Practical applications of Lightweight Block Ciphers to Secure EtherNet/IP Networks
|
|
- Roderick Strickland
- 8 years ago
- Views:
Transcription
1 Practical applications of Lightweight Block Ciphers to Secure EtherNet/IP Networks Jordon Woods Chief Technical Officer Innovasic, Inc. Patricia Muoio Director of Research and Development G2, Inc. Presented at the ODVA 2015 Industry Conference & 17th Annual Meeting October 13-15, 2015 Frisco, Texas, USA Abstract The relatively new field of lightweight cryptography provides significant advantages over existing cryptographic algorithms when addressing security issues for highly constrained devices. Existing cryptographic algorithms were, for the most part, designed to meet the needs of the desktop computing era and thus require significant resources to implement. By contrast, lightweight cryptography lends itself to implementation as a block cipher providing a scalable, pipelined architecture. These techniques require a small HW footprint compared to similar AES implementations and can therefore be realized by small circuits with minimal power requirements. Perhaps most importantly, lightweight block cyphers can be implemented with very low latency making them ideal for applications in which deterministic performance is critical. Effectively, point to point EtherNet/IP links can be encrypted without interfering with the functional performance of the protocol. Because EtherNet/IP utilizes standard Ethernet technologies, it can easily leverage the advantages of lightweight block cyphers. Incoming and outgoing packets can be easily monitored to ensure layer 2 and layer 3 routing information remains unencrypted while the payload is encrypted. While several families of lightweight block cyphers exist, most are targeted to a specific platform. By contrast, SIMON and SPECK implementations are highly flexible. The SIMON algorithm is tuned for optimal performance in hardware while the SPECK algorithm targets software implementations. As a proof of concept, Innovasic has implemented the SIMON and SPECK family of lightweight block cyphers in its Real-Time Ethernet Multi-Protocol (REM) switch. Using an existing demonstration platform running EtherNet/IP and a beacon-based device-level ring (DLR), a single link was secured using the SIMON algorithm. A network tap was installed on the encrypted link and on the unencrypted link. A network analyzer was attached to demonstrate the secure link is operational and transparent to operation. It is important to note that no changes were made to the applications or programs in any of the ring nodes, including the PLC. From this proof of concept demonstration, it is clear that the SIMON algorithm is transparent to both the EtherNet/IP and DLR protocols and provides a promising new tool when securing Industrial networks ODVA Industry Conference ODVA, Inc.
2 Keywords SIMON, SPECK, Lightweight Block Cipher, Security, Cryptography, Encryption, Decryption, CIP, EtherNet/IP, Device Level Ring, DLR, IoT, iiot, Industry 4.0 Definition of terms Block Cipher - a deterministic algorithm operating on fixed-length groups of bits, called blocks, with an unvarying transformation that is specified by a symmetric key. Feistel cipher - a symmetric structure used in the design of block ciphers. The Feistel structure has the advantage that encryption and decryption operations are very similar, even identical in some cases, requiring only a reversal of the key schedule. Therefore the size of the code or circuitry required to implement such a cipher is nearly halved. Key - a piece of information (a parameter) that determines the functional output of a cryptographic algorithm or cipher. Without a key, the algorithm would produce no useful result. In encryption, a key specifies the particular transformation of plaintext into ciphertext, or vice versa during decryption. Round an individual iteration of the block cipher Key Schedule - an algorithm that, given the key, calculates the subkeys for each round. n the word size, in bits, for a given member of the SIMON and SPECK family of ciphers m the number of words comprising the key for a given member of the SIMON and SPECK family of ciphers Block Size the input block size for a given member of the SIMON and SPECK family of ciphers (calculated as 2n). Key Size the key size for a given member of the SIMON and SPECK family of ciphers (calculated as mn) Application of Lightweight Block Ciphers Today s headlines abound with the promised explosion of the Internet of Things (IoT). Some estimates claim that as many as 50 billion Internet-connected devices will exist by Further, it is estimated that as many as 40% of those devices will be used in industrial applications. Whether one believes these lofty estimates or not, the discussion regarding the industrial Internet of Things (iiot) and the European Industry 4.0 initiative clearly demonstrate that Ethernet-based communications will continue to push into applications traditionally serviced by field bus and even discrete signaling technologies. For this vision to realize, cost-sensitive devices such as sensors, actuators, push buttons and other field devices will need to enable secure Ethernet communication at minimal cost. According to Edith Ramirez, chair of the US Federal Trade Commission, The small size and limited processing power of many connected devices could inhibit encryption and other robust security measures. Cryptographic solutions must be easy to implement and have high performance on a wide range of severely constrained devices. Cryptography should be an aid, not a hindrance, to achieving security. Lightweight cryptography promises to address at least some of these concerns. Algorithms like PRESENT, KATAN and Piccolo have existed for some time. These algorithms have a small hardware footprint but limited options for key size, block size and performance. In addition, as these algorithms were optimized for hardware implementation, they are non-optimal for constrained software-based devices using 8-bit or 16-bit microprocessors ODVA Industry Conference ODVA, Inc.
3 Table 1 - SIMON and SPECK Parameters Block size Key sizes , , , , 192, 259 Published in 2013, the SIMON and SPECK family of block cyphers address these shortcomings. As shown in Table 1, these algorithms provide a variety of block and key sizes. Further, implementation of SIMON and SPECK require a relatively short list of simple functions: Modular addition and subtraction, + and - Bitwise XOR,, Bitwise AND, &, Circular left shift, S j, by j bits and Circular right shit, S j, by j bits Efficiency and security are frequently diametric trade-offs in the design of cryptography. Often, algorithms rely upon highly secure cryptographic components such as 8-bit S-boxes. In contrast, SIMON and SPECK utilize the relatively simple functions listed and iterate to achieve the appropriate level of security. These iterations are known as rounds. The round functions for SIMON 2n and SPECK 2n each take as input an n-bit round key k, together with two n-bit intermediate cipher-text words. To clarify further discussion, a particular member of the SIMON and SPECK family will be referred to as SIMON 2n/mn or SPECK 2n/mn. For instance, SIMON 2n/mn indicates the SIMON block cipher with a 2n-bit block and m-word (mn-bit) key. So, SIMON 64/128 indicates a 32-bit word size (n), a 64 bit block size (2n) and a 4 word (m) key totaling 128-bits (mn). The analogous notation is used for SPECK. For SIMON, each round consists of a two-stage Feistel map. The Feistel map for the SIMON algorithm is given by: R k (x, y) = (y f(x) k, x) Where k is the round key and f(x) = (Sx & S 8 x) S 2 x. The inverse of the round function is used for decryption: Or, shown pictorially: R k 1 (x, y) = (y, x f(y) k) 2015 ODVA Industry Conference ODVA, Inc.
