Network Security Technology Network Management
|
|
- Rosamond Taylor
- 8 years ago
- Views:
Transcription
1 COMPUTER NETWORKS Network Security Technology Network Management Source Encryption E(K,P) Decryption D(K,C) Destination The author of these slides is Dr. Mark Pullen of George Mason University. Permission is hereby granted to reproduce the slides for any not-for-profit academic purpose, so long as this notice is contained in any document containing the slides, and each slide remains intact as provided, including the copyright label. Permission for any other use, either in machine-readable or printed form, must be obtained from the author in writing. 1
2 Network Security Technology 2
3 Network Security Basics Review Confidentiality - information disclosed only to those intended. Integrity - information cannot be modified without being detected. Authentication - ensure that communicating parties are who they say they are. Access Control - ensure that authenticated users are given access only to appropriate information. Nonrepudiation - stronger form of authentication which ensures that a party involved in some communication cannot later claim non-involvement Key Distribution Key Distribution - establish session keys between communicating parties. 3
4 Security Tools Message Authentication Codes or Message Hashes - digest of a message that is unlikely to match digest of a different message Encryption - scrambling data so its contents cannot be understood by a third party Encryption Keys - pattern unknown to a third party Key exchange algorithms - safe ways to pass keys between trusted parties 4
5 Encryption Systems and Keys An encryption system is a collection of encoding and decoding functions parameterized by keys. Basic building blocks of encryption algorithms are letter substitution codes and transpositions. An encryption system is only as secure as the keys; hence, keys must be distributed in a secure fashion. Could deliver by hand. Alternatively, could distribute using encrypted system believed to be secure (normally this involves a different key that was originally distributed by hand) 5
6 Cryptography Messages sent in plaintext are transformed into ciphertext. encryption decryption plaintext ciphertext plaintext Most systems involve a cryptography algorithm and a key. Algorithms may be well known and widely published but difficult to break. 6
7 Hardware CRC Generation Circuit Generator Polynomial: D 16 + D 12 +D 5 +1 Output FCS at end of data open switch to shift out result XOR gate Input DATA:
8 A Simple Encryption System feedback positions form a secret key which will also decrypt Output stream of ciphertext data XOR gate Input stream of plaintext data this is a simple example of a symmetric key algorithm the algorithm is known, the key is kept secret also called secret key encryption for this reason 8
9 Breaking an Encryption Scheme Definition: good guys are those who send the message, bad guys are those who try to break the message. Breaking the code usually requires trying a very large number of combinations to find a match when the bad guys have more information it is to their advantage normally they know the algorithm but not the key There are different types of attacks possible. Ciphertext only. Known plaintext, when the bad guys have some <plaintext, ciphertext> pair. Chosen plaintext, when the bad guys can encrypt the message and see the result 9
10 Breaking an Encryption Scheme A good cryptosystem should be able to defend against all three types of attacks Known plaintext makes a good yardstick can break code by trying all keys and comparing results more likely case than chosen plaintext Example of times to break a code: trials/second time to break 1 40,000 years years days minutes second 10
11 Data Encryption Standard (DES) DES is a symmetric-key block cipher developed by the US National Institutes of Standards and Technology (NIST). Input is 64 bit blocks of plaintext and 56 bit key Three phase algorithm Initial permutation of the input. 16 iterations of permutation and substitution using S-boxes. Final permutation of the output. 11
12 DES Iterations On each iteration, the block is divided into left and right 32 bit sections. The right side R i of the block becomes the left side of the next block. The left side of the block is XORed with a 32-bit value. This can be represented as L i = R i 1 ( ) R = L 1 f R 1, K i i i i 12
13 Public Key Cryptography Encryption and decryption algorithms are well known The encryption key is made public but the decryption key is kept secret For this to be secure, deducing the decryption algorithm from the encryption algorithm must be difficult Public Key Algorithms are based on functions that are easy to compute but very hard to find the inverse for example the problem of factoring the product of two large prime numbers (RSA algorithm) 13
14 Public Key Encryption DATA Encode encrypted data DECODE DATA Public Key Directory - Names with Keys Private Key 14
