Jom Belajar Keselamatan Rangkaian

1Rangkaian!,Kebolehcapaian didahulukan,Keselamatan diutamakan!!

Thursday, October 29, 2009

Security in Network

What is Computer Network
  • Definition:
    • A computing network is a computing environment with more than one independent processors
  • May be multiple users per system
  • Distance between computing systems is not considered (a communications media problem)
  • Size of computing systems is not relevant
Network Resources
  • Computers
  • Operating system
  • Programs
  • Processes
  • People
Network Architecture



What network can do?
  • Logical interface function
    • Sending messages
    • Receiving messages
    • Executing program
    • Obtaining status information
    • Obtaining status information on other network users and their status
Network Basic Terminology
  • Node
    • Single computing system in a network.
  • Host
    • A single computing system's processor.
  • Link
    • A connection between two hosts.
  • Topology
    • The pattern of links in a network.
Types of Network
Network Topologies
  • Bus Topology
    • To provide a single communication network on which any node can place information and from which any code can retrieve information
    • Attachments to the bus do not impact the other nodes on the bus

  • Star Topology
    • Has a central switch
    • All nodes wishing to communicate do so through the central host
    • The central host receives all messages, identifies the addresses, selects the link appropriate for that addresses and forwards the messages

  • Ring Topology
    • To connect a sequence of nodes in a loop or ring
    • Can be implemented with minimum cabling
    • Containing a token can control a “synchronous” loop

  • Mesh Topology
    • Each node can conceptually be connected directly to each other node
    • Has integrity and routing advantages
    • Not easily subject to destructive failures
    • Routing logic can be used to select the most efficient route through multiple nodes

Open Systems Interconnection (OSI)

  • Describes computer network communications.
  • Developed by the International Standards Organization (ISO).
  • Consists of Seven Layers.
  • Model describes peer-to-peer correspondence, relationship between corresponding layers of sender and receiver.
  • Each layer represents a different activity performed in the actual transmission of a message.
  • Each layer serves a separate function.
  • Equivalent layers perform similar functions for sender and receiver.
OSI Layer Characters
Network As System
Single System:
  • Single set of security policies associated with each computing system.
  • Each system concerned with:
    • integrity of data
    • secrecy of data
    • availability of service
  • Operating system enforces its owns security policies.
Advantages of Computing Network
  • Resource sharing
    • Reduces maintenance and storage costs
  • Increased reliability (i.e. availability of service)
    • If one system fails users can shift to another.
  • Distributing the workload
    • Workload can be shifted from a heavily loaded system to an underutilized one.
  • Expandability
    • System is easily expanded by adding new nodes
People that causes Network Problem
  • Hacker
  • Spy
  • Student
  • Businessman
  • Ex-employee
  • Stockbroker
  • Terrorist
  • etc
Network Security Problem Area
  • Authentication
    Deals with determining whom you are talking to before entering into a business deal or before revealing sensitive information
  • Secrecy
    What usually comes to mind when people think about network security
  • Non-repudiation
    Deals with signature
  • Integrity control
    Keeping information is not modified, add or delete by unauthorized user
Network Security Issues
  • Sharing
    • Access controls for a single system may be inadequate.
  • Complexity
    • A network may combine two or more systems with dissimilar operating systems with different mechanisms for interhost connection. Complexity of this nature makes the certification process extremely difficult.
  • Unknown perimeter
    • One host may be a node on two or more different networks
  • Many points of attack
    • Access controls on one machine preserves the secrecy of data on that processor. However, files stored in a remote network host may pass through many host machines to get to the user.
  • Unknown path
    • May be many paths from one host to another and users generally do not have control of how their messages are routed.
  • Label formats differences
    • A problem which may occur in multilevel systems is that the access labels may have different formats since there is no standard.
  • Anonymity
    • Attack can passed through many other hosts in an effort to disguise from where the attack originated
    • Attack remotely without contact the system administrator or user
Threats Exposures
Security Exposures:
  • Privacy
    • With many unknown users on a network, concealing sensitive data becomes more difficult.
  • Data Integrity
    • Because more nodes and more users have potential access to a computing system, the risk of data corruption is higher.
  • Authenticity
    • It is difficult to assure the identity of a user on a remote system.
  • Covert channels
    • Networks offer more possibilities for construction of covert channels for data flow.
Impersonating:
  • Involved the use of physical keys and biometrics checks
  • Cracker can configures a system to masquerade as another system, thus gaining unauthorized access to resources or information on system that ‘trust’ the system being mimicked
Eavesdropping:
  • Allows a cracker to make a complete transcript of network activity
  • Cracker can obtain sensitive information such as passwords, data and procedures for performing functions.
  • Cracker can eavesdrops:
    • Using wiretapping
    • By radio
    • Via auxiliary ports on terminals
    • Using software that monitors packets sent over the network.
Packet Replay:
  • Refers to recording and retransmission of message packets in the network
  • Intruder could replay legitimate authentication sequence messages to gain access to a system
  • Frequently undetectable
Packet modification:
  • Significant with integrity threat
  • Involves a system intercepting and modifying a packet destined for another system
NETWORKS SECURITY CONTROL
  • Encryption
  • Strong Authentication
  • IPSec,VPN,SSH
  • Kerberos
  • Firewall
  • Intrusion Detection System (IDS)
  • Intrusion Prevention System (IPS)
  • Honeypot
Encryption
  • Link to Link VS End to End
  • Link to Link
    • Covers layer 1 and 2 of the OSI model
    • Decryption occurs just as the communication arrives at and enters the receiving computer.
    • If we have good physical security, we may not be too concerned about this exposure.
  • End to End
    • Provides security from one end of a transmission to the other layer 6 or 7
    • The encryption can be done by:
      • A hardware device between the user and the host.
      • A software running on the host computer.
    • Protect data on every layer
IPSec,SSH,SSL(application level sec.)
  • IPSec
    • Optional in IPv4
    • Defines a standard means for handling encrypted data.
    • Implemented at IP layer, so affects all layer above it, in particular TCP and UDP.
    • Provide authentication (AH) and encryption (ESP)
  • SSH
    • Secure remote login (encrypt data send over the network)
  • Secure socket layer, encrypt data over the transport layer.
    • SSL interfaces between applications (such as browsers) and the TCP/IP protocols to provide server authentication, optional client authentication, and an encrypted communications channel between client and server.
Kerberos
  • Supports authentication in distributed systems.
  • Kerberos is based on the idea that a central server provides authentication tokens, called tickets, to requesting applications.
    • A ticket is an unforgeable, nonreplayable, authenticated object.
    • It is an encrypted data structure naming a user and a service that is allowed to obtain.
    • Also contain a time value and some control information.
Firewall
  • What is a firewall?
  • A Firewall is a network security device designed to restrict access to resources (information or services) according to a security policy.
  • Firewalls are not a “magic solution” to network security problems, nor are they a complete solution for remote attacks or unauthorised access to data
  • A Firewall is a network security device
  • It serves to connect two parts of a network and control the traffic (data) which is allowed to flow between them
  • Often installed between an entire organisation's network and the Internet
  • Can also protect smaller departments
  • A Firewall is always the single path of communication between protected and unprotected networks
  • A Firewall can only filter traffic which passes through it
  • If traffic can get to a network by other means, the Firewall cannot block it
  • Intrusion Prevention Systemnetwork security device that monitors network and/or system activities for malicious or unwanted behavior and can react, in real-time, to block or prevent those activities
  • Network-based IPS, for example, will operate in-line to monitor all network traffic for malicious code or attacks
  • When an attack is detected, it can drop the offending packets while still allowing all other traffic to pass
  • Intrusion prevention technology is considered by some to be an extension of intrusion detection (IDS) technology
  • In addition, most IPS solutions have the ability to look at (decode) layer 7 protocols like HTTP, FTP, and SMTP which provides greater awareness
Honeypot
  • Decoy systems that are designed to lure a potential attacker away from critical systems
  • Design to
    • Divert attacker from critical system
    • Collect information on attacker’s activity
    • Encourage attacker to stay long enough for admin. to notice
  • Contain fabricated info. not for normal user to used
  • Simulated traffic that emulate real network
Hacking and Prevention
  • motivated by thrill of access and status
    • hacking community a strong meritocracy
    • status is determined by level of competence
  • benign intruders might be tolerable
    • do consume resources and may slow performance
    • can’t know in advance whether benign or malign
  • IDS / IPS / VPNs can help counter
  • awareness led to establishment of CERTs
    • collect / disseminate vulnerability info / responses
Hacker Behaviour
  • select target using IP lookup tools
  • map network for accessible services
  • identify potentially vulnerable services
  • brute force (guess) passwords
  • install remote administration tool
  • wait for admin to log on and capture password
  • use password to access remainder of network


