ECE 428 Network Security
|
|
- Osborn Underwood
- 8 years ago
- Views:
Transcription
1 ECE 428 Network Security 1
2 Learning objectives Security requirements and tools Symmetric-key (secret key) cryptography Substitution, transposition, and product ciphers (DES) Public key cryptography: RSA algorithm Entity authentication using cryptography Symmetric-key distribution protocols Digital signature Public-key certification Internet Security IP/Transport/Application layers 2
3 Privacy (Confidentiality) Security Requirements Ability to keep info. exchanged between parties private Observer should not be able to recover info. Stronger: an observer cannot determine the parties. User Authentication Ability of the parties to ascertain their identities. Data Authentication (Data Integrity) Ability to ascertain that information exchanged has not been subject to addition, deletion, modification, or undue delay. Non-repudiation Ability to prevent an authorized party from denying a communication session s existence and contents. Access control (DoS) 3
4 Security tools Privacy (Confidentiality) Encryption: A process of transformation: C = E K (M) Decryption: Recover the original msg.: M = D K (C) Idea: It should be computationally infeasible for an observer of C to recover either K or M (in a reasonable time). Data Authentication (Data Integrity) Hashing Create a message digest H(M). Even a 1-bit change in M will produce a large change (50%) in H(M). Non-repudiation (User integrity) Digital signatures 4
5 Passive Types of Attackers Intercept information as it passes. If data is encrypted, try to break it. Active Attacker listens. May try to do nasty things. Add, delete, modify, delay, or create messages 5
6 Properties of cryptographic systems Conventional cryptographic systems (symmetric) Encryption: C = E K (M) Decryption: M = D K (C) Confusion Process of substituting characters or symbols to make Diffusion Complex relationship between ciphertext and key Complex relationship between ciphertext and plaintext Process of spreading the effect of plaintext or key as widely as possible over ciphertext 6
7 Kerckhoff s Principle Attacker knows everything about cryptosystem except the key. All algorithms are public. Only the keys are secret. 7
8 Sender Cryptography (Secret writing) Receiver Alice Bob Plaintext Key Key Plaintext Encryption Alg. Cipher Ciphertext Eve Internet Ciphertext Decryption Crypto. world: Symmetric-key (secret-key) Asymmetric-key (public-key) 8
9 Symmetric-key Cryptography The same key is used by both parties. Traditional ciphers: Unit of data is a character Transpositional cipher: Characters Substitution cipher (Caesar cipher) Data Encryption Standard (DES) 9
10 Transposition Rearrange the order of the letters according to some predetermined pattern. A common method is columnar transposition. Write M in a matrix, then rearrange the columns. Key: It is the order in which columns are read. 10
11 Key Transpositional cipher: Example Encryption A F I T R S R G I E O E A A O N S D D U R E Plaintext Decryption O E A A O N S A F I T G I E R R S R E D D U Ciphertext Key:
12 Substitution Cipher Idea: Message symbols are mapped into permuted set of symbols. Monoalphabetic: A P, B W, C E, D K, Polyalphabetic: Vigenere cipher (16 th century cipher) Example: K = CIPHER {2, 8, 15, 7, 4, 17} Plaintext = thiscryptosystemisnotsecure Encryption: Add the key to the plain text mod V P X Z G I A X I V W P 12
13 Substitution Cipher Polyalphabetic: Hill Cipher (1929) Idea: Encryption: y = xk x and y are rows of m elements; K is an m x m matrix Decryption: x = yk -1 Example: K = 11 8 K -1 = 7 18 Plaintext: July = 9, 20, 11, Encryption of Ju: [9, 20]K = [3, 4] = DE Encryption of ly: [11, 24]K = [11, 22] = LW Encrypted text: DELW 13
14 Cryptanalysis of Ciphers 14% Observation letters do not appear equally in English text. 0 A C E G I K M O Q S U W Y 14
15 Cryptanalysis of Substitution Cipher Analyze a large volume of ciphertext for letter frequency. If frequencies are close to natural English only mapped to different letters, try replacement. Consider digram and trigram frequencies. 15
16 Product Cipher m1 m2 m3 S 1 P 1 S 2 P t-1 S t S11 S21 St1 c1 c2 S12 S22 St2 S13 S23 St3 m12 S14 S24 St4 c12 16
17 Data Encryption Standard: History Late 1960s: IBM set up a security project headed by Horst Feistel. 1971: Alg. LUCIFER sold to Lloyd s for use in cash-dispensing. 1971: Another project headed by Tuchmann/Meyer to refine LUCI 1973: NBS (now NIST) issued an RFP for cipher standard IBM submitted the Tuchmann/Meyer work 1977: NBS accepted Tuchmann/Meyer work as DES (56-bit key) S-boxes were classified 1994: NIST reaffirmed DES for federal use for another 5 years 1999 NIST wanted to use DES for legacy systems Use 3DES for others. 17
18 Feistel Network and DES 18
19 Figure 1: Classical Feistel Network 19
20 Figure 2: Feistel Encryption and Decryption 20
21 [ A B] C A [ B C] D D 0 E 0 E Example of Reversibility LE16 RE15 RE16 LE15 F ( RE15, K16 ) LD RD LE RD LD F( RD, K ) RE F( RE, K ) [ LE F( RE, K )] F( RE, K )
22 Figure 3: General Depiction of DES Encryption Algorithm 22
23 Figure 4: Single Round of DES Algorithm 23
24 Figure 5: Calculation of F(R,K) 24
25 Table 1: Permutation Tables for DES 25
26 Table 2: Definition of DES S-Boxes 26
27 Table 3: DES Key Schedule Calculation 27
28 F-box design criteria Good Avalanche property A change in 1 bit of the input should produce a change in many output bits. Special case: Strict Avalanche Condition (SAC) Any output bit j should change with probability 0.5 when any single input bit is inverted. Bit Independence Criterion (BIC) Note Output bits j and k should change independently when any single input bit i is inverted. SAC and BIC strengthen the confusion process. 28
