SSL Firewalls
|
|
- Shawn Marshall
- 8 years ago
- Views:
Transcription
1 & & ( ) SSL Firewalls :. :.. byte 0x01 : 1,. 1
2 , :,, : ( ) ). : : (Confidentiality) (Integrity) (Availability) :.,,. :. :...,,. :,,. 2
3 (Identification) (Authentication).,,, )... (Authorization) (Accountability) (Non-repudiation)..... ;. Hackers- :. ( ) ; ; :. : (, ).. :.. 3
4 (Vulnerability),,,. (Threat). : : :. :,. :. (risk). (attack). (Countermeasures). :. :. :. :,. :. :.. :. :. :. 4
5 (, ): ( ). : (, ). :.. ) 5
6 . : : (,, ), ). : ( ). : (MAC):. (unilateral authentication):. (mutual authentication):. Password ( ) PIN (challenge-response). Security token (password generator) Smart card, magnetic stripe card - Passwords string x. passwords:.. dictionary attacks. ( ) password checkers password.. Passwords password: dictionary attacks. passwords,,. passwords. default passwords. 6
7 .. : ( ). :. Crossover Error Rate:.. ( ) : :. :.,,. :. :. :.. :.. :. 7
8 : (MAC):.,.,,. ( ). (one-way hash function). ( ) (hash value) (message digest). : m, f(m). f(m), m. m m f(m) = f(m )..,.. 8
9 . (, ). : (access). (subject),,. (object).,,,,. :. : : (observe): (alter):. :. : : :,. (execute): (delete - windows): (change ownership - windows): ( ) :. : (discretionaryaccess control DAC): ( ),. ( manager ).. DAC ACLs (Access Control Lists ). 9
10 ( ) (mandatoryaccess control MAC):.... (security clearance) secret, top secret, confidential, (classified) secret, top secret, confidential.. security clearance.. ( ) (role based access control RBAC) (Nondiscretionary access control):.. :,. RBAC.. ( ) : ( ) (access control matrix):. (DAC).. : ( capabilities) ( access control lists) ( ) (capabilities):,... : alpha.exe: execute; beta.com: execute, read : delta.doc: read, write; alpha.exe: execute; beta.com: execute DAC.. : ( administrator)
11 ( ) (Access control list ACL):. ACL.. ACL alpha.exe: A: execute, : execute. (groups). ACLs.... (Bell-LaPadula), (Biba, Clark-Wilson). :.. :. :.. (Bell-LaPadula).,. Bell-LaPadula.. (subject s security clearance) (data classification):. 11
12 (Bell-LaPadula) Bell- LaPadula: (Simple security rule):. (no read up). *- (*-property rule): (no write down). :.,... (Biba) Bell-LaPadula.. : (no write up):. (no read down). (Clark-Wilson).. (separation of duties):.. 12
13 ,,. :, : : :. :. :. :. :. Plaintext:. Ciphertext:. 1/3 - ( -GSM) (cryptophones) ( ) ( ) 2/3 (, ) 13
14 3/3 (VPN) Word Wide Web ( ) (Hipperlan, bluetooth, x) (VOIP) ( ) , ( ) Caesar cipher. ( ), ( ) Enigma.,
15 ( ) ClaudeShannon 1949, (Communication Theory of Secrecy Systems) DES (Data Encryption Standard) DES AES 2001 NIST FIPS 197. This is plaintext ) - &cw*4l %$?e} ) - This is plaintext ) : k k,., k = k.. 15
16 :... This is plaintext k - &cw*4l %$?e} k - This is plaintext X = k ) Y X = k (Y) X.. m...,,.. : 16
17 ,,.. : : ).. : ). :.,. :. Block ciphers (blocks) t blocks. Stream ciphers block ciphers block 1 bit. bits. 17
18 Stream ciphers stream cipher bit byte bit byte. stream ciphers. Stream ciphers stream cipher : bit,. Stream ciphers Vernam : t m 1 m 2 m t k 1 k 2 k t c 1 c 2 c t : c i = m i k i, 1 i t. : : : Stream ciphers Vernam cipher onetime-pad. O one-time-pad... 18
19 Symmetric-key block ciphers block cipher n-bit n-bit. k-bit. : C = E K (P) : P = D K (C) : ECB, CBC, CFB, OFB. (Electronic CodeBook Mode; ECB mode) : : k-bit K; n-bit x 1,x 2,,x t. : c 1,c 2,,c t : 1 j t, c j E K ( x j ). : 1 j t, x j D K ( c j ). k x j x j / n / n E D k / n / n c j c j x jxj (Electronic CodeBook Mode; ECB). ECB: ).. : bits. :. (Cipher Block Chaining mode; CBC) : : k-bit K; n-bit IV; n-bit x 1,x 2,,x t. : c 1,c 2,,c t : 1 j t, c j E K (c j-1 x j ). : 1 j t, x j c j-1 D K ( c j ). 19
20 (Cipher Block Chaining mode; CBC) CBC:., IV,. c j x j.. (Cipher Block Chaining mode; CBC) CBC: : bit c j c j c j+1 x j c j c j-1 ) : CBC selfsynchronizing c j c j+1, c j+2 x j+2. IV,. E(x) = E K2 (E K1 (x)) K1 2 E(x) = Y K3 (Y K2 (Y K1 (x))). Y. E(x) = K3 (D K2 (E K1 (x))). K1= 3. K1= 2= 3; Symmetric-key Block Ciphers : (substitution) ( ) ( ). Caesar cipher 3 : plaintext: abcdefghijklmnopqrstuvwxyz ciphertext: defghijklmnopqrstuvwxyzabc Caesar cipher k. k. 20