4 Figure 1 - Diagram of SIMON Feistel function Note the use of logical operators; this implementation is ideally suited for hardware. Apart from the round key, all rounds of SIMON are exactly the same, and the operations are perfectly symmetric with respect to the circular shift-map on n-bit words. Consider the case in Figure 2. A SIMON 32/64 encryption engine with a 32-bit block size and a 64 bit key is depicted. The design consists of 11 pipeline stages. The first three stages build the 8-bit data input into a 32 bit block. Each subsequent stage provides 4 rounds of key expansion followed by a single pipelines stage for a total of 32 rounds ODVA Industry Conference ODVA, Inc.
5 Figure 2 Implementation of a 32/64 SIMON Encryption Engine. Note, that each round of SIMON requires a key schedule. A key schedule is an algorithm that, given the key, calculates the sub-keys for each round. In the case of SIMON and SPECK, the key expansion algorithm is dependent only upon the block size and the key size. Therefore, given the block size and key size, and assuming a key which doesn t change frequently, it is possible to pre-calculate the sub-keys for each round. Further, because the round function is iterative, the design lends itself to pipelining and HDL implementations can be designed with parameters to support varying key and bock sizes with common code (see figure 3). Further optimization is possible. Static timing analysis shows that all 44 rounds of SIMON 64/128 can be performed in a single pipeline stage clocked at 300 MHz for a 130nm process node. Assuming 8-bit input data form the MAC, 7 pipeline states would be required to build a 64-bit word. Together with the single stage required for the algorithm these 8 stages would represent less than 27 ns of total latency at 300 MHz ODVA Industry Conference ODVA, Inc.
6 Figure 3 - Optimized SIMON Implementation The SPECK algorithm also utilizes a Feistel-based map: R k (x, y) = ((S α x + y) k, S β y (S α x + y) k), with rotation amounts α = 7 and β = 2, if n = 16 (block size = 32) and α = 8 and β = 3 otherwise. The inverse of the round function uses modular subtraction for decryption: R k (x, y) = (S α ((x k) S β (x y)), S β (x y)). Or, shown pictorially: 2015 ODVA Industry Conference ODVA, Inc.
7 Figure 4 - Diagram of SPECK Feistel function SPECK achieves non-linearity by utilizing the modular addition operation, as opposed to the bitwise XOR used by SIMON. The SPECK algorithm is therefore more efficient than SIMON in software implementations. SIMON and SPECK versus AES In 1997, the US National Institute of Standards and Technology (NIST) announced a competition for a new block based cipher which can be provided in an unclassified environment but still be able to secure sensitive government data well into the next century. The competition ended in 2000 and a version of AES was chosen which consisted of a 128 bit block cipher with support for key lengths of 128, 192, and 256 bit. AES was designed specifically for environments that support a standard PC architecture where power, memory and size are not constrained. As the need for security starts moving more into embedded systems which are physically constrained in terms of power and size, it becomes increasingly difficult to implement AES in those systems. Over the last 15 years, a lot of effort has gone into reshaping the AES into a solution which will work in physically constrained systems. ASIC implementations of AES- 128 have been developed with an area of just 2400 gate equivalents (GE) and software implementations are available for 8-bit and 16-bit microcontrollers. There efforts tend to fall short of what is required for today s most constrained environments and are unlikely to meet tomorrow s needs. For example, RFID tags can only budget 2000 GE of chip area for security, this is well out of reach of current AES implementations. On microcontrollers, AES implementations are very fast but they also tend to be large and complicated. Efforts to reduce the size of implementations tend to be complex (and slow), while efforts to simplify the code produces implementations that tend to be large (and slow). Further, not every application requires the same level of security that AES was designed to provide. When resources are scarce, it doesn t always make sense to implement an algorithm providing 128 bits of security when 96 might be sufficient. In addition, the AES block size of 128 bits is not always optimal. For these reasons, the industry has developed lightweight block ciphers. AES limitations are more apparent in hardware than in software so most of the best efforts to date have focused on hardware solutions. This work has led to the development of ciphers such as PRESENT, KATAN, and Piccolo. All of 2015 ODVA Industry Conference ODVA, Inc.
8 which have a very small hardware footprint. But they cannot provide high performance on constrained software devices, such as 8- and 16-bit microcontrollers. SIMON and SPECK was designed as a lightweight block cipher that can be implemented in a wide range of hardware- and software based devices, including ASICs, FPGAs, and 4-, 8-, 16-, and 32-bit microcontrollers. And since many of these devices interact with a backend server, the lightweight block cipher should also perform well on 64-bit processors. First, let us look at the security of SIMON and SPECK versus AES, Table 2 is based on the analysis done in over 30 Crypto-analytics papers which show that SIMON and SPECK have better security when compared to AES. Crypto-analysis results usually depict the maximum number of rounds at which an algorithm remains vulnerable. For example in a 64 block/ 128 key version of SIMON, successful attacks have been found at 29 rounds or. However, since SIMON requires 44 rounds of operation and since the addition of each round adds to the strength of the algorithm, SIMON has or 15 rounds of additional buffer. In contrast, AES-128 only has 3 rounds of additional buffer and so might be considered less secure. Table 2 - Security of SIMON and SPECK However as seen in Table 3, SIMON and SPECK is also roughly half the size of AES given the same block and key size. Dropping the block size would improve the area by 300 GE. This means you get more security per silicon area with SIMON. Table 3 - ASIC Implementation of SIMON and SPECK Size Algorithm Area (GE) 128/128 SIMON 1234 SPECK 1280 AES 2400 Application to CIP Security CIP Security makes extensive use of proven-in-use open security technologies such as: X.509v3 Digital Certificates used to provide cryptographically secure identities to users and devices TLS (Transport Layer Security) and DTLS (Datagram Transport Layer Security) cryptographic protocols used to provide secure transport of EtherNet/IP traffic Hashes or HMAC (keyed-hash Message Authentication Code) as a cryptographic method of providing data integrity and message authentication to EtherNet/IP traffic 2015 ODVA Industry Conference ODVA, Inc.
