Security
Home Up Academics Interests Photo Album Favorites

 

Up

Security

    With the advent of  internetworking network and data security are of paramount importance.. For broad overviews of security issues, see RFC 2196 (Site Security Handbook) and RFC 2504 (User's Security Handbook). RFC 2828 (Internet Security Glossary) lists and defines 191 security-related terms.

Trusted Ports   One of the first security schemes implemented on the Internet was a system of trusted ports, implemented in the r-programs: rsh, rlogin, rcp. Under this scheme, TCP and UDP port numbers less than 1024 were allocated only to system processes. Ordinary user programs couldn't use these low-numbered ports on the local machine, although they could connect to low-numbered ports on a foreign machine. A connection to foreign host was regarded as trusted if the foreign port number was less than 1024, meaning that a system process was on the other side of the connection. The trusted port system was implemented before the availability of strong cryptographic authentication, and is now obsolete. Newer programs like ssh provide all the functionality of the older r-programs, typically using public key authentication to verify the identity of remote users and programs. Trusted ports should no longer be viewed as adequate security.

SSL / TLS (Secure Sockets Layer / Transport Layer Security).    SSL Version 3, documented in an IETF draft, provides one of the most commonly available security mechanisms on the Internet. SSL stands for Secure Sockets Layer, though IETF has renamed it TLS . TLS is documented in RFC 2246 and identifies itself in the protocol version field as SSL 3.1. Developed by Netscape, SSL is used extensively by web browsers to provide secure connections for transferring credit cards numbers and other sensitive data. An SSL-protected HTTP transfer uses port 443 (instead of HTTP's normal port 80), and is identified with a special URL method - https. Thus, https://cl.csa.iisc.ernet .in/ would cause an SSL-enabled browser to open a secure SSL session to port 443 at cl.csa.iisc.ernet.in. SSL, like most modern security protocols, is based on cryptography. When an SSL session is established, the server begins by announcing a public key to the client. No encryption is in use initially, so both parties (and any eavesdropper) can read this key, but the client can now transmit information to the server in a way that no one else could decode. The client generates 46 bytes of random data, forms them into a single very large number according to PKCS#1, encrypts them with the server's public key, and sends the result to the server. Only the server, with its private key, can decode the information to determine the 46 original bytes. This shared secret is now used to generate a set of conventional RC4 cipher keys to encrypt the rest of the session. X.509 certificates are used to authenticate the server, and the client can be authenticated as well, by presenting a certificate of its own, then computing a hash of all the SSL messages that have been exchanged up to a certain point, encrypting the result with its private key, and sending this to the server. The server, which can compute the same hash value, having seen all the messages as well, can decrypt using the client's public key, which is part of the certificate, and verify that the two results are the same. Thus the client is authenticated.

SSH.     The most common means of remote login today  is SSH, it is a program and a protocol by the same name. Though remote login is the primary use of SSH, the protocol can be used as a general purpose cryptographic tunnel, capable of copying files, encrypting email connections, and triggering remote execution of programs. SSH Version 1 was  developed in 1995, is being phased out in favor of SSH Version . SSH allows the creation of RSA or DSA asymmetric key pairs. The private key is stored in an identity file, possibly encrypted using a pass phrase. The public key can be copied freely around the network, usually ending up in a user's list of authorized keys. A ssh client, properly authenticated with a private key matching one of the authorized public keys, is allowed to login without supplying a password. This can be used to login without a password. SSH supports generic tunneling thus,  SSH is a popular and powerful tool for encrypting TCP sessions over the Internet, most commonly used for remote login.