Network Security. HIT Shimrit TzurDavid


 Karin Wade
 3 years ago
 Views:
Transcription
1 Network Security HIT Shimrit TzurDavid 1
2 Goals: 2 Network Security Understand principles of network security: cryptography and its many uses beyond confidentiality authentication message integrity key distribution Security in practice: firewalls security in application, transport, network, link layers
3 What is Network Security? Confidentiality: only sender, intended receiver should understand message contents sender encrypts message receiver decrypts message Authentication: sender, receiver want to confirm identity of each other Message Integrity: sender, receiver want to ensure message not altered (in transit, or afterwards) without detection Access and Availability: services must be accessible and 3 available to users
4 Friends and Enemies: Alice, Bob, Trudy Wellknown in network security world Bob, Alice (lovers!) want to communicate securely Trudy (intruder) may intercept, delete, add messages Alice channel data, control messages Bob data secure sender secure receiver data Trudy 4
5 Who might Bob, Alice be? Web browser/server for electronic transactions (e.g., online purchases) Online banking client/server DNS servers Routers exchanging routing table updates 5
6 There are Bad Guys Out There! Q: What can a bad guy do? A: a lot! eavesdrop: intercept messages actively insert messages into connection impersonation: can fake (spoof) source address in packet (or any field in packet) hijacking: take over ongoing connection by removing sender or receiver, inserting himself in place denial of service: prevent service from being used by others (e.g., by overloading resources) 6
7 7 Notations cryptography  the principles and methods of transforming an intelligible message into one that is unintelligible, and then retransforming that message back to its original form. plaintext  the original intelligible message ciphertext  the transformed message cipher  an algorithm for transforming an intelligible message into one that is unintelligible by transposition and/or substitution methods key  some critical information used by the cipher, known only to the sender & receiver
8 8 Notations Cont. encipher (encode)  the process of converting plaintext to ciphertext using a cipher and a key decipher (decode)  the process of converting ciphertext back into plaintext using a cipher and a key cryptanalysis  the study of principles and methods of transforming an unintelligible message back into an intelligible message without knowledge of the key. Also called codebreaking cryptology  both cryptography and cryptanalysis code  an algorithm for transforming an intelligible message into an unintelligible one using a codebook
9 Notations Cont. C = E K (P)  the encryption of the plaintext P using key K gives the ciphertext C. P = D K (C)  the decryption of C to get the plaintext D K (E K (P)) = P E and D are mathematical functions of two parameters: the key and the message. 9
10 The Language of Cryptography K A Alice s encryption key Bob s decryption K B key plaintext encryption algorithm ciphertext decryption algorithm plaintext 10 symmetric key crypto: sender, receiver keys identical publickey crypto: encryption key public, decryption key secret (private)
11 Symmetric Key Cryptography K AB K AB plaintext message, m encryption algorithm ciphertext K (m) AB decryption algorithm plaintext K (m) AB m = K ( ) AB symmetric key crypto: Bob and Alice share know same (symmetric) key: KAB e.g., key is knowing substitution pattern in mono alphabetic substitution cipher 11
12 Symmetric Key Cryptography substitution cipher: substituting one thing for another monoalphabetic cipher: substitute one letter for another plaintext: abcdefghijklmnopqrstuvwxyz ciphertext: mnbvcxzasdfghjklpoiuytrewq E.g.: Plaintext: bob. i love you. alice ciphertext: nkn. s gktc wky. mgsbc Q: How hard to break this simple cipher?: brute force (how hard?) other? 12
13 Monoalphabetic Substitution There are 26! possible keys is in use. A computer would take ~10 10 years to try all the keys. Nevertheless, given a surprisingly small amount of ciphertext, the cipher can be broken easily. The basic attack takes advantage of the statistical properties of natural languages. In English, e is the most common letter, followed by t, o, a, n, i, etc. The most common twoletter combinations are th, in, er, re, and an. The most common threeletter combinations are the, ing, and, and ion. 13
14 Transposition Ciphers Substitution ciphers preserve the order of the plaintext symbols. Transposition ciphers, in contrast, reorder the letters but do not disguise them. The columnar transposition: 14
15 The Columnar Transposition The cipher is keyed by a word or phrase not containing any repeated letters. In the example, MEGABUCK is the key. The purpose of the key is to number the columns, column 1 being under the key letter closest to the start of the alphabet, and so on. The plaintext is written horizontally, in rows, padded to fill the matrix if need be. The ciphertext is read out by columns, starting with the column whose key letter is the lowest. 15