29 S-box design criteria Guaranteed Avalanche (GA) of order r 1 bit change in input provides at least r bit change in output. GA in the range of order 2-5 provides strong diffusion property. If two inputs to an S-box differ in exactly 1 bit, The outputs must differ in at least 2 bits. Each row of an S-box should include all 16 possible bit combinations. Box size Larger box: more resistant to cryptanalysis, but more difficult to design. For practical reason it is 6 x 4. 29
30 The 4 o/p bits of each S-box P-box design criteria affect SIX different S-boxes on the next round, and no two affect the same S-box. The 4 o/p bits from each S-box at round i are distributed by P-box so that 2 of them affect middle bits of round i+1, and the other 2 bits affect end bits. (Affect => to provide input for) 30
31 Triple DES 64-bit plaintext 64-bit plaintext Encrypt DES K1 Decrypt DES K1 Decrypt DES K2 Encrypt DES K2 Encrypt DES K1 Decrypt DES K1 64-bit ciphertext 64-bit ciphertext 31
32 Advanced Encryption Standard Size of data block: 128 bits Key sizes 128 bits (10 rounds) 192 bits (12 rounds) 256 bits (14 rounds) Structure of round i 128-bit data Byte Substitution Byte Permutation MixColumn AddRoundKey 128-bit data Ki 32
33 Public-key cryptography In public-key crypto: the two keys are different Public key: use to encrypt Private key: use to decrypt Every user has two keys Distribute the public key. Keep your private key a secret. 33
34 Public-key cryptography: The RSA algorithm Rivest, Shamir, and Adleman alg. (commonly used) Sender wants to send plaintext P Public key: (N, e) P < N Encryption alg.: C = P e mod N (C is the remainder of mod.) Transmit ciphertext C. Receiver receives ciphertext C Private key: (N, d) Decryption alg.: P = C d mod N P is the plaintext received. 34
35 Public-key cryptography: The RSA algorithm Choosing Public and Private keys Choose two large prime numbers p and q. Compute N = p x q. Choose e < N such that e and (p 1)(q 1) are relatively prime Relatively prime: no common factor except 1 Example: 25 and 27 are relatively prime. Choose d such that (e x d) mod [(p 1)(q 1)] = 1 35
36 Example Select two prime numbers: p = 17, q = 11. Calculate N = p*q = 17*11 = 187. Calculate (N) = (p-1)*(q-1) = 16*10 = 160. (N) is Euler s Totem Function Select e such that (Choose e = 7) e is relatively prime to (N) and e < N. Determine d such that d*e 1 mod 160 and d < 160 Let d = 23, because 23*7 = 161 = 1* The two keys are: Public key: [e, N] = [7, 187] Private key: [d, N] = [23, 187] 36
37 Example Choose a 1-byte message M = (= 88 in decimal) Encrypt: C = 88 7 mod 187 = [(88 4 mod 187) * (88 2 mod 187) * (88 1 mod 187)] mod 187. = [ 132 * 77 * 88 ] mod 187. = 11 (decimal): Decrypt: M = mod 187 = [(11 5 mod 187) * (11 5 mod 187) * (11 5 mod 187) * (11 5 mod 187) * (11 3 mod 187)] mod 187 = [ 44 * 44 * 44 * 44 * 22] mod 187 = 88 Another pair of keys: Public: [157, 187] Private: [53, 187] 37
38 Public-key cryptography: The RSA algorithm Choosing a prime number Choose a random number M in the desired range. If M is prime, we are done. If not, search around M (What is the search space?) Result from number theory: The primes near M are spaced on the average one every ln(m) integers. Since even numbers can be ignored, one needs to test ln(m)/2 odd integers around M. Example: for M = 2 200, ln(m)/2 = 70 searches. Finding relatively primes Prob. of two random numbers being relatively prime =
39 Secret Key (Dis)Advantages of Crypto Systems Advantages Efficient; Often used for long messages Disadvantages Public Key Large number of keys: N users N(N-1)/2 symmetric keys Problem in key distribution Advantages No need for a shared symmetric key between each user pair Fewer number of keys Disadvantages Association between entity and public key be verified 39
40 Entity Authentication Identity of a party is verified for the entire duration of access. Two approaches Password Challenge text: 1-way and 2-way authentication 40
41 Entity Authentication with Symmetric-key Crypto. First approach (Password authentication) Alice sends (Alice, password) encrypted with the symmetric key to Bob. Security flaw Eve intercepts the message Eve replays the message at a later time: Replay attack 41
42 Entity Authentication with Symmetric-key Crypto. Second approach (1-way authentication) Use challenge text (nonce) Nonce: A large random number that is used only once. Alice Bob Alice xyz Encrypt(xyz) 42
43 Entity Authentication with Symmetric-key Crypto. Second approach (2-way authentication) Alice Bob Alice, X Y, encrypt(x) encrypt(y) 43
44 Symmetric-key distribution Issues in key distribution: Assume N parties N(N 1)/2 secret keys Each party stores (N 1) keys A symmetric key is useful if it is treated as a session key. Example protocols: for securely acquiring keys Diffie-Hellman Protocol Key Distribution Center (KDC) Needham-Schroeder Protocol 44
45 Diffie-Hellman Protocol Executed over the Internet Alice N and G are large primes known to both. Bob R1 = G x mod N R1 R2 R2 = G y mod N K = (R2) x mod N K = (R1) y mod N K = G xy mod N Proved: (G x mod N) y mod N = (G y mod N) x mod N = G xy mod N 45
46 Diffie-Hellman: Man-in-the-Middle Attack Alice Eve Bob R1 = G x mod N K1 = (R2) x mod N R1 R2 R2 = G z mod N K1 = (R1) z mod N K2 = (R3) z mod N R2 R3 R3 = G y mod N K2 = (R2) y mod N K1 = G xz mod N K2 = G zy mod N 46
