Chapter 8. Network Security

Similar documents
Chapter 8. Cryptography Symmetric-Key Algorithms. Digital Signatures Management of Public Keys Communication Security Authentication Protocols

Chapter 10. Network Security

EEC-682/782 Computer Networks I

NETWORK ADMINISTRATION AND SECURITY

Lecture 9 - Network Security TDTS (ht1)

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

IT Networks & Security CERT Luncheon Series: Cryptography

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt

Key Management (Distribution and Certification) (1)

CS 758: Cryptography / Network Security

CS 356 Lecture 27 Internet Security Protocols. Spring 2013

: Network Security. Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT

Table of Contents. Bibliografische Informationen digitalisiert durch

EXAM questions for the course TTM Information Security May Part 1

CPS Computer Security Lecture 9: Introduction to Network Security. Xiaowei Yang

Security: Focus of Control. Authentication

CRYPTOG NETWORK SECURITY

Module 8. Network Security. Version 2 CSE IIT, Kharagpur

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Application Layer (1)

Netzwerksicherheit: Anwendungen

CRYPTOGRAPHY AND NETWORK SECURITY

What is network security?

INTERNET SECURITY: FIREWALLS AND BEYOND. Mehernosh H. Amroli

Cryptography and network security CNET4523

CSE/EE 461 Lecture 23

PA160: Net-Centric Computing II. Network Security

Network Security Technology Network Management

Security in IPv6. Basic Security Requirements and Techniques. Confidentiality. Integrity

Standards and Products. Computer Security. Kerberos. Kerberos

Chapter 8 Network Security. Slides adapted from the book and Tomas Olovsson

CS 393 Network Security. Nasir Memon Polytechnic University Module 11 Secure

Using etoken for SSL Web Authentication. SSL V3.0 Overview

ECE 428 Network Security

Properties of Secure Network Communication

Network Security #10. Overview. Encryption Authentication Message integrity Key distribution & Certificates Secure Socket Layer (SSL) IPsec

Savitribai Phule Pune University

Authentication applications Kerberos X.509 Authentication services E mail security IP security Web security

Security vulnerabilities in the Internet and possible solutions

Cornerstones of Security

CS Final Exam

Chapter 7: Network security

Overview Windows NT 4.0 Security Cryptography SSL CryptoAPI SSPI, Certificate Server, Authenticode Firewall & Proxy Server IIS Security IE Security

Content Teaching Academy at James Madison University

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Overview. SSL Cryptography Overview CHAPTER 1

Chapter 32 Internet Security

Internetwork Security

Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

How To Understand And Understand The Security Of A Key Infrastructure

Protocol Rollback and Network Security

Transport Level Security

An Introduction to Cryptography as Applied to the Smart Grid

Lecture 9: Application of Cryptography

VALLIAMMAI ENGINEERING COLLEGE

SSL Protect your users, start with yourself

Chapter 7 Transport-Level Security

Communication Systems 16 th lecture. Chair of Communication Systems Department of Applied Sciences University of Freiburg 2009

Introduction to Network Security. 1. Introduction. And People Eager to Take Advantage of the Vulnerabilities

Cryptography and Network Security

Data Encryption WHITE PAPER ON. Prepared by Mohammed Samiuddin.

EXAM questions for the course TTM Information Security June Part 1

Chapter 6 CDMA/802.11i

Security. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key

Network Security Protocols

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Evaluation of the RC4 Algorithm for Data Encryption

Wireless Mobile Internet Security. 2nd Edition

Release: 1. ICANWK502A Implement secure encryption technologies

TLS and SRTP for Skype Connect. Technical Datasheet

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

Network Security. Outline of the Tutorial

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

Communication Systems SSL

CRYPTOGRAPHY IN NETWORK SECURITY

Web Security. Mahalingam Ramkumar

Network Security. Omer Rana

7! Cryptographic Techniques! A Brief Introduction

How To Protect Your Data From Attack

CS Computer Security Third topic: Crypto Support Sys

Real-Time Communication Security: SSL/TLS. Guevara Noubir CSU610

Application Layer (1)

Network Security. HIT Shimrit Tzur-David

Network Security Part II: Standards

12/8/2015. Review. Final Exam. Network Basics. Network Basics. Network Basics. Network Basics. 12/10/2015 Thursday 5:30~6:30pm Science S-3-028

Final Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

Chapter 8 Security. IC322 Fall Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

APNIC elearning: IPSec Basics. Contact: esec03_v1.0

Network Security Fundamentals

Chapter 11 Security Protocols. Network Security Threats Security and Cryptography Network Security Protocols Cryptographic Algorithms

3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol

Cipher Techniques on Networks. Amit Konar Math and CS, UMSL

HTTPS: Transport-Layer Security (TLS), aka Secure Sockets Layer (SSL)

Transcription:

Chapter 8 Network Security

Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles

Need for Security Some people who cause security problems and why.

An Introduction to Cryptography The encryption model (for a symmetric-key cipher).

Transposition Ciphers A transposition cipher.

One-Time Pads The use of a one-time pad for encryption and the possibility of getting any possible plaintext from the ciphertext by the use of some other pad.

Quantum Cryptography An example of quantum cryptography.

Symmetric-Key Algorithms DES The Data Encryption Standard AES The Advanced Encryption Standard Cipher Modes Other Ciphers Cryptanalysis

Product Ciphers Basic elements of product ciphers. (a) P-box. (b) S-box. (c) Product.

