Network Security Exercise #1



Similar documents
Network Security Exercise #1

Cryptography & Digital Signatures

Chapter 8. Network Security

ICOM 5018 Network Security and Cryptography

Network Security - ISA 656 Introduction to Cryptography

Introduction to Encryption

Techniques of Asymmetric File Encryption. Alvin Li Thomas Jefferson High School For Science and Technology Computer Systems Lab

CPSC 467b: Cryptography and Computer Security

CS5008: Internet Computing

Cryptography & Network Security. Introduction. Chester Rebeiro IIT Madras

Course Content Summary ITN 262 Network Communication, Security and Authentication (4 Credits)

The Impact of the Allied Cryptographers on World War II: Cryptanalysis of the Japanese and German Cipher Machines

Lecture 9 - Network Security TDTS (ht1)

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Wireless Networks. Welcome to Wireless

CSCI-E46: Applied Network Security. Class 1: Introduction Cryptography Primer 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

Attack Net Penetration Testing

Fundamentals of Computer Security

ELECTRONIC COMMERCE OBJECTIVE QUESTIONS

The science of encryption: prime numbers and mod n arithmetic

Maths delivers! A guide for teachers Years 11 and 12. RSA Encryption

Topics in Network Security

IT Networks & Security CERT Luncheon Series: Cryptography

CS 758: Cryptography / Network Security

Encryption and Digital Signatures

Cryptography: Motivation. Data Structures and Algorithms Cryptography. Secret Writing Methods. Many areas have sensitive information, e.g.

Insight Guide. Encryption: A Guide

CS Ethical Hacking Spring 2016

Compter Networks Chapter 9: Network Security

Common Pitfalls in Cryptography for Software Developers. OWASP AppSec Israel July The OWASP Foundation

CSE/EE 461 Lecture 23

EXAM questions for the course TTM Information Security May Part 1

The Misuse of RC4 in Microsoft Word and Excel

Network Security Technology Network Management

Computer Architecture. Secure communication and encryption.

Computer and Network Security

7! Cryptographic Techniques! A Brief Introduction

Cryptography & Network Security

12/8/2015. Review. Final Exam. Network Basics. Network Basics. Network Basics. Network Basics. 12/10/2015 Thursday 5:30~6:30pm Science S-3-028

Learning Network Security with SSL The OpenSSL Way

AN OFFLINE CAPTURE THE FLAG-STYLE VIRTUAL MACHINE FOR CYBER SECURITY EDUCATION

Tim Bovles WILEY. Wiley Publishing, Inc.

MySQL Security: Best Practices

How To Understand And Understand The History Of Cryptography

SCP - Strategic Infrastructure Security

Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering

Tutorial 3. June 8, 2015

Project 2: Firewall Design (Phase I)

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

CIS 6930/4930 Computer and Network Security. Dr. Yao Liu

CS 356 Lecture 28 Internet Authentication. Spring 2013

Network Security. Chapter 3 Symmetric Cryptography. Symmetric Encryption. Modes of Encryption. Symmetric Block Ciphers - Modes of Encryption ECB (1)

Security Awareness. Wireless Network Security

Block encryption. CS-4920: Lecture 7 Secret key cryptography. Determining the plaintext ciphertext mapping. CS4920-Lecture 7 4/1/2015

RSA Attacks. By Abdulaziz Alrasheed and Fatima

Security in IEEE WLANs

Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai Siemens AG 2001, ICN M NT

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Protocol Security Where?

Network Security. HIT Shimrit Tzur-David

1.00 Lecture 1. Course information Course staff (TA, instructor names on syllabus/faq): 2 instructors, 4 TAs, 2 Lab TAs, graders

CSE343/443 Lehigh University Fall Course Overview. Presenter: Yinzhi Cao Lehigh University

CSE331: Introduction to Networks and Security. Lecture 20 Fall 2006

Chapter 10. Network Security

Security Goals Services

How To Protect Your Data From Attack

Computer Science 3CN3 Computer Networks and Security. Software Engineering 4C03 Computer Networks and Computer Security. Winter 2008 Course Outline

Final exam review, Fall 2005 FSU (CIS-5357) Network Security

CS Computer Security Third topic: Crypto Support Sys

Soran University Faculty of Science and Engineering Computer Science Department Information Security Module Specification

Course Design Document. IS403: Advanced Information Security and Trust

Overview of Symmetric Encryption

PAST, PRESENT, AND FUTURE METHODS OF CRYPTOGRAPHY AND DATA ENCRYPTION

Security and the Mitel Networks Teleworker Solution (6010) Mitel Networks White Paper

Network Security. Chapter 1. Introduction

Networking: EC Council Network Security Administrator NSA

CSCI 4250/6250 Fall 2015 Computer and Network Security. Instructor: Prof. Roberto Perdisci

Certificate Authorities and Public Keys. How they work and 10+ ways to hack them.

Cryptography and Network Security

WLAN Attacks. Wireless LAN Attacks and Protection Tools. (Section 3 contd.) Traffic Analysis. Passive Attacks. War Driving. War Driving contd.

