Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology
|
|
- Thomas Harvey
- 8 years ago
- Views:
Transcription
1 Network Security 1 Professor Richard Harris School of Engineering and Advanced Technology
2 Presentation Outline Overview of Identification and Authentication The importance of identification and Authentication in secure transactions Cryptography introduction Cryptography Protocols Cryptography as a basis for Identification and Authentication The Digital Signature A Secure and Authenticated Communication over an Open Network Computer Networks - 1/2
3 Additional References [1] Kaufman, Perlman and Speciner, Network Security, 2 nd Edition, Prentice Hall, [2] Stallings, Networking Standards: A Guide to OSI, ISDN LAN, and MAN Standards, (Addison-Wesley), 1993 [3] Stallings, Networking and InterNetwork Security, (Prentice Hall), 1995, ISBN [4] FIPS 186, Digital Signature Standard (DSS). [5] FIPS 180, Secure Hash Standard (SHS). [6] ANSI X , American National Standard for Financial Institution Key Management Computer Networks - 1/3
4 Need for Security Computer Networks - 1/4
5 Problems for network security Secrecy: keeping information out of the hands of unauthorized users. Authentication: determining whom you are talking to before revealing sensitive information or entering a business deal. Non-repudiation: dealing with signature, how do you prove that your customer really placed an electronic order. Integrity control: how can you be sure that a message you received was really the one sent and not something that a malicious adversary modified in transit or concocted? Computer Networks - 1/5
6 Where in the protocol network does security belong? Every layer has something to contribute Physical layer, wiretapping can be foiled by enclosing transmission lines in sealed tubes containing gas at high pressure. Any attempt to drill into a tube will release some gas, reducing the pressure and triggering an alarm. Data link layer, packets can be encrypted as they leave one machine and decrypted as they enter another, vulnerable to attacks from within the router. However, link Encryption can be added to any network easily and often is useful. In the network layer, firewalls can be installed to keep good packets and bad packets out. In the transport layer, entire connections can be encrypted, end to end, process to process. Issues such as user authentication and non-repudiation can be only handled in the application layer. Computer Networks - 1/6
7 OSI Security Mechanisms (Controls) Encipherment The use of algorithms to transform data into a form that is not readily intelligible. The transformation and subsequent recovery of the data depend on an algorithm and one or more encryption keys Authentication exchange A mechanism intended to ensure the identity of an entity by means of information exchange Digital Signature Data appended to, or a cryptographic transformation of a data unit that allows the recipient to prove the source and integrity of the data unit and protects against forgery (e.g. by the recipient) Access control A variety of mechanisms that enforce access rights to resources Computer Networks - 1/7
8 Identification and Authentication (Overview) One of the first steps towards securing the resources of a system is the development of the ability to verify the identity of its users. Since all users communicate via messages this comes down to verifying that messages come from the alleged source and have not been altered The process of verifying a user s identity is typically referred to as user identification and authentication Identification and Authentication are distinct steps Computer Networks - 1/8
9 Identification and Authentication (Overview) Identification concerns the manner in which a user provides his/her unique identity to a system The identity: May be (for example), a name or a number (account number) Must be unique so that the system can distinguish between different users, or between different classes of users (remember the Control Selection Criteria of need to know ) May describe one individual, more than one individual.some or all of the time Example System Security Officer is a class identity Computer Networks - 1/9
10 Identification and Authentication (Overview) Authentication is the process of associating an individual with his/her unique identity or that of associating a message with a sending entity An important distinction between Identification and Authentication: Identities can be public (but aren t always) Authentication information (but not necessarily the methodology) is kept secret and becomes the means by which a person proves that they are who they say they are There are three basic means by which an individual may authenticate his/her identity Computer Networks - 1/10 10
11 Identification and Authentication (The Three Basic Approaches) Something the person knows password combination history other. Something the person possesses a token or a card a key to a lock other. Something the person is (Biometrics) Fingerprints retinal pattern voice pattern other. Computer Networks - 1/11 11
12 An Introduction to Cryptography Computer Networks - 1/12 12
13 Cryptography (Introduction) Encryption Is a process designed to conceal meaning by changing intelligible messages to unintelligible messages.. Covers both encypherment and encoding Encypherment The translation of individual letters (or tokens) to other letters of tokens Encoding The translation of words or phrases (or groups of tokens) to other words or phrases Cryptography relies on two basic components An algorithm (also called a cryptographic methodology) A Key (one or more) Computer Networks - 1/13 13
