Studio 15 - Secure Networking

TCP/IP

The TCP/IP protocol includes a series of protocols, also known as the TCP/IP protocol suite. It provides a point-to-point connection mechanism and standardizes the encapsulation, addressing, transmission, routing, and reception of data frames.

TCP/IP vs. OSI

Unlike OSI Model, which has 7 layers, TCP/IP usually has four layers:

1. Application

2. Transport

3. Network

4. Network Interface: Sometimes this layer is divided into two layers

   1. Physical Layer

   2. Link Layer

Application Layer

The Application Layer of the TCP/IP protocol handles protocols that enable communication between applications. For example, HTTP (Hypertext Transfer Protocol) is used for web browsing, allowing clients to request web pages from servers and receive the corresponding data.

Transport Layer

The Transport Layer of the TCP/IP protocol handles end-to-end communication and ensures reliable data delivery between devices. Its main functions include:

1. Providing transport services for end-to-end connections.

2. Offering both reliable (TCP) and unreliable (UDP) transport services.

3. Managing flow control, error control, and Quality of Service (QoS).

There are two main protocols in the Transport Layer:

• TCP (Transmission Control Protocol) is a connection-oriented, reliable protocol that ensures data arrives intact, in order, and without errors. It provides flow control and congestion management to avoid network overload and guarantees data delivery.

• UDP (User Datagram Protocol) is a connectionless, unreliable protocol. It does not guarantee delivery or order, making it faster but less reliable. It's typically used for applications where speed is critical and some data loss is acceptable (e.g., video streaming or chat applications).

In summary, TCP offers high reliability but lower efficiency, while UDP offers higher efficiency but lower reliability, making it suitable for real-time applications with less stringent reliability requirements.

Network Layer

The Network Layer of the TCP/IP protocol is responsible for finding an appropriate path for transmitting data packets across complex network environments. In simple terms, the Network Layer ensures that data is delivered to the correct destination address, which may be connected through multiple networks and routers.

Key protocols at the Network Layer include:

• ICMP (Internet Control Message Protocol)

• IP (Internet Protocol)

These protocols help with routing, error reporting, and managing network traffic between different networks.

The Network Layer can find the path both in local network and the Internet. This may include some knowledge like routers, etc. See Reference 1 for more information.

Network Interface Layer

The Network Interface Layer, which includes the Link Layer and Physical Layer, handles the hardware connections in a network. This layer includes device drivers, Network Interface Cards (NICs), optical fibers, and all physical transmission media. At this layer, the unit of data transmission is a bit.

Key protocols at the Link Layer include:

• ARP (Address Resolution Protocol)

• RARP (Reverse Address Resolution Protocol)

These protocols are responsible for mapping IP addresses to MAC addresses and vice versa, enabling devices on a local network to communicate effectively.

Example

When using TCP/IP for network communication, data packets are transmitted according to the layered model.

• The sender transmits from the application layer downwards,

• the receiver processes from the network interface layer upwards.

The order of data transmission for each frame from the client to the server is as follows: Application Layer → Transport Layer → Network Layer → Network Interface Layer → Network Interface Layer → Network Layer → Transport Layer → Application Layer.

Data Encapsulation and Decapsulation

When data is transmitted over the internet, it cannot be sent without any identifiers, as that would lead to chaos.

• Therefore, when sending data, specific identifiers need to be added. This process is known as data encapsulation.

• When the data is used, these identifiers are removed, and this process is called decapsulation.

The data encapsulation and decapsulation process in the TCP/IP protocol is generally as shown in the figure below:

Cryptography

Before we begin, let's take a look at the basic jargons in Cryptography

Term	Definition
Plaintext	"Clear" data that can be intercepted and understood by anyone.
Ciphertext	"Scrambled" data that is generated from "encryption" algorithms to prevent plaintext from being understood.
Encryption	Converting from plaintext to ciphertext.
Decryption	Converting from ciphertext to plaintext.
Key	A particular value or string that is used to encrypt/decrypt messages.
Cipher, cryptosystems	Other names for encryption/decryption algorithms.
Symmetric Cipher	The same key is used to encrypt and decrypt. Also known as private key cryptosystems.
Asymmetric Cipher	A different key is used for encryption (the "public" key) than for decryption (the "private" key).

Private Key Cryptosystem

This is also known as symmetric cryptosystem. The key idea here is that we use private key to both encrypt the plaintext and decrypt the cipher.

---

A good example is substution cipher. In a this cryptosystem, the private key is typically a substitution alphabet or a permutation of the alphabet that is used to map each character of the plaintext to a corresponding character in the ciphertext.