Data Encryption Standard The data encryption standard. (a) General outline. (b) Detail of one iteration. The circled + means exclusive OR.

Triple DES (a) Triple encryption using DES. (b) Decryption.

AES The Advanced Encryption Standard Rules for AES proposals 1. The algorithm must be a symmetric block cipher. 2. The full design must be public. 3. Key lengths of 128, 192, and 256 bits supported. 4. Both software and hardware implementations required 5. The algorithm must be public or licensed on nondiscriminatory terms.

An outline of Rijndael. AES (2)

AES (3) Creating of the state and rk arrays.

Electronic Code Book Mode The plaintext of a file encrypted as 16 DES blocks.

Cipher Block Chaining Mode Cipher block chaining. (a) Encryption. (b) Decryption.

Cipher Feedback Mode (a) Encryption. (c) Decryption.

Stream Cipher Mode A stream cipher. (a) Encryption. (b) Decryption.

Counter Mode Encryption using counter mode.

Cryptanalysis Some common symmetric-key cryptographic algorithms.

Public-Key Algorithms RSA Other Public-Key Algorithms

RSA An example of the RSA algorithm.

Digital Signatures Symmetric-Key Signatures Public-Key Signatures Message Digests The Birthday Attack

Symmetric-Key Signatures Digital signatures with Big Brother.

Public-Key Signatures Digital signatures using public-key cryptography.

Message Digests Digital signatures using message digests.

SHA-1 Use of SHA-1 and RSA for signing nonsecret messages.

SHA-1 (2) (a) A message padded out to a multiple of 512 bits. (b) The output variables. (c) The word array.

Management of Public Keys Certificates X.509 Public Key Infrastructures

Problems with Public-Key Encryption A way for Trudy to subvert public-key encryption.

Certificates A possible certificate and its signed hash.

X.509 The basic fields of an X.509 certificate.

Public-Key Infrastructures (a) A hierarchical PKI. (b) A chain of certificates.

Communication Security IPsec Firewalls Virtual Private Networks Wireless Security

IPsec The IPsec authentication header in transport mode for IPv4.

IPsec (2) (a) ESP in transport mode. (b) ESP in tunnel mode.

Firewalls A firewall consisting of two packet filters and an application gateway.

Virtual Private Networks (a) A leased-line private network. (b) A virtual private network.

802.11 Security Packet encryption using WEP.

Authentication Protocols Authentication Based on a Shared Secret Key Establishing a Shared Key: Diffie-Hellman Authentication Using a Key Distribution Center Authentication Using Kerberos Authentication Using Public-Key Cryptography

Authentication Based on a Shared Secret Key Two-way authentication using a challenge-response protocol.

Authentication Based on a Shared Secret Key (2) A shortened two-way authentication protocol.

Authentication Based on a Shared Secret Key (3) The reflection attack.

Authentication Based on a Shared Secret Key (4) A reflection attack on the protocol of Fig. 8-32.

Authentication Based on a Shared Secret Key (5) Authentication using HMACs.

Establishing a Shared Key: The Diffie-Hellman Key Exchange The Diffie-Hellman key exchange.

Establishing a Shared Key: The Diffie-Hellman Key Exchange The bucket brigade or man-in-the-middle attack.

Authentication Using a Key Distribution Center A first attempt at an authentication protocol using a KDC.

Authentication Using a Key Distribution Center (2) The Needham-Schroeder authentication protocol.

Authentication Using a Key Distribution Center (3) The Otway-Rees authentication protocol (slightly simplified).

Authentication Using Kerberos The operation of Kerberos V4.

Authentication Using Public-Key Cryptography Mutual authentication using public-key cryptography.

E-Mail Security PGP Pretty Good Privacy PEM Privacy Enhanced Mail S/MIME

PGP Pretty Good Privacy PGP in operation for sending a message.

PGP Pretty Good Privacy (2) A PGP message.

Web Security Threats Secure Naming SSL The Secure Sockets Layer Mobile Code Security

Secure Naming (a) Normal situation. (b) An attack based on breaking into DNS and modifying Bob's record.

Secure Naming (2) How Trudy spoofs Alice's ISP.

Secure DNS An example RRSet for bob.com. The KEY record is Bob's public key. The SIG record is the top-level com server's signed has of the A and KEY records to verify their authenticity.

Self-Certifying Names A self-certifying URL containing a hash of server's name and public key.

SSL The Secure Sockets Layer Layers (and protocols) for a home user browsing with SSL.

SSL (2) A simplified version of the SSL connection establishment subprotocol.

SSL (3) Data transmission using SSL.

Java Applet Security Applets inserted into a Java Virtual Machine interpreter inside the browser.

Social Issues Privacy Freedom of Speech Copyright

Anonymous Remailers Users who wish anonymity chain requests through multiple anonymous remailers.

Freedom of Speech Possibly banned material: 1. Material inappropriate for children or teenagers. 2. Hate aimed at various ethnic, religious, sexual, or other groups. 3. Information about democracy and democratic values. 4. Accounts of historical events contradicting the government's version. 5. Manuals for picking locks, building weapons, encrypting messages, etc.

Steganography (a) Three zebras and a tree. (b) Three zebras, a tree, and the complete text of five plays by William Shakespeare.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information