21 Caesar Chipher : : : : C = (M + 3) mod 24 ( ) : M = (C 3) mod 24 (C 3), 24,., mod 24, mod 26. Symmetric-key Block Ciphers : (substitution),,,.. plaintext: abcdefghijklmnopqrstuvwxyz ciphertext: rivnsojltzkgaqsmwvbyex (26!=4x10 26 )... Symmetric-key Block Ciphers : (substitution) Vigenere) tk 1 k 2 k t. m=m 1 m 2 m 3 c=c 1 c 2 c 3 c 1 = m 1 + k t mod s s. t. : : : :, 6,, 3,, 9, (6 + 3) mod 24 = 9., 17,, 5,, (17 + 5) mod 24 = 22.,. 21
22 Vigenere Vigenere, «cryptography». : C R Y P T O G R AP H Y C R Y P T O G R A P H Y C R Y : N E W D I R E C T I O N S I N C R Y P T O G R A P H Y : : «P» «V». Symmetric-key Block Ciphers : (transposition). t, t, e 1 t... t = 6 e = (641352).. d = (364251). 22
23 : 3 ( ) : : : Symmetric-key Block Ciphers (Product cipher):... block cipher (iterated block cipher): block cipher (round function). Symmetric-key Block Ciphers Feistel: 2t-bit (L 0, R 0 ), t-bit L 0 R 0, (R r, L r ) r r 1. 1 i r L i = R i-1, R i = L i-1 f(r i-1, K i ) K i f. r 3. DES O Data Encryption Standard (DES) block cipher. FIPS n = 64bits 64bits. 64bits 8 (8,16,...,64) bits (parity)., Feistel. 23
24 DES : 16. K bit,,. 64-bit bit L 0 R bit L i-1 R i-1 32-bit L i R i : L i = R i-1 ; R i = L i-1 f(r i-1, K i ) f ( S-boxes). 8 S-boxes DES.. DES 16 ( 16 1 ). DES DES: x ( (x))=x DES: 1, 2, 1 ( 2 (x))=x. DES DES (E-D-E). AES DES. Rijndael. NIST (National Institute of Standards and Technology). 128bits 128, 192, 256 bits. DES. : DES ~10 12 keys / sec DES. ES ~10 16 keys / sec ES ~150,000,000,000.. DES.. 24
25 AES bytes ( States) 4x4, (10 AES-128, 12 AES-192, 14 AES-256).. : bytes S-box XOR. e d., d e. e e, D d. m e e c = e (m). d D d m = D d (c). 2, 2 m
26 .. ( )... RSA ( n n). A (n, e), n modulus e, d. :. m ( [0, n-1]) c = m e mod n. c. RSA modulusn. 512, 768, 1024, 2048, RSA p q n= pq. : p q,. n = pq = (p -1)(q -1). e, 1<e<, gcd(e, ) = 1. d (1< d ed = 1 (mod ). (n, e d. e e=3 e= , (session keys). ( ). 26
27 ., K,, E (K),, D (E (K)) = K..,,.. m S : s = S (m). (m, s). s m. s m, : V A. u = V A (m, s)., u = true u = false. K., L. :,, m s V A (m, s) = true. :,. :. 27
28 .... : TTP.. (one-way hash function) MD5 hash, H(M),, M,, h. h = H(M), h m : M, h. M,, M, H(M) = H(M ). h, M, h = H(M)., (collision resistance)., M M, H(M) = H(M ).. (key distribution centers) (key translation centers) :.. :. TTP n. TTP. TTP. :,. TTP. TTP: TTP. TTP. : TTP. 28
29 Trusted Third Parties (TTPs). TTP. : In-line:. On-line: ( ).. Off-line:. TTPs :. Registration Authority ( ):. Key Generator ( ):,. Certificate Directory ( ):. Key server ( ):.. Timestamp Agent:. Notary Agent:. Key Escrow Agent:...,,.. ( ) ): TTP.. 29
30 (public-key certificates):,,. (identity certificates):. (attribute certificates): (, ).. : ( ). (. ) (. ), ),,,.,,,,,.,,,,.. : (repository) 30
31 ... :.,,,,,... :. () ( ). (certificate revocation list). CRL.. (Registration Authority):,,... :. (certificate directory):. (, ).. ( ),. 31
32 :.. ( ).. ( ).. ( )... ( )...,. :,.. 32
33 ,, : : (selfreplicating)..,. (Trojan Horses):.... (Transient virus):. (Resident Virus):. (Terminate-stayresident). (logic bomb): (. ). (Worm):. , TCP/IP.... ( ) : :. IBM : ROM. ROM (master boot sector) ( ). (sector) 0, (track) 1, (side) 0. (partition table) ( bootable).. DOS (DOS boot sector). 33
34 ( ) DOS (DOS boot sector): (file allocation table FAT). O FAT. (linked list) (clusters). : IO.SYS, BIOS SYSINIT. To SYSINIT MSDOS.SYS. DOS (COMMAND.COM) AUTOEXEC.BAT. COMMAND.COM. ( ). DOS, BIOS.. : New Zealand : DOS. IO.SYS COMMAND.COM. ( ). (parasitic virus),.com.exe,.,..,,..,. ( ) (companion virus).. DOS, DOS.COM.EXE,.BAT..EXE,.COM ( ).COM. 34
35 (Macro ) macros Word Basic, Visual Basic, VBScript Microsoft Office. macro.. macro Microsoft Office. ) (stealth virus):., antivirus.. antivirus. ( ), ) antivirus )... : :. :. :.. : (scanners): ( ).,. (cryptographic checksum):.,. 35
Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu
UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Cryptographic Tools for Data Security Murat Kantarcioglu Pag. 1 Purdue University Cryptographic Primitives We will discuss the
More informationIT Networks & Security CERT Luncheon Series: Cryptography
IT Networks & Security CERT Luncheon Series: Cryptography Presented by Addam Schroll, IT Security & Privacy Analyst 1 Outline History Terms & Definitions Symmetric and Asymmetric Algorithms Hashing PKI
More informationCS 758: Cryptography / Network Security
CS 758: Cryptography / Network Security offered in the Fall Semester, 2003, by Doug Stinson my office: DC 3122 my email address: dstinson@uwaterloo.ca my web page: http://cacr.math.uwaterloo.ca/~dstinson/index.html
More informationCourse Content Summary ITN 262 Network Communication, Security and Authentication (4 Credits)
Page 1 of 5 Course Content Summary ITN 262 Network Communication, Security and Authentication (4 Credits) TNCC Cybersecurity Program web page: http://tncc.edu/programs/cyber-security Course Description:
More informationEXAM questions for the course TTM4135 - Information Security May 2013. Part 1
EXAM questions for the course TTM4135 - Information Security May 2013 Part 1 This part consists of 5 questions all from one common topic. The number of maximal points for every correctly answered question
More informationNetwork Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23
Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest
More informationNETWORK ADMINISTRATION AND SECURITY
NETWORK ADMINISTRATION AND SECURITY Unit I (NAS) (W- 10) Q. 1) What is Security Attack? Explain general categories of attack with examples. 7 Q. 2) List and define the five security services. 5 Q. 3) Define
More informationNetwork Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1
Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Goals v understand principles of network security: cryptography and its many uses beyond
More informationNetwork Security. Security. Security Services. Crytographic algorithms. privacy authenticity Message integrity. Public key (RSA) Message digest (MD5)
Network Security Security Crytographic algorithms Security Services Secret key (DES) Public key (RSA) Message digest (MD5) privacy authenticity Message integrity Secret Key Encryption Plain text Plain
More informationNetwork Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室
Network Security 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Security Attacks Normal flow: sender receiver Interruption: Information source Information destination
More informationChapter 8. Network Security
Chapter 8 Network Security Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Need for Security Some people who
More informationSECURITY IN NETWORKS
SECURITY IN NETWORKS GOALS Understand principles of network security: Cryptography and its many uses beyond confidentiality Authentication Message integrity Security in practice: Security in application,
More informationLecture 9 - Network Security TDTS41-2006 (ht1)
Lecture 9 - Network Security TDTS41-2006 (ht1) Prof. Dr. Christoph Schuba Linköpings University/IDA Schuba@IDA.LiU.SE Reading: Office hours: [Hal05] 10.1-10.2.3; 10.2.5-10.7.1; 10.8.1 9-10am on Oct. 4+5,
More informationVALLIAMMAI ENGINEERING COLLEGE
VALLIAMMAI ENGINEERING COLLEGE (A member of SRM Institution) SRM Nagar, Kattankulathur 603203. DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING Year and Semester : I / II Section : 1 Subject Code : NE7202
More informationChapter 8. Cryptography Symmetric-Key Algorithms. Digital Signatures Management of Public Keys Communication Security Authentication Protocols
Network Security Chapter 8 Cryptography Symmetric-Key Algorithms Public-Key Algorithms Digital Signatures Management of Public Keys Communication Security Authentication Protocols Email Security Web Security
More informationLecture 4 Data Encryption Standard (DES)
