Top

Published in:

2018 | OriginalPaper | Chapter

41. Learning from the Past: Designing Secure Network Protocols

Authors : Tobias Fiebig, Franziska Lichtblau, Florian Streibelt, Thorben Krüger, Pieter Lexis, Randy Bush, Anja Feldmann

Published in: Cybersecurity Best Practices

Publisher: Springer Fachmedien Wiesbaden

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Network protocols define how networked computer systems exchange data. As they define all aspects of this communication, the way they are designed is also security sensitive. If communication is supposed to be encrypted, this has to be outlined in the protocol’s specification. If services implementing the protocol should allow for authentication, this has to be defined in the protocol. Hence, the way a protocol is designed is elemental for the security of systems later implementing it. Security by design starts with the protocol definition. Especially in today’s fast-moving environment, with cloud services and the Internet of Things, engineers constantly have to develop new protocols. In this chapter, we derive guidelines for designing new protocols securely, as well as recommendations on how existing protocols can be adjusted to become more secure. We base these recommendations on our analysis of how – historical – protocols were designed and which underlying design decisions made their corresponding implementations susceptible to security issues.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Cybersecurity for Everyone

next chapter National Cybersecurity Legislation: Is There a Magic Formula?

http://shodan.io/

Aboba, B., et al. (2004). Securing Block Storage Protocols over IP, IETF.

Al-Shaer, E. S. and H. H. Hamed (2003). Firewall policy advisor for anomaly discovery and rule editing. Proc. IFIP/IEEE Symposium Integrated Network Management.

Alarcón, R. and E. Wilde (2010). RESTler: Crawling RESTful services. Proc. World Wide Web Conference.

Armbrust, M., et al. (2010). “A view of cloud computing.” Communications of the ACM 53(4): 50–58.CrossRef

Assolini, F. (2012). The Tale of One Thousand and One DSL Modems.

Atikoglu, B., et al. (2012). Workload analysis of a large-scale key-value store. ACM SIGMETRICS Performance Evaluation Review.

Atkinson, R. (1995a). IP Authentication Header, IETF.

Atkinson, R. (1995b). IP Encapsulating Security Payload (ESP), IETF.

Atkinson, R. (1995c). Security Architecture for the Internet Protocol, IETF.

Balfanz, D., et al. (2004). “In search of usable security: Five lessons from the field.” Proc. IEEE Security & Privacy (5): 19–24.CrossRef

Barnes, R. (2011). Use Cases and Requirements for DNS-Based Authentication of Named Entities (DANE), IETF.

Barrett, D. J., et al. (2005). SSH, The Secure Shell: The Definitive Guide: The Definitive Guide, O’Reilly Media, Inc.

Barrett, R., et al. (2004). Field studies of computer system administrators: analysis of system management tools and practices. Proc. ACM Conference on Computer Supported Cooperative Work.

Bellovin, S. M. and W. R. Cheswick (1994). “Network firewalls.” IEEE Communication Magazine 32(9): 50–57.CrossRef

Bernstein, D. J. How the AXFR protocol works.

Bernstein, D. J., et al. (2012). The security impact of a new cryptographic library. Progress in Cryptology – LATINCRYPT 2012: 159–176.MATH

Bikos, A. N. and N. Sklavos (2013). “LTE/SAE security issues on 4G wireless networks.” Proc. IEEE Security & Privacy 11(2): 55–62.CrossRef

Birrell, A. D. and B. J. Nelson (1984). “Implementing remote procedure calls.” ACM Trans. Computer Systems 2(1): 39–59.CrossRef

Black, D. and P. Koning (2014). Securing Block Storage Protocols over IP: RFC 3723 Requirements Update for IPsec v3, IETF.

Blumenthal, U., et al. (2004). The Advanced Encryption Standard (AES) Cipher Algorithm in the SNMP User-based Security Model, IETF.

Blumenthal, U. and B. Wijnen (1998). User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3), IETF.

Blumenthal, U. and B. Wijnen (2002). User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3), IETF.

Boe, M. and J. Altman (2002). TLS-based Telnet Security, IETF.