14 Cryptography (Example) Example In a simple system where letters are substituted for other letters The Key? The chart of paired letters The Algorithm? Substitution Computer Networks - 1/14 14
15 Cryptography (The Two Basic Types) There are two basic types of Cryptographic Systems Secret Key (also called symmetric systems) The same key is used to encrypt and decrypt data Two or more parties share the key The key must remain secret Public Key (also called asymmetric systems) Computer Networks - 1/15 15
16 Cryptography (Secret Key and Public Key) Secret Key Encryption - Key must remain secret Key Shared by the parties involved - Reliance on all parties PlainText Encryption Algorithm CypherText Decryption Algorithm PlainText - Data Encryption Standard (DES) Federal Information Processing Standards (FIPS) DES has been widely adopted by the commercial sector in the U.S. - Chips available, so low cost encryption/decryption is available, but access is restricted - Produces output that is dependent on the key - Powerful enough to defy decryption from examination of the cyphertext and/or knowledge of the algorithm - Security is dependent on the secrecy of the key - How do you distribute the key..?? Computer Networks - 1/16 16
17 Cryptography (Secret Key and Public Key) One of the major difficulties with Secret Key systems is the secure distribution of the Key Public Key Systems don t require Key distribution although you still need keys to encrypt and decrypt The Public Key algorithms are asymmetric. That is, you cannot decrypt the message with the same key that you used to encrypt it. This system uses key pairs, one to encrypt and one to decrypt. If you want to receive secure messages then you can make one key public (otherwise known as the Public Key). and so long as the other key is known only to you, then you will be the only person that can read it Needless to say, it is a requirement of this type of system that you cannot derive one key from the other Computer Networks - 1/17 17
18 Cryptography (Public Key example) Public Key Encryption Directory of Public Keys - X places his/her Public Key (Xp) in an accessible place. and keeps the Private Key (Xs) hidden Xp Xp Xs A PlainText Encryption Algorithm CypherText Decryption Algorithm PlainText X - A obtains X s public Key, encrypts a message and sends it to X - X uses his/her Private Key to decrypt the message RSA, named after its three creators, Ronald Rivest, Adi Shamir and Len Adlemen The Digital Signature Standard (DSS) Computer Networks - 1/18 18
19 Cryptography Some uses To ensure confidentiality and integrity of information Public Key is particularly useful when key secrecy is a problem Public Key can be used to distribute secret keys To support controls such as authentication (how do I know you are who you say you are) Other.. Having set a foundation for cryptographic systems we shall take another look at the important (and related) issue of identification and authentication Computer Networks - 1/19 19
20 Internet Communications and Cryptography The rush towards Internet Related Electronic Business Activities Funds transfer associated with sales Authorisations Would you send your Credit Card number over the Internet?? The Problems of - Identification and Authentication The Problems of - Security of Information once the Sender / Receiver have been authenticated Interruption Interception Modification Fabrication Computer Networks - 1/20
21 Cryptography as a Basis for Identification & Authentication Drawbacks of Secret Key Systems Relies on one or more parties sharing the Secret Key In practice this means that communication can only occur between people with some prior relationship. (because they must be entrusted with the Secret Key) The same key that allows for communication allows any of the parties to create forgeries in the name of others Public Key Systems Provide a basis for Authentication In RSA each key of a key pair can undo what the other does If a user can unscramble a message using say, Jack s Public Key, then it must have been created in the first place with Jack s Private Key. This is the basis for Digital Signatures Computer Networks - 1/21
22 Transposition Ciphers Transposition ciphers reorder the letters but don t disguise them. The cipher is keyed by a word or phrase not containing any repeated letters. In this example, MEGABUCK is the key. The purpose in the example is to number the columns, column 1 is under the key letter closest to the start of the alphabet. To break a transposition cipher 1. Be aware it is a transposition cipher by looking at the frequency of E, T, A, etc. 2. Guess the number of columns by first guessing a word or phrase. Say: Million dollars 3. The remaining step is to order the columns. Computer Networks - 1/22
23 P-Box Transposition can be implemented with simple electrical circuits. If the 8 bits are designated from top to bottom as , then the output of this particular P-box is By appropriate internal wiring, a P-box can be made to perform any transposition and do it at practically the speed of light, since no computation is involved; just signal propagation This design follows Kerckhoff s principle: the attacker knows that the general method is permuting the bits. What he doesn t know is which bit goes where, which is the key. Output Input Computer Networks - 1/23