Authentication and Access Control

What is Authentication?
  • Verification of identity of someone who generated some data
  • Relates to identity verification
  • Classifications of identity verification:
    • by something known e.g. password
    • by something possessed e.g. smart card, passport
    • by physical characteristics (biometrics) e.g. finger prints, palm prints, retina, voice
    • by a result of involuntary action : signature
Authentication
  • Requirements – must be able to verify that:
    • Message came from apparent source or author
    • Contents have not been altered
    • Sometimes, it was sent at a certain time or sequence
  • Protection against active attack (falsification of data and transactions)
Password
  • Protection of passwords
    • Don’t keep your password to anybody
    • Don’t write or login your password at everywhere
    • Etc.
  • Choosing a good password
    • Hard to guess and easy to remember
    • Characteristics of a good password
    • Not shorter than six characters
    • Not patterns from the keyboard
  • Calculations on password
    • Password population, N =rs
    • Probability of guessing a password = 1/N
    • Probability of success, P=nt/N
Time taken to crack password

Techniques for guessing passwords
  • Try default passwords.
  • Try all short words, 1 to 3 characters long.
  • Try all the words in an electronic dictionary(60,000).
  • Collect information about the user’s hobbies, family names, birthday, etc.
  • Try user’s phone number, social security number, street address, etc.
  • Try all license plate numbers
  • Use a Trojan horse
  • Tap the line between a remote user and the host system.
Password Selecting Strategies
  • User education
  • Computer-generated passwords
  • Reactive password checking
  • Proactive password checking
Biometric
  • Biometric is derived from the Greek words bio (= life) and metric (= to measure)
  • Biometrics is the measurement and statistical analysis of biological data
  • In IT, biometrics refers to technologies for measuring and analysing human body characteristics for authentication purposes
  • Definition by Biometrics Consortium – automatically recognising a person using distinguishing traits
Biometric Identifiers
  • Universality
  • Uniqueness
  • Stability
  • Collectability
  • Performance
  • Acceptability
  • Forge resistance
Biometric Technologies
  • Fingerprint biometrics – fingerprint recognition
  • Eye biometrics – iris and retinal scanning
  • Face biometrics – face recognition using visible or infrared light (called facial thermography)
  • Hand geometry biometrics – also finger geometry
  • Signature biometrics – signature recognition
  • Voice biometrics – speaker recognition
Other Biometric That Can Be Use
  • Vein recognition (hand)
  • Palmprint
  • Gait recognition
  • Body odour measurements
  • Ear shape
  • DNA
  • Keystroke dynamics
Static vs. dynamic biometric
  • Static (also called physiological) biometric methods – authentication based on a feature that is always present
  • Dynamic (also called behavioural) biometric methods – authentication based on a certain behaviour pattern
Classification of biometric methods
  • Static
    • Fingerprint recognition
    • Retinal scan
    • Iris scan
    • Hand geometry
  • Dynamic
    • Signature recognition
    • Speaker recognition
    • Keystroke dynamics
Biometric system architecture
Major components of a biometric system:
  • Data collection
  • Signal processing
  • Matching
  • Decision
  • Storage
  • Transmission
Biometric system model