Bollinger, G. (2015). “Securely Managing Your Networks With SNMPv3.” CiscoLIVE! BRKNMS-2658.

Borman, D. (1993). Telnet Authentication Option, IETF.

Botnet, C. (2013). Internet census 2012: Port scanning/0 using insecure embedded devices.

Botta, D., et al. (2007). Towards understanding IT security professionals and their tools. Proc. ACM Symposium on Usable Privacy and Security.

Braden, R. (1989a). Requirements for Internet Hosts – Application and Support, IETF.

Braden, R. (1989b). Requirements for Internet Hosts – Communication Layers, IETF.

Breen, S. (2015). What Do WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your Application Have in Common? This Vulnerability.

Cantelon, M., et al. (2014). Node.js in Action, Manning.

Carr, C. S. (1969). Network subsystem for time sharing hosts, IETF.

Casado, M., et al. (2006). SANE: A Protection Architecture for Enterprise Networks. Proc. Usenix Security Symp.

Case, J., et al. (1996). Introduction to Community-based SNMPv2, IETF.

Case, J., et al. (1999). Introduction to Version 3 of the Internet-standard Network Management Framework, IETF.

Case, J., et al. (2002). Introduction and Applicability Statements for Internet-Standard Management Framework, IETF.

Case, J. D., et al. (1988). Simple Network Management Protocol, IETF.

Chapman, D. B. (1992). Network (In) Security Through IP Packet Filtering. Proc. Usenix.

Charland, A. and B. Leroux (2011). “Mobile application development: Web vs. native.” Communications of the ACM 54(5): 49–53.CrossRef

Chen, D. and H. Zhao (2012). Data security and privacy protection issues in cloud computing. Proc. IEEE Computer Science and Electronics Engineering (ICCSEE).

Claise, B. (2004). Cisco Systems NetFlow Services Export Version 9, IETF.

Claise, B. (2008). Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Information, IETF.

Clark, D. (1988). “The design philosophy of the DARPA Internet protocols.” ACM Computer Communication Review 18(4): 106–114.CrossRef

Cormack, G. V. (2007). “Email spam filtering: A systematic review.” Foundations and Trends in Information Retrieval 1(4): 335–455.CrossRef

Corrente, A. and L. Tura (2004). Security performance analysis of SNMPv3 with respect to SNMPv2c. Proc. IFIP/IEEE Network Operations and Management Symposium (NOMS).

Costin, A., et al. (2014). A large-scale analysis of the security of embedded firmwares. Proc. Usenix Security Symp.

Crocker, D. (1982). STANDARD FOR THE FORMAT OF ARPA INTERNET TEXT MESSAGES, IETF.

Cuppens, F., et al. (2005). Detection and removal of firewall misconfiguration. Proc. IASTED Conference on Communication, Network and Information Security.

DeCandia, G., et al. (2007). Dynamo: Amazon’s highly available key-value store. ACM SIGOPS Operating System Review.

Docker.com (2015).

Durumeric, Z., et al. (2013). ZMap: Fast Internet-wide Scanning and Its Security Applications. Proc. Usenix Security Symp.

Dwivedi, H. (2005). “iSCSI Security.” Black Hat.

Eastlake, D. (2005). Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and Authentication Header (AH), IETF.

Edge, B. (2015). Data, Technologies and Security – Part 1.

Falliere, N., et al. (2011). “W32. stuxnet dossier.” White paper, Symantec Corp., Security Response 5.

Fallon, R. (2015). Celebgate: Two Methodological Approaches to the 2014 Celebrity Photo Hacks. Internet Science: 49–60.

Ferguson, N. and B. Schneier (2000). “A cryptographic evaluation of IPsec.”

Fiebig, T., et al. (2016). A One-Year Perspective on Exposed In-Memory Key-Value Stores. Proc. ACM Workshop on Automated Decision Making for Active Cyber Defense (SafeConf), ACM.

Fiebig, T., et al. (2013). Grindr application security evaluation report.

Flanagan, H. and S. Ginoza (2014). RFC Style Guide, IETF.