47 Diffie-Hellman: Man-in-theMiddle Attack Diffie-Hellman Strength Difficult to break: finding x from R1 and y from R2 is difficult. Weakness: Sending R1 and R2 as plaintext. Man-in-the-Middle attack Eve can fool Alice and Bob by creating two keys. Key 1: Alice Eve Key 2: Eve Bob => Trusted 3 rd party. Idea behind KDC. 47
48 Key Distribution Centre: for a session key Alice KDC Bob (KA: Sym key) Alice, Bob (KB: Sym key) KA(KAB, KB(Alice, Bob, KAB)) ticket KB(Alice, Bob, KAB) Vulnerable to replay attack. 48
49 Needham-Schroeder Protocol: for a session key Alice (KA: Sym. Key) (KB: Sym. Key) Bob Alice KB(RB) RA, Alice, Bob, KB(RB) KA(RA,Bob,KAB,KB(KAB,Alice,RB)) KDC KAB(R1), KB(KAB, Alice, RB) KAB(R1 1, R2) KAB(R2 1) 49
50 Other Services from a Secure System Message authentication The receiver needs to be sure of the sender s identity. Message integrity The data must arrive at the receiver exactly as they were sent. Nonrepudiation The receiver must be able to prove that a received message came from a specific sender. Achieved using digital signature 50
51 Digital Signature When you send a document, sign (encrypt) it. Sign the whole document. The sender uses his private key to encrypt the message. The receiver uses the public key to decrypt the message. Authentication using DS Alice (encrypts with own private key) Bob (Decrypts with Alice s public key) If Eve tries to impersonate Alice» Eve (encrypts with own private key) Bob (Decrypt with Alice s public key): Bob rejects the message 51
52 Digital Signature Nonrepudiation using DS A trusted 3 rd party saves the messages received by Bob from Alice. In case of a dispute Bob appeals to the 3 rd party. Bob shows that encrypting and decrypting the saved message with Alice s private and public keys can create a duplicate of the saved message. 52
53 Alice Signing the digest Message Hash Digest Alice s private key Encrypt + Message Transmit to Bob Bob Internet Hash function examples: Message Digest 5 (MD5) Secure Hash Alg. 1 (SHA1) Message Alice s public key Decrypt Hash Digest Compare Digest 53
54 Public-key Certification Bob owns two items: <private key, public key> The public key is distributed Problem Maintaining the association <Bob, public key> Susceptible to impersonation by Eve. Bob wants two things He wants people to know his public key. He wants no one to accept a public key forged as Bob s. Certification Authority Binds <Public key, Bob> Has a well-known public key <= Unforgeable. 54
55 Certification Authority (CA) Bob CA: message is Bob s ID CA Bob: asks for Bob s public key Bob CA: Bob sends PKCA(public key) CA Writes the public key of Bob on a certificate (C) Makes a message digest from the certificate (D). Encrypts the digest with its own private key (ED). CA Bob: <C, ED> Bob announces <C, ED> to others Want Bob s public key Create a digest from C: D1 Decrypt ED with CA s public key: D2 If D1 == D2, the certificate is valid for Bob and not for an imposter. 55
56 Certification Authority (CA): X.509 CA solves the problem of public-key fraud. Side effect: Certificates may be in different format X.509 describes certificates in a structured way Version: Version # of X.509 Serial number: The unique ID used by the CA Signature: The certificate signature Issuer: The name of the CA defined by X.509 Validity Period: Start and end period Subject: The entity whose public key is being certified Public key: The public key and the algorithms that use it 56
57 Kerberos: Authentication protocol + KDC Request ticket for TGS 1 Alice 3 Request service 6 5 Receive service AS 2 Alice-TGS session key and ticket Request ticket for Bob for TGS 4 TGS Alice-Bob session key and ticket for Bob Bob (Server) 57
58 (KA: Sym. Key of Alice generated on the fly) Alice Kerberos Example AS TGS Server (Bob) Alice KA(KS, KTG(Alice,KS)) KS: Session key for comm with TGS Timestamp: prevents replay by Eve KS(T), Bob, KTG(Alice,KS) KS(Bob,KAB), KB(Alice,KAB) KAB(T), KB(Alice,KAB) KAB(T + 1) 58
59 Security in the Internet IP layer security Complicated: multiple services (TCP, OSPF, ICMP) Not effective unless there is wider participation IPSec: prevailing technology Transport layer security Secure Socket Layer (SSL) Transport Layer Security (TSL) Application layer security Pretty Good Privacy (PGP) 59
60 IPSec Provides a framework and mechanism No concrete encryption or authentication method Requires a logical connection between two hosts Security Association (SA) protocol: signaling protocol Connectionless IP Connection-oriented IP Simplex connection Elements of a conn.: ID, security protocol type, source IP addr Operates in two modes Transport mode: security service to the upper-layer Tunnel mode: security service to the tunneled packets 60
61 IPSec: two modes Original IP packet IP Header The rest of the packet Transport mode IP Header IPSec header The rest of the packet Tunnel mode New IP Header IPSec header IP Header The rest of the packet 61
62 IPSec: two security protocols Two security protocols Authentication Header (AH) Encapsulating Security Payload (ESP) Authentication Header protocol Authenticate the source host Ensure the integrity of the payload in the IP packet Does not provide privacy (no encryption) What does it do? Calculate a message digest (use a hash function + sym. key) Insert the digest in the AH header (location is mode dependent) 62