15 RSA Public Key Algorithm The Algorithm is initialized by the following steps: Choose two large prime numbers p and q Compute n = p q and z = (p-1)(q-1) Choose d such that gcd(z,d) = 1, i.e., z and d are relatively prime Find e such that e d = 1 mod z The numbers e and n are made public and encryption of a plain text P, where P is a member {0,1,...,n-1}, is performed by computing C = P e mod n Decryption is performed by computing P = C d mod n An eavesdropper only knows e and n. The task of computing d is equivalent to factoring n into p and q, which is known to be difficult 15
16 Why does RSA work? First, notice that when n = pq and z = (p-1)(q-1), and p and q are prime, z is the called the totient function, the number of numbers relatively prime to n. The numbers d and e are picked because de = 1 mod z From number theory x de = x mod n RSA encryption consists of taking x and raising it to the power of e. Then, if we take the result and raise it to the power of d (i.e., decrypt), we get x. 16
17 Public Key Encryption Example Let p = 3 and q = 11. Then, n = 33 and z =20. A choice for d is d =7, which yields e = 3. (7 * 3 = 1 mod 20) (The larger p and q, the more secure the encryption; this example is not very secure.) The encryption rule is C = P 3 mod 33 and decryption is done by P = C 7 mod 33. Example: Let P be the position of a letter in the alphabet, A =1, B =2,... Z = 26 Text P P^3 C C^7 P Text T T A A S S C C 17
18 Using Public Key Encryption Non-repudiation Since the encryption and decryption are inverses, given that I encode my identity with my private key, the fact that you can decode my identity with my public key proves that I sent the message. Confidentiality Further, if I encrypt data with your public key after encrypting the same data with my private key, then only you can decrypt the data and only you can find out that the data was from me. Key Distribution If the data I double encrypt is a private symmetric encryption key, then only you and I will be able to decrypt data encrypted with that private symmetric encryption key. 18
19 Using Public Key Encryption Public-key encryption takes much more computation than symmetric-key encryption but it scales well because only one key per party is needed and it can be published (in fact it should be) to be completely secure, you must trust the source of the key (this implies significant infrastructure) also provides non-repudiation by contrast symmetric-key encryption requires one key for every pair of parties and the key must be kept secret Therefore public-key encryption is normally used for small amounts of data, for example encrypting a symmetric key for distribution encrypting a message hash as a signature 19
20 Security and the Protocol Stack For effective security, the whole system must be considered Encryption can be used at any layer (or more than one) Application Presentation Session Transport Network Data Link Control Physical Peer Connection (secured) Physical Link Application Presentation Session Transport Network Data Link Control Physical 20
21 Link Encryption (layer 2) Plaintext P ABCDE... Ciphertext C K%U@Y... Plaintext P ABCDE... Source Encryption E(K,P) Decryption D(K,C) Destination Unguarded Link KEY K KEY K Keys are used in location pairs Crypto circuit can be similar to CRC generator (symmetric key) 21
22 End-To-End Encryption (layer 3) WS Crypto NETWORK Crypto WS Crypto HDR DATA WS Body of packet encrypted, header in clear Community of sites all have the same key 22
23 Firewall Security (layer 3) WS Firewall NETWORK Firewall WS Firewall HDR DATA WS Body of packet in clear, header in clear or substituted by firewall Community of sites established by tables in firewalls Packet may contain authentication or be encrypted by firewall 23
24 Message Authentication Protects against faking data and transactions. Could use encryption; but this is expensive. Use message authentication code: message sent in plaintext but authentication tag is added for integrity. Could be used when you don t need to encrypt or can t decrypt all messages, or as a way of broadcasting a message so that other parties can t fake the source. 24
25 Message Authentication Code Use a secret shared key K to generate a small block of code. The code is a function of the message and the key. Message plus the code is sent to the receiver. If you can decode the message correctly, you know Message has not been altered Message is from the alleged sender Integrity through sequence numbers 25
26 Secure Hash Functions Produce a fingerprint of the file May not require shared secret keys. To be practical, should be applied to a block of any size and produce a fixed length output. Requirements: Difficult to find x such that H(x) = m (hard to generate a message given a code) For any x, difficult to find x <> y with H(x)=H(y) (prevents forgery) 26
27 Message-Digest 5 (MD5) Algorithm takes an arbitrary input, chops it into 512 bit blocks, and outputs a 128 bit message digest. Requires 5 steps: Append padding bits so that its length is 448 mod 512. Use a 1 followed by 0s. Append length, up to 64 bits. Resulting message is multiple of 512 bits, or bit words Message Padding Length 27
