Application Layer Protocols in TCP/IP Model

Chapter 1: Introduction

1.1: Background

Information is deemed to be the backbone of the business stability and sustainability in the twenty-first century irrespective of the size or magnitude of the business as argued by Todd and Johnson (2001)^[1]. This is naturally because of the fact that the increase in the use of information technology and the dependence on information communication over the Internet to entities associated with the business in geographically separated locations is accomplished through the effective use of the secure communication strategies across the Internet using the TCP/IP model. The prospect of saving costs through electronic transactions across the Internet which not only saves costs associated with the traditional business process but also makes the transfer instant in nature thus overcoming the time constraint associated with the procurement and distribution of goods and services by an organization has made it critical to utilise secure communication methodologies to leverage sustainable communications strategy for the organization. Furthermore, it is also critical to ensure that the organization conforms to the legal requirements in terms of security infrastructure to enable information privacy and data protection of personal and sensitive information of individuals concerned with the organization as argued by Todd and Johnson (2001). This makes it clear that a secure communication infrastructure is thus essential in an organization to harness the potential of Information Technology effectively.

Public Key Infrastructure (PKI) is an increasingly utilised method of data communication authentication using various application layer protocols for secure communication in a client server environment across the Internet (Nash et al, 2001^[2]). The increase in the number of application layer protocols of the TCP/IP model in the twenty-first century through the use of protocols including HTTP (Hyper Text Transfer Protocol), SSL (Secured Sockets Layer) and TLS (Transport Layer Security) protocols to enable the desired level of security in the data being communicated makes it clear that there is potential for hacking and unauthorised access to the authentication information by hackers and other malicious users across the Internet whilst using one of the aforementioned protocols for data communication across the Internet. The increasing level of attacks on the servers through unauthorised users across the Internet to access sensitive information in an unauthorised fashion even with the existence of the aforementioned protocols has increased the need to assess the weakness of these protocols in terms of the potential areas where a hacker can attack data communication to decipher information that is hacked in order to make sense to eventually abuse the information for personal gains. In this report a critical overview on the areas of weaknesses on the application layer protocols in the TCP/IP model in the light of using PKI is presented to the reader.

1.2: Aim and Objectives

Aim: The aim of this report is to identify the key weaknesses of the application layer protocols of the TCP/IP model in the implementation of the PKI for secure data communication over the Internet.

Objectives:

The above aim is accomplished through steering the research conducted in this report on the following objectives

1. To conduct a background overview on the PKI and five layers of TCP/IP model.
2. To conduct a critical overview on the key components that enables the effective authentication and secure communication using a given protocol in the PKI infrastructure.
3. To perform an analysis on the key application layer protocols that is used in the TCP/IP model implementing the PKI architecture.
4. To assess the SSL/TLS protocol and the key weaknesses of the protocol in terms of areas where there is possibility of potential attacks by an unauthorised user or hacker without the knowledge of the user.
5. To Assess the Secure Electronic Transaction (SET) protocol and its key weaknesses in terms of the components of the protocol that can be manipulated by the hackers for unauthorised access to personal and sensitive information.

1.3: Research Methodology

A qualitative approach to the research is conducted through analysing the published information on the protocols and the RFC (Request for Comment) documents on the protocol. This approach is deemed effective as the protocols that are being analysed if tested would require a substantial amount of commitment of resources and funds to establish the infrastructure in order to effectively simulate the test environment for achieving reliable results. Secondary research resources from journals, books and other web-resources are used for constructing the analytical arguments for the research conducted in this report.

1.4: Research Scope

The TCP/IP communication model is deemed to be a critical platform for effective communication across the Internet. As each of the five layers of the TCP/IP model can be implemented using a variety of protocols, the scope of this research is restricted to the application layer protocols in the light of implementing PKI. This is due to the fact that the entire landscape of protocols comprised by the five layers of the TCP/IP model is extensive in nature and analysis of all the layers would not only require commitment of resources and funds but also the time necessary to perform the research. Hence the research scope is restricted to the application layer protocols of the TCP/IP model focusing specifically on the TLS and SET protocols.

1.5: Chapter Overview

Chapter 1: Introduction

This is the current chapter that introduces the reader to the aim, objectives, research methodology and scope of the research conducted in this report. This chapter is mainly to set the stage for the research presented in this report.