Fingerprint Recognition
  • Ridge patterns on fingers uniquely identify people
  • Classification scheme devised in 1890s
  • Major features: arch, loop, whorl
  • Each fingerprint has at least one of the major features and many “small features”
  • In an automated system, the sensor must minimise the image rotation
  • Locate minutiae and compare with reference template
  • Minor injuries are a problem
  • Liveness detection is important (detached real fingers, gummy fingers, latent fingerprints)
Paterns of fingerprints

Fingerprint Authentication
Basic steps for fingerprint authentication:
  • Image acquisition
  • Noise reduction
  • Image enhancement
  • Feature extraction
  • Matching
Fingerprints Authentication Advantage and Disadvantage
  • Advantages
    • Mature technology
    • Easy to use/non-intrusive
    • High accuracy (comparable to PIN authentication)
    • Long-term stability
    • Ability to enrol multiple fingers
    • Comparatively low cost
  • Disadvantages
    • Inability to enrol some users
    • Affected by skin condition
    • Sensor may get dirty
    • Association with forensic applications
Fingerprint Recongnition Sensors:
Biometric Threats:
Access Control
Define as “The prevention of unauthorized use of a resource, including the prevention of use of a resource in an unauthorized manner“
  • central element of computer security
  • assume have users and groups
    • authenticate to system
    • assigned access rights to certain resources on system
Access Controls Principles
Access Control Requirements
  • reliable input
  • fine and coarse specifications
  • least privilege
  • separation of duty
  • open and closed policies
  • policy combinations, conflict resolution
  • administrative policies
Access Control Elements
  • subject - entity that can access objects
    • a process representing user/application
    • often have 3 classes: owner, group, world
  • object - access controlled resource
    • e.g. files, directories, records, programs etc
    • number/type depend on environment
  • access right - way in which subject accesses an object
    • e.g. read, write, execute, delete, create, search
Discretionary Access Control
  • often provided using an access matrix
    • lists subjects in one dimension (rows)
    • lists objects in the other dimension (columns)
    • each entry specifies access rights of the specified
  • subject to that object
    • access matrix is often sparse
    • can decompose by either row or column
ACCESS CONTROL MATRIX
  • Access Control Matrix or Access Matrix is an abstract, formal security model of protection state in computer systems, that characterizes the rights of each subject with respect to every object in the system
  • An Access Control Matrix is a table in which
    • each row represents a subject,
    • each column represents an object, and
    • each entry is the set of access rights for that subject to that object.
  • ACM entry can also be a function that determines rights.
    • E.g. one subject may not be able to access an object when another subject is already writing modifying it
Access control List


Access control List
  • In computer security, an access control list (ACL) is a list of permissions attached to an object. The list specifies who or what is allowed to access the object and what operations are allowed to be performed on the object. In a typical ACL, each entry in the list specifies a subject and an operation: for example, the entry (Alice, delete) on the ACL for file WXY gives Alice permission to delete file WXY.
UNIX File Concepts
  • UNIX files administered using inodes
    • control structure with key info on file
  • attributes, permissions of a single file
    • may have several names for same inode
    • have inode table / list for all files on a disk
  • copied to memory when disk mounted
  • directories form a hierarchical tree
    • may contain files or other directories
    • are a file of names and inode numbers
UNIX File Access Control


  • “set user ID”(SetUID) or “set group ID”(SetGID)
    • system temporarily uses rights of the file owner / group in
  • addition to the real user’s rights when making access
  • generally accessible
  • control decisions
    • enables privileged programs to access files / resources not
  • sticky bit
    • on directory limits rename/move/delete to owner
  • superuser
    • is exempt from usual access control restrictions
UNIX Access Control Lists
  • modern UNIX systems support ACLs
  • can specify any number of additional users / groups and associated rwx permissions
  • ACLs are optional extensions to std perms
  • group perms also set max ACL perms
  • when access is required
    • select most appropriate ACL
  • owner, named users, owning / named groups, others
    • check if have sufficient permissions for access
File System Security
  • in Linux everything as a file
    • e.g. memory, device-drivers, named pipes, and
  • other system resources
    • hence why filesystem security is so important
  • I/O to devices is via a “special” file
    • e.g. /dev/cdrom
  • have other special files like named pipes
    • a conduit between processes / programs
Users and Groups
  • a user-account (user)
    • represents someone capable of using files
    • associated both with humans and processes
  • a group-account (group)
    • is a list of user-accounts
    • users have a main group
    • may also belong to other groups
  • users & groups are not files