28 MD5 Algorithm Initialize 4 32-bit buffers with constant values. Process the message in 512 bit blocks. Each block is processed 4 different rounds, using a different function each time, i.e. F(X,Y,Z) = (X Y ) (~X Z ) Each function uses bitwise operations and takes three 32 bit words: the output from the previous round, the 32-bit word, and one element from a 64 element table. Output is the final value. 28
29 MD5 Operation constant Padded Message 4 rounds per 32bit word digest * * * digest 512 bits 512 bits * * * * * * * * * * * * * * * * * * Message Digest 29
30 Encryption Used For Packet Authentication (layer 3) Packet Auth Algorithm Packet Auth KEY NETWORK Packet Auth Auth Algorithm Packet Validation KEY 30
31 Encryption by the Application (Layer 7) Privacy-Enhanced Mail Dear Fred, $#AX3qvd.! encoder stack KEY NETWORK $#AX3qvd.! Dear Fred, stack decoder KEY 31
32 Network Management 32
33 Network Management Components One or more managed objects each has a NM agent or proxy agent process At least one NM Station (NMS) a computer system, typically a workstation hosting one or more NM applications A NM protocol A database definition for management information (Management Information Base) determines the structure and content of management information 33
34 Network Management Functions per ITU-T 6 Fault 6 Configuration 6 Accounting 6 Performance 6 Security 34
35 Dimensions Of Network Management FUNCTIONS Fault Configuration Accounting Performance Security Network System SCOPE Application Monitor ROLES Control 35
36 Network Monitoring Network monitoring is the basis for all other network management functions Network Management systems may lack network control, but must have network monitoring Key network monitoring design issues what to monitor how to access the monitored objects what data to collect what to do with the data collected 36
37 Simple Network Management Protocol (SNMP) Purpose: ease/consistency of managing Internet resources Each managed object has SNMP agent and Management Information Base (MIB) Remote management program (usually a console) can query status, direct changes Security authentication required for changes Standardized network management software available to visualize status OSI network management (CMIP CMIP) is usable in the Internet as CMOT but SNMP is much more popular 37
38 Good Network Management Tools Support standards (at least SNMP) Run on multiple platforms Integrate with other management tools Example: HP OpenView powerful graphic network status display 38
39 Extra-Credit Project INT2: firewall packet filter one community of trust per NW network (list of subnets) firewall runs in router members of community do not accept packets from non-members 39
159.334 Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology
Network Security 1 Professor Richard Harris School of Engineering and Advanced Technology Presentation Outline Overview of Identification and Authentication The importance of identification and Authentication
More informationNetwork Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1
Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Goals v understand principles of network security: cryptography and its many uses beyond
More informationSECURITY IN NETWORKS
SECURITY IN NETWORKS GOALS Understand principles of network security: Cryptography and its many uses beyond confidentiality Authentication Message integrity Security in practice: Security in application,
More informationNETWORK SECURITY. Farooq Ashraf. Department of Computer Engineering King Fahd University of Petroleum and Minerals Dhahran 31261, Saudi Arabia
NETWORK SECURITY Farooq Ashraf Department of Computer Engineering King Fahd University of Petroleum and Minerals Dhahran 31261, Saudi Arabia O u t l i n e o f t h e P r e s e n t a t i o n What is Security
More informationOverview of Cryptographic Tools for Data Security. Murat Kantarcioglu
UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Cryptographic Tools for Data Security Murat Kantarcioglu Pag. 1 Purdue University Cryptographic Primitives We will discuss the
More informationCS 348: Computer Networks. - Security; 30 th - 31 st Oct 2012. Instructor: Sridhar Iyer IIT Bombay
CS 348: Computer Networks - Security; 30 th - 31 st Oct 2012 Instructor: Sridhar Iyer IIT Bombay Network security Security Plan (RFC 2196) Identify assets Determine threats Perform risk analysis Implement
More informationNetwork Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23
Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest
More informationNetwork Security. HIT Shimrit Tzur-David
Network Security HIT Shimrit Tzur-David 1 Goals: 2 Network Security Understand principles of network security: cryptography and its many uses beyond confidentiality authentication message integrity key
More informationHow encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and
How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and non-repudiation. How to obtain a digital certificate. Installing
More informationChapter 8. Network Security