Lecture 4 Data Encryption Standard (DES) 1 Block Ciphers Map n-bit plaintext blocks to n-bit ciphertext blocks (n = block length). For n-bit plaintext and ciphertext blocks and a fixed key, the encryption
More informationChapter 7: Network security
Chapter 7: Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer: secure e-mail transport
More informationAuthentication requirement Authentication function MAC Hash function Security of
UNIT 3 AUTHENTICATION Authentication requirement Authentication function MAC Hash function Security of hash function and MAC SHA HMAC CMAC Digital signature and authentication protocols DSS Slides Courtesy
More informationNetwork Security Technology Network Management
COMPUTER NETWORKS Network Security Technology Network Management Source Encryption E(K,P) Decryption D(K,C) Destination The author of these slides is Dr. Mark Pullen of George Mason University. Permission
More informationComputer Security CS 426. CS426 Fall 2010/Lecture 40 1
Computer Security CS 426 Review for Final Exam CS426 Fall 2010/Lecture 40 1 Basic Concepts Confidentiality Integrity Availability Authenticity Integrity (in communications) Non-repudiation Privacy (general
More informationChapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography
Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:
More informationHow To Understand And Understand The History Of Cryptography
CSE497b Introduction to Computer and Network Security - Spring 2007 - Professors Jaeger Lecture 5 - Cryptography CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07/
More informationWeighted Total Mark. Weighted Exam Mark
CMP4103 Computer Systems and Network Security Period per Week Contact Hour per Semester Weighted Total Mark Weighted Exam Mark Weighted Continuous Assessment Mark Credit Units LH PH TH CH WTM WEM WCM CU
More informationNetwork Security (2) CPSC 441 Department of Computer Science University of Calgary
Network Security (2) CPSC 441 Department of Computer Science University of Calgary 1 Friends and enemies: Alice, Bob, Trudy well-known in network security world Bob, Alice (lovers!) want to communicate
More informationChapter 15: Security
Chapter 15: Security Chapter 15: Security The Security Problem Program Threats System and Network Threats Cryptography as a Security Tool User Authentication Implementing Security Defenses Firewalling
More informationlundi 1 octobre 2012 In a set of N elements, by picking at random N elements, we have with high probability a collision two elements are equal
Symmetric Crypto Pierre-Alain Fouque Birthday Paradox In a set of N elements, by picking at random N elements, we have with high probability a collision two elements are equal N=365, about 23 people are
More informationChapter 23. Database Security. Security Issues. Database Security
Chapter 23 Database Security Security Issues Legal and ethical issues Policy issues System-related issues The need to identify multiple security levels 2 Database Security A DBMS typically includes a database
More informationChapter 23. Database Security. Security Issues. Database Security
Chapter 23 Database Security Security Issues Legal and ethical issues Policy issues System-related issues The need to identify multiple security levels 2 Database Security A DBMS typically includes a database
More informationNetwork Security - ISA 656 Introduction to Cryptography
Network Security - ISA 656 Angelos Stavrou September 18, 2007 Codes vs. K = {0, 1} l P = {0, 1} m C = {0, 1} n, C C E : P K C D : C K P p P, k K : D(E(p, k), k) = p It is infeasible to find F : P C K Let
More informationSecurity for Computer Networks
Security for Computer Networks An Introduction to Data Security in Teleprocessing and Electronic Funds Transfer D. W. Davies Consultant for Data Security and W. L. Price National Physical Laboratory, Teddington,
More informationCryptographic Hash Functions Message Authentication Digital Signatures
Cryptographic Hash Functions Message Authentication Digital Signatures Abstract We will discuss Cryptographic hash functions Message authentication codes HMAC and CBC-MAC Digital signatures 2 Encryption/Decryption
