7/27/2019 Keamanan Jaringan APJII.pdf
1/119
Network SecurityWorkshop
Yogyakarta, Indonesia
25 27 June, 2013
Proudly Supported by:
7/27/2019 Keamanan Jaringan APJII.pdf
2/119
PresentersChampika Wijayatunga
Training Unit Manager, APNIC
Champika is responsible for managing its training activities in the
Asia Pacific region and brings several years of experience, having
worked in a number of countries in the IT industry, academia,research, and training environments.
Areas of interests:
Internet Resource Management, IPv6, DNS/DNSSEC, Network
Security
Contact: [email protected]
7/27/2019 Keamanan Jaringan APJII.pdf
3/119
PresentersWita Laksono
Internet Resource Analyst, APNIC
Wita is responsible for analyzing IP address and AS number
requests from APNIC members. He also supports APNIC
helpdesk and skilled in Network Engineering aspects.
Areas of interests:
Internet Resource Management, IPv6
Contact: [email protected]
7/27/2019 Keamanan Jaringan APJII.pdf
4/119
Overview
Network Security Fundamentals Cryptography and PKI Registration of Internet Resources Security on Different Layers and Attack Mitigation DNS Security and DNSSEC Device and Infrastructure Security Virtual Private Networks and IPSec Route Filtering
7/27/2019 Keamanan Jaringan APJII.pdf
5/119
Network SecurityFundamentals
Network Security Workshop
7/27/2019 Keamanan Jaringan APJII.pdf
6/119
Overview
Why We Need Security Definitions and ConceptsAccess Control Risk vs. Vulnerability Threats and Attack Types
7/27/2019 Keamanan Jaringan APJII.pdf
7/119
Why Security?
The Internet was initially designed for connectivity Trust assumed We do more with the Internet nowadays Security protocols are added on top of the TCP/IP
Fundamental aspects of information must be protected Confidential data Employee information Business models Protect identity and resources
We cant keep ourselves isolated from the Internet Most business communications are done online We provide online services We get services from third-party organizations online
7/27/2019 Keamanan Jaringan APJII.pdf
8/119
Internet Evolution
Different ways to handle security as the Internet evolves
LAN connectivity Application-specificMore online content
Cloud computingApplication/data hosted
in the cloud environment
7/27/2019 Keamanan Jaringan APJII.pdf
9/119
Why Security?
Key findings: Hacktivism and vandalism are the common DDoS attack motivation High-bandwidth DDoS attacks are the new normal First-ever IPv6 DDoS attacks are reported Trust issues across geographic boundaries
Source: Arbor Networks Worldwide Infrastructure
Security Report Volume VII
7/27/2019 Keamanan Jaringan APJII.pdf
10/119
Breach Sources
Infiltration
Aggregation
Exfiltration
Source: Trustwave 2012 Global Security Report
7/27/2019 Keamanan Jaringan APJII.pdf
11/119
Types of Security
Computer Security generic name for the collection of tools designed to protect data and
to thwart hackers
Network Security measures to protect data during their transmission
Internet Security measures to protect data during their transmission over a collection
of interconnected networks
7/27/2019 Keamanan Jaringan APJII.pdf
12/119
Goals of Information Security
Confidentiality Integrity Availability
SE
CUR
ITY
preventsunauthorizeduse or
disclosure ofinformation
safeguards theaccuracy andcompleteness
of information
authorizedusers havereliable and
timely accessto information
7/27/2019 Keamanan Jaringan APJII.pdf
13/119
Access Control
The ability to permit or deny the use of an object by asubject.
It provides 3 essential services:Authentication (who can login)Authorization (what authorized users can do)Accountability (identifies what a user did)
7/27/2019 Keamanan Jaringan APJII.pdf
14/119
Authentication
A means to verify or prove a users identity The term user may refer to:
Person Application or process Machine or device
Identification comes before authentication Provide username to establish users identity
To prove identity, a user must present either of the following: What you know (passwords, passphrase, PIN) What you have (token, smart cards, passcodes, RFID) Who you are (biometrics such as fingerprints and iris scan, signature or
voice)
7/27/2019 Keamanan Jaringan APJII.pdf
15/119
Examples of Tokens
eTokenRFID cards
Smart Cards
Fingerprint scanner
7/27/2019 Keamanan Jaringan APJII.pdf
16/119
Trusted Network
Standard defensive-oriented technologies Firewall Intrusion Detection
Build TRUST on top of the TCP/IP infrastructure Strong authentication Public Key Infrastructure (PKI)
7/27/2019 Keamanan Jaringan APJII.pdf
17/119
Strong Authentication
An absolute requirement Two-factor authentication
Passwords (something you know) Tokens (something you have)
Examples: Passwords Tokens Tickets Restricted access PINs Biometrics Certificates
7/27/2019 Keamanan Jaringan APJII.pdf
18/119
Two-factor Authentication
Requires a user to provide at least two authenticationfactors to prove his identity
something you knowUsername/userID and password
something you haveToken using a one-time password (OTP)
The OTP is generated using a small electronic device inphysical possession of the user
Different OTP generated each time and expires after some timeAn alternative way is through applications installed on your mobile
device
Multi-factor authentication is also common
7/27/2019 Keamanan Jaringan APJII.pdf
19/119
Authorization
Defines the users rights and permissions on a system Typically done after user has been authenticated Grants a user access to a particular resource and what
actions he is permitted to perform on that resourceAccess criteria based on the level of trust:
Roles Groups Location Time Transaction type
7/27/2019 Keamanan Jaringan APJII.pdf
20/119
Authentication vs. Authorization
Client
Service
AuthenticationMechanism
AuthorizationMechanism
Authentication simply identifies a party, authorization defines whether they canperform certain action RFC 3552
7/27/2019 Keamanan Jaringan APJII.pdf
21/119
Authorization Concepts
Authorization creep When users may possess unnecessarily high access privileges within
an organization
Default to Zero Start with zero access and build on top of that
Need to Know Principle Least privilege; give access only to information that the user
absolutely need
Access Control Lists List of users allowed to perform particular access to an object (read,
write, execute, modify)
7/27/2019 Keamanan Jaringan APJII.pdf
22/119
Single Sign On
Property of access control where a user logs in only onceand gains access to all authorized resources within asystem.