9 Encryption as a means of encoding messages or information in such a way as to prevent reading or viewing of EtherNet/IP data by unauthorized parties More specifically, EtherNet/IP uses TLS and DTLS in order to provide the following security attributes: Authentication of the endpoints ensuring that the target and originator are both trusted entities. End point authentication is accomplished using X.509 certificates or pre-shared keys. Message integrity and authentication ensuring that the message was sent by the trusted endpoint and was not modified in transit. Message integrity and authentication is accomplished via TLS message authentication code (HMAC). Message encryption optional capability to encrypt the communications, provided by the encryption algorithm that is negotiated via the TLS handshake. The following diagram shows the protocol layering: CIP Application (including objects) CIP I/O Application UCMM / Class 3 Class 0/1 EtherNet/IP Encapsulation EtherNet/IP Common Packet Format Transport Layer Security (TLS) Datagram Transport Layer Security (DTLS) TCP UDP Internet Protocol (IP) Figure 5 - EtherNet/IP over TLS and DTLS Layering 2015 ODVA Industry Conference ODVA, Inc.
10 The obvious application of the SIMON and SPECK family of ciphers is the message encryption attribute. The EtherNet/IP specification leaves the choice of message encryption as optional and refers the reader to the IANA registry. Because SIMON and SPECK are relatively new algorithms, they have not yet been adopted by any standards organizations. However, SIMON and SPECK have been submitted for inclusion in ISO , the standard for lightweight block ciphers. This standard currently includes PRESENT and CLEFIA. This proposal is currently in review. Clearly, ODVA use of this technology will depend upon its acceptance by a reputable standards body and by the Security community in general. Nonetheless, significant analysis of this technology has already been performed and shows great promise for robust security in constrained applications. Alternative Security Architectures to Provide Authentication Although this paper addresses the use of lightweight ciphers to provide message encryption, CIP Security is mostly focused on message authentication provided by certificate exchange from the device to the certificate authority (CA) and on the delivery and management of certificate revocation lists or (CRL). The issue with today s RSA based certificate exchange is very similar to the issues of using AES in physically constrained system. An architecture which supports a more lightweight authentication scheme may be an attractive alternative in these constrained cases. NIST Special Publication B describes the Cipher-based Message Authentication Code (CMAC) algorithm based on a symmetric key block cipher. This algorithm has been implemented using AES as the block cipher and indeed has been recommended for use in IPSec in IETF RFC However, the NIST special publication does not mandate the use of AES, and states the required characteristics of a block cipher that make it suitable for use in a CMAC implementation. SIMON and SPECK satisfy these characteristics. The CMAC algorithm takes a message (M), of bit length Mlen, to produce a Message Authentication Code (T), of bit length Tlen, which is appended to the outgoing message. To accomplish this end, the CMAC algorithm simply chains the block cypher by acting on a single block (Mi) and using a bitwise exclusive-or to sum the output of each stage in the chain. On ingress, the process is repeated and the resulting MAC is compare to the MAC appended to the message. Note that the CMAC algorithm also makes use of sub-keys. These keys are distinct from the sub-keys generated for each SIMON/SPECK round, but like those keys, the CMAC sub-keys can be pre-calculated and therefore do not add an additional processing burden to constrained devices. Figure 6 - CMAC Generation Algorithm 2015 ODVA Industry Conference ODVA, Inc.
11 This enables the implementer to take advantage of the cipher already in place for encryption purposes to provide message authentication in the CIP stack. All the efficiency arguments above in favor of SIMON and SPECK as encryption engines apply equally to their use as authentication engines. One could develop a robust SIMON and SPECK based CMAC protocol as an alternative to HMAC in the TLS layer of the CIP stack thereby gaining computational efficiencies. In extremely constrained environments, the symmetric keys can be pre-shared which would eliminate the complexities introduced by X509-based key exchange. A Practical Demonstration of SIMON in an EtherNet/IP Network Perhaps the most important aspect of SIMON is its ability to encrypt/decrypt data at line speed. SIMON introduces a minimal and fixed latency to the network. To illustrate this concept, an existing demonstration platform, running EtherNet/IP with the Device Level Ring protocol, was modified to include a link encrypted with the SIMON Algorithm. As shown in Figure 7, the demonstration consists of a Linear Sensor to provide position information to the PLC. The PLC, in turn, provides simple ladder logic to route linear sensor data to the LED display matrix. The control software on the LED matrix tracks the position of the linear sensor. The demonstration utilizes EtherNet/IP for class 1 I/O communication and DLR provides ring resiliency. Figure 7 - Practical Demonstration of SIMON Encryption/Decryption To incorporate SIMON, one-port of the embedded switch connected to the linear sensor (the block dot on Module A ), and one port of the switch connected to the LED matrix (the block dot on Module B ) were modified to include SIMON encryption and decryption engines. The encrypted link is colored red in Figure 6. A network tap is installed on the encrypted link and on the unencrypted link. A network analyzer is connected to the tap in order to demonstrate the secure link is operational and transparent to operation. The modifications to the switch IP are shown in Figures 8 and ODVA Industry Conference ODVA, Inc.