Chapter 2: Literature Review

This chapter presents a critical analysis on the Public Key Infrastructure (PKI). The overview throws light on the key components of PKI along with an overview on the benefits and constraints associated with its implementation. This is followed by the review of the five layers of the TCP/IP model. The purpose of the review of the TCP/IP model is mainly to provide an insight on the various levels of security implemented within the TCP/IP model prior to analysing the application layer related security components. The review of the application layer components is mainly focused on the technical elements associated with the implementation of the protocol and the authentication process like the algorithm, authentication methods etc., This review forms the basis to review the application layer protocols in subsequent chapters although protocol specific components will be dealt with in their respective analysis.

Chapter 3: The TLS Protocol

In this chapter a comprehensive overview of the SSL/TLS protocol architecture is presented to the reader. This overview is followed by the assessment of the security implementation and the major weaknesses associated with the protocol architecture that form potential entry points for the network hackers and attacks. The analysis also presents examples from the encryption algorithms and code samples from Open Source SSL on how to conduct code level network hacking on the SSL/TLS architecture. The exploitation of the PKI set-up in terms of the CA and RA that forms the basis for man in the middle attacks are also reviewed in this chapter in the light of the TLS encryption and transfer of information across the Internet between client and server. The chapter is concluded by a review on the client and server side attacks on the web-application environment to address the rising concerns on the weaknesses of the SSL/TLS that is being exploited by hackers eventually affecting electronic commerce transactions. The chapter also reviews the TLS weaknesses in the light of short public keys, 40-bit bulk encryption keys, anonymous servers, authentication procedure, authentication algorithms and the weakness associated with the use of a given algorithm over the other etc., The research also focuses on the cryptographic functions and the role of these functions in the security infrastructure implementation using the protocol.

Chapter 4: The SET protocol

This chapter like the chapter 3 commences with a comprehensive overview of the Set architecture and its implementation procedure in the electronic commerce environment. This is followed by a code level analysis on the major areas of weaknesses in terms of the protocol’s encryption strategy and the major issues associated with room for hackers to decrypt and even alter the information. The chapter then proceeds to a comprehensive overview of the Set architecture and encryption weaknesses in terms of the vulnerability related to intrusion, spoofing, PKI implementation, and use in UDP protocol etc.,

Chapter 5: Discussion and conclusion

This chapter commences with a discussion on the research conducted in chapters 3 and 4. The discussion aims to summarise the key weaknesses and the extent to which they can be overcome using security measures in terms of authentication algorithms, certificates etc. This is followed by a review of the objectives in the research in order to identify the consistency of the research conducted against the objectives set at the beginning of the report. The chapter then concludes the research followed by recommendations on further research on the topic.

Chapter 2: Literature Review

2.1: Security Trends

Todd and Johnson (2001) argue that the early Internet applications intended for Electronic commerce and information sharing although capable of delivering the desired service lacked seriously in the security related to the information being transferred as well as the abuse of the stolen information by unauthorised users for personal gains. This has naturally made the process of security a priority element that affected the growth of Electronic Commerce in the twentieth century since the dawn of the Internet. Todd and Johnson (2001) further argue that with the increase in the availability of network access, security became a matter of how to create the hardened outer wall (i.e.) the prevention of unauthorised access to the information systems rather than access control implemented on individual information systems exposed directly to the network.

Encryption is a terminology used extensively in the data protection, securing information over transit from sender to receiver, in a network environment apart from the use of encryption standards to secure information at the storage itself like the server or the client computer where the information resides. This is naturally because of the increase in the security infringements due to hacking into the communication channel by unauthorised users resulting in loss of sensitive information (Burnett and Paine, 2001^[3]). There are numerous methods of encrypting the information in order to enable secure encryption between receiver and sender over the Internet two of which are deemed popular. They are symmetric and asymmetric cryptography methods of encryption used to secure information over the Internet as argued by Burnett and Paine (2001). The former is synonymous with the private key encryption system where a single encryption key or secret key is shared between the communicating parties to encrypt/decrypt information that is being transferred. The major weakness is the threat of loosing the private key which when discovered would render the strategy ineffective as it exposes the communication channel and the information being transferred to the hacker or intruder who has gained unauthorised access (Nash et al, 2001).

2.2: Public Key Infrastructure – an overview

The case of Asymmetric cryptography mentioned in section 2.1 forms the basis for the Public Key Infrastructure (PKI). This is an encryption strategy involving a public and a private key where the public key is used for encryption by the users in the public domain to send information to the server which alone uses the private key to decrypt the information in order to authenticate the user (Todd and Johnson, 2001). The Public Key Infrastructure is one of the successful and deemed to be a reliable approach for enabling secure communication through Trusted Third Party authentication and approval of the overall communication process involving data communication.