24 Substitution ciphers In substitution cipher each letter or group of letters is replaced by another letter or group of letters to disguise it. For instance a b c d e f g h i j k l m n o p q r s t u v w x y z Q W E R T Y U I O P A S D F G H J K L Z X C V B N M Substitution ciphers preserve the order of the plaintext symbols but disguise them. The substitution ciphers can be broken by starting out with counting the relative frequencies of all letters in the ciphertext. Then one might tentatively assign the most common one to letter e, etc. The general system of symbol-to-symbol substitution is called mono-alphabetic substitution Computer Networks - 1/24
25 S-Box Substitutions are performed by S-box In the example, the 3-bit input selects one of the eight lines existing from the first stage and sets it to 1; all the other lines are 0. The second stage is a P-box. The third stage encodes the selected input line in binary again. With the wiring shown, if the eight octal numbers were input one after another, the output sequence would be In other words, 0 has been replaced by 2 and 1 has been replaced by 4. By appropriate wiring of the P-box inside the S-box, any substitution can be accomplished. Computer Networks - 1/25
26 One-time pads 1. Choose a random bit string as the key. 2. Then convert the plaintext into a bit string, for example by using its ASCII representation. 3. Finally compute the XOR of these two strings, bit by bit. The resulting ciphertext cannot be broken, because in a sufficiently large sample of ciphertext, each letter will occur equally often. The biggest disadvantage is that both sender and receiver must carry the pads which greatly reduces their practical utility. Computer Networks - 1/26
27 One-time pads Message 1, I love you. Message 2, Elvis lives Computer Networks - 1/27
28 Prime Numbers Prime numbers only have divisors of 1 and self they cannot be written as a product of other numbers note: 1 is prime, but is generally not of interest eg. 2,3,5,7 are prime, 4,6,8,9,10 are not Prime numbers are central to number theory List of prime number less than 200 is: Computer Networks - 1/28
29 Prime Factorisation To factor a number n involves writing it as a product of other numbers: n = a b c Note that factoring a number is relatively hard compared to multiplying the factors together to generate the number! The prime factorisation of a number n is when its written as a product of primes eg. 91=7 13 Computer Networks - 1/29
30 Relatively Prime Numbers & GCD Two numbers a, b are relatively prime if they have no common divisors apart from 1 eg. 8 & 15 are relatively prime since factors of 8 are 1,2,4,8 and of 15 are 1,3,5,15 and 1 is the only common factor Conversely can determine the Greatest Common Divisor by comparing their prime factorizations and using least powers eg. 300 = = hence GCD(18,300) = = 6 Computer Networks - 1/30
31 Fermat's Theorem ap-1 mod p = 1 where p is prime and gcd(a,p) = 1 Also known as Fermat s Little Theorem Useful in public key Computer Networks - 1/31
32 Euler Totient Function ø(n) (1) When doing arithmetic modulo n, complete set of residues is: 0 n-1 Reduced set of residues is those numbers (residues) which are relatively prime to n eg for n = 10, complete set of residues is {0,1,2,3,4,5,6,7,8,9} reduced set of residues is {1,3,7,9} Number of elements in a reduced set of residues is called the Euler Totient Function ø(n) Computer Networks - 1/32
33 Euler Totient Function ø(n) (2) To compute ø(n) need to count number of elements to be excluded In general need prime factorization, but eg. for p (p is a prime) ø(p) = p -1 for p.q (p and q are primes) ø(37) = 36 ø(21) = (3 1) (7 1) = 2 6 = 12 ø(p.q) = (p-1)(q-1) Computer Networks - 1/33
34 Generalization of Euler s theorem For numbers n = pq where p and q are primes, akø(n) + 1 = a mod n, for all a < n, as long as k is a non-negative integer. Computer Networks - 1/34
Network Security. HIT Shimrit Tzur-David
Network Security HIT Shimrit Tzur-David 1 Goals: 2 Network Security Understand principles of network security: cryptography and its many uses beyond confidentiality authentication message integrity key
More informationNetwork Security Technology Network Management
COMPUTER NETWORKS Network Security Technology Network Management Source Encryption E(K,P) Decryption D(K,C) Destination The author of these slides is Dr. Mark Pullen of George Mason University. Permission
More informationApplication Layer (1)
Application Layer (1) Functionality: providing applications (e-mail, www, USENET etc) providing support protocols to allow the real applications to function properly security comprising a large number
More informationProperties of Secure Network Communication
Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able to understand the contents of the transmitted message. Because eavesdroppers may intercept the message,
More informationSECURITY IN NETWORKS
SECURITY IN NETWORKS GOALS Understand principles of network security: Cryptography and its many uses beyond confidentiality Authentication Message integrity Security in practice: Security in application,
More informationNetwork Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1
Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Public Key Cryptography symmetric key crypto v requires sender, receiver know shared secret
More informationCIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives
CIS 6930 Emerging Topics in Network Security Topic 2. Network Security Primitives 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange; Hash functions; Application of hash
More informationApplication Layer (1)
Application Layer (1) Functionality: providing applications (e-mail, Web service, USENET, ftp etc) providing support protocols to allow the real applications to function properly (e.g. HTTP for Web appl.)