16 Breaking Transposition Cipher Step 1: The cryptanalyst must be aware that he is dealing with a transposition cipher. By looking at the frequency of E, T, A, O, I, N, etc., it is easy to see if they fit the normal pattern for plaintext. Step 2: Make a guess at the number of columns the plaintext phrase milliondollars occurs somewhere in the message Step 3: Order the columns 16 By frequency
17 OneTime Pads Unbreakable cipher Choose a random bit string as the key. Convert the plaintext into a bit string Compute the XOR of these two strings, bit by bit. The resulting ciphertext cannot be broken. The reason derives from information theory: there is simply no information in the message because all possible plaintexts of the given length are equally likely. 17
18 Public Key Cryptography symmetric key crypto requires sender, receiver know shared secret key Q: how to agree on key in first place (particularly if never met )? 18 public key cryptography radically different approach [Diffie Hellman76, RSA78] sender, receiver do not share secret key public encryption key known to all private decryption key known only to receiver
19 Public Key Cryptography K B + K B  Bob s public key Bob s private key plaintext message, m encryption algorithm ciphertext + K (m) B decryption algorithm plaintext message  + m = K (K (m)) B B 19
20 Public Key Encryption Algorithms Requirements: B  + need K and K such that given public key K B, it should be impossible to compute  private key K RSA: Rivest, Shamir, Adelson algorithm  B K (K (m)) = m B B B +
21 RSA: Choosing keys Choose two large prime numbers p, q. (e.g., 1024 bits each) 2. Compute n = pq, z = (p1)(q1) 3. Choose e (with e<n) that has no common factors with z. (e, z are relatively prime ). 4. Choose d such that ed1 is exactly divisible by z. (in other words: ed mod z = 1 ). 5. Public key is (n,e). Private key is (n,d). K B + K B 
22 RSA: Encryption, Decryption 0. Given (n,e) and (n,d) as computed above 1. To encrypt bit pattern, m, compute c = m e e mod n (i.e., remainder when m is divided by n) 2. To decrypt received bit pattern, c, compute m = c d mod n (i.e., remainder when c d is divided by n) Magic happens! m = (m e d mod n) mod n c 22
23 RSA Example: Bob chooses p=5, q=7. Then n=35, z=24. e=5 (so e, z relatively prime). d=29 (so ed1 exactly divisible by z). encrypt: letter m m e c = m e mod n l decrypt: c c d m = c d mod n letter l 23
24 RSA: Why is that Useful number theory result: If p,q prime and n = pq, then: y ymod (p1)(q1) x mod n = x mod n e (m mod n) d mod n = m ed mod n ed mod (p1)(q1) = m mod n (using number theory result above) 1 = m mod n (since we chose ed to be divisible by (p1)(q1) with remainder 1 ) 24 = m
25 RSA: Another Important Property The following property will be very useful later:  + K (K (m)) = m B B use public key first, followed by private key = +  B B K (K (m)) use private key first, followed by public key Result is the same! 25
26 Authentication Goal: Bob wants Alice to prove her identity to him Protocol ap1.0: Alice says I am Alice I am Alice Failure scenario?? 26
27 Authentication Goal: Bob wants Alice to prove her identity to him Protocol ap1.0: Alice says I am Alice I am Alice in a network, Bob can not see Alice, so Trudy simply declares herself to be Alice 27
28 Authentication: Another Try Protocol ap2.0: Alice says I am Alice in an IP packet containing her source IP address Alice s IP address I am Alice Failure scenario?? 28
29 Authentication: another try Protocol ap2.0: Alice says I am Alice in an IP packet containing her source IP address Alice s IP address I am Alice Trudy can create a packet spoofing Alice s address 29
30 Authentication: another try Protocol ap3.0: Alice says I am Alice and sends her secret password to prove it. Alice s IP addr Alice s password I m Alice Alice s IP addr OK Failure scenario?? 30
31 Authentication: another try Protocol ap3.0: Alice says I am Alice and sends her secret password to prove it. Alice s IP addr Alice s password I m Alice Alice s IP addr OK playback attack: Trudy records Alice s packet and later plays it back to Bob Alice s IP addr Alice s password I m Alice 31
32 Authentication: yet another try Protocol ap3.1: Alice says I am Alice and sends her encrypted secret password to prove it. Alice s IP addr encrypted password I m Alice Alice s IP addr OK Failure scenario?? 32
33 Authentication: another try Protocol ap3.1: Alice says I am Alice and sends her encrypted secret password to prove it. Alice s IP addr encrypted password I m Alice Alice s IP addr OK record and playback still works! Alice s IP addr encrypted password I m Alice 33
34 Authentication: Yet Another Try Goal: avoid playback attack Nonce: number (R) used only once inalifetime ap4.0: to prove Alice live, Bob sends Alice nonce, R. Alice must return R, encrypted with shared secret key I am Alice R 34 Failures, drawbacks? K (R) AB Alice is live, and only Alice knows key to encrypt nonce, so it must be Alice!
