1 Managing Security Additional notes. 2 Intercepting confidential messages Attacker Taps into the Conversation: Tries to Read Messages Client PC Server.

Slides:

Advertisements

Similar presentations

Boneh-Franklin Identity-based Encryption. 2 Symmetric bilinear groups G = ágñ, g p = 1 e: G G G t Bilinear i.e. e(u a, v b ) = e(u, v) ab Non-degenerate:

Advertisements

Akshat Sharma Samarth Shah

DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13

Data Security 1 El_Gamal Cryptography. Data Security2 Introduction El_Gamal is a public-key cryptosystem technique El_Gamal is a public-key cryptosystem.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Rennes, 23/10/2014 Cristina Onete Putting it all together: using multiple primitives together.

Kerberos Jean-Anne Fitzpatrick Jennifer English. What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open.

Distributed Systems CS Security – Part I Lecture 21, Nov 28, 2011 Majd F. Sakr, Vinay Kolar, Mohammad Hammoud.

YSLInformation Security -- Public-Key Cryptography1 Elliptic Curve Cryptography (ECC) For the same length of keys, faster than RSA For the same degree.

Review For Exam 3 (April 15, 2010) © Abdou Illia – Spring 2010.

Security (Part 2) School of Business Eastern Illinois University © Abdou Illia, Spring 2007 (Week 13, Thursday 4/5/2007)

Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.

Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

Cryptographic Technologies

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.

Remarks on Voting using Cryptography Ronald L. Rivest MIT Laboratory for Computer Science.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Spring 2006.

Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)

Encryption Methods By: Michael A. Scott

Network Security Sorina Persa Group 3250 Group 3250.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

Security. Cryptography Why Cryptography Symmetric Encryption – Key exchange Public-Key Cryptography – Key exchange – Certification.

Security Copyright 2003 Prentice-Hall Panko’s Business Data Networking and Telecommunications, 4 th edition.

Security Chapter 9 (October 2002) Copyright 2003 Prentice-Hall Panko’s Business Data Networking and Telecommunications, 4 th edition.

1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.

Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.

Cryptography, Authentication and Digital Signatures

E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.

Public-Key Cryptography CS110 Fall Conventional Encryption.

CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1

Chapter 17 Security. Information Systems Cryptography Key Exchange Protocols Password Combinatorics Other Security Issues 12-2.

Key Mangement Marjan Causevski Sanja Zakovska. Contents Introduction Key Management Improving Key Management End-To-End Scheme Vspace Scheme Conclusion.

DES Attacks and Triple DES

Kerberos. What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open source or in supported commercial software.

1 SSL - Secure Sockets Layer The Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) is based on SSL.

McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Security.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2004.

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

Cryptography Overview and PGP - Fort Collins, CO Copyright © XTR Systems, LLC Cryptography Overview and Pretty Good Privacy Instructor: Joseph DiVerdi,

Lecture 16: Security CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 28 Omar Meqdadi Department of Computer Science and Software Engineering.

Security School of Business Eastern Illinois University © Abdou Illia, Fall 2002 (Week 12, Wednesday 11/13/2002)

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

COSC 513 Operating Systems Project Presentation: Internet Security Instructor: Dr. Anvari Student: Ying Zhou Spring 2003.

Information Security in Distributed Systems Distributed Systems1.

McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Security PART VII.

Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does.

Ch 13 Trustworthiness Myungchul Kim

Computer Security Lecture 5 Ch.9 Public-Key Cryptography And RSA Prepared by Dr. Lamiaa Elshenawy.

Discrete Mathematical Structures: Theory and Applications 1 Cryptography (advanced extra curricular topic)  Cryptography (from the Greek words Kryptos,

Network Security Celia Li Computer Science and Engineering York University.

From Coulouris, Dollimore, Kindberg and Blair Distributed Systems: Concepts and Design Edition 5, © Addison-Wesley 2012 Slides for Chapter 11: Security.

Encryption Encryption: Transforms Message so that Interceptor Cannot Read it –Plaintext (original message) Not necessarily text; Can be graphics, etc.

6.033 Quiz3 Review Spring How can we achieve security? Authenticate agent’s identity Verify the integrity of the request Check the agent’s authorization.

Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.

Network Security  introduction  cryptography  authentication  key exchange  required reading: text section 7.1.

CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.

The Secure Sockets Layer (SSL) Protocol

Computer Communication & Networks

Group theory exercise.

Topic 1: Data, information, knowledge and processing

Figure 1-7: Eavesdropping on a Dialog

Security Attacks, Mechanisms, and Services

Presentation transcript:

1 Managing Security Additional notes

2 Intercepting confidential messages Attacker Taps into the Conversation: Tries to Read Messages Client PC Server Message Exchange

3 Protection against message interception  Cryptography is the study of creating and using encryption and decryption techniques. Plaintext is the data before any encryption has been performed Ciphertext is the data after encryption has been performed The key is the unique piece of information that is used to create ciphertext and decrypt the ciphertext back into plaintext

4 Public key Encryption-Decryption  Each partner has a private key (kept secret) and a public key (shared with everybody)  Sending  Partner A encrypts with the public key of Partner B  Partner B encrypts with the public key of Partner A  Receiving  Each receiver decrypt with its own private key Encrypt with Party B’s Public Key Partner A Partner B Decrypt with Party B’s Private Key

5 Denial-of-Service attacks  Tear Drop attacks  Make the system unusable (crash it or make it run very slowly) by sending a stream of messages. Message Stream DoS Attack (Overloads the Victim) ServerAttacker

6 Protection against DoS attacks  DoS messages Are requests messages that require responses. Include ID information that might be a false identity Sender IDRequest Security systems for protecting against DoS attacks are designed to check for suspicious elements about the sender’s ID