More informationNETWORK SECURITY. Farooq Ashraf. Department of Computer Engineering King Fahd University of Petroleum and Minerals Dhahran 31261, Saudi Arabia
NETWORK SECURITY Farooq Ashraf Department of Computer Engineering King Fahd University of Petroleum and Minerals Dhahran 31261, Saudi Arabia O u t l i n e o f t h e P r e s e n t a t i o n What is Security
More informationChapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography
Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:
More informationEXAM questions for the course TTM4135 - Information Security May 2013. Part 1
EXAM questions for the course TTM4135 - Information Security May 2013 Part 1 This part consists of 5 questions all from one common topic. The number of maximal points for every correctly answered question
More informationNetwork Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23
Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest
More informationSymmetric Key cryptosystem
SFWR C03: Computer Networks and Computer Security Mar 8-11 200 Lecturer: Kartik Krishnan Lectures 22-2 Symmetric Key cryptosystem Symmetric encryption, also referred to as conventional encryption or single
More informationDr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010
CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Introduction to Cryptography What is cryptography?
More informationChapter 7: Network security
Chapter 7: Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer: secure e-mail transport
More informationCSC474/574 - Information Systems Security: Homework1 Solutions Sketch
CSC474/574 - Information Systems Security: Homework1 Solutions Sketch February 20, 2005 1. Consider slide 12 in the handout for topic 2.2. Prove that the decryption process of a one-round Feistel cipher
More informationChapter 10. Network Security
Chapter 10 Network Security 10.1. Chapter 10: Outline 10.1 INTRODUCTION 10.2 CONFIDENTIALITY 10.3 OTHER ASPECTS OF SECURITY 10.4 INTERNET SECURITY 10.5 FIREWALLS 10.2 Chapter 10: Objective We introduce
More informationNetwork Security. Outline of the Tutorial
Network Security Dr. Indranil Sen Gupta Head, School of Information Technology Professor, Computer Science & Engg. Indian Institute of Technology Kharagpur 1 Outline of the Tutorial Security attacks and
More informationNetwork Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室
Network Security 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Security Attacks Normal flow: sender receiver Interruption: Information source Information destination
More informationCryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur
Cryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur Module No. # 01 Lecture No. # 05 Classic Cryptosystems (Refer Slide Time: 00:42)
More informationOverview of Public-Key Cryptography
CS 361S Overview of Public-Key Cryptography Vitaly Shmatikov slide 1 Reading Assignment Kaufman 6.1-6 slide 2 Public-Key Cryptography public key public key? private key Alice Bob Given: Everybody knows
More informationNetwork Security 網 路 安 全. Lecture 1 February 20, 2012 洪 國 寶
Network Security 網 路 安 全 Lecture 1 February 20, 2012 洪 國 寶 1 Outline Course information Motivation Introduction to security Basic network concepts Network security models Outline of the course 2 Course
More informationContent Teaching Academy at James Madison University
Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect
More informationFAREY FRACTION BASED VECTOR PROCESSING FOR SECURE DATA TRANSMISSION
FAREY FRACTION BASED VECTOR PROCESSING FOR SECURE DATA TRANSMISSION INTRODUCTION GANESH ESWAR KUMAR. P Dr. M.G.R University, Maduravoyal, Chennai. Email: geswarkumar@gmail.com Every day, millions of people
More informationNetwork Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1
Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Goals v understand principles of network security: cryptography and its many uses beyond
More informationInformation Security
Information Security Dr. Vedat Coşkun Malardalen September 15th, 2009 08:00 10:00 vedatcoskun@isikun.edu.tr www.isikun.edu.tr/~vedatcoskun What needs to be secured? With the rapid advances in networked