Public Key Cryptosystem

This is also known as assymetric cryptosystem, or PKC. The key idea here is that we use public key to encrpty and private key to decrypt.

• A public key can be sent to everyone.

• A private key must be kept to oneself.

We can also use private key to encrypt and public key to decrypt!

---

An example for PKC is the Rivest-Shamir-Addleman (RSA) algorithm. Now, suppose that Alice wants to send $t=12$ (her hair strands) to Bob securely. Bob generates his RSA keys.

1

(Bob) Choose private primes $p, q$ and modulus $n$

Bob picks primes $p=3,q=5$. Then compute $n=p\times q=15$.

Bob must keep these two prime numbers private!

2

(Bob) Compute Totient $t(n)$

$$t(n)=t(15)=(p-1)\times(q-1)=(3-1)\times(5-1)=8$$

3

(Bob) Select Public Exponent $e$

Use the requirement that

$$\text{gcd}(e,t(n))=1$$

, Bob chooses $e=7$. ($\text{gcd}(7,8)=1$)

4

(Bob) Generate Public Key $(e,n)$

As $e=7,n=15$, Bob's public key is $(7,15)$

This public key will be sent to Alice for her to encrypt the message she's going to send to Bob.

5

(Bob) Compute Private Exponent $d$

Bob solves $d$ in this equation: $d\times e=1+k\times t(n)$

$$d\times e=1+k\times t(n)$$

, where $k$ is chosen arbitrary. Here, we let $k=20$. So, we get

$$d\times 7=1+20\times t(15)\equiv1+20\times8$$

$d\times 7=1+20\times t(15)\equiv1+20\times8$, thus $d=23$

6

(Bob) Generate Private Key $(d,n)$

As $d=23,n=15$, Bob's private key is $(23,15)$

Bob must keep the private key private!

7

(Alice) Encrpty the message using Bob's Public Key

Denote the ciphertext as $c$, the plaintext as $a$. To get $c$ using Bob's public key $(e,n)=(7,15)$, we use this formula,

$$c=a^e\mod n=12^7\mod 15=3$$

Then Alice will send $c$, which is 3 to Bob.

8

(Bob) Decrypt the message using Bob's Own Private Key

Denote plaintext as $a$ again, with Bob's private key $(d,n)=(23,15)$ and use the following formula

$$a=c^d\mod n=3^{23}\mod 15=12$$

Bob gets the message 12!

As a sum up, denote your cipher text as $c$, plaintext as $a$, and your key as $(x,n), (y,n)$ (no matter public or private, so the order doesn't matter), we always have:

1. Encrypt using whichever key, we use the following formula,

$$c=a^x\mod n$$

1. Decrypt using whichever key (must be different from the one you choose in 1), we use the following formula,

$$a=c^y\mod n$$

Why it is hard for the third person to decrypt?

If the third person wants to decrypt, he needs to know

1. $d$, as $n$ is part of Bob's public key, which is known by everyone.

2. To know $d$, he needs to know $t(n)$, a.k.a the totient function

3. To know $t(n)$, he needs to know the two private prime numbers $p,q$

4. This is impossible because in reality, when Bob chooses $p,q$, they are always between 1024 to 8192 bits!

Digital Signature

The use of digital signature is to ensure that a message is not modified and the message was signed by someone with access to the private key that corresponds to the public key! This is done by a neat feature of PKC, which is:

If we encrypt using the private key, we can also decrypt using the public key!

Still use the example of Bob and Alice above, with Bob's public key $(7,15)$ and Bob's private key $(23,15)$. Bob sends 3 to Alice and Alice wants to know this message is not modified by others.

1

(Bob) Encrypt message $m$ using Bob's private key

This step is to get the ciphertext $c$,

$$c=3^{23}\mod15=2$$

2

(Bob) Sends message pair $(m,c)$ to Alice

Bobs sends the message and the ciphertext to Alice.

3

(Alice) Decrypt Bob's ciphertext $c$ to get $m'$

To decrypt to get $m'$, we use

$$m'=2^{7}\mod15=3$$

If $m'==m$, Alice can make sure the message is not modified by someone else.

To check whether it is sent by Bob, Certificate is needed to verify that the public key is legit Bob's public key! Because someone else other than Bob can use his own private key to encrypt the message and send his public key to Alice!