35 Authentication: ap5.0 ap4.0 requires shared symmetric key Can we authenticate using public key techniques? ap5.0: use nonce, public key cryptography R I am Alice  K A (R) send me your public key + K A Bob computes +  K A(K (R)) = R A and knows only Alice could have the private key, that encrypted R such that +  K A (K (R)) = R A 35
36 ap5.0: Security Hole Man (woman) in the middle attack: Trudy poses as Alice (to Bob) and as Bob (to Alice)  + m = K (K (m)) A A 36 I am Alice R  K (R) A + K A Send me your public key + K (m) A Trudy gets  + m = K (K (m)) sends T m to T Alice encrypted with Alice s public key I am Alice R  K (R) T Send me your public key + K (m) T + K T
37 ap5.0: Security Hole Man (woman) in the middle attack: Trudy poses as Alice (to Bob) and as Bob (to Alice) Difficult to detect: Bob receives everything that Alice sends, and vice versa. (e.g., so Bob, Alice can meet one week later and recall conversation) problem is that Trudy receives all messages as well! 37
38 Message Integrity: Digital Signatures Cryptographic technique analogous to handwritten signatures. Sender (Bob) digitally signs document, establishing he is the document s owner/creator. verifiable, nonforgeable: recipient (Alice) can prove to someone that Bob, and no one else (including Alice), must have signed document 38
39 Digital Signatures Simple digital signature for message m: Bob signs m by encrypting with his private key   K B, creating signed message, K B (m) Bob s message, m Dear Alice Oh, how I have missed you. I think of you all the time! (blah blah blah), Bob K B  Public key encryption algorithm Bob s private key K B  (m) Bob s message, m, signed (encrypted) with his private key 39
40 40 Digital Signatures Cont. Suppose Alice receives msg m, digital signature K B (m) Alice verifies m signed by Bob by applying Bob s public key K B to K B (m) then checks K B (K B (m) ) = m. +  If K B (K B (m) ) = m, whoever signed m must have used Bob s private key. Alice thus verifies that: Bob signed m. No one else signed m. Bob signed m and not m. Nonrepudiation: Alice can take m, and signature K B (m) to court and prove that Bob signed m. 
41 Message Digests Computationally expensive to publickeyencrypt long messages Goal: fixedlength, easytocompute digital fingerprint Apply hash function H to m, get fixed size message digest, H(m). 41 large message m H: Hash Function H(m) Hash function properties: manyto1 produces fixedsize msg digest (fingerprint) given message digest x, computationally infeasible to find m such that x = H(m)
42 Internet Checksum: Poor Crypto Hash Function Internet checksum has some properties of hash function: produces fixed length digest (16bit sum) of message is manytoone But given message with given hash value, it is easy to find another message with same hash value: message ASCII format message ASCII format I O U B O B 49 4F E D2 42 I O U B O B 49 4F E D B2 C1 D2 AC different messages but identical checksums! B2 C1 D2 AC
43 Digital Signature = Signed Msg Digest Bob sends digitally signed message: 43 large message m H: Hash function Bob s private key K B  H(m) digital signature (encrypt) encrypted msg digest  + K B (H(m)) Alice verifies signature and integrity of digitally signed message: large message m H: Hash function H(m) Bob s public key K B + equal? encrypted msg digest  K B (H(m)) digital signature (decrypt) H(m)
Chapter 8 Security. IC322 Fall 2014. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross AddisonWesley March 2012
Chapter 8 Security IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross AddisonWesley March 2012 All material copyright 19962012 J.F Kurose and K.W. Ross, All
More informationSECURITY IN NETWORKS
SECURITY IN NETWORKS GOALS Understand principles of network security: Cryptography and its many uses beyond confidentiality Authentication Message integrity Security in practice: Security in application,
More informationNetwork Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 81
Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 81 Public Key Cryptography symmetric key crypto v requires sender, receiver know shared secret
More informationChapter 7: Network security
Chapter 7: Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer: secure email transport
More informationNetwork Security (2) CPSC 441 Department of Computer Science University of Calgary
Network Security (2) CPSC 441 Department of Computer Science University of Calgary 1 Friends and enemies: Alice, Bob, Trudy wellknown in network security world Bob, Alice (lovers!) want to communicate
More informationWhat is network security?