63 Protocol = 51 Used in calculating digest => Packet carries an AH IPSec: AH IP Header IPSec header The rest of the packet even length Padding Protocol = Original protocol field 8 bits 8 bits 16 bits Next header Payload length Reserved Security parameter index (conn. ID) Sequence number Authentication data (Digest) (Variable length) Payload (length in 4-byte multiples) Seq. number: prevents playback, not repeated in a retransmitted packet, and does not wraparound when limit is reached (new conn.) 63
64 Original IP packet IP Header IPSec: ESP Rest of the payload 50 IP Header ESP Header Rest of the payload Authenticated Encrypted ESP Trailer Authentication Data 32 bits Security parameter index Sequence number Padding 32 bits 8 bits 8 bits Pad length Next header in bytes 64
65 Transport Layer Security (TLS) Application (HTTP) TLS TCP IP General Idea Two parties agree on THREE protocols - Entity authentication protocol (2-way) - Message authentication protocol - Encrypt/Decrypt protocol 65
66 Transport Layer Security (TLS) Application (HTTP) TLS Handshake Protocol Change cipher spec Protocol Alert Protocol TLS Record Protocol TCP 66
67 TLS: Entity authentication (Handshake protocol) Client Server Phase I Phase II Establish security capabilities Server authentication and key exchange Phase III Client authentication and key exchange Phase IV Finalizing the handshaking protocol 67
68 TLS: Entity auth. (Handshake protocol) Phase I Client/ server announce their security capabilities. Choose that are agreeable to both. Establish a session ID. Choose a cipher suite. Choose a compression method. 68
69 TLS: Entity auth. (Handshake protocol) Phase II The server authenticates itself. The server may send its certificate, its public key, and request a certificate from the client. Phase III The client authenticates itself (if required) May send a secret to be used in calculation of session keys. Phase IV Exchange messages to establish cipher specs to allow them to use the keys. 69
70 TLS: Entity auth. (Handshake protocol) Parameters Session ID: arbitrary byte sequence chosen by server Peer certificate: an X509 certificate of the peer (null?) Compression method: (optional) used before encrypt. Cipher spec.: data encryption algorithm (null/des/..), message digest algorithm (MD5/SHA) Master secret: A 48-byte secret between client/server 70
71 TLS: Entity authentication (Handshake protocol) Client Server ClientHello Certificate ClientKeyExchange CertificateVerify Finished optional ServerHello Certificate ServerKeyExchange CertificateRequest ServerHelloDone Finished Application data Source: Communication Networks, Leon-Garcia, Widjaja 71
72 TLS: Record Protocol Data from above Optional Compression Compressed data Hash Compressed data Digest Encryption Header Encrypted data 72
73 Application layer security Pretty Good Privacy (PGP) Developed for sending Provides all the four aspects of security privacy, integrity, authentication, and nonrepudiation Digital signature (hash + public-key encrypt.) Integrity, authentication, and non-repudiation Secret-key + public-key encryption privacy 73
74 PGP at the sender (Alice) + One-time Secret key Encrypt Bob s public key Encrypt + Transmit Hash Digest Encrypt Alice s Signed digest private key Digital signature Privacy 74
75 PGP at the receiver (Bob) Encrypted (secret key) Bob s private key Decrypt Encrypted (message + digest) Alice s public key One-time Secret key Decrypt Decrypt Hash Digest Compare Digest 75
76 Need for a firewall Firewalls Digital Signature + encryption cannot prevent Eve from sending a harmful message to a system. Firewall A router or a computer + packet filtering mechanism Installed on the outer edge of an internal network Internet Outgoing packets Firewall Incoming packets Internal network 76
77 Firewall Example of packet filtering Drop all packets from a specific host Drop some kinds of packets to a specific host Two classes of firewall Packet-filter firewall: TCP/IP level Proxy-based firewall: Application level 77
78 Packet-filter firewall Internet 1 2 Internal network Interface Source IP Source port Destination IP Destination port * * * * * * * * * * * (any) 23 (Telenet) * 80 (HTTP) 1. Incoming packets from network are blocked. 2. Incoming packets destined for internal TELENET server are blocked. 3. Incoming packets destined for internal host are blocked internal use only. 4. Outgoing packets destined for an HTTP server are blocked Your employer does not want you to browse the Internet. 78
79 Application level? Enforce policies Proxy Firewall Ex.: Users with previous business relations with the company can have access others are blocked Packet-level filtering is not good enough. 79
80 Proxy Firewall Errors Internet Firewall All HTTP packets HTTP Proxy (Application Gateway) Accepted packets HTTP Server 80
81 Extra slides for RSA 81
82 Background material for the RSA algorithm Given a positive integer n, Zn = {0, 1, 2,, n-1} Known as residue classes modulo n. Two integers are relatively prime if their only common positive integer factor is 1. Examples: 25 and 27 are relatively prime; 18 and 4 are not. Two integers a and b are said to be congruent modulo n (n > 0), if (a mod n) = (b mod n). This is written as a b mod n. Examples: 73 4 mod mod 10 Properties: (i) a b mod n if n (a-b) (Note: n x means n divides x.) (ii) if (a + b) (a + c) mod n then b c mod n (iii) if (a x b) (a x c) mod n then b c mod n, if a is relatively prime to n (iv) For a prime number p, let Zp be the set as defined above. For each w Zp, w 0, Multiplicative inverse of w (denoted by w -1 ) is z Zp, such that w x z 1 mod p 82