Benefits: Ease of use Reduces logon cycle (time spent re-entering passwords for the same
identity)
Common SSO technologies: Kerberos, RADIUS Smart card based OTP Token
Disadvantage: Single point of attack
7/27/2019 Keamanan Jaringan APJII.pdf
23/119
Types of Access Control
Centralized Access Control Radius TACACS+ Diameter
Decentralized Access Control Control of access by people who are closer to the resources No method for consistent control
7/27/2019 Keamanan Jaringan APJII.pdf
24/119
Accountability
The security goal that generates the requirement for actionsof an entity to be traced uniquely to that entity
Senders cannot deny sending information Receivers cannot deny receiving it Users cannot deny performing a certain action
Supports nonrepudiation, deterrence, fault isolation,intrusion detection and prevention and after-action recovery
and legal action
Source: NIST Risk Management Guide for
Information Technology Systems
7/27/2019 Keamanan Jaringan APJII.pdf
25/119
Integrity
Security goal that generates the requirement for protectionagainst either intentional or accidental attempts to violate
data integrity
Data integrity The property that data has when it has not been altered in an
unauthorized manner
System integrity The quality that a system has when it performs its intended function
in an unimpaired manner, free from unauthorized manipulation
Source: NIST Risk Management Guide for
Information Technology Systems
7/27/2019 Keamanan Jaringan APJII.pdf
26/119
Risk, Threat and Vulnerability
Vulnerability - weakness in a system Risk - likelihood that a particular threat using a particular
attack will exploit a particular vulnerability
Exploit - taking advantage of a vulnerability Non-repudiationassurance that both parties are involved
in the transaction
7/27/2019 Keamanan Jaringan APJII.pdf
27/119
Vulnerability
A weakness in security procedures, network design, orimplementation that can be exploited to violate a corporate
security policy
Software bugs Configuration mistakes Network design flaw Lack of encryption
Exploit Taking advantage of a vulnerability
7/27/2019 Keamanan Jaringan APJII.pdf
28/119
Threat
Any circumstance or event with the potential to cause harmto a networked system.
These are some example of threats: Denial of service
Attacks make computer resources (e.g., bandwidth, disk space, or CPU time)unavailable to its intended users
Unauthorised access Access without permission issues by a rightful owner of devices or networks
Impersonation Worms Viruses
7/27/2019 Keamanan Jaringan APJII.pdf
29/119
Risk
The possibility that a particular vulnerability will be exploited IT-related risks arise from:
Unauthorized (malicious or accidental) disclosure, modification, ordestruction of information
Unintentional errors or omissions IT disruptions due to natural or man-made disasters Failure to exercise due care and diligence in implementation and
operation of the IT system
Risk = Threat * Vulnerability
(* Impact)
7/27/2019 Keamanan Jaringan APJII.pdf
30/119
Risk Analysis
Identification, assessment and reduction of risks to anacceptable level
the process of identifying security risks and probability ofoccurrence, determining their impact, and identifying areas
that require protection
Three parts: Risk assessment determine the possible risks Risk management evaluating alternatives for mitigating the risk Risk communication presenting this material in an understanble
way to decision makers and/or the public
7/27/2019 Keamanan Jaringan APJII.pdf
31/119
Risk Management vs. Cost of Security
Risk mitigation The process of selecting appropriate controls to reduce risk to an
acceptable level
The level of acceptable risk Determined by comparing the risk of security hole exposure to the
cost of implementing and enforcing the security policy
Trade-offs between safety, cost, and availability
7/27/2019 Keamanan Jaringan APJII.pdf
32/119
Attack Sources
Active vs. passive Active involves writing data to the network. It is common to disguise
ones address and conceal the identity of the traffic sender Passive involves only reading data on the network. Its purpose is breach
of confidentiality. This is possible if: Attacker has gained control of a host in the communication path between two victim
machines Attacker has compromised the routing infrastructure to arrange the traffic pass through a
compromised machine
Active Attacks Passive Attacks
Denial of Service attacksSpoofing
Man in the MiddleARP poisoning
Smurf attacksBuffer overflow
SQL Injection
ReconnaissanceEavesdropping
Port scanning
Source: RFC 4778
7/27/2019 Keamanan Jaringan APJII.pdf
33/119
Attack Sources
On-path vs. Off-path On-path routers (transmitting datagrams) can read, modify, or remove
any datagram transmitted along the path
Off-path hosts can transmit datagrams that appear to come from anyhosts but cannot necessarily receive datagrams intended for other
hosts If attackers want to receive data, they have to put themselves on-path
How easy is it to subvert network topology? It is not easy thing to do but, it is not impossible
Insider vs. outsider What is definition of perimeter/border?
