Security in Distributed Systems. Network Security



Similar documents
Network Security. Network Security. Security in Computer Networks

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Chapter 7: Network security

Network Security. HIT Shimrit Tzur-David

Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology

TELE 301 Network Management. Lecture 18: Network Security

CS 348: Computer Networks. - Security; 30 th - 31 st Oct Instructor: Sridhar Iyer IIT Bombay

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Principles of Network Security

Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai Siemens AG 2001, ICN M NT

Security. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key

Network Security Technology Network Management

Advanced Cryptography

CSCE 465 Computer & Network Security

Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 Phone: 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室

SECURITY IN NETWORKS

Security: Focus of Control. Authentication

ELECTRONIC COMMERCE OBJECTIVE QUESTIONS

Network Security. Omer Rana

NETWORK SECURITY. Farooq Ashraf. Department of Computer Engineering King Fahd University of Petroleum and Minerals Dhahran 31261, Saudi Arabia

What is network security?

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Properties of Secure Network Communication

Network Security (2) CPSC 441 Department of Computer Science University of Calgary

Network Security. Security. Security Services. Crytographic algorithms. privacy authenticity Message integrity. Public key (RSA) Message digest (MD5)

Savitribai Phule Pune University

CSE/EE 461 Lecture 23

Symmetric Key cryptosystem

FAREY FRACTION BASED VECTOR PROCESSING FOR SECURE DATA TRANSMISSION

First Semester Examinations 2011/12 INTERNET PRINCIPLES

CRYPTOGRAPHY IN NETWORK SECURITY

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

The Mathematics of the RSA Public-Key Cryptosystem

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

Chapter 8 Network Security

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Client Server Registration Protocol

Cryptography and Network Security Chapter 9

Network Security. Outline of the Tutorial

CS5008: Internet Computing

CS 758: Cryptography / Network Security

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Lukasz Pater CMMS Administrator and Developer

Computer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University

Techniques of Asymmetric File Encryption. Alvin Li Thomas Jefferson High School For Science and Technology Computer Systems Lab

EDA385 Embedded Systems Design. Advanced Course

Chapter 10. Network Security

Cryptography and Network Security

Cryptography and Network Security

Cryptography: Motivation. Data Structures and Algorithms Cryptography. Secret Writing Methods. Many areas have sensitive information, e.g.

Common Pitfalls in Cryptography for Software Developers. OWASP AppSec Israel July The OWASP Foundation

Cornerstones of Security

Network Security #10. Overview. Encryption Authentication Message integrity Key distribution & Certificates Secure Socket Layer (SSL) IPsec

7! Cryptographic Techniques! A Brief Introduction

Ky Vu DeVry University, Atlanta Georgia College of Arts & Science

An Efficient Data Security in Cloud Computing Using the RSA Encryption Process Algorithm

Security Sensor Network. Biswajit panja

Overview/Questions. What is Cryptography? The Caesar Shift Cipher. CS101 Lecture 21: Overview of Cryptography

Notes on Network Security Prof. Hemant K. Soni

Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering

CSC474/574 - Information Systems Security: Homework1 Solutions Sketch

Application Layer (1)

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt

RSA Cryptography Algorithm: An Impressive Tool in Decreasing Intrusion Detection System Vulnerabilities in Network Security

AC76/AT76 CRYPTOGRAPHY & NETWORK SECURITY DEC 2014

EXAM questions for the course TTM Information Security May Part 1

Forward Secrecy: How to Secure SSL from Attacks by Government Agencies

SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES

WEBARROW: A CASE STUDY OF SECURE WEB DEPLOYMENT

E-Commerce Security. The Client-Side Vulnerabilities. Securing the Data Transaction LECTURE 7 (SECURITY)

SY system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users.

Three attacks in SSL protocol and their solutions

SAMPLE EXAM QUESTIONS MODULE EE5552 NETWORK SECURITY AND ENCRYPTION ECE, SCHOOL OF ENGINEERING AND DESIGN BRUNEL UNIVERSITY UXBRIDGE MIDDLESEX, UK

Block encryption. CS-4920: Lecture 7 Secret key cryptography. Determining the plaintext ciphertext mapping. CS4920-Lecture 7 4/1/2015

Network Security Fundamentals

Lecture 3: One-Way Encryption, RSA Example

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

Introduction to Hill cipher

Network Security: Cryptography CS/SS G513 S.K. Sahay

Computer Networks - CS132/EECS148 - Spring

Insight Guide. Encryption: A Guide

Secure Network Communication Part II II Public Key Cryptography. Public Key Cryptography

AN IMPLEMENTATION OF HYBRID ENCRYPTION-DECRYPTION (RSA WITH AES AND SHA256) FOR USE IN DATA EXCHANGE BETWEEN CLIENT APPLICATIONS AND WEB SERVICES

Security & Privacy on the WWW. Topic Outline. Information Security. Briefing for CS4173

Final exam review, Fall 2005 FSU (CIS-5357) Network Security

Public Key Cryptography Overview

How To Understand And Understand The History Of Cryptography

Cryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur

Cryptography Exercises

Lecture 6 - Cryptography

SFWR ENG 4C03 - Computer Networks & Computer Security

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

RSA Attacks. By Abdulaziz Alrasheed and Fatima

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

Transcription:

