|
|
|
RemotePass is the only solution available that does not work
peer2peer, providing the only real bulletproof secure technology.
Security is an essential component of any computer system, and it is
especially relevant for traditional P2P systems. Here we will
outline the main security vulnerabilities of P2P security, including:
- The Need for Security
- Consequences of poor Security
- Current Security methods
- Security in the Future
Need for Security:
In these turbulent times you would think that P2P security would be
the least of the world’s problems. However corporate fraud and loss of
revenue due to attacks on their internal networks has brought P2P to the
forefront in the IT world. Napster was the headliner but since its high
profile court case more and more P2P applications have been causing the
corporate world headaches, which it could do without. With better
security protocols this headache could be turned into a valuable asset
for the corporate world and for the world.
The following diagram illustrates the gaps in security when using P2P
applications. We can see that we are letting these applications get
inside our networks. The security of our “secure” network is now in
jeopardy.
Following on from this, is the question of what must we protect
ourselves against. We must outline the elements that our important to
use, before we address the issue of the security. The main points of
this are connection control, access control, operation control,
anti-virus, and of course the protection of the data stored on our
machines. The connection, access, and operation control are the
priority issues here. If we can make these secure, the other two points
should follow from these. The diagram illustrates all the main points
that we must deal with.
P2P applications are vulnerable to the following threats:
Internal threats:
- P2P networking allows your network to be open to various forms
of attack, break-in, espionage, and malicious mischief. P2P doesn’t
bring any novel threats to the network, just familiar threats such
as worms and virus attacks.
- P2P networks can also allow an employee to download and use
copyrighted material in a way that violates intellectual property
laws, and to share files in a manner that violates an organisations
security policies. Applications such as Napster, Kazaa, Grokster and
others have been popular with music-loving Internet users for
several years, and many users take advantage of their employers'
high-speed connections to download files at work. This presents
numerous problems for the corporate network such as using expensive
bandwidth and being subject to a virus attack via an infected file
download.
- Unfortunately, P2P networking circumvents enterprise security by
providing decentralized security administration, decentralized
shared data storage, and a way to circumvent critical perimeter
defences such as firewalls and NAT devices. If users can install and
configure their own P2P clients, all the network managers
server-based security schemes are out the window.
- Theft:
Companies can lose millions of euros worth of property such as
source code due to disguising files using P2P technologies. P2P
wrapping tools, such as Wrapstar (a freeware utility
(http://webmail.tcd.ie/redirect?http://members.fortunecity.com/wrapster),
can disguise a .zip file, containing company source code, as an MP3
of a music hit. As a result an accomplice outside the company can
use Morpheus to download the disguised file. To the companies
security this looks like a common transaction, even if the company
has frowned upon employees using P2P in music sharing. Little do
they know is that their company has just been robbed, and possibly
millions of euros worth of software has been lost.
- Bandwidth Clogging and File Sharing:
P2P applications such as Kazaa (http://www.kazaa.com/), Gnutella
(http://gnutella.wego.com/) and FreeNet
(http://freenet.sourceforge.net/) make it possible for one computer
to share files with another computer located somewhere else on the
Internet. A major problem with P2P file-sharing programs is that
they result in heavy traffic, which clogs the institution networks.
The rich audio and video files that P2P users share are very big.
This affects response times for internal users as well as e-business
customers and that results in lost income.
- Bugs:
In order for P2P file-sharing applications to work the appropriate
software must be installed on the users system. If this software
contains a bug it could expose the network to a number of risks e.g.
conflict with business applications or even crash the system.
- Encryption Cracking:
Distributed processing is another P2P application. Taking lots of
desktop computers and adding them together, results in a large
amount of computing power to apply to difficult problems.
Distributed.Net is a prominent example of this. In 1999
Distributed.Net along with the Electronic Frontier Foundation
(http://www.eff.org/) launched a brute-force attack on the 56-bit
DES encryption algorithm. They broke DES in less then 24 hours.
Distributed.Net were able to test 245 billion keys per second. At
the time DES was the strongest encryption algorithm that the US
government allowed for export.
- Trojans, Viruses, Sabotage:
A user could quite possibly download and install a booby-trapped P2P
application that could inflict serious damage. For example a piece
of code that looks like a popular IM or file-sharing program could
also include a backdoor to allow access to the user’s computer. An
attacker would then be able to do serious damage or to obtain more
information then they should have. P2P software users can
easily configure their application to expose confidential
information for personal gain. P2P file-sharing applications can
result in a loss of control over what data is shared outside the
organisation.