More informationThe Mathematics of the RSA Public-Key Cryptosystem
The Mathematics of the RSA Public-Key Cryptosystem Burt Kaliski RSA Laboratories ABOUT THE AUTHOR: Dr Burt Kaliski is a computer scientist whose involvement with the security industry has been through
More informationNetwork Security (2) CPSC 441 Department of Computer Science University of Calgary
Network Security (2) CPSC 441 Department of Computer Science University of Calgary 1 Friends and enemies: Alice, Bob, Trudy well-known in network security world Bob, Alice (lovers!) want to communicate
More informationPrinciples of Network Security
he Network Security Model Bob and lice want to communicate securely. rudy (the adversary) has access to the channel. lice channel data, control s Bob Kai Shen data secure sender secure receiver data rudy
More informationAC76/AT76 CRYPTOGRAPHY & NETWORK SECURITY DEC 2014
Q.2a. Define Virus. What are the four phases of Viruses? In addition, list out the types of Viruses. A virus is a piece of software that can infect other programs by modifying them; the modification includes
More informationOverview of Cryptographic Tools for Data Security. Murat Kantarcioglu
UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Cryptographic Tools for Data Security Murat Kantarcioglu Pag. 1 Purdue University Cryptographic Primitives We will discuss the
More informationCRYPTOGRAPHY IN NETWORK SECURITY
ELE548 Research Essays CRYPTOGRAPHY IN NETWORK SECURITY AUTHOR: SHENGLI LI INSTRUCTOR: DR. JIEN-CHUNG LO Date: March 5, 1999 Computer network brings lots of great benefits and convenience to us. We can
More informationELECTRONIC COMMERCE OBJECTIVE QUESTIONS
MODULE 13 ELECTRONIC COMMERCE OBJECTIVE QUESTIONS There are 4 alternative answers to each question. One of them is correct. Pick the correct answer. Do not guess. A key is given at the end of the module
More informationComputer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt
Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt 1 Lecture 11: Network Security Reference: Chapter 8 - Computer Networks, Andrew S. Tanenbaum, 4th Edition, Prentice
More information7! Cryptographic Techniques! A Brief Introduction
7! Cryptographic Techniques! A Brief Introduction 7.1! Introduction to Cryptography! 7.2! Symmetric Encryption! 7.3! Asymmetric (Public-Key) Encryption! 7.4! Digital Signatures! 7.5! Public Key Infrastructures
More informationFirst Semester Examinations 2011/12 INTERNET PRINCIPLES
PAPER CODE NO. EXAMINER : Martin Gairing COMP211 DEPARTMENT : Computer Science Tel. No. 0151 795 4264 First Semester Examinations 2011/12 INTERNET PRINCIPLES TIME ALLOWED : Two Hours INSTRUCTIONS TO CANDIDATES
More informationSecurity in Distributed Systems. Network Security
Security in Distributed Systems Introduction Cryptography Authentication Key exchange Computer Science Lecture 18, page 1 Network Security Intruder may eavesdrop remove, modify, and/or insert messages
More informationLukasz Pater CMMS Administrator and Developer
Lukasz Pater CMMS Administrator and Developer EDMS 1373428 Agenda Introduction Why do we need asymmetric ciphers? One-way functions RSA Cipher Message Integrity Examples Secure Socket Layer Single Sign
More informationPublic Key Cryptography Overview
Ch.20 Public-Key Cryptography and Message Authentication I will talk about it later in this class Final: Wen (5/13) 1630-1830 HOLM 248» give you a sample exam» Mostly similar to homeworks» no electronic
More informationIT Networks & Security CERT Luncheon Series: Cryptography
IT Networks & Security CERT Luncheon Series: Cryptography Presented by Addam Schroll, IT Security & Privacy Analyst 1 Outline History Terms & Definitions Symmetric and Asymmetric Algorithms Hashing PKI
More informationCSCE 465 Computer & Network Security
CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Public Key Cryptogrophy 1 Roadmap Introduction RSA Diffie-Hellman Key Exchange Public key and
More informationCryptography: Motivation. Data Structures and Algorithms Cryptography. Secret Writing Methods. Many areas have sensitive information, e.g.