Numeric File Permissions

Modern Cryptograpy



Modern Cryptography Algorithm
Most modern ciphers use a sequence of binary digits (bits), that is, zeros and ones such as ASCII.This bit sequence representing the plaintext is then encrypted to give the ciphertext as a bit sequence.
The encryption algorithm may act on a bit-string in a number of ways:
  • stream ciphers where the sequence is encrypted bit-by-bit.
  • block ciphers, where the sequence is divided into blocks of a predetermined size.
  • ASCII requires 8 bits to represent one character, and so for a block cipher that has 64-bit blocks, the encryption algorithm acts on eight characters at once.
Since most modern algorithms operate on binary strings we need to be familiar with a method of combining two bits called Exclusive OR and often written as XOR
Stream ciphers
  • convert one symbol of plaintext immediately into a symbol of ciphertext
  • depends on symbol, key and control information of encipherment algorithm
Block ciphers

  • encrypt a group of plaintext symbols as one block
  • examples are transposition ciphers
Stream Ciphers

The plaintext is enciphered bit by bit.
  • The value of each bit is changed to the alternative value or leave unchanged.
  • If a bit is changed twice, it returns to its original value.
If an attacker knows that a stream cipher has been used, then their task is to try to identify the position of those bits which have been changed and to change them back to their original values.
  • If there is any easily detectable pattern that identifies the changed bits then the attacker task may be simple.
  • The position of the changed bits must be unpredictable to the attacker but the genuine receiver needs to be able to identify them easily.
The encryption key is often called a keystream sequence.
  • 0 to mean ‘leave unchanged’, 1 to mean ‘change’.
  • Plaintext, ciphertext and keystream are all binary sequences.
Suppose that we have the plaintext 1100101 and the keystream is 1000110.
  • By applying the rule gives 0100011 as the ciphertext.
Changing a bit twice has the effect of returning it to its original value.
  • This means that decryption process is identical to the encryption process, so the keystream also determines decryption.
If the keystream generator produces the same bit stream every time it is turned on, the resulting cryptosystem will be trivial to break.
  • Anyone who has two different ciphertexts encrypted with the same keystream, can XOR them together and get two plaintext messages XORed with each other.
  • When the interceptor gets a single plaintext/ciphertext pair, they can read everything.
  • That is why all stream ciphers have keys - the output of the keystream generator is a function of the key.
Block Ciphers
  • For a block cipher, the bit-string is divided into blocks of a given size and the encryption algorithm acts on that block to produce a cryptogram block that, for most symmetric ciphers, has the same size.
  • Block ciphers have many applications.
  • Can be used to provide confidentiality, integrity, or user authentication and can even be used to provide the keystream generator for stream ciphers.
  • A symmetric algorithm is said to be well designed if an exhaustive key search is the simplest form of attack.
  • Usual number of blocks are 64,128,256 and 512 bits
There are a few obvious properties that a strong block cipher should possess:
  • Diffusion properties - which a small change in the plaintext, may be one or two positions, should produce an unpredictable change in the ciphertext.
  • Confusion properties - if an attacker is conducting an exhaustive key search then there should be no indication that they are near to the correct key.
  • To prevent divide-and-conquer attacks we require completeness - each bit of a ciphertext must depend on every bit of the key.
  • Statistical testing forms a fundamental component of the assessment of block ciphers for these three listed properties and others.
Data Encryption Standards (DES)
  • Widely used encryption scheme
  • Adopted by The national Bureau of standard in 1977
  • The plaintext is divided into 64 bit blocks with a key of 56 bits(with 8 bit parity).
  • DES structure is similar to Fiestel Network concept.
  • Process through 16 round of Expansion, substitution, key mixing and permutation process.
  • DES is brakeable by using brute force of 2^56 possible key
  • 1998, Electronic Frontier Foundation (EFF) has created a USD220,000 machine to go through the entire 56 bit DES key space in average of 4.5 days.
  • Triple DES has been introduced to improve the standard.
DES Process Diagram






































Advanced Encryption Standard (AES)
  • created to be a better replacement for DES
  • NIST called for proposals in 1997
  • selected Rijndael in Nov 2001
  • published as FIPS 197
  • symmetric block cipher
  • uses 128 bit data & 128/192/256 bit keys
Message Authentication
Message Authentication protects against active attacks
Verifies received message is authentic:
  • contents unaltered
  • from authentic source
  • timely and in correct sequence
can use conventional encryption
  • only sender & receiver have key needed
or separate authentication mechanisms
  • append authentication tag to cleartext message
Message Authentication Codes (MAC)























Hash Function



































Hash Function Requirements
  • Applied to any size data
  • H produces a fixed-length output.
  • H(x) is relatively easy to compute for any given x
  • one-way property
  • weak collision resistance
  • strong collision resistance
> computationally infeasible to find any pair (x, y) such thatH(x) = H(y)

Simple Hash Function
  • a one-way or secure hash function used in message authentication, digital signatures
  • all hash functions process input a block at a time in an iterative fashion
  • one of simplest hash functions is the bit-by-bit exclusive-OR (XOR) of each block



> effective data integrity check on random data
>less effective on more predictable data
>virtually useless for data security

Hash Functions
  • two attack approaches,cryptanalysis
  • exploit logical weakness in algorithm,brute-force attack
  • trial many inputs
  • strength proportional to size of hash code (2n/2)
SHA most widely used hash algorithm:
  • SHA-1 gives 160-bit hash
  • more recent SHA-256, SHA-384, SHA-512 provide improved size and security
There are 2 prominent algorithms in Hashing functions:
  • First, the most popularly used technique is MD5.
  • Second, the well accepted standard is secure hashing algorithm SHA-1.