12 Figure 8 = Transmit (Encryption) Figure 9 - Receive (Decryption) The state machine monitors the packet and controls which portions of the packet are encrypted. To simplify the implementation, layer 2 routing information remains intact. All other information, including packet payload and the IP header are encrypted. As shown in Table 4, the design utilized a minimum block and round size (32-bit block, 32 rounds). The key is 64 bits. As shown in Figure 2, the implementation utilized 11 pipeline stages clocked at 125 MHz for a total of 88 ns latency for ingress and egress. As shown in figure 3, key Expansion is pre-computed to minimize area and latency. Therefore, changing the key requires the Pipeline be stalled and flushed. The secure link proved to be completely transparent to operations. While encrypted traffic was present, no modifications to upper layer software, including the stack and application, were required. The DLR redundancy protocol was also unaffected. The ring could be broken at any point, including at the encrypted link and fault detection and ring recovery was unaffected ODVA Industry Conference ODVA, Inc.
13 Table 4 - Simon Demonstration Parameters 2015 ODVA Industry Conference ODVA, Inc.
14 Conclusions It seems inevitable that Ethernet will continue to proliferate into more and more application spaces. If one thinks in terms of MAC addresses: how many MAC Addresses did the average person use in 1998? Typically less than 5: Work computer, home computer, a laptop. Fast forward to today and the average person consumes 10 to 15: Cell phone, IP phone, laptop (1 for wired, 1 for wireless), laser printer (1 for wired, 1 for wireless), set top box (2), TV, BluRay player, tablet, computer at home (2), wireless AP, etc. Ethernet has enjoyed success as a communication medium unprecedented by even radio or television. As technology becomes more cost effective this trend will continue and associated security solutions must likewise scale to address these emerging application. Lightweight block cyphers offer great promise as at least a part of a cost effective security solution for highly-constrained applications. In particular, the SIMON and SPECK family of lightweight block cyphers offer: A small HW footprint compared to comparable AES implementations; A scalable, pipelined architecture; In-line encryption/decryption; Comparatively low latency; Implementations in small circuits with minimal power requirements; Comparable security to AES for a given key size. Ethernet s meteoric success has often left users of Ethernet technologies struggling to address security concerns associated with its application. The promised explosions of IoT, iiot and Industry 4.0 threaten to dwarf this success and give rise to a host of new applications with extremely limited resources. It is incumbent upon users of these technologies to address security in these applications sooner rather than later ODVA Industry Conference ODVA, Inc.
15 References (optional) Beaulieu, Ray, Douglas Shors, Jason Smith, Stefan Treatman-Clark, Bryan WeeksWeeks, and Louis Wingers. "The SIMON and SPECK Families of Lightweight Block Ciphers." Cryptology EPrint Archive. International Association for Cryptologic Research, 19 June Web. 11 Mar < Beaulieu, Ray, Douglas Shors, Jason Smith, Stefan Treatman-Clark, Bryan WeeksWeeks, and Louis Wingers. "SIMON and SPECK: Block Ciphers for the Internet of Things." Cryptology EPrint Archive. International Association for Cryptologic Research, 12 June Web. 15 June < Dworkin, Morris. "NIST SP B, Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication." NIST Computer Security Resource Center. National Institute of Standards and Technology, Spring < Pannell, Don. "The Looming Ethernet MAC Address Crisis." (2014): < _Crisis.pdf>. ****************************************************************************************************************************************************** The ideas, opinions, and recommendations expressed herein are intended to describe concepts of the author(s) for the possible use of ODVA technologies and do not reflect the ideas, opinions, and recommendation of ODVA per se. Because ODVA technologies may be applied in many diverse situations and in conjunction with products and systems from multiple vendors, the reader and those responsible for specifying ODVA networks must determine for themselves the suitability and the suitability of ideas, opinions, and recommendations expressed herein for intended use. Copyright 2015 ODVA, Inc. All rights reserved. For permission to reproduce excerpts of this material, with appropriate attribution to the author(s), please contact ODVA on: TEL FAX WEB CIP, Common Industrial Protocol, CIP Energy, CIP Motion, CIP Safety, CIP Sync, CompoNet, ControlNet, DeviceNet, and EtherNet/IP are trademarks of ODVA, Inc. All other trademarks are property of their respective owners ODVA Industry Conference ODVA, Inc.
CIP Security Phase 1 Secure Transport for EtherNet/IP
CIP Security Phase 1 Secure Transport for EtherNet/IP Brian Batke, Principal Engineer Rockwell Automation (babatke@ra.rockwell.com, +1-440-646-5277) Joakim Wiberg, Team Manager Technology and Platforms
More informationCONTROL LEVEL NETWORK RESILIENCY USING RING TOPOLOGIES. Joseph C. Lee, Product Manager Jessica Forguites, Product Specialist
CONTROL LEVEL NETWORK RESILIENCY Written by: Joseph C. Lee, Product Manager Jessica Forguites, Product Specialist DANGER 65 65 65 65 65 65 65 65 EtherNet/IP 1 3 4 5 6 LINK 1 LINK MOD NET 15 14 13 1 11
More information12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust
Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or
More informationLecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References
Lecture Objectives Wireless Networks and Mobile Systems Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks Introduce security vulnerabilities and defenses Describe security functions
More informationInternet of things (IOT) applications covering industrial domain. Dev Bhattacharya dev_bhattacharya@ieee.org
Internet of things (IOT) applications covering industrial domain Dev Bhattacharya dev_bhattacharya@ieee.org Outline Internet of things What is Internet of things (IOT) Simplified IOT System Architecture
More informationSecurity Protocols HTTPS/ DNSSEC TLS. Internet (IPSEC) Network (802.1x) Application (HTTP,DNS) Transport (TCP/UDP) Transport (TCP/UDP) Internet (IP)