Network security Network Security Srinidhi Varadarajan Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application
More informationPrinciples of Network Security
he Network Security Model Bob and lice want to communicate securely. rudy (the adversary) has access to the channel. lice channel data, control s Bob Kai Shen data secure sender secure receiver data rudy
More informationNetwork Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 81
Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 81 Goals v understand principles of network security: cryptography and its many uses beyond
More informationNetwork Security #10. Overview. Encryption Authentication Message integrity Key distribution & Certificates Secure Socket Layer (SSL) IPsec
Network Security #10 Parts modified from Computer Networking: A Top Down Approach Featuring the Internet, 2nd edition. Jim Kurose, Keith Ross, AddisonWesley, 2002. 1 Overview Encryption Authentication
More informationChapter 8 Network Security
Chapter 8 Network Security A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you can add, modify, and
More informationTELE 301 Network Management. Lecture 18: Network Security
TELE 301 Network Management Lecture 18: Network Security Haibo Zhang Computer Science, University of Otago TELE301 Lecture 18: Network Security 1 Security of Networks Security is something that is not
More information159.334 Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology
Network Security 1 Professor Richard Harris School of Engineering and Advanced Technology Presentation Outline Overview of Identification and Authentication The importance of identification and Authentication
More informationApplication Layer (1)
Application Layer (1) Functionality: providing applications (email, www, USENET etc) providing support protocols to allow the real applications to function properly security comprising a large number
More informationOverview of Network Security
Overview of Network Security from à Computer Networking: A Top Down Approach, 4 th edition. Jim Kurose, Keith Ross AddisonWesley, July 2007. 81 Roadmap: What is network security? Principles of cryptography
More informationSecurity. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key
Friends and Enemies Security Outline Encryption lgorithms Protocols Message Integrity Protocols Key Distribution Firewalls Figure 7.1 goes here ob, lice want to communicate securely Trudy, the intruder
More informationNetwork Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23
Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest
More informationDr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010
CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Introduction to Cryptography What is cryptography?
More informationCryptography and Network Security
Cryptography and Network Security XiangYang Li Introduction The art of war teaches us not on the likelihood of the enemy s not coming, but on our own readiness to receive him; not on the chance of his
More informationNetwork Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 035742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室
Network Security 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 035742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Security Attacks Normal flow: sender receiver Interruption: Information source Information destination
More informationWhat is network security?
hapter 7: Network security Founations: what is security? cryptography authentication message integrity key istribution an certification Friens an enemies: lice, ob, Truy Figure 7.1 goes here wellknown
More informationNetwork Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015
Network Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015 Chapter 2: Introduction to Cryptography What is cryptography? It is a process/art of mangling information in such a way so as to make it
More informationApplication Layer (1)
Application Layer (1) Functionality: providing applications (email, Web service, USENET, ftp etc) providing support protocols to allow the real applications to function properly (e.g. HTTP for Web appl.)
More informationCSCE 465 Computer & Network Security
CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Public Key Cryptogrophy 1 Roadmap Introduction RSA DiffieHellman Key Exchange Public key and
More informationSecurity in Computer Networks
CHAPTER 8 Security in Computer Networks Way back in Section 1.6 we described some of the more prevalent and damaging classes of Internet attacks, including malware attacks, denial of service, sniffing,
More informationApplied Cryptology. Ed Crowley
Applied Cryptology Ed Crowley 1 Basics Topics Basic Services and Operations Symmetric Cryptography Encryption and Symmetric Algorithms Asymmetric Cryptography Authentication, Nonrepudiation, and Asymmetric
