1 / 22

Modelling and Analysing of Security Protocol: Lecture 14 Some Real Life Protocols

Modelling and Analysing of Security Protocol: Lecture 14 Some Real Life Protocols. Tom Chothia CWI. Today. What you can’t do with protocol: global consensus Activities that require global consensus Global consensus using probability or Trusted Third Party. BREAK Some commonly used protocol

pomona
Télécharger la présentation

Modelling and Analysing of Security Protocol: Lecture 14 Some Real Life Protocols

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Modelling and Analysing of Security Protocol: Lecture 14Some Real Life Protocols Tom Chothia CWI

  2. Today • What you can’t do with protocol: global consensus • Activities that require global consensus • Global consensus using probability or Trusted Third Party. BREAK • Some commonly used protocol • Extracting a protocol from a RFC

  3. Skills not Memorisation • What you have learn on this course (hopefully) are skill to design and analyse all (including future) protocols. • Not what protocols people are using at the moment...but here are some anyway

  4. Common Encryption • AES: • Symmetric encryption • RSA: • Public key encryption scheme • OpenPGP • Public key encryption package

  5. Diffie-Hellman • Cross between a protocol and Crypto method. • Common base for many protocols

  6. Common Protocols • Kerberos • Which you should know well • SSL/TLS • Secure web-browsing • IPsec • Encrypted Internet packets (VPNs) • SSH • Remote secure login • PKI • Public Key Distribution without a central TTP

  7. Real Life Protocols • Real Life Protocols include a lot of implementation details: • Negotiation of encryption schemes. • Versions numbers. • Data format. • Header layout. • Transmission speed.

  8. IPsec • A “suite” of protocols for secure Internet traffic. • IKEv2 protocol used for key establishment. • It assumes that both parties have the public key of the other. • Mostly used for Virtual Private Networks (logging into work from your laptop)

  9. RFCs • RFC are Requests For Comments. • They define the Internet. • For engineers and hackers, not computer scientists. • Extracting a protocol from an RFC is a skill.

  10. IKEv2 • Key establishment for IPsec, RFC 4306 • A B : (ga mod p, Na) • B A : (gb mod p, Nb) K = f(gab mod p, Na, Nb)

  11. IKEv2 • Key establishment for IPsec, RFC 4306 • A B : (ga mod p, Na) • B A : (gb mod p, Nb) K = f(gab mod p, Na, Nb) 3. A B : {SignK(A,SignA(M1,M2), gc mod p, Na2) }K

  12. IKEv2 • Key establishment for IPsec, RFC 4306 • A B : (ga mod p, Na) • B A : (gb mod p, Nb) K = f(gab mod p, Na, Nb) 3. A B : {SignK(A,SignA(M1,M2), gc mod p, Na2) }K

  13. IKEv2 • Key establishment for IPsec, RFC 4306 • A B : (ga mod p, Na) • B A : (gb mod p, Nb) K = f(gab mod p, Na, Nb) 3. A B : {SignK(A,SignA(M1,M2), gc mod p, Na2) }K

  14. IKEv2 • Key establishment for IPsec, RFC 4306 • A B : (ga mod p, Na) • B A : (gb mod p, Nb) K = f(gab mod p, Na, Nb) 3. A B : {SignK(A,SignA(M1,M2), gc mod p, Na2) }K

  15. IKEv2 • Key establishment for IPsec, RFC 4306 • A B : (ga mod p, Na) • B A : (gb mod p, Nb) K = f(gab mod p, Na, Nb) 3. A B : {SignK(A,SignA(M1,M2), gc mod p, Na2) }K

  16. IKEv2 • Key establishment for IPsec, RFC 4306 • A B : (ga mod p, Na) • B A : (gb mod p, Nb) K = f(gab mod p, Na, Nb) 3. A B : {SignK(A,SignA(M1,M2), gc mod p, Na2) }K 4. B A : {SignK(B,SignB(M1,M2), gd mod p, Nb2) }K First session key = f(gcd mod p, Na2, Nb2)

  17. SSH • Remote Secure Log in.

  18. Course Summary • The whole point of the course: • YOU don’t design a bad protocol • and YOU don’t use/accept a bad protocol

  19. Course Summary • The whole point of the course: • YOU don’t design a bad protocol • and YOU don’t use/accept a bad protocol • Analysis of Protocols is a Science: • Attacker Model • Protocol Goals • Protocol Assumptions

  20. Tools • You have tools to help you analysis • BAN logic: • Always think about the rules • ProVerif: • If you designing a protocol use it (or something like it) • Model Checking: • Very useful, not just for protocols.

  21. Today • What you can’t do with protocol: global consensus • Activities that require global consensus • Global consensus using probability or Trusted Third Party. BREAK • Some commonly used protocol • Extracting a protocol from a RFC

  22. Presentations • E-mail me ASAP.

More Related