[Computer Networking] 19. Network Security: From Cryptography to Firewalls

Core Elements of Network Security
=====================================

1. Confidentiality
   - Only intended recipients can read the message
   - Implementation: Encryption

2. Integrity
   - Ensures message was not altered in transit
   - Implementation: Hash, MAC, Digital Signatures

3. Authentication
   - Verifies the identity of communication partner
   - Implementation: Authentication protocols, Certificates

4. Availability
   - Maintains normal service operation
   - Threat: DDoS attacks

Attacker Threats:
  - Eavesdropping: Confidentiality breach
  - Modification: Integrity breach
  - Impersonation: Authentication breach
  - Denial of Service (DoS): Availability breach

Symmetric Key Encryption
===========================

      Secret Key K (shared by both)
         |                |
         v                v
[Plaintext] --[Encrypt]--> [Ciphertext] --[Decrypt]--> [Plaintext]
 "Hello"      E_K()       "xYz!@"        D_K()       "Hello"

Characteristics:
  - Same key used for encryption/decryption
  - Fast computation speed
  - Key distribution problem: both sides must securely share the key

Symmetric Key Algorithms
===========================

Algorithm | Key Length    | Block Size | Status
----------+--------------+-----------+--------
DES       | 56 bits      | 64 bits   | Weak (do not use)
3DES      | 168 bits     | 64 bits   | Secure but slow
AES       | 128/192/256  | 128 bits  | Current standard
RC4       | Variable     | Stream    | Weak (do not use)
ChaCha20  | 256 bits     | Stream    | Modern, TLS 1.3

AES (Advanced Encryption Standard):
  - Selected by NIST in 2001 to replace DES
  - Block cipher: Processes 128-bit blocks
  - Rounds: 10/12/14 (depending on key length)
  - Most widely used symmetric cipher today

Block Cipher Modes
====================

1. ECB (Electronic Codebook): Each block encrypted independently
   [B1] -> [E] -> [C1]
   [B2] -> [E] -> [C2]
   Problem: Same plaintext block -> same ciphertext block (pattern exposed)

2. CBC (Cipher Block Chaining): XOR with previous ciphertext then encrypt
   [B1 XOR IV] -> [E] -> [C1]
   [B2 XOR C1] -> [E] -> [C2]
   Advantage: Same plaintext produces different ciphertext

3. CTR (Counter): Encrypt counter and XOR with plaintext
   [CTR+0] -> [E] -> XOR [B1] -> [C1]
   [CTR+1] -> [E] -> XOR [B2] -> [C2]
   Advantage: Parallelizable, operates like stream cipher

Public Key Encryption
========================

Bob's Key Pair: (Public Key Kb+, Private Key Kb-)
  - Public key: Known by anyone
  - Private key: Known only by Bob

Alice sends message to Bob:
  [Plaintext m] --[Encrypt with Kb+]--> [Ciphertext] --[Decrypt with Kb-]--> [Plaintext m]

Properties:
  - Kb+(m) can only be decrypted with Kb-
  - Computing Kb- from Kb+ is computationally infeasible
  - Solves key distribution problem (public key freely distributed)
  - Slower than symmetric key (100~1000x)

RSA Operating Principle
=========================

Key Generation:
  1. Choose large primes p, q (each 1024+ bits)
  2. Compute n = p x q
  3. Compute z = (p-1)(q-1)
  4. Choose e coprime to z (part of public key)
  5. Compute d where e x d mod z = 1 (part of private key)

Public Key: (n, e)
Private Key: (n, d)

Encryption: c = m^e mod n
Decryption: m = c^d mod n

Security Basis:
  - Finding p, q from n = integer factorization problem
  - Currently infeasible to factor n of 2048+ bits

Hybrid Cryptosystem
======================

Public key crypto is slow, so in practice only used for session key exchange

1. Alice generates random symmetric key (session key) Ks
2. Alice encrypts Ks with Bob's public key and sends
   Kb+(Ks) --> Send to Bob
3. Bob decrypts Ks with private key
   Kb-(Kb+(Ks)) = Ks
4. Both sides then use Ks for AES symmetric encryption