Deliberate attack vs. unintentional event Configuration errors and software bugs are as harmful as a
deliberate malicious network attackSource: RFC 4778
7/27/2019 Keamanan Jaringan APJII.pdf
34/119
General Threats
Masquerade An entity claims to be another entity
Eavesdropping An entity reads information it is not intended to read
Authorization violation An entity uses a service or resource it is not intended to use
Loss or modification of information Data is being altered or destroyed
Denial of communication acts (repudiation) An entity falsely denies its participation in a communication act
Forgery of information An entity creates new information in the name of another entity Sabotage
Any action that aims to reduce the availability and/or correct functioning of services orsystems
7/27/2019 Keamanan Jaringan APJII.pdf
35/119
Reconnaissance Attack
Unauthorised users to gather information about the networkor system before launching other more serious types of
attacks
Also called eavesdropping Information gained from this attack is used in subsequent
attacks (DoS or DDoS type)
Examples of relevant information: Names, email address Common practice to use a persons first initial and last name for accounts Practically anything
7/27/2019 Keamanan Jaringan APJII.pdf
36/119
Man-in-the-Middle Attack
Active eavesdroppingAttacker makes independent connections with victims and
relays messages between them, making them believe that
they are talking directly to each other overa private
connection, when in fact the entire conversation is
controlled by the attacker
Usually a result of lack of end-to-end authentication Masquerading - an entity claims to be another entity
7/27/2019 Keamanan Jaringan APJII.pdf
37/119
Session Hijacking
Exploitation of a valid computer session, to gainunauthorized access to information or services in a
computer system.
Theft of a magic cookie used to authenticate a user to aremote server (for web developers)
Four methods: Session fixation attacker sets a users session id to one known to
him, for example by sending the user an email with a link that
contains a particular session id. Session sidejacking attacker uses packet sniffing to read network
traffic between two parties to steal the session cookie.
7/27/2019 Keamanan Jaringan APJII.pdf
38/119
Denial of Service (DoS) Attack
Attempt to make a machine or network resource unavailable toits intended users.
Purpose is to temporarily or indefinitely interrupt or suspendservices of a host connected to the Internet
Methods to carry out this attack may vary Saturating the target with external communications requests (such that it
cant respond to legitimate traffic) SERVER OVERLOAD
May include malware to max out target resources (such as CPU), triggererrors, or crash the operating system
DDoS attacks are more dynamic and comes from a broaderrange of attackers
Examples: SYN flooding, Smurf attacks, Starvation Can be used as a redirection and reconnaissance technique
7/27/2019 Keamanan Jaringan APJII.pdf
39/119
Questions?
7/27/2019 Keamanan Jaringan APJII.pdf
40/119
Cryptography
Network Security Workshop
7/27/2019 Keamanan Jaringan APJII.pdf
41/119
Overview
What is Cryptography? Symmetric Key CryptographyAsymmetric Key Cryptography Block and Stream Cipher Digital Signature and Message Digest Diffie-Hellman Algorithm
7/27/2019 Keamanan Jaringan APJII.pdf
42/119
Cryptography
Has evolved into a complex science in the field ofinformation security
German Lorenz cipher machine
7/27/2019 Keamanan Jaringan APJII.pdf
43/119
Cryptography
Cryptography deals with creating documents that can beshared secretly over public communication channels
Other terms closely associated Cryptanalysis (breaking an encoded data without the knowledge of
the key)
Cryptology (combination of cryptography and cryptanalysis) Cryptography is a function of plaintext and a cryptographic
key
C= F(P,k)Notation:
Plaintext (P)
Ciphertext (C)
Cryptographic Key (k)
7/27/2019 Keamanan Jaringan APJII.pdf
44/119
Crypto Algorithms
specifies the mathematical transformation that is performedon data to encrypt/decrypt
Crypto algorithm is NOT proprietaryAnalyzed by public community to show that there are noserious weaknesses Explicitly designed for encryption
44
7/27/2019 Keamanan Jaringan APJII.pdf
45/119
Typical Scenario
Alice wants to send a secret message to Bob What are the possible problems?
Data can be interceptedWhat are the ways to intercept this message?
How to conceal the message? Old algorithms such as the substitution cipher
7/27/2019 Keamanan Jaringan APJII.pdf
46/119
Types of Cipher
Substitution cipher involves replacing an alphabet with another character of the same
alphabet set
Can be mono-alphabetic (single set for substitution) or poly-alphabetic system (multiple alphabetic sets)
Example: Caesar cipher, a mono-alphabetic system in which each character is
replaced by the third character in succession
Vigenere cipher, a poly-alphabetic cipher that uses a 26x26 table ofcharacters
7/27/2019 Keamanan Jaringan APJII.pdf
47/119
Transposition Cipher
No letters are replaced, they are just rearranged. Rail Fence Cipher another kind of transposition cipher in
which the words are spelled out as if they were a rail fence.