More informationLukasz Pater CMMS Administrator and Developer
Lukasz Pater CMMS Administrator and Developer EDMS 1373428 Agenda Introduction Why do we need asymmetric ciphers? Oneway functions RSA Cipher Message Integrity Examples Secure Socket Layer Single Sign
More informationToday ENCRYPTION. Cryptography example. Basic principles of cryptography
Today ENCRYPTION The last class described a number of problems in ensuring your security and privacy when using a computer online. This lecture discusses one of the main technological solutions. The use
More informationCIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives
CIS 6930 Emerging Topics in Network Security Topic 2. Network Security Primitives 1 Outline Absolute basics Encryption/Decryption; Digital signatures; DH key exchange; Hash functions; Application of hash
More informationCommon security requirements Basic security tools. Example. Secretkey cryptography Publickey cryptography. Online shopping with Amazon
1 Common security requirements Basic security tools Secretkey cryptography Publickey cryptography Example Online shopping with Amazon 2 Alice credit card # is xxxx Internet What could the hacker possibly
More informationOverview of Cryptographic Tools for Data Security. Murat Kantarcioglu
UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Cryptographic Tools for Data Security Murat Kantarcioglu Pag. 1 Purdue University Cryptographic Primitives We will discuss the
More informationSecurity: Focus of Control. Authentication
Security: Focus of Control Three approaches for protection against security threats a) Protection against invalid operations b) Protection against unauthorized invocations c) Protection against unauthorized
More informationAPNIC elearning: Cryptography Basics. Contact: esec02_v1.0
APNIC elearning: Cryptography Basics Contact: training@apnic.net esec02_v1.0 Overview Cryptography Cryptographic Algorithms Encryption SymmetricKey Algorithm Block and Stream Cipher Asymmetric Key Algorithm
More informationTelematics Chapter 11: Network Security Beispielbild User watching video clip
Telematics Chapter 11: Network Security Beispielbild User watching video clip Server with video clips Application Layer Application Layer Prof. Dr. Mesut Güneş Presentation Layer Presentation Layer Computer
More informationChapter 8 Network Security. Slides adapted from the book and Tomas Olovsson
Chapter 8 Network Security Slides adapted from the book and Tomas Olovsson Roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity Security protocols and measures: Securing
More informationNetwork Security Technology Network Management
COMPUTER NETWORKS Network Security Technology Network Management Source Encryption E(K,P) Decryption D(K,C) Destination The author of these slides is Dr. Mark Pullen of George Mason University. Permission
More informationSecurity. Contents. S72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1
Contents Security requirements Public key cryptography Key agreement/transport schemes Maninthemiddle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions
More informationSymmetric Key cryptosystem
SFWR C03: Computer Networks and Computer Security Mar 811 200 Lecturer: Kartik Krishnan Lectures 222 Symmetric Key cryptosystem Symmetric encryption, also referred to as conventional encryption or single
More informationHomework 7. Using the monoalphabetic cipher in Figure 8.3, encode the message This is an easy problem. Decode the message rmij u uamu xyj.
Problems: 1 to 11. Homework 7 Question: 1 Using the monoalphabetic cipher in Figure 8.3, encode the message This is an easy problem. Decode the message rmij u uamu xyj. This is an easy problem. > uasi
More informationCryptography: Motivation. Data Structures and Algorithms Cryptography. Secret Writing Methods. Many areas have sensitive information, e.g.
Cryptography: Motivation Many areas have sensitive information, e.g. Data Structures and Algorithms Cryptography Goodrich & Tamassia Sections 3.1.3 & 3.1.4 Introduction Simple Methods Asymmetric methods:
More informationSecurity & Privacy on the WWW. Topic Outline. Information Security. Briefing for CS4173
Security & Privacy on the WWW Briefing for CS4173 Topic Outline 1. Information Security Relationship to safety Definition of important terms Where breaches can occur Web techniques Components of security
More informationChapter 8. Cryptography SymmetricKey Algorithms. Digital Signatures Management of Public Keys Communication Security Authentication Protocols
Network Security Chapter 8 Cryptography SymmetricKey Algorithms PublicKey Algorithms Digital Signatures Management of Public Keys Communication Security Authentication Protocols Email Security Web Security
More informationModule 8. Network Security. Version 2 CSE IIT, Kharagpur