However, in real-world, the raw message $m$ can be quite large, which makes it harder to compute the ciphertext $c$. To solve this, computer scientists introduce the hash function (like SHA256), which is basically used to generate a "digest" of the message $m$. So now the steps become as follows:

1. Bob uses the hash function to generate $h(m)$, where $h(m)$ is a much shorter summary of $m$.

2. Bob encrypts $h(m)$ (instead of $m$) using his private key to get the ciphertext $c$.

3. Bob sends $(m,c)$ as usual to Alice.

4. Alice receives $(m,c)$, then computes $h(m)$.

5. Alice decryptes $c$ using Bob's public key, and if the result is equal to $h(m)$, she knows that the message is not modified!

$c$ is called the digital signature.

Hash Function

Below are some important properties of hash functions

• Given $h(m)$, it must be impossible to derive $m$.

• Given even the tiniest change to $m$, $h(m)$ must change drastically.

• It must be non-trivial to produce $h(m)$ from $m$.

• No matter how big $m$ is, $h(m)$ always produces a hash of exactly the same size.

• The "gold standard" in hash functions is SHA256.

Real-world Applications of Digital Signature

As public keys are public, how does others know this public key is legit sent by someone? We can use digital signature to sign our public key!

---

For example, Bob wants to send his public key to Alice, and Alice wants to verify that this public key does come from Bob.

1. (Bob) Compute $h(\text{PUB})$ given Bob's public key $\text{PUB}$

2. (Bob) Encrypt $h(\text{PUB})$ using Bob's private key $\text{PRV}$, giving the ciphertext $c$

3. (Bob) Bob then distributes $(\text{PUB}, h(\text{PUB}), c)$ to everyone (This pair is called a certificate)

4. (Alice) Compute $h(\text{PUB})$, then decrypt $c$ using Bob's public key, if the result is equal to $h(\text{PUB})$, then this public key is legit sent by Bob!

In Real World, the public key is signed by an Certificate Authority (CA) instead of Bob himself signing his own public key.

Sign and Digital Signature

• Sign is the process (the act of creating the signature).

• Signature is the value (the output of the signing process).

The sender (e.g., Bob) takes a message, creates a hash of it (using a hash function like SHA-256), and then encrypts that hash with their private key. This encrypted hash is the digital signature. This process is called signing.

The receiver (e.g., Alice) can use the public key to decrypt the digital signature, to get the hash and compare it with the hash sent by the sender. If they are the same, then the receiver can be sure the message is not modified! But who is the sender, we need a certificate to verify that the public key legit is from the sender we want!

Certificate

A certificate in cryptography is a signed statement that binds an identity (like Bob) to a public key. A certificate is usually signed by a certificate authority (CA)

Digital certificates are used to validate the identity of the sender, and digital signatures are used to validate the sent data.

---

Differences between Digital Signature and Certificate

Aspect	Digital Signature	Certificate
Definition	A cryptographic proof that a message/document is authentic and unchanged.	A signed document that binds an identity (e.g., a person or website) to a public key.
Purpose	Ensures data integrity, authenticity, and non-repudiation.	Confirms the authenticity of a public key.
What is Signed?	A hash of a document or message.	A public key (along with identity information).
Who Signs It?	The owner of the private key uses his private key to sign it.	A trusted authority (e.g., a Certificate Authority, CA) uses his private key to sign it.
Verification	Anyone with the public key can verify the signature.	Anyone with the CA’s public key can verify the certificate.
Real-World Example	A contract signed digitally to prevent forgery.	An SSL certificate proving a website's authenticity.

Key Exchange

So, as we have seen above, to ensure the security of the communication between the Alice and Bob, we can use PKC and CA method. In this case, Alice and Bob would exchange public keys, verified by a CA, and encrypt messages using asymmetric encryption (like RSA). However, this method has drawbacks:

• It relies on a trusted CA, which may not always be available.

• Public-key cryptography is computationally expensive compared to symmetric encryption.

Instead, the second solution, which uses Diffie-Hellman (DH) Key Exchange lets Alice and Bob securely agree on a shared secret key without ever transmitting it directly. This shared secret key is then used for fast symmetric encryption (e.g., AES) to protect communication. And even if Eve listens in, she won’t be able to compute the key!

Diffie-Hellman Key Exchange Algorithm

1

(Alice and Bob) Agree on Public Parameters $p$ and $g$

• $p$: A large prime number. It defines the range in which all calculations are done (modulo $p$).

• $g$: A generator (or primitive root) modulo $p$. It’s a number such that its powers modulo $p$ can generate all numbers from 1 to $p-1$. (( $g^1,g^2,\dots,g^{p-1} \mod p$ will produce all integers from 1 to $p-1$ (no repeats))

Together, ppp and ggg define a finite cyclic group, and the security of Diffie-Hellman relies on the difficulty of the discrete logarithm problem in this group.