Advantages:
  - Public key: Secure key exchange (slow but only once)
  - Symmetric key: Fast data encryption (bulk data)

Hash Function Properties
===========================

H(m) = Fixed-length hash value (message digest)

Requirements:
  - One-way: Cannot reverse H(m) to find m
  - Collision resistance: Hard to find different m, m' where H(m) = H(m')
  - Avalanche effect: 1-bit change in input produces drastically different output

Representative Algorithms:
  MD5:     128-bit output (weak, do not use)
  SHA-1:   160-bit output (weak, do not use)
  SHA-256: 256-bit output (current standard)
  SHA-3:   Variable output (next-generation standard)

MAC Operation
===============

Sender (Alice):                    Receiver (Bob):
  Message m                         Received: m + MAC
  Secret key s                      Secret key s
  MAC = H(m + s)                   MAC' = H(m + s)
  Send: m + MAC                    MAC == MAC'? --> Integrity verified

HMAC (Hash-based MAC):
  HMAC = H(K XOR opad || H(K XOR ipad || m))

  - More secure structure than simple H(m+s)
  - Standard in TLS, IPsec, etc.

Digital Signature Operation
==============================

Signature Generation (Alice):
  1. Compute hash of message m: h = H(m)
  2. Encrypt hash with private key: sig = Ka-(h)
  3. Send: m + sig

Signature Verification (Bob):
  1. Compute hash of message m: h = H(m)
  2. Decrypt signature with Alice's public key: h' = Ka+(sig)
  3. h == h'? --> Signature valid

What Digital Signatures Provide:
  - Authentication: Confirms Alice signed it
  - Integrity: Message was not altered
  - Non-repudiation: Alice cannot deny signing

Public Key Certificates (PKI)
================================

Problem: Is the public key Bob received really Alice's?
Solution: Trusted third party (CA) vouches for it

Certificate Structure:
  +----------------------------------+
  | Subject: alice.com               |
  | Public Key: Ka+                  |
  | Issuer: DigiCert (CA)           |
  | Valid: 2026.01.01 ~ 2027.01.01  |
  | Signature: Signed by CA's        |
  |            private key           |
  +----------------------------------+

Verification Process:
  1. Bob receives alice.com's certificate
  2. Verifies certificate signature with CA's public key
  3. If valid, trusts Ka+ in the certificate

Major CAs: DigiCert, Let's Encrypt, GlobalSign

TLS Position
===============

[HTTP, SMTP, FTP, etc.]
[TLS/SSL]
[TCP]
[IP]
[Link Layer]

Security TLS Provides:
  - Confidentiality: Data encryption (AES, etc.)
  - Integrity: Tamper detection via MAC
  - Authentication: Server identity via certificates

TLS 1.2 Handshake
====================

Client                              Server
    |                                   |
    |--- ClientHello ------------------>|
    |    (Supported ciphers, random)    |
    |                                   |
    |<-- ServerHello -------------------|
    |    (Selected cipher, random)      |
    |<-- Certificate -------------------|
    |    (Server certificate)           |
    |<-- ServerHelloDone ---------------|
    |                                   |
    |--- ClientKeyExchange ------------>|
    |    (Pre-master secret, encrypted  |
    |     with server public key)       |
    |--- ChangeCipherSpec ------------->|
    |--- Finished --------------------->|
    |                                   |
    |<-- ChangeCipherSpec --------------|
    |<-- Finished ----------------------|
    |                                   |
    |=== Encrypted Application Data ====|

TLS 1.3 Improvements:
  - 1-RTT handshake (TLS 1.2 is 2-RTT)
  - 0-RTT reconnection support
  - Removed insecure ciphers
  - Stronger key exchange (ECDHE mandatory)