The key components that form a successful PKI infrastructure are described as follows

1. Certificate Authority (CA) – This is deemed to be the controller for issuing the public key and the digital certificate and its verification whilst communication is being established between a sender and receiver. The role of the CA is to generate the public and private keys for a given user alongside issuing and verifying the digital certificate. This makes it clear that the CA’s effective operation is a pivotal element for the successful and secure communication between the server and the client in a PKI environment. The CA is typically a company or group of companies independent of the users/organizations involved in the communication thus playing a Trusted Third Party role to enable security through independent verification of the digital certificates (Todd and Johnson, 2001).
2. Registering Authority (RA) – The RA acts as the verifier for the certificate authority before a digital certificate is issued to a requestor. This process is one of the key independent authorisation strategies deployed by the PKI infrastructure that is deemed to be a security measure as well as the key weakness to the overall effectiveness of the PKI strategy itself. The PKI as such is deployed as a methodology to enable secure handshake in order to establish an exclusive (or secure) communication channel between the sender and the receiver (Burnett and Paine, 2001). This handshake process is where the CA and the RA play a pivotal role to verify the validity of the communicating parties in order to complete the communication process. For instance, a credit card transaction over the Internet would require the bank, card issuing authority and the payment processing authorities to independently verify the identity of the buyer using the credit card details supplied. This process is conducted using the PKI handshake process where the public key provided by the vendor is accessed by the CAs and RAs to validate the transaction between the buyer and the vendor. in the real-world scenario, the CA and RA host separate servers with the respective public keys that are generated
3. Directories – These are the locations on the Internet domain where the public keys are held. Typically the public keys are held at more than one directory in order to enable quick access to the information as well as a double check on the key retrieved in terms of its validity and accuracy.
4. Certificate Management System (CMS) – This is the software application that controls or monitors the overall certificate issue and verification process. As this is a package, it varies from one authority to another depending upon the choice of the infrastructure by the certifying authority. So the CA and the RA that host the directory for the public keys and the digital certificates issued for the users using the keys are managed using a CMS.

The operation of PKI in a typical banking example is presented below to enable a better appreciation of the overall PKI concept.

The credit card transaction described under RA above is where the CA issues a digital certificate for the details supplied by card holder using the public key provided by the vendor which in turn is verified by the RA prior to sending to the bank. The bank holds the private key which is used to decrypt the information provided along with the certificate in order to validate the transaction. The acknowledgement from the bank or the financing institution is then encrypted using the private key and sent back to the user who can decrypt the information using the public key in order to view the status. This process is conducted by the application layer protocols in case of TCP/IP where the data is encrypted using the encryption standards in lieu with those of the PKI to achieve the above-described secure transaction process.

Yet another example that can help appreciate the PKI effectively is the typical Internet banking service provided by banking institutions to its account holders. The account holder enters the verification information on the Internet Banking site for the bank which is encrypted using the public key stored in the public directory using an approved CA and then sent to the bank which decrypts the information for authentication and then allows the user to view the bank account in case of successful authorisation. The subtle difference between authentication and authorisation is the fact that the former is the process of establishing connection whilst the latter is the actual validation process dedicated for the user verification within the established connection to access the specific information for the user (Nash et al, 2001).

The key security strategy is the sharing of the public key whilst retaining the private key generated using the same algorithm simultaneously as argued by Burnett and Paine (2001). This is because of the fact that the private key due to its secure nature by providing only to the requester makes it clear that the requester (or the bank in the case of Internet banking) can enable an effective means of secure communication not only for the purpose of verification of the user but also to authenticate the server to the client using the private key thus providing room for establishing a secure communication channel to enable data communication. This makes it clear that the security established using the PKI is predominantly dependant on the following key entities of the infrastructure

1. CA and RA – The validity and reliability of the authorities involved is a critical aspect associated with the successful implementation of the PKI. This is because of the fact that the client or the user when sending the verification information from an un-secure computer entirely depends on the certifying authority to protect the information transferred. Hence an attack on the server hosting the directory and the public keys for issuing the digital certificate would provide the hacker with a suite of opportunities to abuse sensitive information from stealing information up to enabling man in the middle attacks using initial verification information to lure further information from the user. These are discussed further in subsequent chapters.
2. Encryption Algorithm – The encryption algorithm used for issuing the public and private keys is the second and most critical element for the effectiveness of the PKI infrastructure. This is because of the fact that the security is only as strong as the weakness of the encryption algorithm as argued by Nash et al (2001). This justifies that the reliability and protection of the data transferred by the protocols using the PKI faces a key single point of failure as the weakness of the encryption algorithm being used for issuing the keys by the issuing authority.