Cryptography: Motivation Many areas have sensitive information, e.g. Data Structures and Algorithms Cryptography Goodrich & Tamassia Sections 3.1.3 & 3.1.4 Introduction Simple Methods Asymmetric methods:
More informationAN IMPLEMENTATION OF HYBRID ENCRYPTION-DECRYPTION (RSA WITH AES AND SHA256) FOR USE IN DATA EXCHANGE BETWEEN CLIENT APPLICATIONS AND WEB SERVICES
HYBRID RSA-AES ENCRYPTION FOR WEB SERVICES AN IMPLEMENTATION OF HYBRID ENCRYPTION-DECRYPTION (RSA WITH AES AND SHA256) FOR USE IN DATA EXCHANGE BETWEEN CLIENT APPLICATIONS AND WEB SERVICES Kalyani Ganesh
More informationWhat is network security?
Network security Network Security Srinidhi Varadarajan Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application
More informationSecurity. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key
Friends and Enemies Security Outline Encryption lgorithms Protocols Message Integrity Protocols Key Distribution Firewalls Figure 7.1 goes here ob, lice want to communicate securely Trudy, the intruder
More informationCryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur
Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Lecture No. # 11 Block Cipher Standards (DES) (Refer Slide
More informationDigital Signature For Text File
Digital Signature For Text File Ayad Ibrahim Abdulsada Dept. of Computer Science, College of Education, University of Basrah, Basrah, Iraq. E-mail: mraiadibraheem@yahoo.com Abstract: Digital signatures
More informationClient Server Registration Protocol
Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are
More informationHow encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and
How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and non-repudiation. How to obtain a digital certificate. Installing
More informationNetwork Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015
Network Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015 Chapter 2: Introduction to Cryptography What is cryptography? It is a process/art of mangling information in such a way so as to make it
More informationDigital Signatures. Meka N.L.Sneha. Indiana State University. nmeka@sycamores.indstate.edu. October 2015
Digital Signatures Meka N.L.Sneha Indiana State University nmeka@sycamores.indstate.edu October 2015 1 Introduction Digital Signatures are the most trusted way to get documents signed online. A digital
More informationPrinciples of Public Key Cryptography. Applications of Public Key Cryptography. Security in Public Key Algorithms
Principles of Public Key Cryptography Chapter : Security Techniques Background Secret Key Cryptography Public Key Cryptography Hash Functions Authentication Chapter : Security on Network and Transport
More informationCryptography and Network Security Chapter 9
Cryptography and Network Security Chapter 9 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 9 Public Key Cryptography and RSA Every Egyptian received two names,
More informationCS 348: Computer Networks. - Security; 30 th - 31 st Oct 2012. Instructor: Sridhar Iyer IIT Bombay
CS 348: Computer Networks - Security; 30 th - 31 st Oct 2012 Instructor: Sridhar Iyer IIT Bombay Network security Security Plan (RFC 2196) Identify assets Determine threats Perform risk analysis Implement
More informationSoftware Tool for Implementing RSA Algorithm
Software Tool for Implementing RSA Algorithm Adriana Borodzhieva, Plamen Manoilov Rousse University Angel Kanchev, Rousse, Bulgaria Abstract: RSA is one of the most-common used algorithms for public-key
More informationSymmetric Mechanisms for Authentication in IDRP
WG1/SG2 WP WG2/WP 488 International Civil Aviation Organization Aeronautical Telecommunication Network Panel (ATNP) WG2 and WG1/SG2 Meetings Honolulu, Hawaii, USA January 1999 Symmetric Mechanisms for
More informationOverview of CSS SSL. SSL Cryptography Overview CHAPTER
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers
More informationPart I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai 2001. Siemens AG 2001, ICN M NT
Part I Contents Part I Introduction to Information Security Definition of Crypto Cryptographic Objectives Security Threats and Attacks The process Security Security Services Cryptography Cryptography (code
More informationCryptography and Network Security
Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 1: Introduction Ion Petre Department of IT, Åbo Akademi University January 10, 2012 1 Motto Unfortunately, the technical
More informationPublic Key Cryptography and RSA. Review: Number Theory Basics
Public Key Cryptography and RSA Murat Kantarcioglu Based on Prof. Ninghui Li s Slides Review: Number Theory Basics Definition An integer n > 1 is called a prime number if its positive divisors are 1 and
More informationNetwork Security. Omer Rana
Network Security Omer Rana CM0255 Material from: Cryptography Components Sender Receiver Plaintext Encryption Ciphertext Decryption Plaintext Encryption algorithm: Plaintext Ciphertext Cipher: encryption
More informationAuthentication requirement Authentication function MAC Hash function Security of
UNIT 3 AUTHENTICATION Authentication requirement Authentication function MAC Hash function Security of hash function and MAC SHA HMAC CMAC Digital signature and authentication protocols DSS Slides Courtesy
More informationCS 758: Cryptography / Network Security