More informationAC76/AT76 CRYPTOGRAPHY & NETWORK SECURITY DEC 2014
Q.2a. Define Virus. What are the four phases of Viruses? In addition, list out the types of Viruses. A virus is a piece of software that can infect other programs by modifying them; the modification includes
More informationE-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications
Learning objectives E-commerce Security Threats and Protection Mechanisms. This lecture covers internet security issues and discusses their impact on an e-commerce. Nov 19, 2004 www.dcs.bbk.ac.uk/~gmagoulas/teaching.html
More informationNetwork Security. HIT Shimrit Tzur-David
Network Security HIT Shimrit Tzur-David 1 Goals: 2 Network Security Understand principles of network security: cryptography and its many uses beyond confidentiality authentication message integrity key
More informationTable of Contents. Bibliografische Informationen http://d-nb.info/996514864. digitalisiert durch
1 Introduction to Cryptography and Data Security 1 1.1 Overview of Cryptology (and This Book) 2 1.2 Symmetric Cryptography 4 1.2.1 Basics 4 1.2.2 Simple Symmetric Encryption: The Substitution Cipher...
More informationCryptography and Network Security Chapter 11. Fourth Edition by William Stallings
Cryptography and Network Security Chapter 11 Fourth Edition by William Stallings Chapter 11 Message Authentication and Hash Functions At cats' green on the Sunday he took the message from the inside of
More information7! Cryptographic Techniques! A Brief Introduction
7! Cryptographic Techniques! A Brief Introduction 7.1! Introduction to Cryptography! 7.2! Symmetric Encryption! 7.3! Asymmetric (Public-Key) Encryption! 7.4! Digital Signatures! 7.5! Public Key Infrastructures
More informationSCP - Strategic Infrastructure Security
SCP - Strategic Infrastructure Security Lesson 1 - Cryptogaphy and Data Security Cryptogaphy and Data Security History of Cryptography The number lock analogy Cryptography Terminology Caesar and Character
More informationProperties of Secure Network Communication
Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able to understand the contents of the transmitted message. Because eavesdroppers may intercept the message,
More informationNetwork Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering
Network Security Gaurav Naik Gus Anderson, Philadelphia, PA Lectures on Network Security Feb 12 (Today!): Public Key Crypto, Hash Functions, Digital Signatures, and the Public Key Infrastructure Feb 14:
More informationChapter 10. Network Security
Chapter 10 Network Security 10.1. Chapter 10: Outline 10.1 INTRODUCTION 10.2 CONFIDENTIALITY 10.3 OTHER ASPECTS OF SECURITY 10.4 INTERNET SECURITY 10.5 FIREWALLS 10.2 Chapter 10: Objective We introduce
More informationMessage authentication and. digital signatures
Message authentication and " Message authentication digital signatures verify that the message is from the right sender, and not modified (incl message sequence) " Digital signatures in addition, non!repudiation
More informationOverview of Symmetric Encryption
CS 361S Overview of Symmetric Encryption Vitaly Shmatikov Reading Assignment Read Kaufman 2.1-4 and 4.2 slide 2 Basic Problem ----- ----- -----? Given: both parties already know the same secret Goal: send
More informationChapter 8 Network Security. Slides adapted from the book and Tomas Olovsson
Chapter 8 Network Security Slides adapted from the book and Tomas Olovsson Roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity Security protocols and measures: Securing
More informationPrinciples of Network Security
he Network Security Model Bob and lice want to communicate securely. rudy (the adversary) has access to the channel. lice channel data, control s Bob Kai Shen data secure sender secure receiver data rudy
More informationDr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010
CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Introduction to Cryptography What is cryptography?
