Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt

Similar documents
Chapter 8. Network Security

Savitribai Phule Pune University

Lukasz Pater CMMS Administrator and Developer

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Overview. SSL Cryptography Overview CHAPTER 1

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

Secure Socket Layer. Introduction Overview of SSL What SSL is Useful For

CRYPTOGRAPHY IN NETWORK SECURITY

SECURITY IN NETWORKS

CS 758: Cryptography / Network Security

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Security. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key

Common security requirements Basic security tools. Example. Secret-key cryptography Public-key cryptography. Online shopping with Amazon

Introduction to Cryptography

Lecture 9 - Network Security TDTS (ht1)

7! Cryptographic Techniques! A Brief Introduction

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Properties of Secure Network Communication

Lecture 9: Application of Cryptography

Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering

Chapter 10. Network Security

Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

Chapter 8. Cryptography Symmetric-Key Algorithms. Digital Signatures Management of Public Keys Communication Security Authentication Protocols

EDA385 Embedded Systems Design. Advanced Course

How To Encrypt Data With Encryption

Network Security Protocols

CSCE 465 Computer & Network Security

Principles of Network Security

Cryptosystems. Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K.

Final Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

Chapter 7: Network security

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

SSL/TLS: The Ugly Truth

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University

IT Networks & Security CERT Luncheon Series: Cryptography

Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 Phone: 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Understanding digital certificates

Content Teaching Academy at James Madison University

Network Security. Omer Rana

Mathematical Model Based Total Security System with Qualitative and Quantitative Data of Human

AN IMPLEMENTATION OF HYBRID ENCRYPTION-DECRYPTION (RSA WITH AES AND SHA256) FOR USE IN DATA EXCHANGE BETWEEN CLIENT APPLICATIONS AND WEB SERVICES

Web Security: Encryption & Authentication

Data Encryption WHITE PAPER ON. Prepared by Mohammed Samiuddin.

Introduction. Haroula Zouridaki Mohammed Bin Abdullah Waheed Qureshi

Entrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0

Cornerstones of Security

First Semester Examinations 2011/12 INTERNET PRINCIPLES

How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and

An Introduction to Cryptography as Applied to the Smart Grid

Forward Secrecy: How to Secure SSL from Attacks by Government Agencies

Network Security Technology Network Management

02267: Software Development of Web Services

Chapter 17. Transport-Level Security

Message Authentication Codes

Chapter 6 Electronic Mail Security

Symmetric Key cryptosystem

CSE/EE 461 Lecture 23

Chapter 7 Transport-Level Security

SubmitedBy: Name Reg No Address. Mirza Kashif Abrar T079 kasmir07 (at) student.hh.se

3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol

Network Security. Outline of the Tutorial

Network Security. HIT Shimrit Tzur-David

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

Understanding Digital Certificates and Secure Sockets Layer (SSL)

NETWORK SECURITY. Farooq Ashraf. Department of Computer Engineering King Fahd University of Petroleum and Minerals Dhahran 31261, Saudi Arabia

You re FREE Guide SSL. (Secure Sockets Layer) webvisions

EXAM questions for the course TTM Information Security May Part 1

Application Layer (1)

An Introduction to Cryptography and Digital Signatures

Overview of Public-Key Cryptography

Cryptography and Network Security Chapter 15

Is your data safe out there? -A white Paper on Online Security

Module 8. Network Security. Version 2 CSE IIT, Kharagpur

Information Security

Internet Programming. Security

What is network security?

A Noval Approach for S/MIME

Instructions on TLS/SSL Certificates on Yealink Phones

SECURE SOCKET LAYER PROTOCOL SIMULATION IN JAVA. A Research Project NAGENDRA KARRI

Sync Security and Privacy Brief

Table of Contents. Bibliografische Informationen digitalisiert durch

Public Key (asymmetric) Cryptography

CS 356 Lecture 28 Internet Authentication. Spring 2013

Computer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University

Module 7 Security CS655! 7-1!

