

343

Key Versions

344

Making Master Keys in Different Realms Different

344

Optimizations

345

Cryptographic Algorithms

345

Integrity-Only Algorithms

346

rsa-md5-des

346

des-mac

347

des-mac-k

348

rsa-md4-des

348

rsa-md4-des-k

348

Encryption for Privacy and Integrity

349

Hierarchy of Realms

349

Evading Password-Guessing Attacks

352

Key Inside Authenticator

353

Double TGT Authentication

353

PKINIT---Public Keys for Users

354

KDC Database

355

Kerberos V5 Messages

356

Authenticator

356

Ticket

357

AS_REQ

357

TGS_REQ

359

AS_REP

360

TGS_REP

362

AP_REQ

362

AP_REP

363

KRB_SAFE

363

KRB_PRIV

364

KRB_CRED

364

KRB_ERROR

365

Homework

369

PKI (Public Key Infrastructure)

371

Introduction

371

Some Terminology

372

PKI Trust Models

372

Monopoly Model

372

Monopoly plus Registration Authorities (RAs)

373

Delegated CAs

373

Oligarchy

374

Anarchy Model

375

Name Constraints

376

Top-Down with Name Constraints

376

Bottom-Up with Name Constraints

377

Relative Names

380

Name Constraints in Certificates

380

Policies in Certificates

381

Revocation

382

Revocation Mechanisms

383

Delta CRLs

383

First Valid Certificate

384

OLRS Schemes

384

Good-lists vs. Bad-lists

385

Directories and PKI

386

Store Certificates with Subject or Issuer?

387

Finding Certificate Chains

388

PKIX and X. 509

389

Names

389

OIDs

390

Specification of Time

391

X.509 and PKIX Certificates

391

X.509 and PKIX CRLs

395

Authorization Futures

395

ACL (Access Control List)

396

Central Administration/Capabilities

396

Groups

397

Cross-Organizational and Nested Groups

397

Roles

398

Anonymous Groups

400

Homework

401

Real-time Communication Security

403

What Layer?

403

Session Key Establishment

406

Perfect Forward Secrecy

407

PFS-Foilage

409

Denial-of-Service/Clogging Protection

410

Puzzles

411

Endpoint Identifier Hiding

412

Live Partner Reassurance

413

Arranging for Parallel Computation

415

Session Resumption

416

Plausible Deniability

416

Data Stream Protection

417

Negotiating Crypto Parameters

419

Easy Homework

420

Homework

420

IPsec: AH and ESP

423

Overview of IPsec

423

Security Associations

423

Security Association Database

424

Security Policy Database

424

AH and ESP

424

Tunnel, Transport Mode

425

Why Protect the IP Header?

427

IP and IPv6

427

NAT (Network Address Translation)

428

Firewalls

429

IPv4 Header

430

IPv6 Header

431

AH (Authentication Header)

432

Mutable, Immutable

433

Mutable but Predictable

434

ESP (Encapsulating Security Payload)

435

So, Do We Need AH?

436

Comparison of Encodings

437

Easy Homework

438

Homework

438

IPsec: IKE

441

Photuris

442

Skip

443

History of IKE

444

IKE Phases

445

Phase 1 IKE

446

Aggressive Mode and Main Mode

446

Key Types

448

Proof of Identity

449

Cookie Issues

450

Negotiating Cryptographic Parameters

451

Session Keys

452

Message IDs

454

Phase 2/Quick Mode

454

Traffic Selectors

454

The IKE Phase 1 Protocols

455

Public Signature Keys, Main Mode

455

Public Signature Keys, Aggressive Mode

456

Public Encryption Key, Main Mode, Original

457

Public Encryption Key, Aggressive Mode, Original

458

Public Encryption Key, Main Mode, Revised

458

Public Encryption Key, Aggressive Mode, Revised

459

Shared Secret Key, Main Mode

459

Shared Secret Key, Aggressive Mode

460

Phase-2 IKE: Setting up IPsec SAs

462

ISAKMP/IKE Encoding

463

Fixed Header

465

Payload Portion of ISAKMP Messages

467

SA Payload

467

Ps and Ts within the SA Payload

468

Payload Length in SA, P, and T Payloads

468

Type of Next Payload

468

SA Payload Fields

469

P Payload

470

T Payload

471

KE Payload

472

ID Payload

472

Cert Payload

473

Certificate Request Payload

474

Hash/Signature/Nonce Payloads

474

Notify Payload

474

Vendor ID Payload

475

Homework

476

SSL/TLS

477

Introduction

477

Using TCP

477

Quick History

477

SSL/TLS Basic Protocol

478

Session Resumption

480

Computing the Keys

481

Client Authentication

482

PKI as Deployed by SSL

482

Version Numbers

483

Negotiating Cipher Suites

484

Who Makes the Decision?

485

Cipher Suite Names

485

Negotiating Compression Method

486

Attacks Fixed in v3

486

Downgrade Attack

486

Truncation Attack

486

Exportability

487

Exportability in SSLv2

487

Exportability in SSLv3

488

Server Gated Cryptography/Step-Up

489

Encoding

490

Encrypted Records

491

Handshake Messages

492

ClientHello

493

ServerHello

493

ServerHelloDone

493

ClientKeyExchange

494

ServerKeyExchange

494

CertificateRequest

495

Certificate

495

Certificate Verify

496

HandshakeFinished

496

ChangeCipherSpec

496

Alerts

497