Security Protocols Security Protocols Necessary to communicate securely across untrusted network Provide integrity, confidentiality, authenticity of communications Based on previously discussed cryptographic
More informationSecurity. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1
Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions
More informationChapter 6 CDMA/802.11i
Chapter 6 CDMA/802.11i IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 Some material copyright 1996-2012 J.F Kurose and K.W. Ross,
More information13 Virtual Private Networks 13.1 Point-to-Point Protocol (PPP) 13.2 Layer 2/3/4 VPNs 13.3 Multi-Protocol Label Switching 13.4 IPsec Transport Mode
13 Virtual Private Networks 13.1 Point-to-Point Protocol (PPP) PPP-based remote access using dial-in PPP encryption control protocol (ECP) PPP extensible authentication protocol (EAP) 13.2 Layer 2/3/4
More informationNetwork Security Part II: Standards
Network Security Part II: Standards Raj Jain Washington University Saint Louis, MO 63131 Jain@cse.wustl.edu These slides are available on-line at: http://www.cse.wustl.edu/~jain/cse473-05/ 18-1 Overview
More informationUVOIP: CROSS-LAYER OPTIMIZATION OF BUFFER OPERATIONS FOR PROVIDING SECURE VOIP SERVICES ON CONSTRAINED EMBEDDED DEVICES
UVOIP: CROSS-LAYER OPTIMIZATION OF BUFFER OPERATIONS FOR PROVIDING SECURE VOIP SERVICES ON CONSTRAINED EMBEDDED DEVICES Dinil.D 1, Aravind.P.A 1, Thothadri Rajesh 1, Aravind.P 1, Anand.R 1, Jayaraj Poroor
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure
More informationCryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur
Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Lecture No. # 11 Block Cipher Standards (DES) (Refer Slide
More informationIntroduction to Security and PIX Firewall
Introduction to Security and PIX Firewall Agenda Dag 28 Föreläsning LAB PIX Firewall VPN A Virtual Private Network (VPN) is a service offering secure, reliable connectivity over a shared, public network
More informationEXAM questions for the course TTM4135 - Information Security May 2013. Part 1
EXAM questions for the course TTM4135 - Information Security May 2013 Part 1 This part consists of 5 questions all from one common topic. The number of maximal points for every correctly answered question
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security Objectives Overview of IEEE 802.11 wireless security Define vulnerabilities of Open System Authentication,
More informationSecurity and the Mitel Networks Teleworker Solution (6010) Mitel Networks White Paper
Security and the Mitel Networks Teleworker Solution (6010) Mitel Networks White Paper Release 2 October 2003 Copyright Copyright 2003 Mitel Networks Corporation. This document is unpublished and the following
More informationKeyStone Architecture Security Accelerator (SA) User Guide
KeyStone Architecture Security Accelerator (SA) User Guide Literature Number: SPRUGY6B January 2013 Release History www.ti.com Release Date Description/Comments SPRUGY6B January 2013 Added addition engine
More informationNetwork Security Technology Network Management
COMPUTER NETWORKS Network Security Technology Network Management Source Encryption E(K,P) Decryption D(K,C) Destination The author of these slides is Dr. Mark Pullen of George Mason University. Permission
More informationKey Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards
White Paper Key Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards By Dr. Wen-Ping Ying, Director of Software Development, February 2002 Introduction Wireless LAN networking allows the
More informationChapter 7 Transport-Level Security
Cryptography and Network Security Chapter 7 Transport-Level Security Lectured by Nguyễn Đức Thái Outline Web Security Issues Security Socket Layer (SSL) Transport Layer Security (TLS) HTTPS Secure Shell
More informationIoT Security Platform
IoT Security Platform 2 Introduction Wars begin when the costs of attack are low, the benefits for a victor are high, and there is an inability to enforce law. The same is true in cyberwars. Today there
More informationINF3510 Information Security University of Oslo Spring 2011. Lecture 9 Communication Security. Audun Jøsang
INF3510 Information Security University of Oslo Spring 2011 Lecture 9 Communication Security Audun Jøsang Outline Network security concepts Communication security Perimeter security Protocol architecture
More informationHow To Encrypt With A 64 Bit Block Cipher
The Data Encryption Standard (DES) As mentioned earlier there are two main types of cryptography in use today - symmetric or secret key cryptography and asymmetric or public key cryptography. Symmetric
More informationTriathlon of Lightweight Block Ciphers for the Internet of Things
NIST Lightweight Cryptography Workshop 2015 Triathlon of Lightweight Block Ciphers for the Internet of Things Daniel Dinu, Yann Le Corre, Dmitry Khovratovich, Leo Perrin, Johann Großschädl, Alex Biryukov
More informationMessage Authentication Codes
2 MAC Message Authentication Codes : and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l08, Steve/Courses/2013/s2/css322/lectures/mac.tex,
More informationOverview of CSS SSL. SSL Cryptography Overview CHAPTER
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers
More informationNetwork Authentication - 802.1X Secure the Edge of the Network - Technical White Paper
Bosch Security Systems Video Systems Network Authentication - 802.1X Secure the Edge of the Network - Technical White Paper 4 July 2016 Secure the edge of the network Security devices are mostly located
More informationSecure Network Communications FIPS 140 2 Non Proprietary Security Policy
Secure Network Communications FIPS 140 2 Non Proprietary Security Policy 21 June 2010 Table of Contents Introduction Module Specification Ports and Interfaces Approved Algorithms Test Environment Roles
More informationSecuring EtherNet/IP Using DPI Firewall Technology
Securing EtherNet/IP Using DPI Firewall Technology www.odva.org Technical Track About Us Erik Schweigert Leads device firmware development at Tofino Security BSc in Computer Science from VIU Michael Thomas
More informationCryptography and Network Security
Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 3: Block ciphers and DES Ion Petre Department of IT, Åbo Akademi University January 17, 2012 1 Data Encryption Standard
More informationChapter 9. IP Secure
Chapter 9 IP Secure 1 Network architecture is usually explained as a stack of different layers. Figure 1 explains the OSI (Open System Interconnect) model stack and IP (Internet Protocol) model stack.