83 Fermat s Theorem/ Euler s Totient Function (n) If p is a prime and a is a +ve integer not divisible p, then An alternative form of the theorem a p-1 1 mod p Fermat s Theorem If p is prime and a is any positive integer, then a p a mod p For a positive integer n, (n) is the number of positive integers less than n and relatively prime to n. For a prime p, (p) = p-1. Let p and q be two different primes. For n = pq, (n) = (pq) = = (p-1)x(q-1) = (p) x (q). proof not shown Example: (35) = (7) x (5) = 6x4 =
84 Euler s Theorem For every a and n that are relatively prime: a (n) 1 mod n Example: a = 3; n = 10; (n=10) = (2x5) = (2-1)x(5-1) = 4; 3 4 = 81 1 mod 10 An alternative form of the theorem a (n) + 1 a mod n Important result: p and q are primes; n = pq and m an integer, 0 < m < n m k (n) + 1 m mod n k is an arbitrary integer 84
85 Public-key cryptography: Extended Euclid s Alg. Euclid s algorithm finds gcd(m, b) If gcd(m, b) = 1, then b has a b -1, such that bb -1 1 mod m (b -1 is called the multiplicative inverse of b.) Algorithm 1. (A1, A2, A3) (1, 0, m); (B1, B2, B3) (0, 1, b) 2. if B3 = 0 return A3 = gcd(m, b); no inverse 3. if B3 = 1 return B3 = gcd(m, b); B2 holds b Q = A3/B3 5. (T1, T2, T3) (A1 QB1, A2 QB2, A3 QB3) 6. (A1, A2, A3) (B1, B2, B3) 7. (B1, B2, B3) (T1, T2, T3) 8. goto 2 85
Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide
Network Security [2] Public Key Encryption Also used in message authentication & key distribution Based on mathematical algorithms, not only on operations over bit patterns (as conventional) => much overhead
More informationChapter 10. Network Security
Chapter 10 Network Security 10.1. Chapter 10: Outline 10.1 INTRODUCTION 10.2 CONFIDENTIALITY 10.3 OTHER ASPECTS OF SECURITY 10.4 INTERNET SECURITY 10.5 FIREWALLS 10.2 Chapter 10: Objective We introduce
More informationChapter 8. Cryptography Symmetric-Key Algorithms. Digital Signatures Management of Public Keys Communication Security Authentication Protocols
Network Security Chapter 8 Cryptography Symmetric-Key Algorithms Public-Key Algorithms Digital Signatures Management of Public Keys Communication Security Authentication Protocols Email Security Web Security
More informationModule 8. Network Security. Version 2 CSE IIT, Kharagpur
Module 8 Network Security Lesson 2 Secured Communication Specific Instructional Objectives On completion of this lesson, the student will be able to: State various services needed for secured communication
More informationLecture 9 - Network Security TDTS41-2006 (ht1)
Lecture 9 - Network Security TDTS41-2006 (ht1) Prof. Dr. Christoph Schuba Linköpings University/IDA Schuba@IDA.LiU.SE Reading: Office hours: [Hal05] 10.1-10.2.3; 10.2.5-10.7.1; 10.8.1 9-10am on Oct. 4+5,
More informationSECURITY IN NETWORKS
SECURITY IN NETWORKS GOALS Understand principles of network security: Cryptography and its many uses beyond confidentiality Authentication Message integrity Security in practice: Security in application,
More informationNetwork Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1
Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Public Key Cryptography symmetric key crypto v requires sender, receiver know shared secret
More informationChapter 8. Network Security
Chapter 8 Network Security Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Need for Security Some people who
More informationCommunication Security for Applications
Communication Security for Applications Antonio Carzaniga Faculty of Informatics University of Lugano March 10, 2008 c 2008 Antonio Carzaniga 1 Intro to distributed computing: -server computing Transport-layer
More informationChapter 11 Security Protocols. Network Security Threats Security and Cryptography Network Security Protocols Cryptographic Algorithms
Chapter 11 Security Protocols Network Security Threats Security and Cryptography Network Security Protocols Cryptographic Algorithms Chapter 11 Security Protocols Network Security Threats Network Security
More informationCS 356 Lecture 27 Internet Security Protocols. Spring 2013
CS 356 Lecture 27 Internet Security Protocols Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists
More informationNetwork Security. Outline of the Tutorial
Network Security Dr. Indranil Sen Gupta Head, School of Information Technology Professor, Computer Science & Engg. Indian Institute of Technology Kharagpur 1 Outline of the Tutorial Security attacks and
More informationNetwork Security. HIT Shimrit Tzur-David
Network Security HIT Shimrit Tzur-David 1 Goals: 2 Network Security Understand principles of network security: cryptography and its many uses beyond confidentiality authentication message integrity key
More informationNetwork Security. Omer Rana
Network Security Omer Rana CM0255 Material from: Cryptography Components Sender Receiver Plaintext Encryption Ciphertext Decryption Plaintext Encryption algorithm: Plaintext Ciphertext Cipher: encryption
More informationEXAM questions for the course TTM4135 - Information Security May 2013. Part 1
EXAM questions for the course TTM4135 - Information Security May 2013 Part 1 This part consists of 5 questions all from one common topic. The number of maximal points for every correctly answered question
More informationNetwork Security Part II: Standards
Network Security Part II: Standards Raj Jain Washington University Saint Louis, MO 63131 Jain@cse.wustl.edu These slides are available on-line at: http://www.cse.wustl.edu/~jain/cse473-05/ 18-1 Overview
More informationChapter 7: Network security
Chapter 7: Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer: secure e-mail transport
More informationWhat is network security?