Module 8 Network Security Lesson 2 Secured Communication Specific Instructional Objectives On completion of this lesson, the student will be able to: State various services needed for secured communication
More informationBasics of Cryptography
Basics of Cryptography What is Cryptography? Cryptography is an applied branch of mathematics In some situations it can be used to provide Confidentiality Integrity Authentication Authorization Nonrepudiation
More informationClient Server Registration Protocol
Client Server Registration Protocol The ClientServer protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are
More information9/17/2015. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. MonoAlphabetic Ciphers
Cryptography Basics IT443 Network Security Administration Instructor: Bo Sheng Outline Basic concepts in cryptography system Secret cryptography Public cryptography Hash functions 1 2 Encryption/Decryption
More informationSystem and Network Security
System and Network Giuseppe Anastasi g.anastasi@iet.unipi.it Pervasive Computing & Networking Lab. () Dept. of Information Engineering, University of Pisa Based on original slides by  Silberschatz, Galvin
More informationCSE/EE 461 Lecture 23
CSE/EE 461 Lecture 23 Network Security David Wetherall djw@cs.washington.edu Last Time Naming Application Presentation How do we name hosts etc.? Session Transport Network Domain Name System (DNS) Data
More informationCryptography. some history. modern secret key cryptography. public key cryptography. cryptography in practice
Cryptography some history Caesar cipher, rot13 substitution ciphers, etc. Enigma (Turing) modern secret key cryptography DES, AES public key cryptography RSA, digital signatures cryptography in practice
More information24. Principles of Network Security/ Internet Attacks and Defenses
24. Principles of Network Security/ Internet Attacks and Defenses n Basic principles n Symmetric encryption n Publickey encryption n Signatures, authentication, message integrity n DenialofService &
More informationNETWORK SECURITY. Farooq Ashraf. Department of Computer Engineering King Fahd University of Petroleum and Minerals Dhahran 31261, Saudi Arabia
NETWORK SECURITY Farooq Ashraf Department of Computer Engineering King Fahd University of Petroleum and Minerals Dhahran 31261, Saudi Arabia O u t l i n e o f t h e P r e s e n t a t i o n What is Security
More informationuses same key for encryption, decryption classical, conventional, singlekey encryption
CEN 448 Security and Internet Protocols Chapter 2 Classical Encryption Techniques Dr. Mostafa Hassan Dahshan Computer Engineering Department College of Computer and Information Sciences King Saud University
More informationSecurity in Computer Networks
Security in Computer Networks Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@wustl.edu Audio/Video recordings of this lecture are available online at: http://www.cse.wustl.edu/~jain/cse47310/
More informationCryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur
Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Module No. # 01 Lecture No. # 02 Overview on Modern Cryptography
More informationContent Teaching Academy at James Madison University
Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security  generic name for the collection of tools designed to protect
More informationNetwork Security. Network Security. Security in Computer Networks
Network Security Network Security introduction cryptography authentication key exchange Reading: Tannenbaum, section 7.1 Ross/Kurose, Ch 7 (which is incomplete) Intruder may eavesdrop remove, modify, and/or
More informationCSC474/574  Information Systems Security: Homework1 Solutions Sketch
CSC474/574  Information Systems Security: Homework1 Solutions Sketch February 20, 2005 1. Consider slide 12 in the handout for topic 2.2. Prove that the decryption process of a oneround Feistel cipher
More informationCompter Networks Chapter 9: Network Security
Goals of this chapter Compter Networks Chapter 9: Network Security Give a brief glimpse of security in communication networks Basic goals and mechanisms Holger Karl Slide set: Günter Schäfer, TU Ilmenau
More informationNetwork Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering
Network Security Gaurav Naik Gus Anderson, Philadelphia, PA Lectures on Network Security Feb 12 (Today!): Public Key Crypto, Hash Functions, Digital Signatures, and the Public Key Infrastructure Feb 14:
More informationPart 2 D(E(M, K),K ) E(M, K) E(M, K) Plaintext M. Plaintext M. Decrypt with private key. Encrypt with public key. Ciphertext
Part 2 Plaintext M Encrypt with public key E(M, K) Ciphertext Plaintext M D(E(M, K),K ) Decrypt with private key E(M, K) Public and private key related mathematically Public key can be published; private
More informationCryptosystems. Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K.