More informationCSE/EE 461 Lecture 23
CSE/EE 461 Lecture 23 Network Security David Wetherall djw@cs.washington.edu Last Time Naming Application Presentation How do we name hosts etc.? Session Transport Network Domain Name System (DNS) Data
More informationMessage Authentication
Message Authentication message authentication is concerned with: protecting the integrity of a message validating identity of originator non-repudiation of origin (dispute resolution) will consider the
More informationThe Misuse of RC4 in Microsoft Word and Excel
The Misuse of RC4 in Microsoft Word and Excel Hongjun Wu Institute for Infocomm Research, Singapore hongjun@i2r.a-star.edu.sg Abstract. In this report, we point out a serious security flaw in Microsoft
More informationChapter 18: System Security
Chapter 18: System Security Chapter 18: System Security The Security Problem Program Threats System and Network Threats Cryptography as a Security Tool User Authentication Implementing Security Defenses
More informationPublic Key Cryptography Overview
Ch.20 Public-Key Cryptography and Message Authentication I will talk about it later in this class Final: Wen (5/13) 1630-1830 HOLM 248» give you a sample exam» Mostly similar to homeworks» no electronic
More informationWhat is network security?
Network security Network Security Srinidhi Varadarajan Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application
More informationCIS433/533 - Computer and Network Security Cryptography
CIS433/533 - Computer and Network Security Cryptography Professor Kevin Butler Winter 2011 Computer and Information Science A historical moment Mary Queen of Scots is being held by Queen Elizabeth and
More informationCryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs
Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs Enes Pasalic University of Primorska Koper, 2014 Contents 1 Preface 3 2 Problems 4 2 1 Preface This is a
More informationPart I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai 2001. Siemens AG 2001, ICN M NT
Part I Contents Part I Introduction to Information Security Definition of Crypto Cryptographic Objectives Security Threats and Attacks The process Security Security Services Cryptography Cryptography (code
More information1 Data Encryption Algorithm
Date: Monday, September 23, 2002 Prof.: Dr Jean-Yves Chouinard Design of Secure Computer Systems CSI4138/CEG4394 Notes on the Data Encryption Standard (DES) The Data Encryption Standard (DES) has been
More informationA Comparative Study of Security Features in FreeBSD and OpenBSD
Department of Computer Science Magnus Persson A Comparative Study of Security Features in FreeBSD and OpenBSD Master s Thesis 2006:02 A Comparative Study of Security Features in FreeBSD and OpenBSD Magnus
More information12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust
Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or
More informationNetwork Security. Modes of Operation. Steven M. Bellovin February 3, 2009 1
Modes of Operation Steven M. Bellovin February 3, 2009 1 Using Cryptography As we ve already seen, using cryptography properly is not easy Many pitfalls! Errors in use can lead to very easy attacks You
More informationThe Encryption Technology of Automatic Teller Machine Networks
Software Engineering 4C03 Winter 2005 The Encryption Technology of Automatic Teller Machine Networks Researcher: Shun Wong Last revised: April 2nd, 2005 1 Introduction ATM also known as Automatic Teller
More informationClient Server Registration Protocol
Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are
More informationCPS 590.5 Computer Security Lecture 9: Introduction to Network Security. Xiaowei Yang xwy@cs.duke.edu
CPS 590.5 Computer Security Lecture 9: Introduction to Network Security Xiaowei Yang xwy@cs.duke.edu Previous lectures Worm Fast worm design Today Network security Cryptography building blocks Existing
More informationCRYPTOGRAPHY IN NETWORK SECURITY
ELE548 Research Essays CRYPTOGRAPHY IN NETWORK SECURITY AUTHOR: SHENGLI LI INSTRUCTOR: DR. JIEN-CHUNG LO Date: March 5, 1999 Computer network brings lots of great benefits and convenience to us. We can
More informationHash Functions. Integrity checks
Hash Functions EJ Jung slide 1 Integrity checks Integrity vs. Confidentiality! Integrity: attacker cannot tamper with message! Encryption may not guarantee integrity! Intuition: attacker may able to modify
More information159.334 Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology
Network Security 1 Professor Richard Harris School of Engineering and Advanced Technology Presentation Outline Overview of Identification and Authentication The importance of identification and Authentication
More informationSecret File Sharing Techniques using AES algorithm. C. Navya Latha 200201066 Garima Agarwal 200305032 Anila Kumar GVN 200305002