7/27/2019 Keamanan Jaringan APJII.pdf
48/119
Encryption
process of transforming plaintext to ciphertext using acryptographic key Used all around us
In Application Layer used in secure email, database sessions, andmessaging
In session layer using Secure Socket Layer (SSL) or Transport LayerSecurity (TLS) In the Network Layer using protocols such as IPSec
Benefits of good encryption algorithm: Resistant to cryptographic attack They support variable and long key lengths and scalability They create an avalanche effect No export or import restrictions
Two general types: Symmetric and Asymmetric
7/27/2019 Keamanan Jaringan APJII.pdf
49/119
Encryption and Decryption
Plaintext
ENCRYPTIONALGORITHM
DECRYPTIONALGORITHM
Ciphertext Plaintext
Encryption Key Decryption Key
7/27/2019 Keamanan Jaringan APJII.pdf
50/119
Symmetric Key Algorithm
Uses a single key to both encrypt and decrypt informationAlso known as a secret-key algorithm
The key must be kept a secret to maintain security This key is also known as a private key
Follows the more traditional form of cryptography with keylengths ranging from 40 to 256 bits.
Examples of symmetric key algorithms:
DES, 3DES, AES, IDEA, RC5, RC6, Blowfish
7/27/2019 Keamanan Jaringan APJII.pdf
51/119
Symmetric Encryption
Plaintext
ENCRYPTIONALGORITHM
DECRYPTIONALGORITHM
Ciphertext Plaintext
Encryption Key Decryption Key
Same shared secret key
Shared Key Shared KeySymmetric KeyCryptography
7/27/2019 Keamanan Jaringan APJII.pdf
52/119
Symmetric Key Algorithm
DES block cipher using shared key encryption, 56-bit 3DES (Triple DES) a block cipher that applies DES three
times to each data block
AES replacement for DES; it is the current standard
IDEA RC4 variable-length key, stream cipher (generate
stream from key, XOR with data)
RC6 Blowfish
7/27/2019 Keamanan Jaringan APJII.pdf
53/119
Symmetric Key Algorithm
Symmetric Algorithm Key Size
DES 56-bit keys
Triple DES (3DES) 112-bit and 168-bit keys
AES 128, 192, and 256-bit keys
IDEA 128-bit keysRC2 40 and 64-bit keys
RC4 1 to 256-bit keys
RC5 0 to 2040-bit keys
RC6 128, 192, and 256-bit keys
Blowfish 32 to 448-bit keys
Note:Longer keys are more difficult to crack, but more computationally expensive.
7/27/2019 Keamanan Jaringan APJII.pdf
54/119
Block and Stream Cipher
Block cipher takes a block of bits and encrypts them as a single unit operate on a pre-determined block of bits (one byte, one word, 512
bytes, so forth), mixing key data in with the message data in a variety
of different ways.
Stream cipher encrypts bits of the message at a time typically bit-wise. They either have a very long key (that eventually repeats) or a
reusable key that generates a repeatable but seemingly random
string of bits.
They perform some operation (typically an exclusive OR) with one ofthese key bits and one of the message bits.
7/27/2019 Keamanan Jaringan APJII.pdf
55/119
Block Cipher
Transforms a fixed-length block of plain text into a block ofciphertext
Works with data per blockCommon block ciphers:
DES and 3DES (in ECB and CBC mode) Skipjack Blowfish RSAAES IDEA Secure and Fast Encryption Routing (SAFER)
7/27/2019 Keamanan Jaringan APJII.pdf
56/119
Stream Cipher
Use smaller units of plaintext than what are used with blockciphers.
Typically work with bitsCommon stream ciphers:
RC4 DES and 3DES (running OFB or CFB mode) Software encryption algorithm (SEAL)
7/27/2019 Keamanan Jaringan APJII.pdf
57/119
Data Encryption Standard (DES)
Developed by IBM for the US government in 1973-1974,and approved in Nov 1976.
Based on Horst Feistels Lucifer cipherblock cipher using shared key encryption, 56-bit key length
Block size: 64 bits
7/27/2019 Keamanan Jaringan APJII.pdf
58/119
DES: Illustration
Plaintext
ENCRYPTIONALGORITHM
DECRYPTIONALGORITHM
Ciphertext Plaintext
Encryption Key Decryption Key
56-bit keys +8 bits parity
64-bit blocks of input text
7/27/2019 Keamanan Jaringan APJII.pdf
59/119
Triple DES
3DES (Triple DES) a block cipher that applies DES threetimes to each data block
Uses a key bundle comprising of three DES keys (K1, K2,K3), each with 56 bits excluding parity.