- External attacks:
P2P applications get around most security architectures in the same
way that a Trojan horse does. The P2P application is installed on a
“trusted device” that is allowed to communicate through the
corporate firewall with other P2P users. Once the connection is made
from the trusted device to the external Internet attackers can gain
remote access to the trusted device for the purpose of stealing
confidential corporate data, launching a Denial of Service attack or
simply gaining control of network resources.
- Backdoor Access:
P2P applications such as KazaA, Morpheus (http://www.morpheus.com/)
or Gnutella enable people all over the world to share music, video
and software applications. These applications expose data on a users
computer to thousands of people on the Internet. These P2P
applications were not designed for use on corporate networks and as
a result introduce serious security vulnerabilities to corporate
networked if installed on networked PCs. For example if a user
starts Gnutella and then clicks into the corporate Intranet to check
their email, an attacker could use this as a backdoor to gain access
to the corporate LAN.
- Non-encrypted IM:
Instant messaging applications like those provided by AOL, Microsoft
and Yahoo, also pose an information threat to a company. If these
applications are used to discuss sensitive information, an attacker
can read all the messages that are sent back and forth across the
network or Internet by using a network-monitoring program.
IM applications are been developed and enhanced with new
capabilities such as voice messaging and file sharing. Adding file
sharing to the IM application also adds all of the risks of the
file-sharing applications as described previously.
- Confidentiality:
Kazaa and Gnutella give all clients direct access to files that are
stored on a user’s hard drive. As a result it is possible for a
hacker to find out what operating system the peer computer has and
connect to folders that are hidden shares, thus gaining access to
folders and information that is confidential.
- Authentication:
There is also the issue of authentication and authorization. When
using P2P you have to be able to determine whether the peer
accessing information is who they really say they are and that they
access only authorized information.
External threats:
- Interoperability:
Interoperability is a major security concern within P2P networks.
The introduction of different platforms, different systems, and
different applications working together in a given infrastructure
opens a set of security issues we associate with interoperability.
The more differences in a given infrastructure, the more compounded
the security problems.
- Private Business on a Public Network:
Many companies conduct private business on a public network. This
leads to an exposure to various security risks. These risks must be
addresses in order to avoid the liability this use entails.
- Adding and Removing Users:
There must be a feasible method to add/delete users to/from the
network without increasing vulnerability. The system is under the
most threat from users and former users who know the ins and outs of
the system e.g. the existence of trapdoors etc.
- General Security:
P2P shares many security problems and solutions with networks and
distributed systems e.g. data tampering, unreliable transport,
latency problems, identification problems etc
- Distributed Dangers:
When using distributed processing applications the user is required
to download, install and run an executable file on their workstation
in order to participate. A denial of service could result if the
software is incompatible or if it contains bugs.
- The People Problem:
There will always be malicious users who are intent on gaining
clandestine access to corporate networks. And no matter what
security protocols are put in place a skilful attacker, given enough
time, will find a way around them. So all that the security buffs
need to do is to keep ahead of the hackers by creating bigger and
better protocols. But that’s easier said then done!
- Existing Security standards and techniques in P2P
networks:
At an alarming rate, people are adopting, in an ad hoc fashion, the
tools of the Peer-to-Peer (P2P) revolution. Company files are
increasingly made available by being published to the world directly
from a user's PC. Databases, spreadsheets, even entire applications,
are becoming enabled with P2P features and critical information is
flowing out from every PC. P2P systems typically provide mechanisms
that include searching for specific content or documents,
discovering other peers running the software, and implementing any
number of other application level tools, such as collaborative
editing, instant messaging, or remote wireless mobility support So
it is easy to see why security is such a crucial factor in P2P
networks.
Defending against the threats of ad hoc P2P deployment, and managing
or reducing the risks of loss of information or availability of
systems requires foresight, planning, and careful selection of the
P2P infrastructure upon which your P2P enabled applications and
services will be built.
Peer2peer security mechanisms :
All security mechanisms deployed today are based on either
symmetric/secret key or asymmetric/public key cryptography, or sometimes
a combination of the two. Here we will introduce the basic aspects of
the secret key and public key techniques and compare their main
characteristics.
- Secret Key Techniques:
Secret key techniques are based on the fact that the sender and
recipient share a secret, which is used for various cryptographic
operations, such as encryption and decryption of messages and the
creation and verification of message authentication data. This
secret key must be exchanged in a separate out of bound procedure
prior to the intended communication (using a PKI for example).