Security in Distributed Systems Introduction Cryptography Authentication Key exchange Computer Science Lecture 18, page 1 Network Security Intruder may eavesdrop remove, modify, and/or insert messages read and playback messages Computer Science Lecture 18, page 2

Issues Important issues: cryptography: secrecy of info being transmitted authentication: proving who you are and having correspondent prove his/her/its identity Computer Science Lecture 18, page 3 Security in Computer Networks User resources: login passwords often transmitted unencrypted in TCP packets between applications (e.g., telnet, ftp) passwords provide little protection Computer Science Lecture 18, page 4

Security Issues Network resources: often completely unprotected from intruder eavesdropping, injection of false messages mail spoofs, router updates, ICMP messages, network management messages Bottom line: intruder attaching his/her machine (access to OS code, root privileges) onto network can override many systemprovided security measures users must take a more active role Computer Science Lecture 18, page 5 Encryption plaintext: unencrypted message ciphertext: encrypted form of message Intruder may intercept ciphertext transmission intercept plaintext/ciphertext pairs obtain encryption decryption algorithms Computer Science Lecture 18, page 6

A simple encryption algorithm Substitution cipher: abcdefghijklmnopqrstuvwxyz poiuytrewqasdfghjklmnbvczx replace each plaintext character in message with matching ciphertext character: plaintext: Charlotte, my dear ciphertext: iepksgmmy, dz uypk Computer Science Lecture 18, page 7 Encryption Algo (contd) key is pairing between plaintext characters and ciphertext characters symmetric key: sender and receiver use same key 26! (approx 10^26) different possible keys: unlikely to be broken by random trials substitution cipher subject to decryption using observed frequency of letters 'e' most common letter, 'the' most common word Computer Science Lecture 18, page 8

DES: Data Encryption Standard encrypts data in 64-bit chunks encryption/decryption algorithm is a published standard everyone knows how to do it substitution cipher over 64-bit chunks: 56-bit key determines which of 56! substitution ciphers used substitution: 19 stages of transformations, 16 involving functions of key Computer Science Lecture 18, page 9 Symmetric Cryptosystems: DES (1) a) The principle of DES b) Outline of one encryption round Computer Science Lecture 18, page 10

Symmetric Cryptosystems: DES (2) Details of per-round key generation in DES. Computer Science Lecture 18, page 11 Key Distribution Problem Problem: how do communicant agree on symmetric key? N communicants implies N keys Trusted agent distribution: keys distributed by centralized trusted agent any communicant need only know key to communicate with trusted agent for communication between i and j, trusted agent will provide a key Computer Science Lecture 18, page 12

Key Distribution We will cover in more detail shortly Computer Science Lecture 18, page 13 Public Key Cryptography separate encryption/decryption keys receiver makes known (!) its encryption key receiver keeps its decryption key secret to send to receiver B, encrypt message M using B's publicly available key, EB send EB(M) to decrypt, B applies its private decrypt key DB to receiver message: computing DB( EB(M) ) gives M Computer Science Lecture 18, page 14

Public Key Cryptography knowing encryption key does not help with decryption; decryption is a non-trivial inverse of encryption only receiver can decrypt message Question: good encryption/decryption algorithms Computer Science Lecture 18, page 15 RSA: public key encryption/decryption RSA: a public key algorithm for encrypting/decrypting Entity wanting to receive encrypted messages: choose two prime numbers, p, q greater than 10^100 compute n=pq and z = (p-1)(q-1) choose number d which has no common factors with z compute e such that ed = 1 mod z, i.e., integer-remainder( (ed) / ((p-1)(q-1)) ) = 1, i.e., ed = k(p-1)(q-1) +1 three numbers: e, n made public d kept secret Computer Science Lecture 18, page 16

RSA (continued) to encrypt: divide message into blocks, {b_i} of size j: 2^j < n encrypt: encrypt(b_i) = b_i^e mod n to decrypt: b_i = encrypt(b_i)^d to break RSA: need to know p, q, given pq=n, n known factoring 200 digit n into primes takes 4 billion years using known methods Computer Science Lecture 18, page 17 RSA example choose p=3, q=11, gives n=33, (p-1)(q- 1)=z=20 choose d = 7 since 7 and 20 have no common factors compute e = 3, so that ed = k(p-1)(q-1)+1 (note: k=1 here) Computer Science Lecture 18, page 18

Further notes on RSA why does RSA work? crucial number theory result: if p, q prime then b_i^((p-1)(q-1)) mod pq = 1 using mod pq arithmetic: (b^e)^d = b^{ed} = b^{k(p-1)(q-1)+1} for some k = b b^(p-1)(q-1) b^(p-1)(q-1)... b^(p-1)(q-1) = b 1 1... 1 = b Note: we can also encrypt with d and encrypt with e. this will be useful shortly Computer Science Lecture 18, page 19 How to break RSA? Brute force: get B's public key for each possible b_i in plaintext, compute b_i^e for each observed b_i^e, we then know b_i moral: choose size of b_i "big enough" Computer Science Lecture 18, page 20

Breaking RSA man-in-the-middle: intercept keys, spoof identity: Computer Science Lecture 18, page 21

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information