Chapter 8 Network Security Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Need for Security Some people who
More informationSecurity. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1
Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions
More informationNetwork Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1
Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Public Key Cryptography symmetric key crypto v requires sender, receiver know shared secret
More information12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust
Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or
More informationProperties of Secure Network Communication
Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able to understand the contents of the transmitted message. Because eavesdroppers may intercept the message,
More informationCRYPTOGRAPHY IN NETWORK SECURITY
ELE548 Research Essays CRYPTOGRAPHY IN NETWORK SECURITY AUTHOR: SHENGLI LI INSTRUCTOR: DR. JIEN-CHUNG LO Date: March 5, 1999 Computer network brings lots of great benefits and convenience to us. We can
More informationLecture 9: Application of Cryptography
Lecture topics Cryptography basics Using SSL to secure communication links in J2EE programs Programmatic use of cryptography in Java Cryptography basics Encryption Transformation of data into a form that
More informationNetwork Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室
Network Security 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Security Attacks Normal flow: sender receiver Interruption: Information source Information destination
More informationChapter 10. Network Security
Chapter 10 Network Security 10.1. Chapter 10: Outline 10.1 INTRODUCTION 10.2 CONFIDENTIALITY 10.3 OTHER ASPECTS OF SECURITY 10.4 INTERNET SECURITY 10.5 FIREWALLS 10.2 Chapter 10: Objective We introduce
More informationCIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives
CIS 6930 Emerging Topics in Network Security Topic 2. Network Security Primitives 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange; Hash functions; Application of hash
More informationLecture 9 - Network Security TDTS41-2006 (ht1)
Lecture 9 - Network Security TDTS41-2006 (ht1) Prof. Dr. Christoph Schuba Linköpings University/IDA Schuba@IDA.LiU.SE Reading: Office hours: [Hal05] 10.1-10.2.3; 10.2.5-10.7.1; 10.8.1 9-10am on Oct. 4+5,
More informationChapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography
Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:
More informationNetwork Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide
Network Security [2] Public Key Encryption Also used in message authentication & key distribution Based on mathematical algorithms, not only on operations over bit patterns (as conventional) => much overhead
More information7! Cryptographic Techniques! A Brief Introduction
7! Cryptographic Techniques! A Brief Introduction 7.1! Introduction to Cryptography! 7.2! Symmetric Encryption! 7.3! Asymmetric (Public-Key) Encryption! 7.4! Digital Signatures! 7.5! Public Key Infrastructures
More informationCS 758: Cryptography / Network Security
CS 758: Cryptography / Network Security offered in the Fall Semester, 2003, by Doug Stinson my office: DC 3122 my email address: dstinson@uwaterloo.ca my web page: http://cacr.math.uwaterloo.ca/~dstinson/index.html
More informationCryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs
Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs Enes Pasalic University of Primorska Koper, 2014 Contents 1 Preface 3 2 Problems 4 2 1 Preface This is a
More informationChapter 7: Network security
Chapter 7: Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer: secure e-mail transport
More informationAuthentication requirement Authentication function MAC Hash function Security of
UNIT 3 AUTHENTICATION Authentication requirement Authentication function MAC Hash function Security of hash function and MAC SHA HMAC CMAC Digital signature and authentication protocols DSS Slides Courtesy
More informationEXAM questions for the course TTM4135 - Information Security May 2013. Part 1
EXAM questions for the course TTM4135 - Information Security May 2013 Part 1 This part consists of 5 questions all from one common topic. The number of maximal points for every correctly answered question
More informationPublic Key Cryptography Overview
Ch.20 Public-Key Cryptography and Message Authentication I will talk about it later in this class Final: Wen (5/13) 1630-1830 HOLM 248» give you a sample exam» Mostly similar to homeworks» no electronic
More informationFirst Semester Examinations 2011/12 INTERNET PRINCIPLES
PAPER CODE NO. EXAMINER : Martin Gairing COMP211 DEPARTMENT : Computer Science Tel. No. 0151 795 4264 First Semester Examinations 2011/12 INTERNET PRINCIPLES TIME ALLOWED : Two Hours INSTRUCTIONS TO CANDIDATES
More informationNetwork Security. Security. Security Services. Crytographic algorithms. privacy authenticity Message integrity. Public key (RSA) Message digest (MD5)
Network Security Security Crytographic algorithms Security Services Secret key (DES) Public key (RSA) Message digest (MD5) privacy authenticity Message integrity Secret Key Encryption Plain text Plain