IPsec Protocols
==================

1. AH (Authentication Header)
   - Provides authentication and integrity
   - No encryption
   - Rarely used

2. ESP (Encapsulating Security Payload)
   - Provides authentication + integrity + encryption
   - Most widely used

Modes:
  Transport Mode:
    Original: [IP Header][Data]
    ESP:      [IP Header][ESP Header][Data(encrypted)][ESP Trailer][ESP Auth]
    --> Used for direct host-to-host communication

  Tunnel Mode:
    Original: [IP Header][Data]
    ESP:      [New IP Header][ESP Header][Original IP Header + Data(encrypted)][ESP Trailer]
    --> Used for VPN gateway-to-gateway communication

VPN Operation
===============

HQ                                    Branch
[Internal Net] -- [VPN GW] ===IPsec Tunnel=== [VPN GW] -- [Internal Net]
10.1.0.0/16                 Internet          10.2.0.0/16

Packet Flow:
  1. 10.1.0.5 sends packet to 10.2.0.10
  2. HQ VPN GW encrypts packet with IPsec ESP
  3. New IP Header: src=HQ GW, dst=Branch GW
  4. Encrypted packet sent across Internet
  5. Branch VPN GW decrypts and delivers to 10.2.0.10

IKE (Internet Key Exchange):
  - Protocol for establishing IPsec SA (Security Association)
  - Performs mutual authentication and key exchange

Firewall Types
================

1. Packet Filtering
   - Filters based on IP address, port, protocol
   - Stateless: Each packet judged independently
   - Fast but limited sophisticated control

2. Stateful Packet Filtering
   - Tracks TCP connection state
   - Allows only packets from established connections
   - More sophisticated security

3. Application Gateway
   - Inspects application data
   - Fine-grained control per protocol (HTTP, FTP)
   - Operates as proxy server

Packet Filtering Rule Example
================================

Rule | Direction | Src IP        | Dst IP        | Protocol| Port | Action
-----+-----------+---------------+---------------+---------+------+-------
  1  | Inbound   | *             | 10.1.0.0/16   | TCP     | 80   | Allow
  2  | Inbound   | *             | 10.1.0.0/16   | TCP     | 443  | Allow
  3  | Inbound   | *             | 10.1.0.5      | TCP     | 22   | Allow
  4  | Outbound  | 10.1.0.0/16  | *              | TCP     | *    | Allow
  5  | *         | *             | *              | *       | *    | Deny

Interpretation:
  Rule 1: Allow external HTTP access to internal web server (80)
  Rule 2: Allow external HTTPS access to internal web server (443)
  Rule 3: Allow external SSH access to specific server
  Rule 4: Allow all outbound TCP from internal network
  Rule 5: Deny everything else (default policy)

IDS Types
===========

1. Signature-based IDS
   - Matches against known attack patterns (signatures)
   - Advantage: Accurate detection of known attacks
   - Disadvantage: Cannot detect new attacks (zero-day)

2. Anomaly-based IDS
   - Learns normal traffic patterns and detects anomalies
   - Advantage: Can detect novel attacks
   - Disadvantage: May have high false positives

Deployment:
  Internet --> [Firewall] --> [IDS] --> [Internal Network]

IPS (Intrusion Prevention System):
  - IDS + automatic blocking capability
  - Blocks detected attacks in real-time

Network Attack Types
======================

1. IP Spoofing
   - Forges source IP address
   - Defense: Ingress Filtering

2. DoS/DDoS
   - Overwhelms service with massive traffic
   - SYN Flood: Exploits TCP 3-way handshake
   - Defense: SYN cookies, traffic filtering

3. Man-in-the-Middle
   - Intercepts communication path for eavesdropping/modification
   - Defense: TLS, certificate verification

4. ARP Spoofing
   - Fake ARP responses to intercept traffic
   - Defense: Static ARP tables, 802.1X

5. DNS Spoofing
   - Fake DNS responses redirect to phishing sites
   - Defense: DNSSEC