Nevertheless, SHA-256 is chosen in this class as it is considered to be the primary next-generation algorithm.

MD-5

  • A hash function designed by Ron Rivest, one of the inventors of the RSA public-key encryption scheme.
  • The MD-5 algorithm produces a 128-bit output. Note that MD-5 is now known to have some weaknesses and should be avoided if possible.
  • SHA-1 is generally recommended.

SHA-1 (Secure Hash Algorithm-1)
  • SHA-1 is an MD-5-like algorithm that was designed to be used with the Digital Signature Standard (DSS).
  • NIST (National Institute of Standards and Technology) and NSA (National Security Agency) are responsible for SHA-1.
  • The SHA-1 algorithm produces a 160-bit MAC.
  • This longer output is considered to be more secure than MD-5.
SHA Secure Hash Function
SHA originally developed by NIST/NSA in 1993
was revised in 1995 as SHA-1
  • US standard for use with DSA signature scheme
  • standard is FIPS 180-1 1995, also Internet RFC3174
  • produces 160-bit hash values
NIST issued revised FIPS 180-2 in 2002
  • adds 3 additional versions of SHA
  • SHA-256, SHA-384, SHA-512
  • with 256/384/512-bit hash values
  • same basic structure as SHA-1 but greater security
NIST intend to phase out SHA-1 use
  • For SHA-1 and SHA-256, each message block has 512 bits, which are represented as a sequence of sixteen 32-bit words.
  • SHA-256 uses six logical functions, where each function operates on 32-bit words, which are








SHA-1 and SHA-256
  • Suppose that the length of the message, M, is l bits. Append the bit “1” to the end of the message.
  • followed by k zero bits, where k is the smallest, non-negative solution to the equation
  • l =1+k =448mod 512 . Then append the 64-bit block that is equal to the number l expressed
  • using a binary representation. For example, the (8-bit ASCII) message “abc” has length 8x3 =24, so the message is padded with a one bit, then 448 (24 1) =423 zero bits, and then the message length, to become the 512-bit padded message
SHA-512 Structures
SHA-512 Round

Digital Signatures
t is the provision of a means of settling disputes between sender and receiver that distinguishes the digital signature mechanism from the MACing process.
  • Such dispute can only be settled if there is asymmetric between sender and receiver.
  • Asymmetric cryptographic processing requires much computational processing.
  • Thus a condensed version or hash of the message is produced by applying a hash function to the message.
  • The signature is produced from the hash (which represent the message) by using the asymmetric algorithm with the private key.
  • Thus only the owner of the private key can generate the signature.
Public Key Infrastructure (PKI)
When a PKI is established, the following processes need to take place:
  • The key pairs for CAs must be generated.
  • The key pairs for users must be generated.
  • Users must request certificates
  • Users’ identities must be verified.
  • Users’ key pairs must be verified.
  • Certificates must be produced.
  • Certificates must be checked.
  • Certificates must be removed/updated (when necessary).
  • Certificates must be revoked (when necessary).
Key Management
A typical requirement specification for a symmetric key system might include each of the following:
  • Keys must be generated using a random or pseudorandom process.
  • Any key used by a communicating pair must be unique to them.
  • A key must be used for only for a purpose, e.g. the same key should not be used for both encryption and authentication.
  • Each key must be replaced within the time deemed necessary to determine it by an exhaustive search.
  • A key must not be used if its compromise is either known or suspected.
  • Compromise of a key which is shared between two parties must not compromise any key used by a third party.
  • Keys should only appear in clear form within a highly tamper resistant device. Elsewhere all keys must be encrypted or in component form.
  • Keys must be protected against misuse.
  • Unauthorized modification, substitution or replay of any key must be prevented or detected.

Tuesday, October 27, 2009

Asas Kriptografi

Konsep Kriptografi
> Idea sesebuah sistem kripto adalah bertujuan untuk menyamarkan data untuk menjadikan data tersebut tidak bermakana kepada pihak yang tidak sepatutnya melihat data tersebut
> Dua cara yang biasa digunakan adalah menyimpan data secara selamat didalam fail komputer atau menghantar data tersebut melintasi saluran yang kurang selamat seperti Internet
> Dokumen yang telah diecrypt tidak menghalang pihak yang tidak sepatutnya mendapat akses kepada data tersebut tetapi digunakan untuk memastikan pihak tersebut tidak memahaimi data yang diperolehi mereka

Seni Penulisan Tulisan Rahsia(Tekan gambar untuk zoom)


Steganografi
> Steganografi adalah sesuatu teknik yang digunakan untuk menyembunyikan sebuah mesej kepada satu medium yang lain seperti gambar
> Mesej tidak diubah dan teknik ini tidak melibatkan sebarang kunci(key)

(Gambar Pemimpin Al-Qaeda ini sebenarnya mempunyai mesej yang tersembunyi)

(Gambar lelaki kacak ini menunjukkan bahawa setiap kod berbeza yang disembunyikan mempunyai ton warna yang lain)

Kriptografi
> Kriptografi merupakan satu teknik yang digunakan untuk menyelerakkan mesej dan mesej yang diubah kelihatan berbeza berbanding mesej asal
> Boleh melibatkan kunci(key)