Secret File Sharing Techniques using AES algorithm C. Navya Latha 200201066 Garima Agarwal 200305032 Anila Kumar GVN 200305002 1. Feature Overview The Advanced Encryption Standard (AES) feature adds support
More informationNetwork Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1
Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Public Key Cryptography symmetric key crypto v requires sender, receiver know shared secret
More informationHow To Encrypt Data With Encryption
USING ENCRYPTION TO PROTECT SENSITIVE INFORMATION Commonwealth Office of Technology Security Month Seminars Alternate Title? Boy, am I surprised. The Entrust guy who has mentioned PKI during every Security
More informationSecurity. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key
Friends and Enemies Security Outline Encryption lgorithms Protocols Message Integrity Protocols Key Distribution Firewalls Figure 7.1 goes here ob, lice want to communicate securely Trudy, the intruder
More informationNetwork Security. Omer Rana
Network Security Omer Rana CM0255 Material from: Cryptography Components Sender Receiver Plaintext Encryption Ciphertext Decryption Plaintext Encryption algorithm: Plaintext Ciphertext Cipher: encryption
More informationDesigning Hash functions. Reviewing... Message Authentication Codes. and message authentication codes. We have seen how to authenticate messages:
Designing Hash functions and message authentication codes Reviewing... We have seen how to authenticate messages: Using symmetric encryption, in an heuristic fashion Using public-key encryption in interactive
More informationNetwork Security. Outline of the Tutorial
Network Security Dr. Indranil Sen Gupta Head, School of Information Technology Professor, Computer Science & Engg. Indian Institute of Technology Kharagpur 1 Outline of the Tutorial Security attacks and
More informationLecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References
Lecture Objectives Wireless Networks and Mobile Systems Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks Introduce security vulnerabilities and defenses Describe security functions
More informationCommon security requirements Basic security tools. Example. Secret-key cryptography Public-key cryptography. Online shopping with Amazon
1 Common security requirements Basic security tools Secret-key cryptography Public-key cryptography Example Online shopping with Amazon 2 Alice credit card # is xxxx Internet What could the hacker possibly
More informationCryptography & Network Security
Cryptography & Network Security Lecture 1: Introduction & Overview 2002. 3. 27 chlim@sejong.ac.kr Common Terms(1) Cryptography: The study of mathematical techniques related to aspects of information security
More informationData Encryption WHITE PAPER ON. Prepared by Mohammed Samiuddin. www.itmr.ac.in
01 0110 0001 01101 WHITE PAPER ON Data Encryption Prepared by Mohammed Samiuddin www.itmr.ac.in Contents INTRODUCTION... 2 NEED FOR DATA ENCRYPTION... 3 DUE CARE... 3 REPUTATIONAL RISK... 3 REGULATORY
More informationSAMPLE EXAM QUESTIONS MODULE EE5552 NETWORK SECURITY AND ENCRYPTION ECE, SCHOOL OF ENGINEERING AND DESIGN BRUNEL UNIVERSITY UXBRIDGE MIDDLESEX, UK
SAMPLE EXAM QUESTIONS MODULE EE5552 NETWORK SECURITY AND ENCRYPTION September 2010 (reviewed September 2014) ECE, SCHOOL OF ENGINEERING AND DESIGN BRUNEL UNIVERSITY UXBRIDGE MIDDLESEX, UK NETWORK SECURITY
More informationCSCI 454/554 Computer and Network Security. Final Exam Review
CSCI 454/554 Computer and Network Security Final Exam Review Topics covered by Final Topic before Midterm 20% Topic after Midterm 80% Date: 05/13/2015 9:00am noon Place: the same classroom Open book/notes
More informationSecurity Technical. Overview. BlackBerry Enterprise Server for Microsoft Exchange. Version: 5.0 Service Pack: 4
BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 4 Security Technical Overview Published: 2014-01-17 SWD-20140117135425071 Contents 1 New in this release...10 2 Overview...
More informationNetwork Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015
Network Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015 Chapter 2: Introduction to Cryptography What is cryptography? It is a process/art of mangling information in such a way so as to make it
More informationBlackBerry Enterprise Server 5.0 SP3 and BlackBerry 7.1
BlackBerry Enterprise Server 5.0 SP3 and BlackBerry 7.1 Version: 5.0 Service Pack: 3 Security Technical Overview Published: 2012-01-17 SWD-1936256-0117012253-001 Contents 1 Document revision history...
More informationIntroduction. Where Is The Threat? Encryption Methods for Protecting Data. BOSaNOVA, Inc. Phone: 866-865-5250 Email: info@theq3.com Web: www.theq3.