Foster, I., et al. (2015). Fast and Vulnerable: A Story of Telematic Failures. Proc. USENIX Workshop on Offensive Technologies (WOOT).

Frye, R., et al. (2000). Coexistence between Version 1, Version 2, and Version 3 of the Internet-standard Network Management Framework, IETF.

Frye, R., et al. (2003). Coexistence between Version 1, Version 2, and Version 3 of the Internet-standard Network Management Framework, IETF.

Furnell, S. M., et al. (2009). “An integrated view of human, organizational, and technological challenges of IT security management.” Information Management & Computer Security 17(1): 4-19.CrossRef

Garcia-Alfaro, J., et al. (2013). “Management of stateful firewall misconfiguration.” Elsevier Computers & Security 39: 64–85.CrossRef

Greenwald, S. J., et al. (2004). The user non-acceptance paradigm: INFOSEC’s dirty little secret. Proc. ACM Workshop on New Security Paradigms.

Gutmann, P. and I. Grigg (2005). “Security usability.” Proc. IEEE Security & Privacy 3(4): 56–58.CrossRef

Haber, E. M. and J. Bailey (2007). Design guidelines for system administration tools developed through ethnographic field studies. Proc. ACM Symposium on Computer Human Interaction for the Management of Information Technology.

Hayes, J. (2013). “Security Issues and Best Practices for Water/Wastewater Facilities.” Proceedings of the Water Environment Federation 2013(8): 6442–6461.CrossRef

Herriot, R., et al. (1999). Internet Printing Protocol/1.0: Encoding and Transport, IETF.

Hoffman, P. (1999). SMTP Service Extension for Secure SMTP over TLS, IETF.

Hoffman, P. (2005). Cryptographic Suites for IPsec, IETF.

Hoffman, P. and J. Schlyter (2012). The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA, IETF.

Housley, R. (2005). Using Advanced Encryption Standard (AES) CCM Mode with IPsec Encapsulating Security Payload (ESP), IETF.

Hunt, A. and D. Thomas (2000). The pragmatic programmer: From journeyman to master, Addison-Wesley Professional.

Industry, P. C. (2014). Payment Card Industry Data Security Standards, Abril.

Institute, S. A. N. S. (2003). Printer Insecurity: Is it Really an Issue?

Jung, J. and E. Sit (2004). An empirical study of spam traffic and the use of DNS black lists. Proc. ACM Internet Measurement Conference.

Jung, J., et al. (2002). “DNS Performance and the Effectiveness of Caching.” IEEE/ACM Trans. Networking (TON) 10(5): 589–603.MathSciNetCrossRef

Kalafut, A. J., et al. (2008). Understanding implications of DNS zone provisioning. Proc. ACM Internet Measurement Conference.

Karn, P., et al. (1995). The ESP DES-CBC Transform, IETF.

Kaufman, C. (2005). Internet Key Exchange (IKEv2) Protocol, IETF.

Kent, S. (2005a). Extended Sequence Number (ESN) Addendum to IPsec Domain of Interpretation (DOI) for Internet Security Association and Key Management Protocol (ISAKMP), IETF.

Kent, S. (2005b). IP Authentication Header, IETF.

Kent, S. (2005c). IP Encapsulating Security Payload (ESP), IETF.

Kent, S. and K. Seo (2005). Security Architecture for the Internet Protocol, IETF.

Kim, T. and N. Zeldovich (2013). Practical and Effective Sandboxing for Non-root Users. Proc. Usenix.

Klensin, J., et al. (1995). SMTP Service Extensions, IETF.

Klensin, J. and M. Padlipsky (2008). Unicode Format for Network Interchange, IETF.

Krämer, J. I. (2015). Why cryptography should not rely on physical attack complexity, Springer.

Kraus, L., et al. (2015). “Analyzing End-Users’ Knowledge and Feelings Surrounding Smartphone Security and Privacy.” Proc. IEEE Security & Privacy Workshops – Mobile Security Technologies (MoST).