More informationNetwork Security (2) CPSC 441 Department of Computer Science University of Calgary
Network Security (2) CPSC 441 Department of Computer Science University of Calgary 1 Friends and enemies: Alice, Bob, Trudy well-known in network security world Bob, Alice (lovers!) want to communicate
More informationNetwork Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015
Network Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015 Chapter 2: Introduction to Cryptography What is cryptography? It is a process/art of mangling information in such a way so as to make it
More information: Network Security. Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT
Subject Code Department Semester : Network Security : XCS593 : MSc SE : Nineth Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT Part A (2 marks) 1. What are the various layers of an OSI reference
More informationELECTRONIC COMMERCE OBJECTIVE QUESTIONS
MODULE 13 ELECTRONIC COMMERCE OBJECTIVE QUESTIONS There are 4 alternative answers to each question. One of them is correct. Pick the correct answer. Do not guess. A key is given at the end of the module
More informationClient Server Registration Protocol
Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are
More informationAC76/AT76 CRYPTOGRAPHY & NETWORK SECURITY DEC 2014
Q.2a. Define Virus. What are the four phases of Viruses? In addition, list out the types of Viruses. A virus is a piece of software that can infect other programs by modifying them; the modification includes
More informationLecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References
Lecture Objectives Wireless Networks and Mobile Systems Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks Introduce security vulnerabilities and defenses Describe security functions
More informationCSCE 465 Computer & Network Security
CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Public Key Cryptogrophy 1 Roadmap Introduction RSA Diffie-Hellman Key Exchange Public key and
More informationPrinciples of Network Security
he Network Security Model Bob and lice want to communicate securely. rudy (the adversary) has access to the channel. lice channel data, control s Bob Kai Shen data secure sender secure receiver data rudy
More informationNetwork Security. Omer Rana
Network Security Omer Rana CM0255 Material from: Cryptography Components Sender Receiver Plaintext Encryption Ciphertext Decryption Plaintext Encryption algorithm: Plaintext Ciphertext Cipher: encryption
More informationApplication Layer (1)
Application Layer (1) Functionality: providing applications (e-mail, www, USENET etc) providing support protocols to allow the real applications to function properly security comprising a large number
More informationLukasz Pater CMMS Administrator and Developer
Lukasz Pater CMMS Administrator and Developer EDMS 1373428 Agenda Introduction Why do we need asymmetric ciphers? One-way functions RSA Cipher Message Integrity Examples Secure Socket Layer Single Sign
More informationSecurity in Distributed Systems. Network Security
Security in Distributed Systems Introduction Cryptography Authentication Key exchange Computer Science Lecture 18, page 1 Network Security Intruder may eavesdrop remove, modify, and/or insert messages
More informationMessage Authentication
Message Authentication message authentication is concerned with: protecting the integrity of a message validating identity of originator non-repudiation of origin (dispute resolution) will consider the
More informationCSC474/574 - Information Systems Security: Homework1 Solutions Sketch
CSC474/574 - Information Systems Security: Homework1 Solutions Sketch February 20, 2005 1. Consider slide 12 in the handout for topic 2.2. Prove that the decryption process of a one-round Feistel cipher
More informationCryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur
Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Lecture No. # 11 Block Cipher Standards (DES) (Refer Slide
More informationSecurity (II) ISO 7498-2: Security Architecture of OSI Reference Model. Outline. Course Outline: Fundamental Topics. EE5723/EE4723 Spring 2012
Course Outline: Fundamental Topics System View of Network Security Network Security Model Security Threat Model & Security Services Model Overview of Network Security Security Basis: Cryptography Secret
More informationDesigning Hash functions. Reviewing... Message Authentication Codes. and message authentication codes. We have seen how to authenticate messages:
Designing Hash functions and message authentication codes Reviewing... We have seen how to authenticate messages: Using symmetric encryption, in an heuristic fashion Using public-key encryption in interactive
More informationIT Networks & Security CERT Luncheon Series: Cryptography
IT Networks & Security CERT Luncheon Series: Cryptography Presented by Addam Schroll, IT Security & Privacy Analyst 1 Outline History Terms & Definitions Symmetric and Asymmetric Algorithms Hashing PKI
More informationWhat is network security?