DES encrypts with K1, decrypts with K2, then encrypts withK3
Disadvantage: very slowC
i= E
K3(D
K2(E
K1(P
i)))
7/27/2019 Keamanan Jaringan APJII.pdf
60/119
3DES: Illustration
Note: If Key1 = Key2 = Key3, this is similar to DES Usually, Key1 = Key3
Plaintext
ENCRYPT
Ciphertext
Key 1
DECRYPT ENCRYPT
Key 2 Key 3
7/27/2019 Keamanan Jaringan APJII.pdf
61/119
Advanced Encryption Standard (AES)
Published in November 2001 Symmetric block cipher Has a fixed block size of 128 bits Has a key size of 128, 192, or 256 bits Based on Rijndael cipher which was developed by Joan
Daemen and Vincent Rijmen
Better suited for high-througput, low latency environments
7/27/2019 Keamanan Jaringan APJII.pdf
62/119
Rivest Cipher
RC Algorithm Description
RC2 Variable key-sized cipher used as a drop in replacementfor DES
RC4 Variable key sized stream cipher; Often used in fileencryption and secure communications (SSL)
RC5 Variable block size and variable key length; uses 64-bitblock size; Fast, replacement for DES
RC6 Block cipher based on RC5, meets AES requirement
7/27/2019 Keamanan Jaringan APJII.pdf
63/119
RC4
Most widely used stream cipher Popularly used in Secure Socket Layer (SSL) and Wired
Equivalent Privacy (WEP) protocols
Although simple and fast, it is vulnerable and can lead toinsecure systems
7/27/2019 Keamanan Jaringan APJII.pdf
64/119
Asymmetric Key Algorithm
Also called public-key cryptography Keep private key privateAnyone can see public key
separate keys for encryption and decryption (public andprivate key pairs)
Examples of asymmetric key algorithms: RSA, DSA, Diffie-Hellman, El Gamal, Elliptic Curve and PKCS
7/27/2019 Keamanan Jaringan APJII.pdf
65/119
Asymmetric Encryption
Plaintext
ENCRYPTIONALGORITHM
DECRYPTIONALGORITHM
Ciphertext Plaintext
Encryption Key Decryption Key
Public Key Private KeyAsymmetric KeyCryptography
Different keys
7/27/2019 Keamanan Jaringan APJII.pdf
66/119
Asymmetric Key Algorithm
RSA the first and still most common implementation DSA specified in NISTs Digital Signature Standard
(DSS), provides digital signature capability for
authentication of messages
Diffie-Hellman used for secret key exchange only, and notfor authentication or digital signature
ElGamal similar to Diffie-Hellman and used for keyexchange
PKCS set of interoperable standards and guidelines
7/27/2019 Keamanan Jaringan APJII.pdf
67/119
Symmetric vs. Asymmetric Key
Symmetric Asymmetric
generally fastSame key for both encryption and
decryption
Can be 1000 times slowerUses two different keys (public and
private)Decryption key cannot be calculated
from the encryption keyKey lengths: 512 to 4096 bits
Used in low-volume
7/27/2019 Keamanan Jaringan APJII.pdf
68/119
Hash Functions
produces a condensed representation of a message (hashing) The fixed-length output is called the hash or message digest A hash function takes an input message of arbitrary length and
outputs fixed-length code. The fixed-length output is called the
hash, or the message digest, of the original input message.
A form of signature that uniquely represents the data Uses:
Verifying file integrity - if the hash changes, it means the data is eithercompromised or altered in transit.
Digitally signing documents Hashing passwords
7/27/2019 Keamanan Jaringan APJII.pdf
69/119
Hash Functions
Message Digest (MD) Algorithm Outputs a 128-bit fingerprint of an arbitrary-length input
Secure Hash Algorithm (SHA) SHA-1 produces a 160-bit message digest similar to MD5 Widely-used on security applications (TLS, SSL, PGP, SSH, S/MIME,
IPsec)
SHA-256, SHA-384, SHA-512 are also commonly used, which canproduce hash values that are 256, 384, and 512-bits respectively
RIPEMD
7/27/2019 Keamanan Jaringan APJII.pdf
70/119
Digital Signature
A digital signature is a message appended to a packet The sender encrypts message with own private key instead
of encrypting with intended receivers public key
The receiver of the packet uses the sender
s public key toverify the signature.
Used to prove the identity of the sender and the integrity ofthe packet
7/27/2019 Keamanan Jaringan APJII.pdf
71/119
Digital Signature
Two common public-key digital signature techniques: RSA (Rivest, Shamir, Adelman) DSS (Digital Signature Standard)
Successful verification assures: The packet has not been altered The identity of the sender
71
7/27/2019 Keamanan Jaringan APJII.pdf
72/119
Digital Signature Process
1. Hash the data using one of the supported hashingalgorithms (MD5, SHA-1, SHA-256)
2. Encrypt the hashed data using the senders private key3.
Append the signature (and a copy of the senders publickey) to the end of the data that was signed)
DATAHASH(DATA)
DIGITALSIGNATURE
MD5/SHA-1 PRIVATE KEY
7/27/2019 Keamanan Jaringan APJII.pdf
73/119
Signature Verification Process
1. Hash the original data using the same hashing algorithm2. Decrypt the digital signature using the senders public key. All
digital signatures contain a copy of the signers public key
3. Compare the results of the hashing and the decryption. If thevalues match then the signature is verified. If the values do notmatch, then the data or signature was probably modified.
DATAHASH
(DATA)
HASH(DIGITAL SIG)
MD5/SHA-1
MATCH?
7/27/2019 Keamanan Jaringan APJII.pdf
74/119
RSA Public Key Cryptography
Based on relative ease of multiplying large primes togetherbut almost impossible to factor the resulting product
RSA keys: 3 special numeric valuesAlgorithm produces public keys that are tied to specificprivate keys
Provides both digital signatures and public-key encryption
74
7/27/2019 Keamanan Jaringan APJII.pdf
75/119
What Is Diffie-Hellman?
Arguably the first public key algorithm (1976) Diffie Hellman is a key establishment algorithm
Two parties in a DH exchange can generate a shared secret Combining ones private key and the others public key, both parties
can compute the same shared secret number. There can even be N-party DH exchanges where N peers can all
establish the same secret key
Diffie Hellman can be done over an insecure channel
75
7/27/2019 Keamanan Jaringan APJII.pdf
76/119
Diffie-Hellman
http://en.wikipedia.org/wiki/File:DiffieHellman.png
7/27/2019 Keamanan Jaringan APJII.pdf
77/119
DH Man-in-the-Middle Attack
Diffie-Hellman is subject to a man-in-the-middle attack Digital signatures of the public values can enable each
party to verify that the other party actually generated the
value
=> DH exchanges need to be authenticated!!