Krenc, T., et al. (2014). “An Internet census taken by an illegal botnet: A qualitative assessment of published measurements.” ACM Computer Communication Review 44(3): 103–111.CrossRef

Kührer, M., et al. (2014). Exit from Hell? Reducing the Impact of Amplification DDoS Attacks. Proc. Usenix Security Symp.

Lawrence, N. and P. Traynor (2012). Under New Management: Practical Attacks on SNMPv3. Proc. USENIX Workshop on Offensive Technologies (WOOT).

Lorente, E. N., et al. (2015). Scrutinizing WPA2 Password Generating Algorithms in Wireless Routers. Proc. USENIX Workshop on Offensive Technologies (WOOT).

Mahadevan, B. (2000). “Business models for Internet-based e-commerce.” California management review 42(4): 55–69.CrossRef

Masse, M. (2011). REST API design rulebook, O’Reilly Media, Inc.

Mayer, A., et al. (2000). Fang: A firewall analysis engine. Proc. IEEE Security & Privacy.

McGregor, S. E., et al. (2015). Investigating the computer security practices and needs of journalists. Proc. Usenix Security Symp.

Metzger, P. and W. Simpson (1995). IP Authentication using Keyed MD5, IETF.

Mockapetris, P. V. (1983a). Domain names: Concepts and facilities, IETF.

Mockapetris, P. V. (1983b). Domain names: Implementation specification, IETF.

Moonen, R. (2012). “Digitale achterdeuren in de Nederlandse internet infrastructuur.” Itsx bv.

Myers, J. (1999). SMTP Service Extension for Authentication, IETF.

Nelson, B. J. (1981). “Remote procedure call.”

Newman, S. (2015). Building Microservices, O’Reilly Media, Inc.

O’Sullivan, T. C. (1971). Telnet Protocol – a proposed document, IETF.

Okman, L., et al. (2011). Security issues in NoSQL databases. Proc. IEEE Trust, Security and Privacy in Computing and Communications (TrustCom).

Orman, H. (2003). “The Morris worm: A fifteen-year perspective.” Proc. IEEE Security & Privacy (5): 35–43.

Pa, Y. M. P., et al. (2015). IoTPOT: Analysing the Rise of IoT Compromises. Proc. USENIX Workshop on Offensive Technologies (WOOT).

Pallis, G. (2010). “Cloud computing: the new frontier of Internet computing.” IEEE Internet Computing (5): 70-73.

Pfleeger, C. P. and S. L. Pfleeger (2002). Security in computing, Prentice Hall Professional Technical Reference.

Polakis, I., et al. (2015). Where’s Wally?: Precise User Discovery Attacks in Location Proximity Services. Proc. ACM Conference on Computer and Communications Security (CCS).

Postel, J. (1982). Simple Mail Transfer Protocol, IETF.

Postel, J. (1992). Introduction to the STD Notes, IETF.

Postel, J. (1993). Instructions to RFC Authors, IETF.

Postel, J. and J. Reynolds (1997). Instructions to RFC Authors, IETF.

Postel, J. and J. K. Reynolds (1983). Telnet Protocol Specification, IETF.

Pratistha, I. M. P., et al. (2003). A Micro-Services Framework on Mobile Devices. ICWS.

Qazi, Z. A., et al. (2013). SIMPLE-fying middlebox policy enforcement using SDN. ACM Computer Communication Review.

Quittek, J., et al. (2004). Requirements for IP Flow Information Export (IPFIX), IETF.

Ren, K., et al. (2012). “Security challenges for the public cloud.” IEEE Internet Computing (1): 69–73.

Rescorla, E. and B. Korver (2003). Guidelines for Writing RFC Text on Security Considerations, IETF.

Richter, P., et al. (2015). Distilling the Internet’s Application Mix from Packet-Sampled Traffic. Proc. Passive and Active Measurement (PAM).

Romanow, A., et al. (2005). Remote Direct Memory Access (RDMA) over IP Problem Statement, IETF.

Rossow, C. (2014). Amplification hell: Revisiting network protocols for DDoS abuse. Symposium on Network and Distributed System Security (NDSS).