Evaluation of the RC4 Algorithm for Data Encryption

Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 15.1

Department of Computer & Information Sciences. CSCI-445: Computer and Network Security Syllabus

CPS Computer Security Lecture 9: Introduction to Network Security. Xiaowei Yang

INTERNET SECURITY: FIREWALLS AND BEYOND. Mehernosh H. Amroli

How To Protect Your Data From Attack

Security & Privacy on the WWW. Topic Outline. Information Security. Briefing for CS4173

Using etoken for SSL Web Authentication. SSL V3.0 Overview

Transcription:

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt 1

Lecture 11: Network Security Reference: Chapter 8 - Computer Networks, Andrew S. Tanenbaum, 4th Edition, Prentice Hall, 2003. 2

Outline Cryptography Introduction Symmetric-key algorithms Public-key algorithms Digital Signatures Management of Public Keys Apply to Computer Networks Terms: Authentication, Authorization, Message Protection Secure Sockets Layer (SSL) E-mail security Web Security 3

Outline Cryptography Introduction Symmetric-key algorithms Public-key algorithms Digital Signatures Management of Public Keys 4

Crytography(1) Introduction Cryptography referred almost exclusively to encryption, the process of converting ordinary information (plaintext) into unintelligible gibberish (ciphertext) 5

Crytography (2) Symmetric-key algorithms Encryption and decryption functions that use the same key are called symmetric In this case everyone wanting to read encrypted data must share the same key DES is an example of symmetric-key algorithms Encrypt Decrypt 6

Crytography (3) Data Encryption Standard (a) General outline. (b) Detail of one iteration. The circled + means exclusive OR. 7

Crytography (4) Advanced Encryption Standard(AES) Rules for AES proposals 1. The algorithm must be a symmetric block cipher. 2. The full design must be public. 3. Key lengths of 128, 192, and 256 bits supported. 4. Both software and hardware implementations required 5. The algorithm must be public or licensed on nondiscriminatory terms. 8

Crytography (5) Some common symmetric-key cryptographic algorithms 9

Crytography (6) Public-Key Algorithms So is called Asymmetric-key Algorithms Based on some hard problems such as integer factoring, When data is encrypted with one key, the other key must be used to decrypt the data, and vice versa. Each entity can be assigned a key pair: a private and public key Private key is known only to owner Public key is given away to the world 10

Crytography (7) RSA(Rivest, Shamir, Adleman) Choose two large primes, p and q (typically 1024 bits). Compute n = p x q and z = (p - 1) x (q - 1). Choose a number relatively prime to z and call it d. Find e such that e x d = 1 mod z. Pair key: {(e, n), (d,n)} Example p = 3, q = 11 -> n = 33, z = 20 Choose d = 7 e = 3 11

Crytography (8) RSA(Rivest, Shamir, Adleman) 12

Crytography (9) Digital Signatures Digital signatures allow the world to verify I created a hunk of data e.g. email, code Sign Digital signatures are created by encrypting a hash of the data with my private key The resulting encrypted data is the signature This hash can then only be decrypted by my public key Hash Encrypt 13

Crytography (10) Digital Signatures Verify Given some data with my signature, if you decrypt a signature with my public key and get the hash of the data, you know it was encrypted with my private key Hash Decrypt =? 14

Crytography (11) Management of Public keys How do you know that you have my correct public key? Certificates user Subject Public Key Issuer (CA) Signature of CA Private Key (encrypted) 15

Crytography (12) Management of Public keys By checking the signature, one can determine that a public key belongs to a given user. Subject Public Key Issuer Signature Hash Decrypt =? Public Key from Issuer 16

Crytography (13) Public-Key Infrastructure (PKI) (a) A hierarchical PKI. (b) A chain of certificates. 17

Outline Apply to Computer Networks Terms Authentication Authorization Message Protection Secure Sockets Layer (SSL) E-mail security Web Security 18

Apply to Computer Networks(1) Authentication Verification of identity. Many mechanisms exist: Username/password Kerberos Public key Cryptography 19

Apply to Computer Networks(2) Authentication Authentication Using Public-Key Cryptography 20

Apply to Computer Networks(3) Authorization Verification of rights Many mechanisms exist for specification and enforcement: By operating system (e.g., unix file permissions) By application (e.g., permissions within a DBMS) Usually requires authentication, but doesn t always. 21

Apply to Computer Networks(4) Message Protection Integrity Authenticate the message. Verify that the message received is the same message that was sent. A signature is a message integrity mechanism that can be verified even if the sender is offline. Confidentiality Ensure that no one but the sender and recipient can read the message. 22

Apply to Computer Networks(5) Secure Sockets Layer(SSL) 23

Apply to Computer Networks(6) Secure Sockets Layer(SSL) 24

Apply to Computer Networks(7) Secure Sockets Layer(SSL) 25

Apply to Computer Networks(8) Mail security Pretty Good Privacy(PGP) 26

Apply to Computer Networks(9) Web security HTTPS (HTTP + SSL) 27

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information