Network Security Protocols



Similar documents
Chapter 8 Security. IC322 Fall Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Key Management (Distribution and Certification) (1)

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Authentication applications Kerberos X.509 Authentication services E mail security IP security Web security

Using etoken for SSL Web Authentication. SSL V3.0 Overview

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Cryptosystems. Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K.

Lecture 31 SSL. SSL: Secure Socket Layer. History SSL SSL. Security April 13, 2005

Chapter 10. Network Security

CSE/EE 461 Lecture 23

Security. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key

What is network security?

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Savitribai Phule Pune University

Entrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0

Information Security

Security & Privacy on the WWW. Topic Outline. Information Security. Briefing for CS4173

Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 15.1

Cornerstones of Security

Security: Focus of Control. Authentication

Part III-b. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai Siemens AG 2001, ICN M NT

Security Digital Certificate Manager

CS 393 Network Security. Nasir Memon Polytechnic University Module 11 Secure

Security Digital Certificate Manager

TELE 301 Network Management. Lecture 18: Network Security

Chapter 8. Network Security

Encryption, Data Integrity, Digital Certificates, and SSL. Developed by. Jerry Scott. SSL Primer-1-1

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt

Web Payment Security. A discussion of methods providing secure communication on the Internet. Zhao Huang Shahid Kahn

Module 8. Network Security. Version 2 CSE IIT, Kharagpur

IT Networks & Security CERT Luncheon Series: Cryptography

Authentication Types. Password-based Authentication. Off-Line Password Guessing

Application Layer (1)

Common security requirements Basic security tools. Example. Secret-key cryptography Public-key cryptography. Online shopping with Amazon

Network Security #10. Overview. Encryption Authentication Message integrity Key distribution & Certificates Secure Socket Layer (SSL) IPsec

An Introduction to Cryptography as Applied to the Smart Grid

10 Secure Electronic Transactions: Overview, Capabilities, and Current Status

2.4: Authentication Authentication types Authentication schemes: RSA, Lamport s Hash Mutual Authentication Session Keys Trusted Intermediaries

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Content Teaching Academy at James Madison University

Chapter 7: Network security

Chapter 7 Transport-Level Security

Dr. Arjan Durresi. Baton Rouge, LA These slides are available at:

Kerberos-Based Authentication for OpenStack Cloud Infrastructure as a Service

Chapter 9 Key Management 9.1 Distribution of Public Keys Public Announcement of Public Keys Publicly Available Directory

Payment authorization Payment capture Table 1.3 SET Transaction Types

Part 2 D(E(M, K),K ) E(M, K) E(M, K) Plaintext M. Plaintext M. Decrypt with private key. Encrypt with public key. Ciphertext

Standards and Products. Computer Security. Kerberos. Kerberos

4.1: Securing Applications Remote Login: Secure Shell (SSH) PEM/PGP. Chapter 5: Security Concepts for Networks

Understanding Digital Certificates and Secure Sockets Layer (SSL)

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

How To Understand And Understand The Security Of A Key Infrastructure

How To Understand And Understand The Ssl Protocol ( And Its Security Features (Protocol)

CRYPTOGRAPHY IN NETWORK SECURITY

Strong Encryption for Public Key Management through SSL

Lecture 9 - Network Security TDTS (ht1)

Securing your Microsoft Internet Information Services (MS IIS) Web Server with a thawte Digital Certificate thawte thawte thawte thawte thawte 10.

Cryptography and Network Security

Understanding Digital Certificates and Wireless Transport Layer Security (WTLS)

WEB Security & SET. Outline. Web Security Considerations. Web Security Considerations. Secure Socket Layer (SSL) and Transport Layer Security (TLS)

Internet Security. Internet Security Voice over IP. Introduction. ETSF10 Internet Protocols ETSF10 Internet Protocols 2011

TLS/SSL in distributed systems. Eugen Babinciuc

Overview. SSL Cryptography Overview CHAPTER 1

Angel Dichev RIG, SAP Labs

Is your data safe out there? -A white Paper on Online Security

Lukasz Pater CMMS Administrator and Developer

Security (II) ISO : Security Architecture of OSI Reference Model. Outline. Course Outline: Fundamental Topics. EE5723/EE4723 Spring 2012

Key Management and Distribution

qwertyuiopasdfghjklzxcvbnmqwertyui opasdfghjklzxcvbnmqwertyuiopasdfgh jklzxcvbnmqwertyuiopasdfghjklzxcvb

A Simulation Game for Teaching Secure Data Communications Protocols

INTERNET SECURITY: FIREWALLS AND BEYOND. Mehernosh H. Amroli

CS 356 Lecture 28 Internet Authentication. Spring 2013

Web Security: Encryption & Authentication

Chapter 6 Electronic Mail Security

SSL/TLS: The Ugly Truth

Network Security Fundamentals

Security Goals Services

GT 6.0 GSI C Security: Key Concepts

Internet Programming. Security

Report to WIPO SCIT Plenary Trilateral Secure Virtual Private Network Primer. February 3, 1999

Key Management and Distribution

CS 3251: Computer Networking 1 Security Protocols I

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

Introduction to Network Security. 1. Introduction. And People Eager to Take Advantage of the Vulnerabilities

SSL Protect your users, start with yourself

Chapter 8. Cryptography Symmetric-Key Algorithms. Digital Signatures Management of Public Keys Communication Security Authentication Protocols

An Introduction to Secure . Presented by: Addam Schroll IT Security & Privacy Analyst

Using etoken for Securing s Using Outlook and Outlook Express

Module 7 Security CS655! 7-1!