Mesin Mekanikal Kripto di zaman Perang Dunia ke-2

Gambar diatas menunjukkan sebuah mesin yang digunakan untuk proses kripto ketika zaman Perang Dunia ke-2
> Mesin ini bernama "Enigma Machine"
> Digunakan oleh pihak tentera German ketika Perang Dunia ke-2
> Menggunakan enjin rotaran untuk menghasilkan mesej yang teleh dikriptokan
> Menggunakan teknik penukaran cipher yang kompleks
> Mengunakan sebilangan sebilangan silinder dimana setiap satu satu penukaran, dimana ia berputar selepas setiap perkataan telah diencrypt
>Dikatakan kod yang dihasilkan tidak dapat dipecahkan, tetapi akhirnya dapat dipecahkan oleh seorang pakar matematik,Marian Rejeski dengan menggunakan konsep al-gebra di dalam Matematik pada tahun 1932

Istilah Kriptografi
>Plainteks(Plaintext) - Mesej asal
>Cipherteks(Ciphertext) - Mesej yang telah dikodkan
>Cipher - Alogoritma yang digunakan untuk menukarkan plainteks kepada cipherteks
>Kunci(Key) - Informasi yang diketahui oleh penghantar/penerima untuk menukar plainteks dan menterjermahkan cipherteks
> encipher - Proses penukaran plainteks kepada cipherteks
> decipher - Proses penukaran cipherteks kepada plainteks
> kriptografi(Cryptography) - bidang pembelajaran prinsip/cara encryption
> cryptanalysis - Cara digunakan untuk mengetahui isi didalam cipherteks tanpa mengetahui kunci
> kriptonologi - bidang untuk kedua-dua kriptonolgi dan crytanalysis

Algoritma Kriptografi
Berkait rapat dengan tiga keperluan dibawah:
>Penggunaan jumlah kunci
>simetri(sysmetric) - Hanya melibatkan penggunaan satu key sahaja
>tak simetri(asymmetric) - Melibatkan dua jenis kunci
>Operasi yang digunakan untuk menukarkan plainteks kepada cipherteks
>Penukaran
>Transposisi
>Produk
>Cara plainteks diproses
>Blok(block)
>Aliran(stream)

Cryptanalysis
Bertujuan untuk mendapatkan kunci untuk menterjemahkan mesej.
Menggunakan jalan:
> serangan cryptanalytic
> serangan brute-force

Serangan Cryptanalytic
>cipherteks
>mengetahui plainteks
>memilih plainteks
>memilih cipherteks
>memilih teks

Serangan Brute-Force
Serangan ini menggunakan kaedah cuba-jaya dengan mencuba segala jenis kunci yang tidak mustahil digunakan.
Kaedah ini digunakan jika mengetahui plainteks



Algoritma Kriptografi
> Algoritma Simetri
P=D(K,E(K,P))


> Algoritma Bukan Simetri
P=D(Kdecrypt,E(Kencrypt,P))


Simetri vs Bukan Simetri
>Jika sebuah sistem itu simetri,maka kunci rahsia perlu diberitahu sebelum mesej yang dirahsiakan itu dihantar,tetapi kunci ini juga boleh digunakan untuk menterjermah mesej menyebabkan mesej tidak selamat kepada pengguna lain
> Masalah kunci yang sama untuk menghantar dan menterjermah dapat diatasi dengan menggunakan kunci tidak simetri

Prinsip Kriptografi Simetri


Keperluan Kriptografi Simetri
> Keperluan untuk memastikan encryption simetri selamat
>Algorithma yang digunakan perlu kuat
>Kunci rahsia hanya boleh diketahui oleh penerima dan penghantar sahaja
>Menggunakan formula matematik:
&nbspC=Ekey(P)
&nbspP=Dkey(C)
>Mengadailan bahawa algoritma encryption diketahui
>Menggunakan saluran selamat untuk menghantar kunci

Prinsip penggunaan kriptografi tidak simetri


Kriptogafi Tidak simetri yang memerlukan dua jenis kunci memerlukan proses menyebarkan kunci,memastikan sistem diyakini dan melibatkan proses pengenalan pengguna.
Schema kriptografi tidak simetri melibatkan enam entiti iatu:
>Plainteks
>Algoritma Encryption
>Kunci Umum
>Kunci Persendirian
>CipherTeks
>Algoritma Decryption

Kaedah diggunakan di dalam Algorithma Kriptografi
>Teknik Penukaran
>Penukuran monoalphabetic
>Penukaran polyalphabetic
>Teknik Transoposisi
>Transposisi unkeyed
>Transposisi keyed

Ceaser Ciphers
> Ceaser Ciphers merupakan teknik cipher antara terawal menggunakan teknik paenukaran yang dicanangkan oleh Julius Ceaser ketika Perang Gallic(Gallic Wars)
> Ceaser Ciphers menggunakan setiap huruf daripada A ke W diencrypt dengan huruf yang diselang sebanyak tiga kali selapas huruf yang hendak diubah tersebut
> Walaupun Caeser hanya menggunakan kaedah selang tiga(shift-3), tetapi kaedah tersebut boleh digunakan dengan menggunakan selangan yang lain dan dengan menggunkan kaedah selanggan ini boleh dipanggil sebagai kaedah Ceaser Ciphers
> Kunci untuk kaedah Ceaser CIphers ini dengan beberapa banyak kali huruf diselang dan diganti dengan huruf lain. Walaubagaimana selangan ini hanya wujud sebanyak 0 hingga 25 kali kerana selangan ke 26 ini adalah sama dengan selangan 0 iaitu tidak melibatkan langsung kepada perubahan didalam plainteks tersebut.



