Universität Klagenfurt - IWAS Multimedia Kommunikation

Transcription

1 Multimedia Kommunikation Dipl.-Inform. Martin Euchner Siemens AG, Information & Communication Networks Munich, Germany Tel: Siemens AG May 2001

2 Content of Lecture Goals of this lecture 10 min Part I Introduction to Information Security (IT Security) min Part II Introduction to Cryptography (Cryptographic Primitives and Cryptographic Protocols) Part III-a Public-Key Infrastructure (PKI) 40 min 45 min Part III-b Internet Security, Secure Applications and Security Protocols 45 min Part IV Multimedia Security, Security Standards 45min-1h References, Books & Literature Abbreviations 10min h

3 Goals of this lecture Learn the basic notions and terms of Information Security Understand the basic cryptographic primitives Learn some simple cryptographic protocols, find out some typical weaknesses in flawed protocols Look at the most important cryptographic algorithms and get an impression how they work in principle Understand how public-key systems work See how cryptographic security techniques are applied in secure systems Learn about Internet Security Learn about various secured applications in modern systems See how security techniques are applied in mobile communication systems Understand the security aspects of multimedia systems Recognize some important security standards

4 Not part of this lecture Profound mathematical background for cryptographic analysis is not necessary to understand this lecture. Deeper understanding of any complex, internal crypto algorithm details. Many of the more complex crypto algorithms and security protocols. Study of any other known (broken) cryptoalgorithm. To become a real, experienced security expert or a cryptographer.

5 References, recommended Books and some further Literature A.J. Menzes, P v. Oorschot, S. Vanstone: Applied Cryptography, CRC Press, W. Fumy, H.P. Rieß: Kryptographie - Entwurf, Einsatz und Analyse symmetrischer Kryptoverfahren, 2. Auflage, Oldenbourg, H. Pohl, G. Weck: Handbuch 1 - Einführung in die Informationssicherheit, Oldenbourg, G. Simmons: Contemporary Cryptology - The science of Information Integrity, IEEE Press, C. Adams, S. Lloyd: Understanding Public-Key Infrastructure - Concepts, Standards and Deployment Considerations, Macmillan, T. Austin: PKI - A Wiley Tech Brief, John Wiley & Sons, N. Dorawswamy, D. Harkins: IPSec - The new Security Standard for the Internet, Intranets, and Virtual Private Networks, Prentice Hall, 1999, E. Rescorla: SSL and TLS - Designing and Building Secure Systems, Addison-Wesley, 2001, B. Schneier: Angewandte Kryptographie - Protokolle, Algorithmen und Sourcecode in C, Addison-Wesley B. Schneier: Secret & Lies - Digital Security in a Networked World, John Wiley & Sons, C.H. Meyer, S.M. Matyas: Cryptography: A new Dimension in Computer Data Security, John Wiley & Sons, Cheswick, Bellowin: Firewalls und Sicherheit im Internet, Addison-Wesley, R. Smith: Internet Kryptographie - Luink Encryption, IPSEC, Virtual private Networks, Public-Keys, Security, webserver-sicherheit, Addison-Wesley,1998. R. Wobst: Abenteuer Ktyptologie - Methoden, Risken und Nutzen der Datenverschlüsselung, Addison- Wesley, 1998.