Secure Socket Layer. Introduction Overview of SSL What SSL is Useful For

Chapter 3. Network Domain Security

Securing your Online Data Transfer with SSL

CPS Computer Security Lecture 9: Introduction to Network Security. Xiaowei Yang

Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213

Transcription:

Network Security Protocols EE657 Parallel Processing Fall 2000 Peachawat Peachavanish Level of Implementation Internet Layer Security Ex. IP Security Protocol (IPSEC) Host-to-Host Basis, No Packets Discrimination Transport Layer Security Ex. Secure Sockets Layer (SSL) Process-to-Process Basis, Need Modified Apps Application Layer Security Ex. Pretty Good Privacy, Kerberos Document-Level, Need Modified Apps

Application Layer Security Secure Electronic Transaction (SET) Jointly Developed by Visa and MasterCard A Method to Secure Business Transaction Over Open Networks Encrypt and Transmit a Sensitive Document Kerberos Originated at MIT On Standard Track with the IETF, Default Network Authentication in MS Windows 2000 Distributed Authentication, Key Distribution System Auth. of Two Parties and Dist. of Keys Key Functionality Authentication Verification of the Identity of a Party Integrity Assurance that the Data Received is the Same as Generated Confidentiality Protection of Information from Disclosure Authorization Determination if a Principal should be Allowed to Perform an Operation

Secure Electronic Transaction (SET) A Method to Secure Payment Card Transaction Over Open Networks Overview Concepts Encryption Process Processing Sample Concepts Secret Key Cryptography Public Key Cryptography Digital Envelope Message Digest Digital Signature Key Exchange Certificate Certificate Authority

Secret Key, Public Key Secret Key Cryptography Symmetric Cryptography The Same Key is Used to Encrypt and Decrypt Public Key Cryptography Asymmetric Cryptography One Key to Encrypt and One Key to Decrypt Public Key and Private Key Data Encrypted with Either Key can only be Decrypted Using the Other Key Digital Envelope Encryption Encrypt a Message Using a Secret Key Encrypt the Key Using the Recipient s Public Key Decryption Decrypt the Secret Key Using the Recipient s Private Key Decrypt the Message Using the Decrypted Secret Key

Message Digest A Value Generated for a Message that is Unique to that Message Small, Compared to the Message Itself Highly Unlikely for Two Messages to Have the Same Message Digest (1 in 10 48 for SET) Digital Signature Encrypt a Message Using the Sender s Private Key The Recipient Decrypts the Message Using the Sender s Public Key Ensured that the Message Could only be Encrypted by the Sender In SET, Encrypted Message Digest = Digital Signature

Key Exchange Each SET Participant Has Two Public / Private Key Pairs Key Exchange Pair for Encryption and Decryption Signature Pair for Creation and Verification of Digital Signatures Certificate, Certificate Authority Certificate Digitally Signed by CA, Containing a Participant s ID and Public Key Can Be Decrypt Using CA s Public Key Certificate Authority (CA) Trusted Third Party Used to Authenticate a Participant s Public Key A Participant Identifies Himself with CA, CA Returns a Digitally Signed Certificate Containing a Participant s ID and Public Key

Simple Transaction Process Alice Wants to Send Bob a Message Securely Over an Open Network Alice identifies herself Bob identifies himself authority Alice s Bob s A Alice s public key B Bob s public key Encryption Process (Alice) Alice s private signature key m digest A d signature transmitted symmetric key + d signature + Alice s encrypted Bob s B Bob s public symmetric key B d envelope key-exchange key

Decryption Process (Bob) Alice s public signature key transmitted d signature + A m digest encrypted symmetric key Alice s + compare m digest d envelope B symmetric key Bob s private key-exchange key SET Processing Cardholder Registration Merchant Registration Purchase Request Payment Authorization Payment Capture Etc.

Kerberos A Distributed Authentication and Key Distribution System A Client Wants Secure Transaction with a Server KDC Distributes a Session Key for the Client and Server to Use Overview Concepts Key Distribution Concepts Shared Secrets Authenticators Key Distribution Center Session Keys Session Tickets Symmetric Cryptography Digital Signatures Certificate Authority Secret Key Digital Envelope

Key Distribution Center (KDC) Physically Secure Server Maintains Participant Account Information Long-Term Key Cryptographic Key Known Only to the Participant and KDC Usually Derived from the Log-in Password KDC Key Distribution client C c req. s C session key encrypted session key encrypted session key session key + client info S ses. ticket client, ts client, ts authenticator server client, ts ses. ticket S + client info ses. ticket client, ts client, ts ts ts ts ts ts authenticator

SET vs Kerberos Needs Trusted Intermediary (CA) CA Issues Certificate to Identify Principal To Exchange Message Securely Needs Trusted Intermediary (KDC) KDC Maintains Principal s A/C Info To Distribute Key to Establish Secure Channel

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information