Cryptosystems Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K. C= E(M, K), Bob sends C Alice receives C, M=D(C,K) Use the same key to decrypt. Public
More informationChapter 10. Network Security
Chapter 10 Network Security 10.1. Chapter 10: Outline 10.1 INTRODUCTION 10.2 CONFIDENTIALITY 10.3 OTHER ASPECTS OF SECURITY 10.4 INTERNET SECURITY 10.5 FIREWALLS 10.2 Chapter 10: Objective We introduce
More informationGetting the most from Apple Mail
Getting the most from Apple Mail Larry Kerschberg, Roy Wagner, Jonathan Bernstein and Friends February 28, 2015 1 Topics Mail on Macs and ios devices Configuring your accounts IMAP Folders VIP Contacts,
More informationLecture 9: Application of Cryptography
Lecture topics Cryptography basics Using SSL to secure communication links in J2EE programs Programmatic use of cryptography in Java Cryptography basics Encryption Transformation of data into a form that
More informationFirst Semester Examinations 2011/12 INTERNET PRINCIPLES
PAPER CODE NO. EXAMINER : Martin Gairing COMP211 DEPARTMENT : Computer Science Tel. No. 0151 795 4264 First Semester Examinations 2011/12 INTERNET PRINCIPLES TIME ALLOWED : Two Hours INSTRUCTIONS TO CANDIDATES
More informationSecurity in Distributed Systems. Network Security
Security in Distributed Systems Introduction Cryptography Authentication Key exchange Computer Science Lecture 18, page 1 Network Security Intruder may eavesdrop remove, modify, and/or insert messages
More informationCryptography and Network Security
Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 1: Introduction Ion Petre Department of IT, Åbo Akademi University January 10, 2012 1 Motto Unfortunately, the technical
More informationComputer Networks  CS132/EECS148  Spring 2013 
Computer Networks  CS132/EECS148  Spring 2013 Instructor: Karim El Defrawy Assignment 5 Deadline : May 30th 9:30pm (hard and soft copies required) 
More information7! Cryptographic Techniques! A Brief Introduction
7! Cryptographic Techniques! A Brief Introduction 7.1! Introduction to Cryptography! 7.2! Symmetric Encryption! 7.3! Asymmetric (PublicKey) Encryption! 7.4! Digital Signatures! 7.5! Public Key Infrastructures
More informationThe science of encryption: prime numbers and mod n arithmetic
The science of encryption: prime numbers and mod n arithmetic Go check your email. You ll notice that the webpage address starts with https://. The s at the end stands for secure meaning that a process
More informationNetwork Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide
Network Security [2] Public Key Encryption Also used in message authentication & key distribution Based on mathematical algorithms, not only on operations over bit patterns (as conventional) => much overhead
More informationChapter 6 CDMA/802.11i
Chapter 6 CDMA/802.11i IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross AddisonWesley March 2012 Some material copyright 19962012 J.F Kurose and K.W. Ross,
More informationCS 758: Cryptography / Network Security
CS 758: Cryptography / Network Security offered in the Fall Semester, 2003, by Doug Stinson my office: DC 3122 my email address: dstinson@uwaterloo.ca my web page: http://cacr.math.uwaterloo.ca/~dstinson/index.html
More informationCryptography and Network Security 1. Overview. Lectured by Nguyễn Đức Thái
Cryptography and Network Security 1. Overview Lectured by Nguyễn Đức Thái Outline Security concepts X.800 security architecture Security attacks, services, mechanisms Models for network (access) security
More informationCryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur
Cryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur Module No. # 01 Lecture No. # 05 Classic Cryptosystems (Refer Slide Time: 00:42)
More informationOutline. Digital signature. Symmetrickey Cryptography. Caesar cipher. Cryptography basics Digital signature
Outline Digital signature Cryptography basics Digital signature Dr. László Daragó, Ph.D. Associate professor Cryptography Cryptography encryption decryption Symmetrickey Cryptography Encryption with a
More informationChapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography
Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:
More informationencrypts blocks of 64 bits using a 64 bit key outputs 64 bits of ciphertext A product cipher basic unit is the bit
Overview of the DES Introduction to Computer Security Lecture 6 Cryptography October 2, 2003 A block cipher: encrypts blocks of 64 bits using a 64 bit key outputs 64 bits of ciphertext A product cipher
More informationChapter 8 Network Security
Chapter 8 A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you can add, modify, and delete slides (including
More informationPublic Key Cryptography. c Eli Biham  March 30, 2011 258 Public Key Cryptography
Public Key Cryptography c Eli Biham  March 30, 2011 258 Public Key Cryptography Key Exchange All the ciphers mentioned previously require keys known apriori to all the users, before they can encrypt
More informationChapter 8. Network Security
Chapter 8 Network Security Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers OneTime Pads Two Fundamental Cryptographic Principles Need for Security Some people who
More informationPublic Key (asymmetric) Cryptography
PublicKey Cryptography UNIVERSITA DEGLI STUDI DI PARMA Dipartimento di Ingegneria dell Informazione Public Key (asymmetric) Cryptography Luca Veltri (mail.to: luca.veltri@unipr.it) Course of Network Security,