More informationChapter 10. Network Security
Chapter 10 Network Security 10.1. Chapter 10: Outline 10.1 INTRODUCTION 10.2 CONFIDENTIALITY 10.3 OTHER ASPECTS OF SECURITY 10.4 INTERNET SECURITY 10.5 FIREWALLS 10.2 Chapter 10: Objective We introduce
More informationCSCE 465 Computer & Network Security
CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Secret Key Cryptography (I) 1 Introductory Remarks Roadmap Feistel Cipher DES AES Introduction
More informationAirStation One-Touch Secure System (AOSS ) A Description of WLAN Security Challenges and Potential Solutions
AirStation One-Touch Secure System (AOSS ) A Description of WLAN Security Challenges and Potential Solutions Buffalo Technology (USA), Inc. October 2004 1 Summary The Wireless Security Problem With the
More informationAs enterprises conduct more and more
Efficiently handling SSL transactions is one cornerstone of your IT security infrastructure. Do you know how the protocol actually works? Wesley Chou Inside SSL: The Secure Sockets Layer Protocol Inside
More informationSecret File Sharing Techniques using AES algorithm. C. Navya Latha 200201066 Garima Agarwal 200305032 Anila Kumar GVN 200305002
Secret File Sharing Techniques using AES algorithm C. Navya Latha 200201066 Garima Agarwal 200305032 Anila Kumar GVN 200305002 1. Feature Overview The Advanced Encryption Standard (AES) feature adds support
More informationCisco Integrated Services Routers Performance Overview
Integrated Services Routers Performance Overview What You Will Learn The Integrated Services Routers Generation 2 (ISR G2) provide a robust platform for delivering WAN services, unified communications,
More informationThe next generation of knowledge and expertise Wireless Security Basics
The next generation of knowledge and expertise Wireless Security Basics HTA Technology Security Consulting., 30 S. Wacker Dr, 22 nd Floor, Chicago, IL 60606, 708-862-6348 (voice), 708-868-2404 (fax), www.hta-inc.com
More information802.11 Security (WEP, WPA\WPA2) 19/05/2009. Giulio Rossetti Unipi Giulio.Rossetti@gmail.com
802.11 Security (WEP, WPA\WPA2) 19/05/2009 Giulio Rossetti Unipi Giulio.Rossetti@gmail.com 802.11 Security Standard: WEP Wired Equivalent Privacy The packets are encrypted, before sent, with a Secret Key
More informationSecurity (II) ISO 7498-2: Security Architecture of OSI Reference Model. Outline. Course Outline: Fundamental Topics. EE5723/EE4723 Spring 2012
Course Outline: Fundamental Topics System View of Network Security Network Security Model Security Threat Model & Security Services Model Overview of Network Security Security Basis: Cryptography Secret
More informationChapter 5. Data Communication And Internet Technology
Chapter 5 Data Communication And Internet Technology Purpose Understand the fundamental networking concepts Agenda Network Concepts Communication Protocol TCP/IP-OSI Architecture Network Types LAN WAN
More informationSecurity vulnerabilities in the Internet and possible solutions
Security vulnerabilities in the Internet and possible solutions 1. Introduction The foundation of today's Internet is the TCP/IP protocol suite. Since the time when these specifications were finished in
More informationImplementation of Full -Parallelism AES Encryption and Decryption
Implementation of Full -Parallelism AES Encryption and Decryption M.Anto Merline M.E-Commuication Systems, ECE Department K.Ramakrishnan College of Engineering-Samayapuram, Trichy. Abstract-Advanced Encryption
More informationChapter 17. Transport-Level Security
Chapter 17 Transport-Level Security Web Security Considerations The World Wide Web is fundamentally a client/server application running over the Internet and TCP/IP intranets The following characteristics
More informationnwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.
CONTENTS 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4. Conclusion 1. EXECUTIVE SUMMARY The advantages of networked data storage technologies such
More informationOverview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP
Overview Securing TCP/IP Chapter 6 TCP/IP Open Systems Interconnection Model Anatomy of a Packet Internet Protocol Security (IPSec) Web Security (HTTP over TLS, Secure-HTTP) Lecturer: Pei-yih Ting 1 2
More informationTLS and SRTP for Skype Connect. Technical Datasheet
TLS and SRTP for Skype Connect Technical Datasheet Copyright Skype Limited 2011 Introducing TLS and SRTP Protocols help protect enterprise communications Skype Connect now provides Transport Layer Security
More informationSecurity Protocols/Standards
Security Protocols/Standards Security Protocols/Standards Security Protocols/Standards How do we actually communicate securely across a hostile network? Provide integrity, confidentiality, authenticity
More informationWhat is a SSL VPN and How Does it Work?
Acceleration of Data through SSL Virtual Private Networks Rob Jansen University of Minnesota, Morris 600 East Fourth Street Morris, MN 56267 (123) 456-7890 jans0184@morris.umn.edu ABSTRACT A Virtual Private
More informationClient Server Registration Protocol
Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are
More informationSecure SCADA Communication Protocol Performance Test Results
PNNL-17118 Secure SCADA Communication Protocol Performance Test Results M.D. Hadley K.A. Huston August 2007 Prepared for U.S. Department of Energy Office of Electricity Delivery and Energy Reliability
More informationCCMP Advanced Encryption Standard Cipher For Wireless Local Area Network (IEEE 802.11i): A Comparison with DES and RSA
Journal of Computer Science Original Research Paper CCMP Advanced Encryption Standard Cipher For Wireless Local Area Network (IEEE 802.11i): A Comparison with DES and RSA 1 Velayutham, R. and 2 D. Manimegalai
More informationFibre Channel over Ethernet in the Data Center: An Introduction
Fibre Channel over Ethernet in the Data Center: An Introduction Introduction Fibre Channel over Ethernet (FCoE) is a newly proposed standard that is being developed by INCITS T11. The FCoE protocol specification
More information7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?