Final Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket

IMPROVISED SECURITY PROTOCOL USING NEAR FIELD COMMUNICATION IN SMART CARDS

How To Teach A Cyber Security Course

File transfer clients manual File Delivery Services

SSL Firewalls

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

XML Encryption Syntax and Processing. Duan,Limiao 07,12,2006

Lecture 6 - Cryptography

Transcription:

Network Security Exercise #1 Falko Dressler and Christoph Sommer Computer and Communication Systems Institute of Computer Science, University of Innsbruck, Austria 11.5.2011 Falko Dressler and Christoph Sommer: Network Security Exercise #1 1 / 19

Proseminar First of all: welcome! Requirements Registration for the PS Active ZID (Linux) account Basic C/C++ programming skills Falko Dressler and Christoph Sommer: Network Security Exercise #1 2 / 19

Proseminar Objectives of the proseminar: Hands-on experiences In-depth study of some lecture topics In case of questions, please do ask! Drop by our offices or simply send emails! Schedule: Wednesday, 10:15am 11:45am, RR 22 Thursday, 10:15am 11:45am, RR 22 Falko Dressler and Christoph Sommer: Network Security Exercise #1 3 / 19

Home work Home work Once per week, announcement during the proseminar and on the web site Group work! Programs in C/C++ check for buffer overflows! Submission and evaluation Latest by Tuesday, 11:59pm via the dedicated scp system Presentation of selected solutions and discussion Falko Dressler and Christoph Sommer: Network Security Exercise #1 4 / 19

Credits and grading All the exercises including home work must be completed in time(!) Keep in mind that the proseminar is organized in form of group work The grade will reflect both the discussions in the proseminar and the completed exercises Falko Dressler and Christoph Sommer: Network Security Exercise #1 5 / 19

Topics in the Proseminar Enigma RSA, modes of encryption Hash collisions WEP OpenSSL IPSec Spoofing MIX networks Firewalls Monitoring Falko Dressler and Christoph Sommer: Network Security Exercise #1 6 / 19

Our scp submission system We are now setting up working groups (2 3 students per group) We need to set up the group account Falko Dressler and Christoph Sommer: Network Security Exercise #1 7 / 19

Attack Trees Formal method to model threats on a (computer) system Possible attacks can be visualized in form of a tree: The root is the final objective Edges represent necessary steps to achieve this goal Can be used for security analysis of a system Security estimation (How secure is my system?) What-if questionnaire Cost estimation... Falko Dressler and Christoph Sommer: Network Security Exercise #1 8 / 19

Example Open safe Pick lock (I) Learn combo Cut open safe (P) Install improperly (I) Find written combo (I) Get combo from target Threaten (I) Blackmail (I) Eavesdrop Bribe (P) Listen to conversation (P) Get target to state combo (I) from Bruce Schneier, Attack Trees Modeling security threats. Dr. Dobbs Journal, December 1999 Falko Dressler and Christoph Sommer: Network Security Exercise #1 9 / 19

Example Marking all impossible actions Open safe Pick lock (I) Learn combo Cut open safe (P) Install improperly (I) Find written combo (I) Get combo from target Threaten (I) Blackmail (I) Eavesdrop Bribe (P) Listen to conversation (P) Get target to state combo (I) from Bruce Schneier, Attack Trees Modeling security threats. Dr. Dobbs Journal, December 1999 Falko Dressler and Christoph Sommer: Network Security Exercise #1 10 / 19

Example Estimating costs Open safe ($10 K) Pick lock ($30 K) Learn combo ($20 K) Cut open safe ($10 K) Install improperly ($100 K) Find written combo ($75 K) Get combo from target ($20 K) Threaten ($60 K) Blackmail ($100 K) Eavesdrop ($60 K) Bribe ($20 K) Listen to conversation ($20 K) Get target to state combo ($40 K) from Bruce Schneier, Attack Trees Modeling security threats. Dr. Dobbs Journal, December 1999 Falko Dressler and Christoph Sommer: Network Security Exercise #1 11 / 19

Enigma The term Enigma is Greek, meaning riddle Invented by Arthur Scherbius (1878 1929) Primarily used during World War 2 by the German army More than 200 000 machines have been produced Falko Dressler and Christoph Sommer: Network Security Exercise #1 12 / 19

Picture Falko Dressler and Christoph Sommer: Network Security Exercise #1 13 / 19

Internal Structure 5 different rotos, can be arbitrarily used Each rotor has 26 positions Additional plug connections to swap characters Key concept: each input character must not map to the same character in ciphertext Encryption process is the same as decryption Falko Dressler and Christoph Sommer: Network Security Exercise #1 14 / 19

Code Books Falko Dressler and Christoph Sommer: Network Security Exercise #1 15 / 19

Code Books Falko Dressler and Christoph Sommer: Network Security Exercise #1 16 / 19

Weaknesses 2 10 23 different keys assuming 3 out of 5 rotors, plug connections, and two possible reflectors, which roughly translates to a key length of 77 bit The period of the middle and leftmost rotors are too long Some issues with the reflector Effective key length of 22 bit Falko Dressler and Christoph Sommer: Network Security Exercise #1 17 / 19

Cryptanalysis Polish mathematician Marian Rejewski deciphered the rotors using permutation theory in 1932 Some weaknesses in using the Enigma, e.g., submission of the rotor start positions in encrypted form Mechanical decoding became possible The Polish submitted their information to the British in 1939 Alan Turing invented the bomb in 1940 More than 30000 radio messages have been deciphered Currently preserved in Hut 6 in Bletchley Park Falko Dressler and Christoph Sommer: Network Security Exercise #1 18 / 19

Copyleft Slide 13: Wikipedia, User Littlejoe, GNU Free Documentation Licence Slides 14, 17, 18: Wikipedia, GNU Free Documentation Licence Slides 15, 16: Copyright (c) 2008 Frode Weierud, http://cryptocellar.web.cern.ch/cryptocellar/enigma/ Falko Dressler and Christoph Sommer: Network Security Exercise #1 19 / 19

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information