More informationAuthentication Types. Passwordbased Authentication. OffLine Password Guessing
Authentication Types Chapter 2: Security Techniques Background Secret Key Cryptography Public Key Cryptography Hash Functions Authentication Chapter 3: Security on Network and Transport Layer Chapter 4:
More informationECE 428 Network Security
ECE 428 Network Security 1 Learning objectives Security requirements and tools Symmetrickey (secret key) cryptography Substitution, transposition, and product ciphers (DES) Public key cryptography: RSA
More informationThe Elements of Cryptography
The Elements of Cryptography (March 30, 2016) Abdou Illia Spring 2016 Learning Objectives Discuss Cryptography Terminology Discuss Symmetric Key Encryption Discuss Asymmetric Key Encryption Distinguish
More informationAn Introduction to Cryptography and Digital Signatures
An Introduction to Cryptography and Digital Signatures Author: Ian Curry March 2001 Version 2.0 Copyright 20012003 Entrust. All rights reserved. Cryptography The concept of securing messages through
More informationOverview/Questions. What is Cryptography? The Caesar Shift Cipher. CS101 Lecture 21: Overview of Cryptography
CS101 Lecture 21: Overview of Cryptography Codes and Ciphers Overview/Questions What is cryptography? What are the challenges of data encryption? What factors make an encryption strategy successful? What
More informationCRYPTOGRAPHY IN NETWORK SECURITY
ELE548 Research Essays CRYPTOGRAPHY IN NETWORK SECURITY AUTHOR: SHENGLI LI INSTRUCTOR: DR. JIENCHUNG LO Date: March 5, 1999 Computer network brings lots of great benefits and convenience to us. We can
More informationInformation Security
Information Security Dr. Vedat Coşkun Malardalen September 15th, 2009 08:00 10:00 vedatcoskun@isikun.edu.tr www.isikun.edu.tr/~vedatcoskun What needs to be secured? With the rapid advances in networked
More informationSAMPLE EXAM QUESTIONS MODULE EE5552 NETWORK SECURITY AND ENCRYPTION ECE, SCHOOL OF ENGINEERING AND DESIGN BRUNEL UNIVERSITY UXBRIDGE MIDDLESEX, UK
SAMPLE EXAM QUESTIONS MODULE EE5552 NETWORK SECURITY AND ENCRYPTION September 2010 (reviewed September 2014) ECE, SCHOOL OF ENGINEERING AND DESIGN BRUNEL UNIVERSITY UXBRIDGE MIDDLESEX, UK NETWORK SECURITY
More informationFundamentals of Computer Security
Fundamentals of Computer Security Spring 2015 Radu Sion Intro Encryption Hash Functions A Message From Our Sponsors Fundamentals System/Network Security, crypto How do things work Why How to design secure
More informationQ: Why security protocols?
Security Protocols Q: Why security protocols? Alice Bob A: To allow reliable communication over an untrusted channel (eg. Internet) 2 Security Protocols are out there Confidentiality Authentication Example:
More informationComputer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University
Computer Networks Network Security and Ethics Week 14 College of Information Science and Engineering Ritsumeikan University Security Intro for Admins l Network administrators can break security into two
More information2.4: Authentication Authentication types Authentication schemes: RSA, Lamport s Hash Mutual Authentication Session Keys Trusted Intermediaries
Chapter 2: Security Techniques Background Secret Key Cryptography Public Key Cryptography Hash Functions Authentication Chapter 3: Security on Network and Transport Layer Chapter 4: Security on the Application
More informationIntroduction to Cryptography
Introduction to Cryptography Part 2: publickey cryptography JeanSébastien Coron January 2007 Publickey cryptography Invented by Diffie and Hellman in 1976. Revolutionized the field. Each user now has
More informationCOSC 472 Network Security
COSC 472 Network Security Instructor: Dr. Enyue (Annie) Lu Office hours: http://faculty.salisbury.edu/~ealu/schedule.htm Office room: HS114 Email: ealu@salisbury.edu Course information: http://faculty.salisbury.edu/~ealu/cosc472/cosc472.html
More informationFinal Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket
IT 4823 Information Security Administration Public Key Encryption Revisited April 5 Notice: This session is being recorded. Lecture slides prepared by Dr Lawrie Brown for Computer Security: Principles
More informationModule 7 Security CS655! 71!
Module 7 Security CS655! 71! Issues Separation of! Security policies! Precise definition of which entities in the system can take what actions! Security mechanism! Means of enforcing that policy! Distributed
More informationCryptography & Network Security
Cryptography & Network Security Lecture 1: Introduction & Overview 2002. 3. 27 chlim@sejong.ac.kr Common Terms(1) Cryptography: The study of mathematical techniques related to aspects of information security
More informationChapter 8. Computer Networking: A Top Down Approach, 5 th edition. Jim Kurose, Keith Ross AddisonWesley, sl April 2009. Thanks and enjoy!
Chapter 8 Network Security A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you can add, modify, and
More informationPractice Questions. CS161 Computer Security, Fall 2008
Practice Questions CS161 Computer Security, Fall 2008 Name Email address Score % / 100 % Please do not forget to fill up your name, email in the box in the midterm exam you can skip this here. These practice
More information