XA XB
a , p
YAYB
7/27/2019 Keamanan Jaringan APJII.pdf
78/119
Questions?
7/27/2019 Keamanan Jaringan APJII.pdf
79/119
Public Key Infrastructure
Network Security Workshop
7/27/2019 Keamanan Jaringan APJII.pdf
80/119
Overview
Typical Scenario Public Key Infrastructure Digital Certificates Certificate Authority
7/27/2019 Keamanan Jaringan APJII.pdf
81/119
Public Key Infrastructure
Framework that builds the network of trust Combines public key cryptography, digital signatures, to
ensure confidentiality, integrity, authentication,
nonrepudiation, and access control
Protects applications that require high level of security
7/27/2019 Keamanan Jaringan APJII.pdf
82/119
Functions of a PKI
Registration Initialization Certification Key pair recovery Key generation Key update Cross-certification Revocation
f
7/27/2019 Keamanan Jaringan APJII.pdf
83/119
Public Key Infrastructure
Source: http://commons.wikimedia.org
C f PKI
7/27/2019 Keamanan Jaringan APJII.pdf
84/119
Components of a PKI
Certificate authority The trusted third party Trusted by both the owner of the certificate and the party relying upon
the certificate.
Validation authority Registration authority Central directory
C tifi t
7/27/2019 Keamanan Jaringan APJII.pdf
85/119
Certificates
Public key certificates bind public key values to subjects A trusted certificate authority (CA) verifies the subjects identity
and digitally sign each certificate Validates
Has a limited valid lifetime Can be used using untrusted communications and can be
cached in unsecured storage Because client can independently check the certificates signature
Certificate is NOT equal to signature It is implemented using signature
Certificates are static If there are changes, it has to be re-issued
Di it l C tifi t
7/27/2019 Keamanan Jaringan APJII.pdf
86/119
Digital Certificate
Digital certificate basic elementof PKI; secure credential that
identifies the owner
Also called public key certificate
Di it l C tifi t
7/27/2019 Keamanan Jaringan APJII.pdf
87/119
Digital Certificate
deals with the problem of Binding a public key to an entityA major legal issue related to eCommerce
A digital certificate contains: Users public key Users ID Other information e.g. validity period
Certificate examples: X509 (standard) PGP (Pretty Good Privacy) Certificate Authority (CA) creates and digitally signs certificates
Di it l C tifi t
7/27/2019 Keamanan Jaringan APJII.pdf
88/119
Digital Certificate
To obtain a digital certificate, Alice must: Make a certificate signing request to the CAAlice sends to CA:
Her identifier IdA Her public key KA_PUB Additional information
CA returns Alices digital certificate, cryptographicallybinding her identity to public key:
CertA = {IDA, KA_PUB, info, SigCA(IDA,KA_PUB,info)}
Di it l C tifi t
7/27/2019 Keamanan Jaringan APJII.pdf
89/119
Digital Certificate
To obtain a digital certificate, Alice must: Make a certificate signing request to the CAAlice sends to CA:
Her identifier IdA Her public key KA_PUB Additional information
CA returns Alices digital certificate, cryptographicallybinding her identity to public key:
CertA = {IDA, KA_PUB, info, SigCA(IDA,KA_PUB,info)}
X 509
7/27/2019 Keamanan Jaringan APJII.pdf
90/119
X.509
An ITU-T standard for a public key infrastructure (PKI) andPrivilege Management Infrastructure (PMI)
Assumes a strict hierarchical system of CertificateAuthorities (CAs)
RFC 1422 basis of X.509-based PKI Current version X.509v3 provides a common baseline for
the Internet
Structure of a Certificate, certificate revocation (CRLs)
X 509 C tifi t U
7/27/2019 Keamanan Jaringan APJII.pdf
91/119
X.509 Certificate Usage
Fetch certificate Fetch certificate revocation list
(CRL)
Check the certificate against theCRL
Check signature using thecertificate
Certificate CRL
Signature
Check
Check
E tifi t t i
7/27/2019 Keamanan Jaringan APJII.pdf
92/119
Every certificate contains
Body of the certificate Version number, serial number, names of the issuer and subject Public key associated with the subject Expiration date (not before, not after) Extensions for additional tributes
Signature algorithm Used by the CA to sign the certificate
Signature Created by applying the certificate body as input to a one-way hash
function. The output value is encrypted with the CAs private key to
form the signature value
C tifi t A th it
7/27/2019 Keamanan Jaringan APJII.pdf
93/119
Certificate Authority
Issuer and signer of the certificate Trusted (Third) Party
Based on trust model Who to trust?
Types: Enterprise CA Individual CA (PGP) Global CA (such as VeriSign)
Functions: Enrolls and Validates Subscribers Issues and Manages Certificates Manages Revocation and Renewal of Certificates Establishes Policies & Procedures
Registration A thorit
7/27/2019 Keamanan Jaringan APJII.pdf
94/119
Registration Authority
For big CAs, a separate RA might be necessary to takesome work off the CA
Purpose: Identity verification and registration of the entity applying for a
certificate
Certificate Revocation Lists
7/27/2019 Keamanan Jaringan APJII.pdf
95/119
Certificate Revocation Lists
CA periodically publishes a data structure called acertificate revocation list (CRL).