7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk
More informationOther VPNs TLS/SSL, PPTP, L2TP. Advanced Computer Networks SS2005 Jürgen Häuselhofer
Other VPNs TLS/SSL, PPTP, L2TP Advanced Computer Networks SS2005 Jürgen Häuselhofer Overview Introduction to VPNs Why using VPNs What are VPNs VPN technologies... TLS/SSL Layer 2 VPNs (PPTP, L2TP, L2TP/IPSec)
More informationBest practices for protecting network data
Best practices for protecting network data A company s value at risk The biggest risk to network security is underestimating the threat to network security. Recent security breaches have proven that much
More informationEthernet. Ethernet. Network Devices
Ethernet Babak Kia Adjunct Professor Boston University College of Engineering ENG SC757 - Advanced Microprocessor Design Ethernet Ethernet is a term used to refer to a diverse set of frame based networking
More information3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol
Chapter 2: Security Techniques Background Chapter 3: Security on Network and Transport Layer Network Layer: IPSec Transport Layer: SSL/TLS Chapter 4: Security on the Application Layer Chapter 5: Security
More informationAuthentication requirement Authentication function MAC Hash function Security of
UNIT 3 AUTHENTICATION Authentication requirement Authentication function MAC Hash function Security of hash function and MAC SHA HMAC CMAC Digital signature and authentication protocols DSS Slides Courtesy
More informationLightweight Security using Identity-Based Encryption Guido Appenzeller
Lightweight Security using Identity-Based Encryption Guido Appenzeller Chief Technology Officer Voltage Security Inc. Identity-Based Encryption (IBE) IBE is a new public key encryption algorithm A number
More informationLecture 17 - Network Security
Lecture 17 - Network Security CMPSC 443 - Spring 2012 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse443-s12/ Idea Why donʼt we just integrate some of these neat
More informationLightweight Encryption Protocol for Passive RFID System using SIMON
Lightweight Encryption Protocol for Passive RFID System using SIMON Vidur Nayyar, Prajna Setty Graduate students Electrical and Computer Engineering (nayyar.vidur, prajna.setty)@rutgers.edu Rutgers,The
More informationCut Network Security Cost in Half Using the Intel EP80579 Integrated Processor for entry-to mid-level VPN
Cut Network Security Cost in Half Using the Intel EP80579 Integrated Processor for entry-to mid-level VPN By Paul Stevens, Advantech Network security has become a concern not only for large businesses,
More informationSpirent Abacus. SIP over TLS Test 编 号 版 本 修 改 时 间 说 明
Spirent Abacus SIP over TLS Test 编 号 版 本 修 改 时 间 说 明 1 1. TLS Interview (Transport Layer Security Protocol) (1) TLS Feature Introduction: 1. TLS is a successor of Secure Sockets Layer (SSL), a cryptographic
More informationCase Study for Layer 3 Authentication and Encryption
CHAPTER 2 Case Study for Layer 3 Authentication and Encryption This chapter explains the basic tasks for configuring a multi-service, extranet Virtual Private Network (VPN) between a Cisco Secure VPN Client
More informationNetwork Access Security. Lesson 10
Network Access Security Lesson 10 Objectives Exam Objective Matrix Technology Skill Covered Exam Objective Exam Objective Number Firewalls Given a scenario, install and configure routers and switches.
More informationApplications that Benefit from IPv6
Applications that Benefit from IPv6 Lawrence E. Hughes Chairman and CTO InfoWeapons, Inc. Relevant Characteristics of IPv6 Larger address space, flat address space restored Integrated support for Multicast,
More informationThe proliferation of the raw processing
TECHNOLOGY CONNECTED Advances with System Area Network Speeds Data Transfer between Servers with A new network switch technology is targeted to answer the phenomenal demands on intercommunication transfer
More informationProperties of Secure Network Communication
Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able to understand the contents of the transmitted message. Because eavesdroppers may intercept the message,
More informationSecurity. 2014 Yokogawa Users Group Conference & Exhibition Copyright Yokogawa Electric Corporation Sept. 9-11, 2014 Houston, TX - 1 -
Security - 1 - OPC UA - Security Security Access control Wide adoption of OPC SCADA & DCS Embedded devices Performance Internet Scalability MES Firewalls ERP Communication between distributed systems OPC
More informationProtocol Rollback and Network Security
CSE 484 / CSE M 584 (Spring 2012) Protocol Rollback and Network Security Tadayoshi Kohno Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin, John Manferdelli, John Mitchell, Vitaly Shmatikov, Bennet Yee,
More informationLecture 10: Communications Security
INF3510 Information Security Lecture 10: Communications Security Audun Jøsang University of Oslo Spring 2015 Outline Network security concepts Communication security Perimeter security Protocol architecture
More informationSafeguarding Data Using Encryption. Matthew Scholl & Andrew Regenscheid Computer Security Division, ITL, NIST
Safeguarding Data Using Encryption Matthew Scholl & Andrew Regenscheid Computer Security Division, ITL, NIST What is Cryptography? Cryptography: The discipline that embodies principles, means, and methods
More informationMXMedia CipherStream. Preliminary Assessment. Copyright 2012 Farncombe 1.0. Author: T +44 1256 844161 F +44 1256 844162 www.farncombe.