Benefits

The major benefits of the PKI include the following

1. Security due to verification by the Trusted Third Parties (TTP) in the form of the CAs and RAs to issue and verification of the digital certificates.
2. Continuous development on the algorithms generating the public and private keys for the requester provides room to capture any weakness in the existing algorithm that can be fixed on the latest version being developed. The exponential rate at which the electronic commerce is growing has made the PKI a popular and reliable authentication process by popular vendors like Verisign (Nash et al, 2001).
3. The security infrastructure associated with the storage of the public keys and the issue of the digital certificates by the CA and RA makes the process of verification secure due to the presence of independent verification authorities apart from the CA. This naturally limits the rate of attacks due as the failure to meet the authorisation at the RA will terminate the connection or not allow further communication to the target computer.

Constraints, Weaknesses and threats

1. The involvement of TTP increases the costs associated with the infrastructure set-up and maintenance (Todd and Johnson, 2001). This naturally affects the overall development and continuous security verification process as the verification authorities naturally face high level of costs associated with the maintenance in terms of security measures to storage and communication.
2. The encryption applied by the communication protocols is not secured for communication interference thus making it clear the changes to the header contents through monitoring the network traffic is plausible thus resulting in network attacks on the client computer. Man in the Middle which was mentioned before is a classical example for this case. This is because the ability to mask the header information on the data packets will enable the hacker to mislead the Internet user in revealing sensitive information without the knowledge of the user that he/she is actually communicating with the hacker and not the vendor/intended provider. This is dealt with at the encryption and algorithm level in chapters 3 and 4.
3. The weakness of the encryption algorithm used for generating the keys and the digital certificates is yet another issue that threatens the security enforced by PKI. This is because of the fact that the encryption applied to issue the digital certificate for the purpose of authentication is protected only at the data level and hence destination and source details can be altered by hackers to spoof the parties involved in divulging sensitive information. As the weakness of the encryption algorithm is mainly the case of developments to the hacking methods for penetrating the security measure, the continuous research and development strategies to ensure that the encryption algorithm implemented is secure enough necessitates commitment of funds and resources for the purpose.
4. The authentication algorithm used by the CA and the RA is yet another area of weakness that affects the security infrastructure implemented using PKI. This is because of the fact that the authentication algorithm is not merely the encryption algorithm for generating the keys, issuing the digital certificates but also the process of authenticating the CA and RA to the server computer of the vendor or the receiver with the details of the user or the client. This process naturally provides room for hackers to attack the data communication process at the authentication level if not successful straight to the encryption algorithm used for the key generation (Nash et al, 2001).
5. The fact that the PKI can be implemented successfully in the TCP/IP model alone makes it further vulnerable or a weak security strategy for other protocols that are not supported at the TCP/IP application layer. This makes the PKI limited to only a few application layer protocols that forms the TCP/IP application layer to enable secure data communication.

2.3: TCP/IP Model

Blank (2004) (p1)^[4] argues that ‘TCP/ IP is a set of rules that defines how two computers address each other and send data to each other’. This makes it clear that the TCP/IP is merely the communication framework that dictates the methods to be deployed in order to achieve secure communication between two computers. Rayns et al (2003)^[5] further argue that the use of TCP/IP in the network communication is mainly due to the platform independence of the framework and the room for development of new protocols and encryption methodologies in each of the five layers of the TCP/IP model. TCP/IP forms the standard for a protocol stack that can enable secure communication through enabling multiple protocols to work together within the TCP/IP framework. This approach is the primary architectural feature of the TCP/IP standard that makes it popular due to the fact that security can be implemented at multiple levels of the communication stack through introducing protocols at each layer of the TCP/IP model (Rayns et al, 2003). An overview on the layers of the TCP/IP model and the various elements of security implemented are presented below.

The five layers of the TCP/IP model are

1. Application Layer
2. Transport Layer
3. Network Layer
4. Data Link Layer and
5. Physical Layer.

The stack of the layers in the TCP/IP model and the key protocols that are normally used in these layers of the communication framework of the protocol suite is shown in fig 1 below.