For simplicity reason, in our example we choose

$$p=23\\g=5$$

2

(Alice and Bob) Generate their own secret numbers $a$ and $b$

• Alice picks a random private number $a$. Let's say $a=6$

• Bob picks a random private number $b$. Let's say $b=15$

3

(Alice and Bob) Compute the public shared numbers and Exchange them $A$ and $B$

Alice computes her public shared number:

$$A=g^a\mod p=5^6\mod 23=8$$

She sends $A=8$ to Bob.

Bob computes his public shared number:

$$B=g^b\mod p=5^{15}\mod 23=19$$

Bob sends $B=19$ to Alice.

4

(Alice and Bob) Compute the shared secret key $S_{\text{Alice}}$ and $S_{\text{Bob}}$

Now, both Alice and Bob use the received public shared number ($A$ and $B$) and their own secret number ($a$ and $b$) to compute the shared key.

Alice computes

$$S_{\text{Alice}}=B^a\mod p=19^6\mod23=2$$

Bob computes

$$S_{\text{Bob}}=A^b\mod p=8^{15}\mod23=2$$

Now, both of them get the same shared key 2! They can use it with symmetric cryptosytem (or Private Key Cryptosystem) to encrypy their communication without worring the third person will know their shared secret key!)

This step can be shown vividly using the following diagram

Common paint is the public parameters $p$ and $g$ in the first step!

Why is Diffie-Hellman Secure?

Even though the third person knows $p,g,A,B$ he cannot compute the shared key easily because of the Discrete Logarithm Problem:

• Given $g,p,A$ it’s extremely hard to find $a$.

• Given $g,p,B$ it’s extremely hard to find $b$.

Without knowing $a$ or $b$, the third person cannot compute the shared key.

Transport Layer Security

Transport Layer Security (TLS) is like a secure tunnel that protects messages from being read or changed by anyone except the intended recipient. It ensures that data stays private and authentic when traveling over the internet.

Let's see how TLS combines all what we have learned together with an example

TLS Handshake — Alice & Bob's Example

1

(Bob) Bob Sends a HELLO Message

Bob (the server) sends a "HELLO" message to Alice (the client), listing the encryption methods (ciphers) it supports (e.g., AES, DES).

2

(Alice) Alice Sends a HELLO Message Back

Alice replies with her chosen encryption method from the list Bob provided. In this example, we choose the symmetric cyrptosystem.

The encryption method selected in Step 2 (e.g., AES, DES, etc.) is used to define how the data will be encrypted and decrypted during the actual communication, once the handshake is complete.

3

(Alice) Alice Sends Her Certificate

Alice sends Bob her digital certificate, which includes her public key.

This proves her identity and allows Bob to verify the certificate using the trusted third-party (CA , like Charlie’s) public key.

4

(Bob) Bob Sends a Random Secret Encrypted with Alice’s Public Key

Bob generates a random secret (used to create a session key) and encrypts it using Alice’s public key from the certificate. He sends this encrypted secret to Alice.

This ensures only Alice can decrypt and access the secret using her private key. Public Key Cryptosystem is used here!

5

(Alice) Alice Decrypts the Secret and Creates the Session Key

Alice decrypts Bob’s encrypted random secret using her private key. Both Alice and Bob now generate the session key (S) using Diffie-Hellman or another method. This session key is used for symmetric encryption (fast encryption for the actual data).

6

(Bob) Bob Sends a FINISHED Message

Bob sends a "FINISHED" message encrypted with the session key (S). This is a known message, so Alice can check if it matches by decrypting it.

If Alice can decrypt the message correctly, it confirms that Bob has the same session key and that the handshake is valid.

7

(Alice) Alice Sends a FINISHED Message Back

Alice sends her own "FINISHED" message to Bob, encrypted with the session key (S).

If Bob can decrypt this message correctly, it confirms the handshake is complete and both parties are ready to securely communicate.

8

Secure Communication Begins

Alice and Bob now use the session key (S) and the selected symmetric cipher (like AES) to securely exchange data.

This session key allows fast encryption and decryption for the rest of the communication.

What is Handshake?

A handshake in the context of network communication (like TLS) refers to the initial process where two parties (like Alice and Bob) establish a secure communication channel by agreeing on how they will communicate, authenticate each other, and exchange the necessary keys for encryption.

Reference

1. Real-World Application of Network Layer and Network Interface Layer