What is network security?



Similar documents
Chapter 7: Network security

What is network security?

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

SECURITY IN NETWORKS

Security. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key

Network Security. HIT Shimrit Tzur-David

Principles of Network Security

Network Security (2) CPSC 441 Department of Computer Science University of Calgary

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Overview of Network Security

Chapter 8 Network Security

Properties of Secure Network Communication

Network Security #10. Overview. Encryption Authentication Message integrity Key distribution & Certificates Secure Socket Layer (SSL) IPsec

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

CSCE 465 Computer & Network Security

Symmetric Key cryptosystem

Network Security. Omer Rana

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Getting the most from Apple Mail

Telematics Chapter 11: Network Security Beispielbild User watching video clip

Computer and Network Security. Alberto Marchetti Spaccamela

Security in Computer Networks

Security in Distributed Systems. Network Security

Security in Computer Networks

Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology

Lukasz Pater CMMS Administrator and Developer

Public Key (asymmetric) Cryptography

7! Cryptographic Techniques! A Brief Introduction

Chapter 8 Network Security. Slides adapted from the book and Tomas Olovsson

Network Security Concepts: Review

CRYPTOGRAPHY IN NETWORK SECURITY

Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering

Forward Secrecy: How to Secure SSL from Attacks by Government Agencies

Application Layer (1)

Application Layer (1)

TELE 301 Network Management. Lecture 18: Network Security

Network Security Technology Network Management

Chapter 8 Security. IC322 Fall Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Client Server Registration Protocol

The Misuse of RC4 in Microsoft Word and Excel

Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 Phone: 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室

CS Computer Security Third topic: Crypto Support Sys

Cryptography and Network Security

Center for Internet Security. INTEGRATED INTELLIGENCE CENTER Technical White Paper William F. Pelgrin, CIS President and CEO

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

Mathematics of Internet Security. Keeping Eve The Eavesdropper Away From Your Credit Card Information

Network Security. Network Security. Security in Computer Networks

Public Key Cryptography Overview

Overview of Public-Key Cryptography

Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai Siemens AG 2001, ICN M NT

NETWORK ADMINISTRATION AND SECURITY

Computer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University

THE UNIVERSITY OF TRINIDAD & TOBAGO

Computer Security: Principles and Practice

Lecture 9 - Network Security TDTS (ht1)

Cryptography and Network Security Chapter 9

Network Security in Practice

Network Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015

Network Security. Outline of the Tutorial

First Semester Examinations 2011/12 INTERNET PRINCIPLES

Chapter 8. Network Security

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Message Authentication Codes

Common Pitfalls in Cryptography for Software Developers. OWASP AppSec Israel July The OWASP Foundation

Network Security. Security. Security Services. Crytographic algorithms. privacy authenticity Message integrity. Public key (RSA) Message digest (MD5)

Notes on Network Security Prof. Hemant K. Soni

IPSEC: IKE. Markus Hidell Based on material by Vitaly Shmatikov, Univ. of Texas, and by the previous course teachers

How To Understand And Understand The History Of Cryptography

ECE 428 Network Security

Advanced Cryptography

Final Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket

CS 758: Cryptography / Network Security

CS5008: Internet Computing

CSC474/574 - Information Systems Security: Homework1 Solutions Sketch

Chapter 8 Network Security

Secure Network Communication Part II II Public Key Cryptography. Public Key Cryptography

How To Encrypt With A 64 Bit Block Cipher

Chapter 8. Computer Networking: A Top Down Approach, 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, sl April Thanks and enjoy!

An Efficient data storage security algorithm using RSA Algorithm

Cryptography & Digital Signatures

Chapter 8. Cryptography Symmetric-Key Algorithms. Digital Signatures Management of Public Keys Communication Security Authentication Protocols

Introduction. Where Is The Threat? Encryption Methods for Protecting Data. BOSaNOVA, Inc. Phone: Web:

Cryptography and Network Security

Data Communications & Networks. Session 11 Main Theme Network Security. Dr. Jean-Claude Franchitti

CSci 530 Midterm Exam. Fall 2012

Security: Focus of Control. Authentication

Chapter 7 Transport-Level Security

Security vulnerabilities in the Internet and possible solutions

Lecture 9: Application of Cryptography

Cryptography: Motivation. Data Structures and Algorithms Cryptography. Secret Writing Methods. Many areas have sensitive information, e.g.

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt

NEW HORIZON COLLEGE OF ENGINEERING, BANGALORE CLOUD COMPUTING ASSIGNMENT Explain any six benefits of Software as Service in Cloud computing?

Cryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur

Secure Network Communication Based on Text-to-Image Encryption

NETWORK SECURITY. Farooq Ashraf. Department of Computer Engineering King Fahd University of Petroleum and Minerals Dhahran 31261, Saudi Arabia

Cryptography and Network Security

Transcription:

hapter 7: Network security Founations: what is security? cryptography authentication message integrity key istribution an certification Friens an enemies: lice, ob, Truy Figure 7.1 goes here well-known in network security worl ob, lice want to communicate securely Truy, the intruer may intercept, elete, a messages 7: Network Security 1 7: Network Security 2 What is network security? Secrecy: only sener, intene receiver shoul unerstan msg contents sener encrypts msg receiver ecrypts msg uthentication: sener, receiver want to confirm ientity of each other Message Integrity: sener, receiver want to ensure message not altere (in transit, or afterwars) without etection Internet security threats Packet sniffing: broacast meia promiscuous NI reas all packets passing by can rea all unencrypte ata (e.g. passwors) e.g.: sniffs s packets src: est: payloa 7: Network Security 3 7: Network Security 4

Internet security threats IP Spoofing: can generate raw IP packets irectly from application, putting any value into IP source aress fiel receiver can t tell if source is spoofe e.g.: pretens to be Internet security threats Denial of service (DOS): floo of maliciously generate packets swamp receiver Distribute DOS (DDOS): multiple coorinate sources swamp receiver e.g., an remote host -attack src: est: payloa 7: Network Security 5 7: Network Security 6 The language of cryptography Symmetric key cryptography plaintext K ciphertext K plaintext substitution cipher: substituting one thing for another monoalphabetic cipher: substitute one letter for another Figure 7.3 goes here plaintext: abcefghijklmnopqrstuvwxyz ciphertext: mnbvcxzasfghjklpoiuytrewq E.g.: Plaintext: bob. i love you. alice ciphertext: nkn. s gktc wky. mgsbc symmetric key crypto: sener, receiver keys ientical public-key crypto: encrypt key public, ecrypt key secret 7: Network Security 7 Q: How har to break this simple cipher?: brute force (how har?) other? 7: Network Security 8

Symmetric key crypto: DES DES: Data Encryption Stanar US encryption stanar [NIST 1993] 56-bit symmetric key, 64 bit plaintext input How secure is DES? DES hallenge: 56-bit-key-encrypte phrase ( Strong cryptography makes the worl a safer place ) ecrypte (brute force) in 4 months no known backoor ecryption approach making DES more secure use three keys sequentially (3-DES) on each atum use cipher-block chaining Symmetric key crypto: DES DES operation initial permutation 16 ientical rouns of function application, each using ifferent 48 bits of key final permutation 7: Network Security 9 7: Network Security 10 Public Key ryptography Public key cryptography symmetric key crypto requires sener, receiver know share secret key Q: how to agree on key in first place (particularly if never met )? public key cryptography raically ifferent approach [Diffie- Hellman76, RS78] sener, receiver o not share secret key encryption key public (known to all) ecryption key private (known only to receiver) Figure 7.7 goes here 7: Network Security 11 7: Network Security 12

Public key encryption algorithms Two inter-relate requirements: 1 2.. nee ( ) an e ( ) such that (e (m)) = m nee public an private keys for (.) an e (.) RS: Rivest, Shamir, elson algorithm RS: hoosing keys 1. hoose two large prime numbers p, q. (e.g., 1024 bits each) 2. ompute n = pq, z = (p-1)(q-1) 3. hoose e (with e<n) that has no common factors with z. (e, z are relatively prime ). 4. hoose such that e-1 is exactly ivisible by z. (in other wors: e mo z = 1 ). 5. Public key is (n,e). Private key is (n,). 7: Network Security 13 7: Network Security 14 RS: Encryption, ecryption 0. Given (n,e) an (n,) as compute above 1. To encrypt bit pattern, m, compute c = me e mo n (i.e., remainer when m is ivie by n) 2. To ecrypt receive bit pattern, c, compute m = c mo n (i.e., remainer when c is ivie by n) RS example: ob chooses p=5, q=7. Then n=35, z=24. e=5 (so e, z relatively prime). =29 (so e-1 exactly ivisible by z. encrypt: letter m m e c = m e mo n l 12 1524832 17 Magic happens! m = (me mo n) mo n ecrypt: c c m = c mo n 17 481968572106750915091411825223072000 12 letter l 7: Network Security 15 7: Network Security 16

RS: Why: m = (me mo n) e (m mo n) mo n = m e mo n mo n Number theory result: If p,q prime, n = pq, then y ymo (p-1)(q-1) x mo n = x mo n e mo (p-1)(q-1) = m mo n (using number theory result above) 1 = m mo n = m (since we chose e to be ivisible by (p-1)(q-1) with remainer 1 ) 7: Network Security 17

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information