6 Abbreviations (1) 3GPP 3DES A3 A5 A8 AAA AAL AES AGB AH ALG AN ARL ASP ATM A/V BE B-ISDN BS CA CBC CC CDMA CFB CNP CPS CPU CR 3rd Generation Partnership Project Triple DES GSM Authentication Algorithm GSM Key Generation Algorithm GSM Encryption Algorithm Authentication, Authorization and Accounting ATM Adaptation Layer Advanced Encryption Algorithm Allgemeine Geschäftsbedingungen Authentication Header Application Layer Gateway Access Network Authority Revocation List Application Service Provider Asynchronous Transfer Mode Audio/Video Border Element Broadband ISDN Base Station Certification Authority Cipher Block Chaining Call control Code Division Multiple Access Cipher Feedback Connection Negotiation Protocol Certificate Practice Statement Central Processing Unit Challenge-Response CRC CRL CRM CS CSCW CSDN DB DES DH DSSS DSP EC ECC ECB EDE EDI EP ERP ESP E/TLS GCC GSM FEAL FH FHSS FIPS Cyclic Redundancy Check Certificate Revocation List Customer Relationship Management Call signaling Computer Supported Collaborative Work Circuit-switched Data Network Database Data Encryption Standard Diffie-Hellman Direct Sequence Spread Spectrum Datagram Security Protocol Elliptic Curve Elliptic Curve Cryptography Electronic Code Book Encrypt-Decrypt-Encrypt Electronic Data Interchange Endpoint Enterprise Resource Planning Encapsulating Security Payload Elliptic Curve TLS Generic Conference Control Global System for Mobile Communications Fast Encryption Algorithm Frequency Hopping Frequency Hopping Spread Spectrum Federal Information Processing Standard FPLMNTS Future Public Land Mobile Network Telecommunications System GCC Generic Conference Control GK Gatekeeper GSS-API Generic Security Service Application Programming Interface GW Gateway HMAC Hashed Message Authentication Code HTML Hypertext Markup Language HPLMN Home Public Land Mobile Network HTTP Hypertext Transport Protocol HW Hardware ICV Integrity Check Value ID Identification IEEE Institute of Electrical and Electronics Engineers IKE Internet Key Exchange IP Internet Protocol IPSec Internet Protocol Security IMAP Internet Mail Access Protocol IMSI International Mobile Subscriber Identity IMT International Mobile Telecommunications IMTC International Multimedia Teleconferencing Consortium ISO International Standards Organization IT Information Technology ITU International Telecommunications Union ISDN Integrated Services Digital Network IV Initialization Value J Java JS Java Script Ki GSM subscriber authentication key

7 Abbreviations (2) L2CAP L2TP LAN LDAP LFSR LRA MAC MAP MCS MCU MD MIPS MIT MM MS MSC NAT NIST OCSP OFB OS PBX PC PDA PDU PEM PIN PGP PKCS PKIX PKI Logical Link Control & Adaptation Protocol Layer 2 Tunneling Protocol Local Area Network Light-weight Directory Access Protocol Linear Feedback Shift Register Local Registration Authority Message Authentication Code Multipoint Adaptation Protocol (T.120) Mobile Application Part Multipoint Communication Service Multicast Unit Message Digest Million Instructions per Second Massachusetts Institute of Technology Multimedia Mobile Station Mobile Switching Center Network Address Translation National Institute of Standards Online Certificate Status Protocol Output Feedback Operating System Private Branch Exchange Personal Computer Personal Digital Assistant Protocol Data Unit Privacy Enhanced Mail Personal Identification Number Pretty Good Privacy Public-Key Cryptography Standards Public-Key Infrastructure Standards Public-key Infrastructure PPP Point to Point Protocol POP Post Office Protocol PSDN Public-switched Data Network PSTN Public-switched Telephone Network RA Registration Authority RAS Registration, Admission and Status RC Rivest Cipher RFC Request for Comments RFCOMM Radio-Frequency Communication RNC Radio Network Controller RSA Rivest, Shamir and Adleman RTP Realtime Transport Protocol S-BOX Substitution Box SA Security Association SCF Synchronization and Convergence Function SCM Supply Chain Management SET Simple Endpoint Type (H.323) Secure Electronic Transactions SIM Subscriber Identity Module SHA Secure Hash Algorithm SIP Session Initiation Protocol S/MIME Secure Multipurpose Mail Extension SNMP Simple Network Management Protocol SSL Secure Sockets Layer SW Software UMTS Universal Mobile Telecommunications System TAN Transaction Number TC Trust Center TCP Transmission Control Protocol TIPHON Telecommunications and Internet Protocol Harmonization over Networks TGS Ticket Granting Server TLS Transport Layer Security TLSP Transport Layer Security Protocol TMSI Temporary Mobile Subscriber Identity TTT TEN Telecom Tiphon UDP User Datagram Protocol UE User Equipment UMTS Universal Mobile Telecommunications System USIM UMTS SIM VLR Visitor Location Register VoIP Voice-over IP VPN Virtual Private Network WAE Wireless Application Environment WAN Wide Area Network WAP Wireless Application Protocol WDP Wireless Data Protocol WEP Wireless Equivalent Privacy WG Working Group WIM Wireless Identity Module WLAN Wireless LAN WML Wireless Markup Language WSP Wireless Session Protocol WTLS Wireless Transport Layer Security WTP Wireless Transport Protocol W-CDMA Wideband CDMA WWW World Wide Web XML Extended Markup Language