Described in X.509 standard. Each revoked certificate is identified in a CRL by its serial
number.
CRL might be distributed by posting at known Web URL orfrom CAs own X.500 directory entry.
7/27/2019 Keamanan Jaringan APJII.pdf
96/119
Questions?
7/27/2019 Keamanan Jaringan APJII.pdf
97/119
Internet Resource
Registration WhoisDatabase
What is the APNIC Database?
7/27/2019 Keamanan Jaringan APJII.pdf
98/119
What is the APNIC Database?
Public network management database Operated by IRs
Public data only For private data: Please see Privacy of customer
assignment module
Tracks network resources IP addresses, ASNs, Reverse Domains, Routing policies
Records administrative information
Contact information (persons/roles)
Authorisation
Whois Database Query Clients
7/27/2019 Keamanan Jaringan APJII.pdf
99/119
Whois Database Query - Clients
Standard whois client Included with many Unix distributions
RIPE extended whois client http://ftp.apnic.net/apnic/dbase/tools/
ripe-dbase-client.tar.gz
Query via the APNIC website http://www.apnic.net/apnic-bin/whois2.pl
Query clients - MS-Windows etc
Object Types
7/27/2019 Keamanan Jaringan APJII.pdf
100/119
Object Types
OBJECT PURPOSE
person contact persons
role contact groups/roles
inetnum IPv4 addresses
inet6num IPv6 addresses
aut-num Autonomous System number
domain reverse domains
route prefixes being announced
mntner (maintainer) data protection
http://www.apnic.net/db/
Database Object
7/27/2019 Keamanan Jaringan APJII.pdf
101/119
Database Object
An object is a set of attributes and values Each attribute of an object...
Has a value Has a specific syntax Is mandatory or optional Is single- or multi-valued
Some attributes ... Are primary (unique) keys Are lookup keys for queries Are inverse keys for queries
Object templates illustrate this structure
Inter related Objects
7/27/2019 Keamanan Jaringan APJII.pdf
102/119
Inter-related Objects
inetnum:202.64.10.0 202.64.10.255admin-c: KX17-APtech-c: ZU3-AP
mnt-by: MAINT-WF-EX
IPv4 addresses
person:
nic-hdl: ZU3-AP
Contactinfo
person:
nic-hdl: KX17-AP
Contact info
mntner:
MAINT-WF-EX
Data protection
Database Query Look up Keys
7/27/2019 Keamanan Jaringan APJII.pdf
103/119
Database Query Look-up Keys
OBJECT TYPE ATTRIBUTES LOOK-UP KEYS
* Whois supports queries on any of these objects/keys
name, nic-hdl, e-mail
name, nic-hdl, e-mail
maintainer name
network number, namedomain name
as number
as-macro name
route value
network number, name
person
role
mntner
inetnumdomain
aut-num
as-macro
route
inet6num
Object Templates
7/27/2019 Keamanan Jaringan APJII.pdf
104/119
Object Templates
person: [mandatory] [single] [primary/look-up key]
address: [mandatory] [multiple] [ ]
country: [mandatory] [single] [ ]
phone: [mandatory] [multiple] [ ]
fax-no: [optional] [multiple] [ ]
e-mail: [mandatory] [multiple] [look-up key]
nic-hdl: [mandatory] [single] [primary/look-up key]
remarks: [optional] [multiple] [ ]
notify: [optional] [multiple] [inverse key]
mnt-by: [mandatory] [multiple] [inverse key]
changed: [mandatory] [multiple] [ ]
source: [mandatory] [single] [ ]
% whois -h whois.apnic.net -t person
To obtain template structure*, use :whois -t
*Recognised by the RIPE whois client/server
Person Object Example
7/27/2019 Keamanan Jaringan APJII.pdf
105/119
Person Object Example
Person objects contain contact information
person:
address:
address:address:
country:
phone:
fax-no:
e-mail:nic-hdl:
mnt-by:
changed:
source:
Attributes Values
Ky Xander
ExampleNet Service Provider
2 Pandora St BoxvilleWallis and Futuna Islands
WF
+680-368-0844
+680-367-1797
MAINT-WF-EX
[email protected] 20100731
APNIC
What is a nic-hdl?
7/27/2019 Keamanan Jaringan APJII.pdf
106/119
What is a nic-hdl?