Menjadikan Kaedah Ceaser Ciphers lebih selamat
>Kaedah Caeser Ciphers ini adalah terdedah dengan kaedah mencuba seluruh 26 kunci yang diggunakan iaitu selangan 0 - 25.
>Oleh itu kaedah Ceaser Ciphers adalah kurang selamat kerana plainteks boleh didapati dengan menggunakan kaedah brute-force dengan mecuba selangan kepada cipherteks sebanyak 26 kali.
>Kaedah ini dibaik semula dengan menggunakan kaedah menukarkan keduduakan setiap huruf, sebagai contoh plainteks yang mempunyai 26 perkataan memerlukan 403,291,461,126,605,635,584,000,000 kunci yang perlu dicuba dengan menggunakan kaedah Ceaser Ciphers
>Bilangan percubaan=26! x (bilangan huruf)
>Walaupun boleh dikatakan mustahil dipecahkan jika plainteks itu mempunyai perkataan yang banyak,tetapi sebenarnya tidak kebanyakkan huruf didalam mesej selalunya berulang dan terdapat juga perkataan yang jarang digunakan.
>Sebagai contoh didalam penulisan bahasa Inggeris,Huruf 'E' paling kerap diggunakan dan diikuti dengan T,R,N,I,O,A,S yang turut kerap diggunakan manakala huruf Z,J,K,Q,X jarang digunakan.
> Kaedah serangan kepada Ceaser Ciphers ini dipanggil sebagai serangan kekerapan(frequency attack) yang dicanangkan oleh Al-Kindi(tahun 801-873 masihi)
> Kaedah serangan kekerapan ini berpandukan analisis teks kepada Kitab Al-Quran yang melahirkan kaedah a

Tuesday, October 20, 2009

Pengenalan kepada Keselamatan IT

Sebelum mempembelajari Keselamatan Rangkaian,kita perlu diperkenalkan terlebih dahulu tentang Keselamatan IT (Teknologi Maklumat)

Apakah itu Keselamatan
Keselamatan bermaksud kualiti atau tahap rasa selamat terhadap sesuatu bahaya ataupun perkara yang boleh mendatangkan kemudaratan sama ada sengaja atau sebaliknya.

Keselamatan Informasi
Keselamatan Informasi (Information security) adalah perlindungan kepada informasi/data,sistem dan peralatan ketika menyimpan atau menghantar informasi tersebut.

Trend Keselamatan

Merujuk kepada graph diatas, semakin meningkat tahun, semakin kurang pengetahuan yang diperlukan untuk mengodam sesuatu organisasi

Pengkhususan Keselamatan
Terdapat 3 pengkhususan untuk melaksanakan keselamatan iaitu:
> Mengesan (Detection)
Contoh: Pengimbas Virus,Internet
> Mengelak (Prevention)
Contoh: Firewall,Proksi(Proxy)
> Mendapatkan Semula (Recovery)
Contoh: Teknik Kriptography(Chryptography), perancangan yang baik (cth:Membuat salinan)

Senibina Keselamatan
> Distandardkan oleh ITU-T (The Telecommunication Standardization Sector) dibawah perancangan X.800 yang dipanggil Senibina Keselamatan OSI(OSI Security Architecture)
> Senibina yang dicipta perlu dipatuhi sebagai standard Antarabangsa, dan segala vendor komputer dan telekomunikasi perlu membina fungsi keselamatan yang mengikut senibina tersebut.
> Senibina ini difokuskan untuk serangan,mekanisme,perkhidmatan serangan.

Tujuan Keselamatan
Keselamatan yang diuruskan bertujuan untuk:
> Memberi privasi terhadap segala maklumat (Confidentiality)
> Mengelak daripada perubahan maklumat yang tidak dikhendaki (Integrity)
> Memastikan maklumat dapat dicapai oleh pemiliknya dan tidak dapat dicapai oleh pihak yang tidak dikhendaki (Availability)

Polisi Keselamatan
> Peraturan yang ditetapkan yang berkhaitan dengan aktiviti yang melibatkan keselamatan
> Tahap polisi keselamatan yang melibatkan objektif,organisasi dan sistem Keselamatan
> Perkara2 penting didalam polisi keselamatan (Pergesahan pengguna,pencapaian maklumat dan kebenaran maklumat)

Ancaman dan serangan keselamatan
>Serangan sekuriti melibatkan dua cara iaitu Serangan Pasif dan Serangan Aktif

Serangan Pasif
> Melalui cara mencuri dengar atau mencuri lihat ketika transmisi data
> Bertujuan untuk mendapatkan information yang tengah dihantar
> Melibatkan cara menghantar kandungan dan menganalisa trafik
> Serangan yang susah untuk dijejaki tetapi serangan kurang berkesan

Serangan Aktif
>Bertujuan untuk mengubah informasi dan membuat informasi palsu
>Bertujuan untuk mendapatkan hak untuk mendapat maklumat daripada pemilik sebenar
>Mengunakan cara masquarede,pengulangan semula,perubahan mesej dan penggunaan DOS(Denial of Services)
> Serangan mudah dikesan tetapi serangan berkesan

Cara Perlindunagan
Kita boleh berhadapan dengan serangan dengan menjalankan:
> Menghalang serangan (dengan menghalang serangan dan mengelak daripada dilihat)
> Meningkatkan kompleks keselamatan (Bertujuan hanya melambatkan serangan)
> Menghala serangan semula
> Mengesan Serangan
> Menyelamatkan maklumat daripada akibat serangan