From fig 1 it is evident that the overall TCP/IP implementation in a given network can be established using any number of protocols to enable security and speed of data transfer between computers. The reader must also note that the protocols mentioned in each layer shown in Fig 1 are merely a sample of the overall protocol suite as the number of protocols in each layer is extensive in nature with specific application purpose as well as interoperable and scalable properties as argued by Rayns et al (2003).

Blank (2004) further argues that the layers are logically arranged in such a way that closer to the top the data protocols associated with user application like the HTTP, SSL, BOOTP, SMTP, etc., with respect to the nature of the user application are available in order to enable data encryption to form the payload for the data packets transferred by the TCP/IP protocol stack whilst those towards the bottom layers like ARP, Ethernet etc., form the actual procedures for authentication and establishing connection between the computers in the network. Hence the application developer has the ability to quickly identify the protocol for his/her communication purpose at the desired level of data granularity.

This level of abstraction also provides the user with the ability to isolate the process of encryption and security of the data from the actual communication process of transferring information from computer to computer. This makes it clear that the effective implementation of the protocols to encrypt data as well as enable secure information transfer between computers is plausible through choosing the right combination of protocols from each layer to form the protocol stack of the TCP/IP suite (Blank, 2004). Each of the five layers is discussed in detail below.

Application Layer – This is the top most layer of the TCP/IP stack which provides the user applications with a suite of protocols to enable encryption and communication of the information from one computer to another. The application layer of the TCP/IP stack is also the level at which the web applications and business logic associated with the data transfer are incorporated prior to encryption. From the diagram in fig 1 it can be seen that the SSL/TSL or the Secure Electronic Transaction (SET) protocols are not visible at the application layer. This is because of the fact that the these protocols are not exactly for the encryption of the user application information and not dedicated to client interface application but independent protocols that encrypt the information being sent using one of these application layer protocols. Hence their position is actually between the Application Layer and the Transport Layer of the TCP/IP stack where the encryption of the data is completed prior to including the information for transfer using one of the transport layer protocols. The nature of the security encryption protocols like the SSL and TLS to enable encryption on the data being communication prior to transport using the appropriate transport layer protocol classify them as application layer protocols (Blank, 2004). Hence the role of the application layer in the TCP/IP stack is to enable interaction between the front-end or the user interface of the applications being used by the client computer in order to transfer information from one computer to another in a given application. Hence one can argue that the application layer protocols are predominantly used in case of client server communication applications where there is data transfer between the client and the server in the full-duplex mode (Feit, 1998^[6]).

Transport Layer – The transport layer enables the end-to-end message transfer capabilities for the network infrastructure independent of the underlying network alongside providing error tracking, data fragmentation and flow control as argued by Feit (1998). It is in the transport layer where the header information for the packet (i.e.) the details of the fragment of data being transferred off the overall information to be sent from the target computer to the receiver. The header therefore contains the details of the packet in terms of the position of the packet in the overall data sequence, source & target address, etc., in order to enable the network router to transfer the packet to the appropriate destination computer in the network.

The two major classifications of the transport layer application in terms of transmission of information and connectivity include

1. Connection-Oriented Implementation – This is accomplished using TCP (Transmission Control Protocol) where a connection must be enabled between the two communicating computers in conformance with the authentication and association rules prior to enabling data transfer. Feit (1998) further argue that the data transfer in a connection-oriented implementation is completed successfully only when the connection established is live and active between the two computers. This makes it clear that a connection must be established using sessions in order to ensure security through terminating the session in case of user inactivity as well as providing facility for authentication to the desired security level. The implementation of PKI is one of the security strategies that are accomplished using the connection-oriented strategies of the transport layer in order to enable secure communication between the client and the server. This makes it clear that the header of the packet must contain details of the session in order to ensure that the transmission is indeed part of the established reliable byte stream.

The key aspects associated with the security in case of the aforementioned include

1. Sequential data transfer – the data received by the target computer is the same order in which it is transferred. This makes it clear that implementing a connection-oriented strategy for large data transfer would hamper the performance in terms of speed and session time-out issues.
2. Higher level of error control – This is naturally because of the fact that the connection oriented approach to the communication ensures that there is a live communication channel between the sender and the receiver throughout the transmission process thus controlling the loss of packets or data segments. This naturally minimises the error level in the data being transferred.
3. Duplication Control – Duplicate data is discarded and also controlled to a minimal level due to the synchronous data transfer methodology implemented by the process.
4. Congestion Control – Network traffic is monitored by the TCP protocol effectively as part of the transport layer tasks thus ens
   

    

   Share this: Facebook Twitter Reddit LinkedIn WhatsApp