Network security Network Security Srinidhi Varadarajan Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application
More informationNetwork Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23
Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest
More informationSecurity. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1
Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions
More informationNetwork Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1
Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Goals v understand principles of network security: cryptography and its many uses beyond
More informationCIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives
CIS 6930 Emerging Topics in Network Security Topic 2. Network Security Primitives 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange; Hash functions; Application of hash
More informationCS 758: Cryptography / Network Security
CS 758: Cryptography / Network Security offered in the Fall Semester, 2003, by Doug Stinson my office: DC 3122 my email address: dstinson@uwaterloo.ca my web page: http://cacr.math.uwaterloo.ca/~dstinson/index.html
More informationChapter 32 Internet Security
Chapter 32 Internet Security Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 32: Outline 32.1 NETWORK-LAYER SECURITY 32.2 TRANSPORT-LAYER SECURITY 32.3
More informationProperties of Secure Network Communication
Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able to understand the contents of the transmitted message. Because eavesdroppers may intercept the message,
More informationProtocol Rollback and Network Security
CSE 484 / CSE M 584 (Spring 2012) Protocol Rollback and Network Security Tadayoshi Kohno Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin, John Manferdelli, John Mitchell, Vitaly Shmatikov, Bennet Yee,
More informationCryptography and Network Security
Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 9: Authentication protocols, digital signatures Ion Petre Department of IT, Åbo Akademi University 1 Overview of
More informationChapter 8 Network Security. Slides adapted from the book and Tomas Olovsson
Chapter 8 Network Security Slides adapted from the book and Tomas Olovsson Roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity Security protocols and measures: Securing
More informationNetwork Security #10. Overview. Encryption Authentication Message integrity Key distribution & Certificates Secure Socket Layer (SSL) IPsec
Network Security #10 Parts modified from Computer Networking: A Top Down Approach Featuring the Internet, 2nd edition. Jim Kurose, Keith Ross, Addison-Wesley, 2002. 1 Overview Encryption Authentication
More informationContent Teaching Academy at James Madison University
Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect
More informationWeb Security Considerations
CEN 448 Security and Internet Protocols Chapter 17 Web Security Dr. Mostafa Hassan Dahshan Computer Engineering Department College of Computer and Information Sciences King Saud University mdahshan@ccis.ksu.edu.sa
More informationNetwork Security Technology Network Management
COMPUTER NETWORKS Network Security Technology Network Management Source Encryption E(K,P) Decryption D(K,C) Destination The author of these slides is Dr. Mark Pullen of George Mason University. Permission
More informationAuthenticity of Public Keys
SSL/TLS EJ Jung 10/18/10 Authenticity of Public Keys Bob s key? private key Bob public key Problem: How does know that the public key she received is really Bob s public key? Distribution of Public Keys!
More information159.334 Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology
Network Security 1 Professor Richard Harris School of Engineering and Advanced Technology Presentation Outline Overview of Identification and Authentication The importance of identification and Authentication
More informationIT Networks & Security CERT Luncheon Series: Cryptography
IT Networks & Security CERT Luncheon Series: Cryptography Presented by Addam Schroll, IT Security & Privacy Analyst 1 Outline History Terms & Definitions Symmetric and Asymmetric Algorithms Hashing PKI
More informationHow To Understand And Understand The Ssl Protocol (Www.Slapl) And Its Security Features (Protocol)
WEB Security: Secure Socket Layer Cunsheng Ding HKUST, Hong Kong, CHINA C. Ding - COMP581 - L22 1 Outline of this Lecture Brief Information on SSL and TLS Secure Socket Layer (SSL) Transport Layer Security
More informationNetwork Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering
Network Security Gaurav Naik Gus Anderson, Philadelphia, PA Lectures on Network Security Feb 12 (Today!): Public Key Crypto, Hash Functions, Digital Signatures, and the Public Key Infrastructure Feb 14:
More informationManaging and Securing Computer Networks. Guy Leduc. Chapter 4: Securing TCP. connections. connections. Chapter goals: security in practice:
Managing and Securing Computer Networks Guy Leduc Chapter 4: Securing TCP connections Computer Networking: A Top Down Approach, 6 th edition. Jim Kurose, Keith Ross Addison-Wesley, March 2012. (section
More informationChapter 8 Security. IC322 Fall 2014. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012
Chapter 8 Security IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross, All
More informationAC76/AT76 CRYPTOGRAPHY & NETWORK SECURITY DEC 2014
Q.2a. Define Virus. What are the four phases of Viruses? In addition, list out the types of Viruses. A virus is a piece of software that can infect other programs by modifying them; the modification includes
More informationChapter 17. Transport-Level Security
Chapter 17 Transport-Level Security Web Security Considerations The World Wide Web is fundamentally a client/server application running over the Internet and TCP/IP intranets The following characteristics
More informationSecurity Protocols HTTPS/ DNSSEC TLS. Internet (IPSEC) Network (802.1x) Application (HTTP,DNS) Transport (TCP/UDP) Transport (TCP/UDP) Internet (IP)
Security Protocols Security Protocols Necessary to communicate securely across untrusted network Provide integrity, confidentiality, authenticity of communications Based on previously discussed cryptographic
More informationChapter 7 Transport-Level Security
Cryptography and Network Security Chapter 7 Transport-Level Security Lectured by Nguyễn Đức Thái Outline Web Security Issues Security Socket Layer (SSL) Transport Layer Security (TLS) HTTPS Secure Shell
More informationCommunication Systems SSL
Communication Systems SSL Computer Science Organization I. Data and voice communication in IP networks II. Security issues in networking III. Digital telephony networks and voice over IP 2 Network Security
More informationApplication Layer (1)
Application Layer (1) Functionality: providing applications (e-mail, www, USENET etc) providing support protocols to allow the real applications to function properly security comprising a large number
More informationCryptography and Network Security
Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 3: Block ciphers and DES Ion Petre Department of IT, Åbo Akademi University January 17, 2012 1 Data Encryption Standard
More informationOverview of CSS SSL. SSL Cryptography Overview CHAPTER
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers
More informationCommunication Systems 16 th lecture. Chair of Communication Systems Department of Applied Sciences University of Freiburg 2009
16 th lecture Chair of Communication Systems Department of Applied Sciences University of Freiburg 2009 1 25 Organization Welcome to the New Year! Reminder: Structure of Communication Systems lectures
More informationAuthentication applications Kerberos X.509 Authentication services E mail security IP security Web security
UNIT 4 SECURITY PRACTICE Authentication applications Kerberos X.509 Authentication services E mail security IP security Web security Slides Courtesy of William Stallings, Cryptography & Network Security,
More informationSecurity. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key
Friends and Enemies Security Outline Encryption lgorithms Protocols Message Integrity Protocols Key Distribution Firewalls Figure 7.1 goes here ob, lice want to communicate securely Trudy, the intruder
More informationAnnouncement. Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed.
Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1 We have learned Symmetric encryption: DES, 3DES, AES,
More information7! Cryptographic Techniques! A Brief Introduction
7! Cryptographic Techniques! A Brief Introduction 7.1! Introduction to Cryptography! 7.2! Symmetric Encryption! 7.3! Asymmetric (Public-Key) Encryption! 7.4! Digital Signatures! 7.5! Public Key Infrastructures
More informationCSC 474 Information Systems Security
CSC 474 Information Systems Security Topic 4.5 Transport Layer Security CSC 474 Dr. Peng Ning 1 Transport Layer Security Protocols Secure Socket Layer (SSL) Originally developed to secure http Version
More informationFinal Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket
IT 4823 Information Security Administration Public Key Encryption Revisited April 5 Notice: This session is being recorded. Lecture slides prepared by Dr Lawrie Brown for Computer Security: Principles
More informationCSC 774 -- Network Security
CSC 774 -- Network Security Topic 6: Transport Layer Security Dr. Peng Ning CSC 774 Network Security 1 Transport Layer Security Protocols Secure Socket Layer (SSL) Originally developed to secure http Version
More informationSecurity vulnerabilities in the Internet and possible solutions
Security vulnerabilities in the Internet and possible solutions 1. Introduction The foundation of today's Internet is the TCP/IP protocol suite. Since the time when these specifications were finished in
More informationCSCE 465 Computer & Network Security
CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Public Key Cryptogrophy 1 Roadmap Introduction RSA Diffie-Hellman Key Exchange Public key and
More informationLecture 9: Application of Cryptography
Lecture topics Cryptography basics Using SSL to secure communication links in J2EE programs Programmatic use of cryptography in Java Cryptography basics Encryption Transformation of data into a form that
More informationSymmetric Key cryptosystem
SFWR C03: Computer Networks and Computer Security Mar 8-11 200 Lecturer: Kartik Krishnan Lectures 22-2 Symmetric Key cryptosystem Symmetric encryption, also referred to as conventional encryption or single
More informationSecurity: Focus of Control. Authentication
Security: Focus of Control Three approaches for protection against security threats a) Protection against invalid operations b) Protection against unauthorized invocations c) Protection against unauthorized
More informationNetwork Security Web Security and SSL/TLS. Angelos Keromytis Columbia University
Network Security Web Security and SSL/TLS Angelos Keromytis Columbia University Web security issues Authentication (basic, digest) Cookies Access control via network address Multiple layers SHTTP SSL (TLS)
More informationOverview of Cryptographic Tools for Data Security. Murat Kantarcioglu
UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Cryptographic Tools for Data Security Murat Kantarcioglu Pag. 1 Purdue University Cryptographic Primitives We will discuss the
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure
More informationTransport Level Security
Transport Level Security Overview Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-14/
More informationMultimedia Networking and Network Security
CMPT371 12-1 Multimedia Networking and Network Security 1 Multimedia Networking and Network Security This note is based on Chapters 7 and 8 of the text book. Outline of multimedia networking Multimedia
More informationWEB Security & SET. Outline. Web Security Considerations. Web Security Considerations. Secure Socket Layer (SSL) and Transport Layer Security (TLS)
Outline WEB Security & SET (Chapter 19 & Stalling Chapter 7) Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction (SET) Web Security Considerations
More informationLukasz Pater CMMS Administrator and Developer
Lukasz Pater CMMS Administrator and Developer EDMS 1373428 Agenda Introduction Why do we need asymmetric ciphers? One-way functions RSA Cipher Message Integrity Examples Secure Socket Layer Single Sign
More informationPart III-b. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai 2001. Siemens AG 2001, ICN M NT
Part III-b Contents Part III-b Secure Applications and Security Protocols Practical Security Measures Internet Security IPSEC, IKE SSL/TLS Virtual Private Networks Firewall Kerberos SET Security Measures
More informationNETWORK ADMINISTRATION AND SECURITY
NETWORK ADMINISTRATION AND SECURITY Unit I (NAS) (W- 10) Q. 1) What is Security Attack? Explain general categories of attack with examples. 7 Q. 2) List and define the five security services. 5 Q. 3) Define
More informationNetwork Security (2) CPSC 441 Department of Computer Science University of Calgary
Network Security (2) CPSC 441 Department of Computer Science University of Calgary 1 Friends and enemies: Alice, Bob, Trudy well-known in network security world Bob, Alice (lovers!) want to communicate
More informationCRYPTOGRAPHY IN NETWORK SECURITY
ELE548 Research Essays CRYPTOGRAPHY IN NETWORK SECURITY AUTHOR: SHENGLI LI INSTRUCTOR: DR. JIEN-CHUNG LO Date: March 5, 1999 Computer network brings lots of great benefits and convenience to us. We can
More informationPublic Key Cryptography Overview
Ch.20 Public-Key Cryptography and Message Authentication I will talk about it later in this class Final: Wen (5/13) 1630-1830 HOLM 248» give you a sample exam» Mostly similar to homeworks» no electronic
More informationOverview of SSL. Outline. CSC/ECE 574 Computer and Network Security. Reminder: What Layer? Protocols. SSL Architecture
OS Appl. CSC/ECE 574 Computer and Network Security Outline I. Overview II. The Record Protocol III. The Handshake and Other Protocols Topic 8.3 /TLS 1 2 Reminder: What Layer? Overview of 3 4 Protocols
More informationFinal exam review, Fall 2005 FSU (CIS-5357) Network Security
Final exam review, Fall 2005 FSU (CIS-5357) Network Security Instructor: Breno de Medeiros 1. What is an insertion attack against a NIDS? Answer: An insertion attack against a network intrusion detection
More informationChapter 8 Network Security
Chapter 8 Network Security A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you can add, modify, and
More informationNetwork Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1
Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 roadmap 1 What is network security? 2 Principles of cryptography 3 Message integrity, authentication
More informationDr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010
CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Introduction to Cryptography What is cryptography?