Mengawal Keselamatan
Keselamatan dapat dikawal dengan menggunakan cara cara:
> memanipulasi data daripada satu penyata kepada satu penyata yang tidak dapat dibaca secara terus(Encryption)
> Mengawal perisian dengan mengawal pengehadan maklumat dan melindung maklumat daripda satu pengguna kepada pengguna lain
> Perubahan Polisi,contoh:perubahan kata kunci secara kerap
> Pengawalan Fizikal

Cara Keselamatan:Pengawalan Perisian
> Keselamatan dalaman program (salah satu bahagian didalam program yang menguatkuasa tahap batas keselamatan seperti batas mengakses data didalam pengkalan data(access control))
> Sistem Operasi dan Sistem Rangkaian (Pengehad didalam sistem operasi dan rangkaian untuk menpertahankan setiap pengguna daripada pengguna lain
> Program Pengawalan persendirian(Applikasi yang digunakan untuk mengetahui tahap keselamatan pengguna seperti mengetahui kekuatan katakunci,pengesan penceroboh,virus dan perlindungan daripada dilihat)
> Pengawalan Pembinaan sesuatu aplikasi(Standard Kualiti untuk setiap program yang direka,dikod,dicuba,dan aktiviti membaik pulih untuk mengelak kerosakan perisian yang akan disalahguna untuk digodam)

Cara Keselamatan:Pengawalan Perkakasan
Kebanyakkan perkakasan dicipta unntuk membantu memberikan keselamatan komputer sama ada:
> Penggunaan Perkakasan atau pengguna kad pintar dan penggunaan encryption
> Kunci atai kabel untuk mengehad akses ataupun menyukarkan pencurian
> Peralatan yang digunakan untuk mengenalpasti identiti pengguna
> Penggunaan Firewall
> System mengesan penceroboh
> Papan elektonik untuk pengawal akses kepada medium penyimpan data

Cara Keselamatan:Pengawalan Encryption
> Enryption adalah nama formal untuk proses pengubahan penyapaian data sehingga menjadi sesuatu yang tidak bermakna dan cara pengubahan tidak diketahui oleh penceroboh.
> Encryption digunakan untuk merahsiakan data dan memberikan ketulusan data
> Encryption merupakan asas kepada protokol yang membolehkan keselamatan dijalankan didalam sebuah sistem rangkaian

Perkhidmatan Keselamatan
Dinyatakan oleh x.800
> Perkhidmatan keselamatan merupakan perkhidmatan yang terdapat pada lapisan protokol untuk menghubungkan sistem terbuka(open System) untuk memberikan sejumlah kesemalan kepada sistem atau penghantaran data
Dinyatakan oleh RFC 2828
> Satu proses atau perkhidmatan komunikasi yang disediakan oleh sistem untuk memberikan beberapa jenis pertahanan kepada sumber sistem(System resources) danperkhidmatan keselamatan menjalankan beberapa polisi keselamatan dan digunapakau didalam makanisme keselamatan

Jenis-jenis perkhidmatan keselamatan
> Pengenalan Pengguna(Authentication) - Jaminan bahawa entiti yang mengunakan komunikasi adalaj orang yang sepatutnya
> Pengawalan Akses(Access Control) - Proses menghalang kemasukan tidak sah untuk mengunakan sesuatu bahan
> Pengrahsia Data(Data Confidentiality) - Pertahanan data daripada dilihat orang yang tidak dikhendaki
> Integriti Data(Data Integrity) - Jaminan bahawa data yang diterima adalah daripada pihak yang sepatutnya menerima
> Tiada Pengnafian (Non-Repudiation) - Pertahan daripada pengnafian seseorang atau salah satu parti didalam komunikasi

Mekanisme Keselamatan
> Mekanisme Keselamatan adalah mana-mana proses yang direka untuk mengesan,menghalang, atau mendapatkan semula setutu daripada sesebuah serangan keselamatan
> Mekanisme Keselamatan wujud untuk memberikan dan menyokong perkhidmatan keselamatan yang ditetapkan oleh X.800
> Dibahagi kepada dua kelas:
> Mekanisme Keselamatan Spesifik (Specific Security Mechanisms)
> Mekanisme Keselamatan Pervasive (Pervasive Security Mechanisms)

Senarai Mekanisme Keselamatan Spesifik
1. Pengubahan Pengenalan Pengguna(Authentication Exchange)
2. Integriti Data(Data Integrity)
3. Encipherment
4. Penambah Trafik (Traffic Padding)
5. Pengawalan Akses (Access Control)
6. Tandatangan Digital (Digital Signature)
7. Notarization
8. Pengawalan penala(Routing Control)

Senarai Mekanisme Keselamatan Pervasive
1. Fungsi yang dipercayai (Trusted Fuctionality)
2. Pemulihan Keselamatan(Security Recovery)
3. Label Keselamatan (Security label)
4. Pengauditan Keselamatan (Security Audit Trail)
5. Pengesan sesuatu peristiwa(Event Detection)

Salam pengenalan

Asslamualaikum, Laman blog ini direka untuk menyampaikan maklumat tentang teknologi keselamatan yang digunakan untuk rangkaian komputer. Segala penulisan adalah dibenarkan untuk diguna semula dan diubah. Terima Kasih kerana melawat laman blog ini.

Segala pertanyaan, boleh hubungi saya dengan menghubungi email: zerorating@gmail.com