Introduction Within the last ten years, there has been a vast increase in the accumulation and communication of digital computer data in both the private and public sectors. Much of this information has
More informationModes of Operation of Block Ciphers
Chapter 3 Modes of Operation of Block Ciphers A bitblock encryption function f: F n 2 Fn 2 is primarily defined on blocks of fixed length n To encrypt longer (or shorter) bit sequences the sender must
More informationComputer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University
Computer Networks Network Security and Ethics Week 14 College of Information Science and Engineering Ritsumeikan University Security Intro for Admins l Network administrators can break security into two
More informationCS155. Cryptography Overview
CS155 Cryptography Overview Cryptography Is n A tremendous tool n The basis for many security mechanisms Is not n The solution to all security problems n Reliable unless implemented properly n Reliable
More informationMassachusetts Institute of Technology Handout 13 6.857: Network and Computer Security October 9, 2003 Professor Ronald L. Rivest.
Massachusetts Institute of Technology Handout 13 6.857: Network and Computer Security October 9, 2003 Professor Ronald L. Rivest Quiz 1 1. This quiz is intended to provide a fair measure of your understanding
More informationIntroduction to Cryptography CS 355
Introduction to Cryptography CS 355 Lecture 30 Digital Signatures CS 355 Fall 2005 / Lecture 30 1 Announcements Wednesday s lecture cancelled Friday will be guest lecture by Prof. Cristina Nita- Rotaru
More informationCryptography: Motivation. Data Structures and Algorithms Cryptography. Secret Writing Methods. Many areas have sensitive information, e.g.
Cryptography: Motivation Many areas have sensitive information, e.g. Data Structures and Algorithms Cryptography Goodrich & Tamassia Sections 3.1.3 & 3.1.4 Introduction Simple Methods Asymmetric methods:
More informationContent Teaching Academy at James Madison University
Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect
More informationCrypTool. www.cryptool.de www.cryptool.com www.cryptool.org. Claudia Eckert / Thorsten Clausius Bernd Esslinger / Jörg Schneider / Henrik Koy
CrypTool A free software program for creating awareness of IT security issues for learning about and obtaining experience of cryptography for demonstrating encryption algorithms and analysis procedures
More informationHow To Attack A Block Cipher With A Key Key (Dk) And A Key (K) On A 2Dns) On An Ipa (Ipa) On The Ipa 2Ds (Ipb) On Pcode)
Cryptography and Network Security Chapter 6 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 6 Block Cipher Operation Many savages at the present day regard
More informationSecurity. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1
Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions
More informationCS 600.443 Final Exam
CS 600.443 Final Exam Name: This exam is closed book and closed notes. You are required to do this completely on your own without any help from anybody else. Feel free to write on the back of any page
More informationSoran University Faculty of Science and Engineering Computer Science Department Information Security Module Specification
1. Module Title Information Security 2. Module Code: CS403INS 3. Module Level - Forth Stage 4. Module Leader Safwan M. 5. Teaching Semester 7 and 8 Soran University Faculty of Science and Engineering Computer
More informationSecurity in Computer Networks
Security in Computer Networks Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@wustl.edu Audio/Video recordings of this lecture are available on-line at: http://www.cse.wustl.edu/~jain/cse473-10/
More informationInformation Security
Information Security Dr. Vedat Coşkun Malardalen September 15th, 2009 08:00 10:00 vedatcoskun@isikun.edu.tr www.isikun.edu.tr/~vedatcoskun What needs to be secured? With the rapid advances in networked
More informationNETWORK SECURITY. Farooq Ashraf. Department of Computer Engineering King Fahd University of Petroleum and Minerals Dhahran 31261, Saudi Arabia
NETWORK SECURITY Farooq Ashraf Department of Computer Engineering King Fahd University of Petroleum and Minerals Dhahran 31261, Saudi Arabia O u t l i n e o f t h e P r e s e n t a t i o n What is Security
More informationWaspmote Encryption Libraries. Programming guide
Waspmote Encryption Libraries Programming guide Index Document version: v4.3-01/2015 Libelium Comunicaciones Distribuidas S.L. INDEX 1. General Concepts... 4 2. Integrity... 7 2.1. Waspmote Libraries...7
More informationCLOUD COMPUTING SECURITY ARCHITECTURE - IMPLEMENTING DES ALGORITHM IN CLOUD FOR DATA SECURITY
CLOUD COMPUTING SECURITY ARCHITECTURE - IMPLEMENTING DES ALGORITHM IN CLOUD FOR DATA SECURITY Varun Gandhi 1 Department of Computer Science and Engineering, Dronacharya College of Engineering, Khentawas,
More information