Network security Network Security Srinidhi Varadarajan Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application
More informationDr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010
CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Introduction to Cryptography What is cryptography?
More informationCompter Networks Chapter 9: Network Security
Goals of this chapter Compter Networks Chapter 9: Network Security Give a brief glimpse of security in communication networks Basic goals and mechanisms Holger Karl Slide set: Günter Schäfer, TU Ilmenau
More informationChapter 8 Security. IC322 Fall 2014. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012
Chapter 8 Security IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross, All
More informationCommon Pitfalls in Cryptography for Software Developers. OWASP AppSec Israel July 2006. The OWASP Foundation http://www.owasp.org/
Common Pitfalls in Cryptography for Software Developers OWASP AppSec Israel July 2006 Shay Zalalichin, CISSP AppSec Division Manager, Comsec Consulting shayz@comsecglobal.com Copyright 2006 - The OWASP
More informationSymmetric Key cryptosystem
SFWR C03: Computer Networks and Computer Security Mar 8-11 200 Lecturer: Kartik Krishnan Lectures 22-2 Symmetric Key cryptosystem Symmetric encryption, also referred to as conventional encryption or single
More informationWaspmote Encryption Libraries. Programming guide
Waspmote Encryption Libraries Programming guide Index Document version: v4.3-01/2015 Libelium Comunicaciones Distribuidas S.L. INDEX 1. General Concepts... 4 2. Integrity... 7 2.1. Waspmote Libraries...7
More informationSecurity. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key
Friends and Enemies Security Outline Encryption lgorithms Protocols Message Integrity Protocols Key Distribution Firewalls Figure 7.1 goes here ob, lice want to communicate securely Trudy, the intruder
More informationCSE/EE 461 Lecture 23
CSE/EE 461 Lecture 23 Network Security David Wetherall djw@cs.washington.edu Last Time Naming Application Presentation How do we name hosts etc.? Session Transport Network Domain Name System (DNS) Data
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure
More informationNETWORK ADMINISTRATION AND SECURITY
NETWORK ADMINISTRATION AND SECURITY Unit I (NAS) (W- 10) Q. 1) What is Security Attack? Explain general categories of attack with examples. 7 Q. 2) List and define the five security services. 5 Q. 3) Define
More informationModule 8. Network Security. Version 2 CSE IIT, Kharagpur
Module 8 Network Security Lesson 2 Secured Communication Specific Instructional Objectives On completion of this lesson, the student will be able to: State various services needed for secured communication
More informationComputer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt
Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt 1 Lecture 11: Network Security Reference: Chapter 8 - Computer Networks, Andrew S. Tanenbaum, 4th Edition, Prentice
More informationECE 428 Network Security
ECE 428 Network Security 1 Learning objectives Security requirements and tools Symmetric-key (secret key) cryptography Substitution, transposition, and product ciphers (DES) Public key cryptography: RSA
More informationContent Teaching Academy at James Madison University
Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect
More informationEfficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms
Efficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms Radhika G #1, K.V.V. Satyanarayana *2, Tejaswi A #3 1,2,3 Dept of CSE, K L University, Vaddeswaram-522502,
More informationMessage Authentication Codes
2 MAC Message Authentication Codes : and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l08, Steve/Courses/2013/s2/css322/lectures/mac.tex,
More informationEvaluation of the RC4 Algorithm for Data Encryption