More informationINF3510 Information Security University of Oslo Spring 2011. Lecture 9 Communication Security. Audun Jøsang
INF3510 Information Security University of Oslo Spring 2011 Lecture 9 Communication Security Audun Jøsang Outline Network security concepts Communication security Perimeter security Protocol architecture
More informationSecure Socket Layer. Security Threat Classifications
Secure Socket Layer 1 Security Threat Classifications One way to classify Web security threats in terms of the type of the threat: Passive threats Active threats Another way to classify Web security threats
More information: Network Security. Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT
Subject Code Department Semester : Network Security : XCS593 : MSc SE : Nineth Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT Part A (2 marks) 1. What are the various layers of an OSI reference
More informationChapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography
Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:
More informationSECURE SOCKETS LAYER (SSL)
INFS 766 Internet Security Protocols Lecture 5 SSL Prof. Ravi Sandhu SECURE SOCKETS LAYER (SSL) layered on top of TCP SSL versions 1.0, 2.0, 3.0, 3.1 Netscape protocol later refitted as IETF standard TLS
More informationMessage authentication and. digital signatures
Message authentication and " Message authentication digital signatures verify that the message is from the right sender, and not modified (incl message sequence) " Digital signatures in addition, non!repudiation
More informationSecurity in Computer Networks
Security in Computer Networks Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@wustl.edu Audio/Video recordings of this lecture are available on-line at: http://www.cse.wustl.edu/~jain/cse473-10/
More informationOverview of Public-Key Cryptography
CS 361S Overview of Public-Key Cryptography Vitaly Shmatikov slide 1 Reading Assignment Kaufman 6.1-6 slide 2 Public-Key Cryptography public key public key? private key Alice Bob Given: Everybody knows
More informationPart 2 D(E(M, K),K ) E(M, K) E(M, K) Plaintext M. Plaintext M. Decrypt with private key. Encrypt with public key. Ciphertext
Part 2 Plaintext M Encrypt with public key E(M, K) Ciphertext Plaintext M D(E(M, K),K ) Decrypt with private key E(M, K) Public and private key related mathematically Public key can be published; private
More informationCryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur
Cryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur Module No. # 01 Lecture No. # 05 Classic Cryptosystems (Refer Slide Time: 00:42)
More informationCPS 590.5 Computer Security Lecture 9: Introduction to Network Security. Xiaowei Yang xwy@cs.duke.edu
CPS 590.5 Computer Security Lecture 9: Introduction to Network Security Xiaowei Yang xwy@cs.duke.edu Previous lectures Worm Fast worm design Today Network security Cryptography building blocks Existing
More informationNetwork Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室
Network Security 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Security Attacks Normal flow: sender receiver Interruption: Information source Information destination
More information3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol
Chapter 2: Security Techniques Background Chapter 3: Security on Network and Transport Layer Network Layer: IPSec Transport Layer: SSL/TLS Chapter 4: Security on the Application Layer Chapter 5: Security
More informationLecture G1 Privacy, Security, and Cryptography. Computing and Art : Nature, Power, and Limits CC 3.12: Fall 2007
Lecture G1 Privacy, Security, and Cryptography Computing and Art : Nature, Power, and Limits CC 3.12: Fall 2007 Functionalia Instructor Chipp Jansen, chipp@sci.brooklyn.cuny.edu Course Web Page http://www.sci.brooklyn.cuny.edu/~chipp/cc3.12/
More informationTelematics Chapter 11: Network Security Beispielbild User watching video clip
Telematics Chapter 11: Network Security Beispielbild User watching video clip Server with video clips Application Layer Application Layer Prof. Dr. Mesut Güneş Presentation Layer Presentation Layer Computer
More informationComputer Networks - CS132/EECS148 - Spring 2013 --------------------------------------------------------------------------
Computer Networks - CS132/EECS148 - Spring 2013 Instructor: Karim El Defrawy Assignment 5 Deadline : May 30th 9:30pm (hard and soft copies required) --------------------------------------------------------------------------
More informationPrinciples of Network Security
he Network Security Model Bob and lice want to communicate securely. rudy (the adversary) has access to the channel. lice channel data, control s Bob Kai Shen data secure sender secure receiver data rudy
More informationNetzwerksicherheit: Anwendungen
Internet-Technologien (CS262) Netzwerksicherheit: Anwendungen 22. Mai 2015 Christian Tschudin & Thomas Meyer Departement Mathematik und Informatik, Universität Basel Chapter 8 Security in Computer Networks
More informationSecure Socket Layer (SSL) and Trnasport Layer Security (TLS)
Secure Socket Layer (SSL) and Trnasport Layer Security (TLS) CSE598K/CSE545 - Advanced Network Security Prof. McDaniel - Spring 2008 1 SSL/TLS The Secure Socket Layer (SSL) and Transport Layer Security
More informationInformation Security
SE 4472 / ECE 9064 Information Security Week 11: Transport Layer Security (TLS): Putting it all together Fall 2015 Prof. Aleksander Essex Security at the Transport Layer Where we started in this course:
More informationCSE/EE 461 Lecture 23
CSE/EE 461 Lecture 23 Network Security David Wetherall djw@cs.washington.edu Last Time Naming Application Presentation How do we name hosts etc.? Session Transport Network Domain Name System (DNS) Data
More informationHow To Encrypt With A 64 Bit Block Cipher
The Data Encryption Standard (DES) As mentioned earlier there are two main types of cryptography in use today - symmetric or secret key cryptography and asymmetric or public key cryptography. Symmetric
More informationCornerstones of Security
Internet Security Cornerstones of Security Authenticity the sender (either client or server) of a message is who he, she or it claims to be Privacy the contents of a message are secret and only known to
More information