MXMedia CipherStream Preliminary Assessment 1.0 Author: T +44 1256 844161 F +44 1256 844162 www.farncombe.com Copyright 2012 Farncombe Belvedere Basing View Basingstoke RG21 4HG This document and the information
More informationHTTPS: Transport-Layer Security (TLS), aka Secure Sockets Layer (SSL)
CSCD27 Computer and Network Security HTTPS: Transport-Layer Security (TLS), aka Secure Sockets Layer (SSL) 11 SSL CSCD27 Computer and Network Security 1 CSCD27F Computer and Network Security 1 TLS (Transport-Layer
More informationWeb Security Considerations
CEN 448 Security and Internet Protocols Chapter 17 Web Security Dr. Mostafa Hassan Dahshan Computer Engineering Department College of Computer and Information Sciences King Saud University mdahshan@ccis.ksu.edu.sa
More informationFinal Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket
IT 4823 Information Security Administration Public Key Encryption Revisited April 5 Notice: This session is being recorded. Lecture slides prepared by Dr Lawrie Brown for Computer Security: Principles
More informationCRYPTOGRAPHY IN NETWORK SECURITY
ELE548 Research Essays CRYPTOGRAPHY IN NETWORK SECURITY AUTHOR: SHENGLI LI INSTRUCTOR: DR. JIEN-CHUNG LO Date: March 5, 1999 Computer network brings lots of great benefits and convenience to us. We can
More informationVPN. Date: 4/15/2004 By: Heena Patel Email:hpatel4@stevens-tech.edu
VPN Date: 4/15/2004 By: Heena Patel Email:hpatel4@stevens-tech.edu What is VPN? A VPN (virtual private network) is a private data network that uses public telecommunicating infrastructure (Internet), maintaining
More informationRecommended 802.11 Wireless Local Area Network Architecture
NATIONAL SECURITY AGENCY Ft. George G. Meade, MD I332-008R-2005 Dated: 23 September 2005 Network Hardware Analysis and Evaluation Division Systems and Network Attack Center Recommended 802.11 Wireless
More informationOutline. INF3510 Information Security. Lecture 10: Communications Security. Communication Security Analogy. Network Security Concepts
Outline INF3510 Information Security Lecture 10: Communications Security Network security concepts Communication security Perimeter security Protocol architecture and security services Example security
More informationIoT Security. Introduction. Threat Model
IoT Security Introduction In this 1248 white paper we summarise the various aspects of security which need to be considered when designing connected products for the Internet of Things. We give a general
More informationFPGA BASED OPTIMAL SECURED COMMUNICATION
FPGA BASED OPTIMAL SECURED COMMUNICATION Mr.G. Manikandan 1, Mr. M.Paramasivan 2, Mr.N.Mathavan 3,Ms.X.Benedict priyanka 4 1 Research Scholar, St. Peter s University, St. Peter s, Institute of Higher Education
More informationApplication Note Gigabit Ethernet Port Modes
Application Note Gigabit Ethernet Port Modes Application Note Gigabit Ethernet Port Modes Table of Contents Description... 3 Benefits... 4 Theory of Operation... 4 Interaction with Other Features... 7
More informationSecure SCADA Network Technology and Methods
Secure SCADA Network Technology and Methods FARKHOD ALSIHEROV, TAIHOON KIM Dept. Multimedia Engineering Hannam University Daejeon, South Korea sntdvl@yahoo.com, taihoonn@paran.com Abstract: The overall
More informationAgenda. What is Hybrid AP Fat AP vs. Thin AP Benefits of ZyXEL Hybrid AP How Managed AP finds the Controller AP Web GUI
Hybrid AP NWA-316x Agenda What is Hybrid AP Fat AP vs. Thin AP Benefits of ZyXEL Hybrid AP How Managed AP finds the Controller AP Web GUI What is Hybrid AP? Hybrid AP, known as the Hybrid Wireless Access
More informationComputer Network. Interconnected collection of autonomous computers that are able to exchange information
Introduction Computer Network. Interconnected collection of autonomous computers that are able to exchange information No master/slave relationship between the computers in the network Data Communications.
More informationThe OSI & Internet layering models
CSE 123 Computer Networks Fall 2009 Lecture 2: Protocols & Layering Today What s a protocol? Organizing protocols via layering Encoding layers in packets The OSI & Internet layering models The end-to-end
More informationSymantec Corporation Symantec Enterprise Vault Cryptographic Module Software Version: 1.0.0.2
Symantec Corporation Symantec Enterprise Vault Cryptographic Module Software Version: 1.0.0.2 FIPS 140 2 Non Proprietary Security Policy FIPS Security Level: 1 Document Version: 1.1 Prepared for: Prepared
More informationCyber Security Practical considerations for implementing IEC 62351
1. Introduction Cyber Security Practical considerations for implementing IEC 62351 Frank Hohlbaum, Markus Braendle, Fernando Alvarez ABB frank.hohlbaum@ch.abb.com Switzerland Two trends are currently changing
More information10CS64: COMPUTER NETWORKS - II
QUESTION BANK 10CS64: COMPUTER NETWORKS - II Part A Unit 1 & 2: Packet-Switching Networks 1 and Packet-Switching Networks 2 1. Mention different types of network services? Explain the same. 2. Difference
More informationETHERNET ENCRYPTION MODES TECHNICAL-PAPER
1 ETHERNET ENCRYPTION MODES TECHNICAL-PAPER The CN series encryption platform is designed to secure information transmitted over a number of network protocols. The CN series encryptors secure Ethernet
More informationProtocols and Architecture. Protocol Architecture.
Protocols and Architecture Protocol Architecture. Layered structure of hardware and software to support exchange of data between systems/distributed applications Set of rules for transmission of data between
More informationApplication Note: Onsight Device VPN Configuration V1.1
Application Note: Onsight Device VPN Configuration V1.1 Table of Contents OVERVIEW 2 1 SUPPORTED VPN TYPES 2 1.1 OD VPN CLIENT 2 1.2 SUPPORTED PROTOCOLS AND CONFIGURATION 2 2 OD VPN CONFIGURATION 2 2.1
More informationComputer Networks. Secure Systems
Computer Networks Secure Systems Summary Common Secure Protocols SSH HTTPS (SSL/TSL) IPSec Wireless Security WPA2 PSK vs EAP Firewalls Discussion Secure Shell (SSH) A protocol to allow secure login to
More informationSIP Protocol as a Communication Bus to Control Embedded Devices
229 SIP Protocol as a Communication Bus to Control Embedded Devices Ramunas DZINDZALIETA Institute of Mathematics and Informatics Akademijos str. 4, Vilnius Lithuania ramunas.dzindzalieta@gmail.com Abstract.
More informationEMC DATA DOMAIN ENCRYPTION A Detailed Review
White Paper EMC DATA DOMAIN ENCRYPTION A Detailed Review Abstract The proliferation of publicized data loss, coupled with new governance and compliance regulations, is driving the need for customers to
More informationCryptography and Network Security Chapter 12
Cryptography and Network Security Chapter 12 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 12 Message Authentication Codes At cats' green on the Sunday he
More informationIntroduction: Why do we need computer networks?
Introduction: Why do we need computer networks? Karin A. Hummel - Adapted slides of Prof. B. Plattner, plattner@tik.ee.ethz.ch - Add-on material included of Peterson, Davie: Computer Networks February
More information