Evaluation of the RC4 Algorithm for Data Encryption Allam Mousa (1) and Ahmad Hamad (2) (1) Electrical Engineering Department An-Najah University, Nablus, Palestine (2) Systems Engineer PalTel Company,
More informationCryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur
Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Module No. # 01 Lecture No. # 02 Overview on Modern Cryptography
More informationChapter 6 CDMA/802.11i
Chapter 6 CDMA/802.11i IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 Some material copyright 1996-2012 J.F Kurose and K.W. Ross,
More informationOverview of Public-Key Cryptography
CS 361S Overview of Public-Key Cryptography Vitaly Shmatikov slide 1 Reading Assignment Kaufman 6.1-6 slide 2 Public-Key Cryptography public key public key? private key Alice Bob Given: Everybody knows
More informationLecture 6 - Cryptography
Lecture 6 - Cryptography CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07 Question 2 Setup: Assume you and I don t know anything about
More informationChapter 8. Cryptography Symmetric-Key Algorithms. Digital Signatures Management of Public Keys Communication Security Authentication Protocols
Network Security Chapter 8 Cryptography Symmetric-Key Algorithms Public-Key Algorithms Digital Signatures Management of Public Keys Communication Security Authentication Protocols Email Security Web Security
More informationMessage authentication and. digital signatures
Message authentication and " Message authentication digital signatures verify that the message is from the right sender, and not modified (incl message sequence) " Digital signatures in addition, non!repudiation
More informationAdvanced Cryptography
Family Name:... First Name:... Section:... Advanced Cryptography Final Exam July 18 th, 2006 Start at 9:15, End at 12:00 This document consists of 12 pages. Instructions Electronic devices are not allowed.
More informationSecureMessageRecoveryandBatchVerificationusingDigitalSignature
Global Journal of Computer Science and Technology: F Graphics & Vision Volume 14 Issue 4 Version 1.0 Year 2014 Type: Double Blind Peer Reviewed International Research Journal Publisher: Global Journals
More informationInformation Security
Information Security Dr. Vedat Coşkun Malardalen September 15th, 2009 08:00 10:00 vedatcoskun@isikun.edu.tr www.isikun.edu.tr/~vedatcoskun What needs to be secured? With the rapid advances in networked
More informationChapter 23. Database Security. Security Issues. Database Security
Chapter 23 Database Security Security Issues Legal and ethical issues Policy issues System-related issues The need to identify multiple security levels 2 Database Security A DBMS typically includes a database
More informationOverview of CSS SSL. SSL Cryptography Overview CHAPTER
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers
More informationCornerstones of Security
Internet Security Cornerstones of Security Authenticity the sender (either client or server) of a message is who he, she or it claims to be Privacy the contents of a message are secret and only known to
More informationCryptography & Network Security
Cryptography & Network Security Lecture 1: Introduction & Overview 2002. 3. 27 chlim@sejong.ac.kr Common Terms(1) Cryptography: The study of mathematical techniques related to aspects of information security
More informationAn Introduction to Cryptography as Applied to the Smart Grid
An Introduction to Cryptography as Applied to the Smart Grid Jacques Benoit, Cooper Power Systems Western Power Delivery Automation Conference Spokane, Washington March 2011 Agenda > Introduction > Symmetric
More informationComputer System Management: Hosting Servers, Miscellaneous
Computer System Management: Hosting Servers, Miscellaneous Amarjeet Singh October 22, 2012 Partly adopted from Computer System Management Slides by Navpreet Singh Logistics Any doubts on project/hypo explanation
More information7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?