CS 758: Cryptography / Network Security offered in the Fall Semester, 2003, by Doug Stinson my office: DC 3122 my email address: dstinson@uwaterloo.ca my web page: http://cacr.math.uwaterloo.ca/~dstinson/index.html
More informationSecurity for Computer Networks
Security for Computer Networks An Introduction to Data Security in Teleprocessing and Electronic Funds Transfer D. W. Davies Consultant for Data Security and W. L. Price National Physical Laboratory, Teddington,
More informationSavitribai Phule Pune University
Savitribai Phule Pune University Centre for Information and Network Security Course: Introduction to Cyber Security / Information Security Module : Pre-requisites in Information and Network Security Chapter
More informationCryptography & Network Security
Cryptography & Network Security Lecture 1: Introduction & Overview 2002. 3. 27 chlim@sejong.ac.kr Common Terms(1) Cryptography: The study of mathematical techniques related to aspects of information security
More informationTable: Security Services (X.800)
SECURIT SERVICES X.800 defines a security service as a service provided by a protocol layer of communicating open systems, which ensures adequate security of the systems or of data transfers. Also the
More informationOutline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures
Outline Computer Science 418 Digital Signatures Mike Jacobson Department of Computer Science University of Calgary Week 12 1 Digital Signatures 2 Signatures via Public Key Cryptosystems 3 Provable 4 Mike
More informationEvaluation of the RC4 Algorithm for Data Encryption
Evaluation of the RC4 Algorithm for Data Encryption Allam Mousa (1) and Ahmad Hamad (2) (1) Electrical Engineering Department An-Najah University, Nablus, Palestine (2) Systems Engineer PalTel Company,
More informationLecture 6 - Cryptography
Lecture 6 - Cryptography CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07 Question 2 Setup: Assume you and I don t know anything about
More informationCompter Networks Chapter 9: Network Security
Goals of this chapter Compter Networks Chapter 9: Network Security Give a brief glimpse of security in communication networks Basic goals and mechanisms Holger Karl Slide set: Günter Schäfer, TU Ilmenau
More informationChapter 8. Cryptography Symmetric-Key Algorithms. Digital Signatures Management of Public Keys Communication Security Authentication Protocols
Network Security Chapter 8 Cryptography Symmetric-Key Algorithms Public-Key Algorithms Digital Signatures Management of Public Keys Communication Security Authentication Protocols Email Security Web Security
More informationThe application of prime numbers to RSA encryption
The application of prime numbers to RSA encryption Prime number definition: Let us begin with the definition of a prime number p The number p, which is a member of the set of natural numbers N, is considered
More informationNumber Theory. Proof. Suppose otherwise. Then there would be a finite number n of primes, which we may
Number Theory Divisibility and Primes Definition. If a and b are integers and there is some integer c such that a = b c, then we say that b divides a or is a factor or divisor of a and write b a. Definition
More information12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust
Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or
More informationAdvanced Cryptography
Family Name:... First Name:... Section:... Advanced Cryptography Final Exam July 18 th, 2006 Start at 9:15, End at 12:00 This document consists of 12 pages. Instructions Electronic devices are not allowed.
More informationNumber Theory and Cryptography using PARI/GP
Number Theory and Cryptography using Minh Van Nguyen nguyenminh2@gmail.com 25 November 2008 This article uses to study elementary number theory and the RSA public key cryptosystem. Various commands will
More informationModule 8. Network Security. Version 2 CSE IIT, Kharagpur
Module 8 Network Security Lesson 2 Secured Communication Specific Instructional Objectives On completion of this lesson, the student will be able to: State various services needed for secured communication
More informationChapter 8 Security. IC322 Fall 2014. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012
Chapter 8 Security IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross, All
More informationChapter 10. Cloud Security Mechanisms
Chapter 10. Cloud Security Mechanisms 10.1 Encryption 10.2 Hashing 10.3 Digital Signature 10.4 Public Key Infrastructure (PKI) 10.5 Identity and Access Management (IAM) 10.6 Single Sign-On (SSO) 10.7 Cloud-Based
More informationNotes on Network Security Prof. Hemant K. Soni
Chapter 9 Public Key Cryptography and RSA Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications
More information: Network Security. Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT
Subject Code Department Semester : Network Security : XCS593 : MSc SE : Nineth Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT Part A (2 marks) 1. What are the various layers of an OSI reference
More information1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies
1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies Dave Corbett Technical Product Manager Implementing Forward Secrecy 1 Agenda Part 1: Introduction Why is Forward Secrecy important?