- Public Key Techniques:
Public Key Techniques are based on the use of asymmetric key pairs.
Usually each user is in possession of just one key pair. One of the
pair is made publicly available, while the other is kept private.
Because one is available there is no need for an out of band key
exchange, however there is a need for an infrastructure to
distribute the public key authentically. Because there is no need
for pre-shared secrets prior to a communication, public key
techniques are ideal for supporting security between previously
unknown parties.
- Asymmetric Key Pairs:
Unlike a front door key, which allows its holder to lock or unlock
the door with equal facility, the public key used in cryptography is
asymmetric. This means just the public key can encrypt a message
with relative ease but decrypt it, if at all, with considerable
difficulty.
Besides being one-way functions, cryptographic public keys are also
trapdoor functions- the inverse can be computed easily if the
private key is known.
Peer2peer protocols :
Mechanisms for establishing strong, cryptographically verifiable
identities are very important. These are industry standard authorization
protocols that allow peers to ensure that they are speaking with the
intended remote system.
- Secure Sockets Layer (SSL) protocol:
For protection of information transmitted over a P2P network, some
P2P’s employ the industry-standard Secure Sockets Layer (SSL)
protocol. This guarantees that files and events sent will arrive
unmodified, and unseen, by anyone other than the intended recipient.
Moreover, because both peers use SSL both sides automatically prove
who they are to each other before any information is transferred
over the network. The protocol provides mechanisms to ensure
tamperproof, confidential communications with the right counterpart,
using the same, well-proven techniques used by all major website
operators to protect consumer privacy and financial information
transmitted on the Internet.
- IPSec technologies:
Most VPNs (virtual private networks) use IPSec technologies, the
evolving framework of protocols that has become the standard for
most vendors. IPSec is useful because it is compatible with most
different VPN hardware and software, and is the most popular for
networks with remote access clients. IPSec requires very little
knowledge for clients, because the authentication is not user-based,
which means a token (such as Secure ID or Crypto Card) is not used.
Instead, the security comes from the workstation's IP address or its
certificate (e.g. X.509), establishing the user's identity and
ensuring the integrity of the network. An IPSec tunnel basically
acts as the network layer protecting all the data packets that pass
through, regardless of the application.
- Public Key Infrastructure (PKI) An industry standard:
A full-featured X.509 Public Key Infrastructure (PKI) over a Secure
Sockets Layer (SSL) network backbone - the combination of X.509 PKI
authentication and SSL transport encryption is the established
cryptographic standard for Internet e-commerce.
Use of X.509 PKI authentication allows security certificates from
Endeavors, or from any other recognized X.509 certificate authority,
to be used to establish the true identity of any peer device when it
comes on-line. Use of SSL point-to-point security encryption enables
each pair of peers that communicate with each other to have a unique
key for that pairing. The advantage of SSL encryption is that when a
peer goes off-line from a community, all its unique pairing keys
become invalid, but no pairing keys between other members of the
community are affected.
- What about VPN Security?
The key word in "virtual private networks" is private. The last
thing a business wants is to have sensitive corporate information
end up in the hands of some hacker, or worse, the competition.
Fortunately, VPNs are widely considered extremely secure, despite
using public networks.
- Why are they secure?
In order to authenticate the VPNs users, a firewall will be
necessary. All VPNs require configuration of an access device,
either software- or hardware-based, to set up a secure channel. A
random user cannot simply log in to a VPN, as some information is
needed to allow a remote user access to the network, or to even
begin a VPN handshake. When used in conjunction with strong
authentication, VPNs can prevent intruders from successfully
authenticating to the network, even if they were able to somehow
capture a VPN session.
The tuture of peer2peer security :
The constant running theme in the security of P2P is that of trust.
Trust in the other users who we interact with, and trust within the
software vendors who supply us with the necessary applications.
That is why there is no real future in the security of Peer2peer
security as we all know it will be replaced y a technology that does no
longer rely on human trust.
Conclusion :
It is obvious from the above that security is a crucial issue when it
comes to designing and implementing P2P systems. At the moment it is
probably the main inhibiting factor for the growth of P2P. It is vital
that users become confident in the ability of the security measures
being utilised to protect them, in order for P2P technology to reach its
full potential. At the moment, security measures in general are failing
to inspire consumer confidence, a problem that must be addressed
immediately.
References :
|
|
User
Login