7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk
More informationSecurity in Computer Networks
Security in Computer Networks Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@wustl.edu Audio/Video recordings of this lecture are available on-line at: http://www.cse.wustl.edu/~jain/cse473-10/
More informationLecture 10: CPA Encryption, MACs, Hash Functions. 2 Recap of last lecture - PRGs for one time pads
CS 7880 Graduate Cryptography October 15, 2015 Lecture 10: CPA Encryption, MACs, Hash Functions Lecturer: Daniel Wichs Scribe: Matthew Dippel 1 Topic Covered Chosen plaintext attack model of security MACs
More informationChapter 37. Secure Networks
Chapter 37 Network Security (Access Control, Encryption, Firewalls) Secure Networks Secure network is not an absolute term Need to define security policy for organization Network security policy cannot
More informationChapter 8 Network Security. Slides adapted from the book and Tomas Olovsson
Chapter 8 Network Security Slides adapted from the book and Tomas Olovsson Roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity Security protocols and measures: Securing
More informationCryptosystems. Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K.
Cryptosystems Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K. C= E(M, K), Bob sends C Alice receives C, M=D(C,K) Use the same key to decrypt. Public
More informationIntroduction. Where Is The Threat? Encryption Methods for Protecting Data. BOSaNOVA, Inc. Phone: 866-865-5250 Email: info@theq3.com Web: www.theq3.
Introduction Within the last ten years, there has been a vast increase in the accumulation and communication of digital computer data in both the private and public sectors. Much of this information has
More information6.857 Computer and Network Security Fall Term, 1997 Lecture 4 : 16 September 1997 Lecturer: Ron Rivest Scribe: Michelle Goldberg 1 Conditionally Secure Cryptography Conditionally (or computationally) secure
More informationTable of Contents. Bibliografische Informationen http://d-nb.info/996514864. digitalisiert durch
1 Introduction to Cryptography and Data Security 1 1.1 Overview of Cryptology (and This Book) 2 1.2 Symmetric Cryptography 4 1.2.1 Basics 4 1.2.2 Simple Symmetric Encryption: The Substitution Cipher...
More informationSymmetric Mechanisms for Authentication in IDRP
WG1/SG2 WP WG2/WP 488 International Civil Aviation Organization Aeronautical Telecommunication Network Panel (ATNP) WG2 and WG1/SG2 Meetings Honolulu, Hawaii, USA January 1999 Symmetric Mechanisms for
More informationBrocade Product Training
Brocade Product Training Introducing SNMP Web-based Training Brocade Education Services Page 1-1 Objectives Describe SNMP basics: terminology and concepts Describe the need for SNMP Describe the advantages
More informationHow To Understand And Understand The History Of Cryptography
CSE497b Introduction to Computer and Network Security - Spring 2007 - Professors Jaeger Lecture 5 - Cryptography CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07/
More informationAn Introduction to Cryptography and Digital Signatures
An Introduction to Cryptography and Digital Signatures Author: Ian Curry March 2001 Version 2.0 Copyright 2001-2003 Entrust. All rights reserved. Cryptography The concept of securing messages through
More informationAuthentication, digital signatures, PRNG
Multimedia Security Authentication, digital signatures, PRNG Mauro Barni University of Siena Beyond confidentiality Up to now, we have been concerned with protecting message content (i.e. confidentiality)
More informationSafeguarding Data Using Encryption. Matthew Scholl & Andrew Regenscheid Computer Security Division, ITL, NIST
Safeguarding Data Using Encryption Matthew Scholl & Andrew Regenscheid Computer Security Division, ITL, NIST What is Cryptography? Cryptography: The discipline that embodies principles, means, and methods
More informationNetwork Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering
Network Security Gaurav Naik Gus Anderson, Philadelphia, PA Lectures on Network Security Feb 12 (Today!): Public Key Crypto, Hash Functions, Digital Signatures, and the Public Key Infrastructure Feb 14:
More informationDesign and Implementation of Asymmetric Cryptography Using AES Algorithm
Design and Implementation of Asymmetric Cryptography Using AES Algorithm Madhuri B. Shinde Student, Electronics & Telecommunication Department, Matoshri College of Engineering and Research Centre, Nashik,
More information