Roth, V., et al. (2005). “Security and usability engineering with particular attention to electronic mail.” International Journal of Human-Computer Studies 63(1): 51–73.CrossRef

Satran, J., et al. (2004). Internet Small Computer Systems Interface (iSCSI), IETF.

Schiller, J. (2002). Strong Security Requirements for Internet Engineering Task Force Standard Protocols, IETF.

Schiller, J. (2005). Cryptographic Algorithms for Use in the Internet Key Exchange Version 2 (IKEv2), IETF.

Schneier, B. (2008). The psychology of security. Progress in Cryptology – AFRICACRYPT 2008, Springer: 50-79.

Segmuller, W. and B. Leiba (2008). Sieve Email Filtering: Relational Extension, IETF.

Slay, J. and M. Miller (2008). Lessons learned from the maroochy water breach, Springer.

Spafford, E. H. (1989). “The Internet worm program: An analysis.” ACM Computer Communication Review 19(1): 17–57.CrossRef

Srinivas, S. and A. Nair (2015). Security maturity in NoSQL databases-are they secure enough to haul the modern IT applications? Proc. IEEE Conference on Advances in Computing, Communications and Informatics (ICACCI).

Stallings, W. (1998). “SNMPv3: A security enhancement for SNMP.” IEEE Communications Surveys 1(1): 2–17.CrossRef

Streibelt, F., et al. (2013). Exploring EDNS-client-subnet adopters in your free time. Proc. ACM Internet Measurement Conference.

Unger, N., et al. (2015). SoK: Secure Messaging. Proc. IEEE Security & Privacy.

van Halteren, A. and P. Pawar (2006). Mobile service platform: A middleware for nomadic mobile service provisioning. Proc. IEEE Wireless and Mobile Computing, Networking and Communications (WiMob).

van Rijswijk-Deij, R., et al. (2014). DNSSEC and Its Potential for DDoS Attacks: A Comprehensive Measurement Study. Proc. ACM Internet Measurement Conference.

website, M. (2015).

West, R. (2008). “The psychology of security.” Communications of the ACM 51(4): 34–40.CrossRef

Wijnen, B., et al. (1999). An Architecture for Describing SNMP Management Frameworks, IETF.

Wool, A. (2004). “A quantitative study of firewall configuration errors.” IEEE Computer 37(6): 62–67.CrossRef

Xu, T., et al. (2015). Hey, you have given me too many knobs!: Understanding and dealing with over-designed configuration in system software. Proc. ACM Meeting on Foundations of Software Engineering.

Xu, T., et al. (2013). Do not blame users for misconfigurations. Proc. ACM Conference on Symposium on Operating Systems Principles (SOSP).

Yang, X., et al. (2005). A DoS-limiting network architecture. ACM Computer Communication Review.

Ylönen, T. (1996). SSH: Secure Login Connections over the Internet. Proc. Usenix Security Symp.

Ylonen, T. and C. Lonvick (2006a). The Secure Shell (SSH) Authentication Protocol, IETF.

Ylonen, T. and C. Lonvick (2006b). The Secure Shell (SSH) Connection Protocol, IETF.

Ylonen, T. and C. Lonvick (2006c). The Secure Shell (SSH) Protocol Architecture, IETF.

Ylonen, T. and C. Lonvick (2006d). The Secure Shell (SSH) Transport Layer Protocol, IETF.

Yuan, L., et al. (2006). Fireman: A toolkit for firewall modeling and analysis. Proc. IEEE Security & Privacy.

Title: Learning from the Past: Designing Secure Network Protocols
Authors: Tobias Fiebig
Franziska Lichtblau
Florian Streibelt
Thorben Krüger
Pieter Lexis
Randy Bush
Anja Feldmann
Publisher: Springer Fachmedien Wiesbaden
Book: Cybersecurity Best Practices
Print ISBN: 978-3-658-21654-2

Electronic ISBN: 978-3-658-21655-9

Copyright Year: 2018
DOI: https://doi.org/10.1007/978-3-658-21655-9_41

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner