Chapter 10  Real-world security protocol

SSL:  Secure internet transactions.  Socket layer between transport and application layers. Part of application.

 Designed to protect against man-in-the-middle attacks:

bulletA clients certificate must be signed by a CA (certificate authority)

  Effective:

bulletSession protocol  Using public keys
bulletConnection protocol  More effective, using symmetric keys which is used to make new connections for the parallel connections to improve performance for transferring data.

IPSec:  Used in "VPN".  Complex and over-engineered protocol.  Transparent for applications, is on the network layer. Part of OS.

  Two main parts:

bulletIKE (internet key exchange)  Shared symmetric key.  Two phases.  Does not need two phases.
bulletESP/AH  (encapsulating Security Payload/ Authentication Header) 

 ESP:  Encryption or integrity.  If NULL (between Clients only)  is used only integrity is protected.

 AH:  integrity only.  Why does AH exist?  IP header can not be encrypted.

 Phase 1:  4 key options, Digital signature, symmetric key, public key

 Cookies are  used to make Denial of Service more difficult, but Bob must keep state and so it offers littel protection.

  Transport mode:  More effective, host to host only, drawback that a passive attacker can see the header.

  Tunnel mode: New IP header, firewall to firewall only

Kerberos:  Authentication protocol built on symmetric key cryptography.  Clients are anonymous to each other.  Stateless (no DoS ).  Requires only N symmetric keys for N users due to that it relies on a TTP (trusted third party).

  KDC:

bulletThe key distribution center acts as a TTP. 
bulletSecurity of the entire system can be lost here. 
bulletHas one key for all, no client know of each other, this makes it stateless.
bulletDES is used (symmetric key standard, but any can be used)
bulletContains tickets which contains the keys  TGT (ticket-granting-ticket).  Used to obtain ordinary tickets.

  TGT:

bulletsession key
bulletUser ID to whom the TGT is issued
bulletexpiration time
bulletencrypted with KDC before it is sent to the intended recipient
bulletcan only be read by KDC
bulletused to access shared resources
bulletTGT is used so that KDC does not need to maintain state

GSM protocol:  Not safe from the base station to the base station controller.