More informationOutline. Digital signature. Symmetric-key Cryptography. Caesar cipher. Cryptography basics Digital signature
Outline Digital signature Cryptography basics Digital signature Dr. László Daragó, Ph.D. Associate professor Cryptography Cryptography encryption decryption Symmetric-key Cryptography Encryption with a
More informationNetwork Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering
Network Security Gaurav Naik Gus Anderson, Philadelphia, PA Lectures on Network Security Feb 12 (Today!): Public Key Crypto, Hash Functions, Digital Signatures, and the Public Key Infrastructure Feb 14:
More informationMathematical Model Based Total Security System with Qualitative and Quantitative Data of Human
Int Jr of Mathematics Sciences & Applications Vol3, No1, January-June 2013 Copyright Mind Reader Publications ISSN No: 2230-9888 wwwjournalshubcom Mathematical Model Based Total Security System with Qualitative
More informationCyber Security Workshop Encryption Reference Manual
Cyber Security Workshop Encryption Reference Manual May 2015 Basic Concepts in Encoding and Encryption Binary Encoding Examples Encryption Cipher Examples 1 P a g e Encoding Concepts Binary Encoding Basics
More informationSecure E-Commerce: Understanding the Public Key Cryptography Jigsaw Puzzle
CRYPTOGRAPHY Secure E-Commerce: Understanding the Public Key Cryptography Jigsaw Puzzle Viswanathan Kodaganallur, Ph.D. Today almost all organizations use the Internet extensively for both intra- and inter-organizational
More informationSecurity (II) ISO 7498-2: Security Architecture of OSI Reference Model. Outline. Course Outline: Fundamental Topics. EE5723/EE4723 Spring 2012
Course Outline: Fundamental Topics System View of Network Security Network Security Model Security Threat Model & Security Services Model Overview of Network Security Security Basis: Cryptography Secret
More informationDetailed Concept of Network Security
Detailed Concept of Network Security Er. Anup Lal Yadav M-Tech Student Er. Sahil Verma Asst. Prof. in C.S.E. Deptt. EMGOI, Badhauli. sahilkv4010@yahoo.co.in Er. Kavita Asst. Prof. in C.S.E. Deptt. EMGOI,
More informationAn Introduction to RSA Public-Key Cryptography
An Introduction to RSA Public-Key Cryptography David Boyhan August 5, 2008 According to the U.S. Census Bureau, in the 1st quarter of 2008, approximately $33 billion worth of retail sales were conducted
More informationComputer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University
Computer Networks Network Security and Ethics Week 14 College of Information Science and Engineering Ritsumeikan University Security Intro for Admins l Network administrators can break security into two
More informationChapter 23. Database Security. Security Issues. Database Security
Chapter 23 Database Security Security Issues Legal and ethical issues Policy issues System-related issues The need to identify multiple security levels 2 Database Security A DBMS typically includes a database
More informationMessage Authentication Codes
2 MAC Message Authentication Codes : and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l08, Steve/Courses/2013/s2/css322/lectures/mac.tex,
More informationCommon security requirements Basic security tools. Example. Secret-key cryptography Public-key cryptography. Online shopping with Amazon
1 Common security requirements Basic security tools Secret-key cryptography Public-key cryptography Example Online shopping with Amazon 2 Alice credit card # is xxxx Internet What could the hacker possibly
More informationCryptography: Authentication, Blind Signatures, and Digital Cash
Cryptography: Authentication, Blind Signatures, and Digital Cash Rebecca Bellovin 1 Introduction One of the most exciting ideas in cryptography in the past few decades, with the widest array of applications,
More informationDeveloping and Investigation of a New Technique Combining Message Authentication and Encryption
Developing and Investigation of a New Technique Combining Message Authentication and Encryption Eyas El-Qawasmeh and Saleem Masadeh Computer Science Dept. Jordan University for Science and Technology P.O.
More informationCryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs
Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs Enes Pasalic University of Primorska Koper, 2014 Contents 1 Preface 3 2 Problems 4 2 1 Preface This is a
More information