Unique identifier for a person Represents a person object
Referenced in objects for contact details (inetnum, aut-num, domain)
format: Eg: KX17-APperson: Ky Xanderaddress: ExampleNet Service Provider
address: 2 Pandora St Boxville
address: Wallis and Futuna Islands
country: WF
phone: +680-368-0844fax-no: +680-367-1797
e-mail: [email protected]
nic-hdl: KX17-APmnt-by: MAINT-WF-EX
changed: [email protected] 20020731
source: APNIC
Inetnum Object Example
7/27/2019 Keamanan Jaringan APJII.pdf
107/119
Inetnum Object Example
Contain IP address allocations / assignmentsinetnum:netname:
descr:descr:
country:
admin-c:
tech-c:
mnt-by:mnt-lower:
changed:
status:
source:
202.51.64.0 - 202.51.95.255
CCNEP-NP-APCommunication & Communicate Nepal Ltd
VSAT Service Provider, Kathmandu
NP
AS75-APAS75-AP
APNIC-HMMAINT-NP-ARUN
[email protected] 20010205
ALLOCATED PORTABLEAPNIC
Attributes Values
ISP Registration Responsibilities
7/27/2019 Keamanan Jaringan APJII.pdf
108/119
ISP Registration Responsibilities
1. Create person objects for contacts To provide contact info in other objects
2. Create mntner object To provide protection of objects
3. Create inetnum objects for all customer
address assignments as private data But you may change these to be public data if you wish Allocation object created by APNIC
4. Protect all the Objects
Using the db Step by Step
7/27/2019 Keamanan Jaringan APJII.pdf
109/119
inetnum:
Allocation
(Created by APNIC)
3Using the db Step by Step
Customer Assignments
(Created by ISP)
person:
nic-hdl:
KX17-AP
Contact info
1
Data Protection
mntner:2
inetnum:...
KX17-AP
...
mnt-by:...
4inetnum:...
KX17-AP
...
mnt-by:...
5inetnum:...
KX17-AP
...
mnt-by:...
6
Database Protection - Maintainer Object
7/27/2019 Keamanan Jaringan APJII.pdf
110/119
Database Protection - Maintainer Object
mntner: MAINT-WF-EXdescr: Maintainer for ExampleNet Service Provider
country: WF
admin-c: ZU3-AP
tech-c: KX17-AP
upd-to: [email protected]: [email protected]
auth: CRYPT-PW apHJ9zF3o
mnt-by: MAINT-WF-EX
referral-by: MAINT-APNIC-AP
changed: [email protected] 20020731source: APNIC
protects other objects in the APNIC database
Database Protection
7/27/2019 Keamanan Jaringan APJII.pdf
111/119
Database Protection
Authorisation mnt-by references a mntner object
Can be found in all database objects mnt-by should be used with every object!
Authentication Updates to an object must pass the authentication rule specified by
its maintainer object
Authorisation Mechanism
7/27/2019 Keamanan Jaringan APJII.pdf
112/119
Authorisation Mechanism
mntner: MAINT-WF-EXdescr: Maintainer for ExampleNet Service Provider
country: WFadmin-c: ZU3-AP
tech-c: KX17-APupd-to: [email protected]
mnt-nfy: [email protected]: CRYPT-PW apHJ9zF3omnt-by: MAINT-WF-EX
changed: [email protected] 20020731
source: APNIC
inetnum: 202.137.181.0 202.137.185.255
netname: EXAMPLENET-WFdescr: ExampleNet Service Provider.
mnt-by: MAINT-WF-EX
Authentication Methods
7/27/2019 Keamanan Jaringan APJII.pdf
113/119
Authentication Methods
auth attribute Crypt-PW
Crypt (Unix) password encryption Use web page to create your maintainer
PGP GNUPG Strong authentication Requires PGP keys
MD5 Available
Mnt-by & Mnt-lower
7/27/2019 Keamanan Jaringan APJII.pdf
114/119
y
mnt-by attribute
Can be used to protect any object Changes to protected object must satisfy authentication
rules of mntner object.
mnt-lower attributeAlso references mntner object Hierarchical authorisation for inetnum & domain objects
The creation of child objects must satisfy this mntner Protects against unauthorised updates to an allocatedrange - highly recommended!
Authentication / Authorisation
7/27/2019 Keamanan Jaringan APJII.pdf
115/119
Inetnum: 203.146.96.0 - 203.146.127.255
netname: LOXINFO-TH
descr: Loxley Information Company Ltd.
Descr: 304 Suapah Rd, Promprab,Bangkok
country: TH
admin-c: KS32-AP
tech-c: CT2-AP
mnt-by: APNIC-HM
mnt-lower: LOXINFO-IS
changed: [email protected] 19990714source: APNIC
Authentication / Authorisation APNIC allocation to member
Created and maintained by APNIC
1. Only APNIC can change this object2. Only LOXINFO-TH can create assignments within this allocation
1
2
Authentication / Authorisation
7/27/2019 Keamanan Jaringan APJII.pdf
116/119
Member assignment to customer Created and maintained by APNIC member
Inetnum: 203.146.113.64 - 203.146.113.127
netname: SCC-TH
descr: Sukhothai Commercial CollegeCountry: TH
admin-c: SI10-AP
tech-c: VP5-AP
mnt-by: LOXINFO-IS
changed: [email protected] 19990930source: APNIC
Authentication / Authorisation
Only LOXINFO-IS can change this object
Customer Privacy
7/27/2019 Keamanan Jaringan APJII.pdf
117/119
Customer Privacy
Privacy issues Concerns about publication of customer information Increasing government concern
APNIC legal risk Legal responsibility for accuracy and advice Damages incurred by maintaining inaccurate personal
data
Customer data is hard to maintainAPNIC has no direct control over accuracy of data
Customer assignment registration is stillmandatory
What Needs to be Visible?
7/27/2019 Keamanan Jaringan APJII.pdf
118/119
must bevisible
visibilityoptional
ISP
PORTABLE addresses
NON-PORTABLE addresses
IANA range
Non-APNIC range APNIC range
NIR rangeAPNIC allocations & assignments
NIR allocations & assignments
Customer assignments Infrastructure Sub-allocations
7/27/2019 Keamanan Jaringan APJII.pdf
119/119
Questions?
Top Related