Security Outline Encryption Algorithms Authentication Protocols

Slides:



Advertisements
Similar presentations
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Advertisements

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Cryptographic Technologies
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Katz, Stoica F04 EE 122: (More) Network Security November 5, 2003.
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues1 Lecture 9: E-commerce & Business r E-Commerce r Security Issues m Secure.
CSE Computer Networks Prof. Aaron Striegel Department of Computer Science & Engineering University of Notre Dame Lecture 23 – April 6, 2010.
5-Sep-154/598N: Computer Networks Recap UDP: IP with port abstraction TCP: Reliable, in order, at most once semantics –Sliding Windows –Flow control: ensure.
CSS432 Network Security Textbook Ch8
Network Security. Cryptography Cryptography functions Secret key (e.g., DES) Public key (e.g., RSA) Message digest (e.g., MD5) Security services Privacy:
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.
Cryptography, Authentication and Digital Signatures
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
©The McGraw-Hill Companies, Inc., 2000© Adapted for use at JMU by Mohamed Aboutabl, 2003Mohamed Aboutabl1 1 Chapter 29 Internet Security.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
4-Jun-164/598N: Computer Networks Differentiated Services Problem with IntServ: scalability Idea: segregate packets into a small number of classes –e.g.,
Chapter 8 – Network Security Two main topics Cryptographic algorithms and mechanisms Firewalls Chapter may be hard to understand if you don’t have some.
Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.
1 Normal executable Infected executable Sequence of program instructions Entry Original program Entry Jump Replication and payload Viruses.
Lecture 18: Security Reading: Chapter 8 (Some material thanks to William Perrizo) ? CMSC 23300/33300 Computer Networks
Security fundamentals Topic 5 Using a Public Key Infrastructure.
CS 6401 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
1 Some Backgrounds on Network Security Rocky K. C. Chang 12 February 2003.
EE 122: Lecture 24 (Security) Ion Stoica December 4, 2001.
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
Basics of Cryptography
Security Outline Encryption Algorithms Authentication Protocols
Advanced Computer Networks
Public-Key Cryptography and Message Authentication
Cryptography Why Cryptography Symmetric Encryption
Computer Communication & Networks
Information Security message M one-way hash fingerprint f = H(M)
Chapters 14,15 Security.
Cryptography and Security Technologies
Basic Network Encryption
Information Security message M one-way hash fingerprint f = H(M)
Message Digest Cryptographic checksum One-way function Relevance
Security Outline Homework 1, selected solutions Encryption Algorithms
PART VII Security.
Security in Network Communications
Information Security message M one-way hash fingerprint f = H(M)
Taxonomy of real time applications
Lecture 4 - Cryptography
The Secure Sockets Layer (SSL) Protocol
Chapters 14,15 Security.
Chapter -7 CRYPTOGRAPHIC HASH FUNCTIONS
Public-Key, Digital Signatures, Management, Security
Security Outline Encryption Algorithms Authentication Protocols
DISTRIBUTED SYSTEMS Principles and Paradigms Second Edition ANDREW S
Chapter 3 - Public-Key Cryptography & Authentication
Chapter 29 Cryptography and Network Security
Basic Network Encryption
Advanced Computer Networks
Presentation transcript:

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls Spring 2000 CS 461

Overview Cryptography functions Security services Secret key (e.g., DES) Public key (e.g., RSA) Message digest (e.g., MD5) Security services Privacy: preventing unauthorized release of information Authentication: verifying identity of the remote participant Integrity: making sure message has not been altered Security Cryptography algorithms Public key (e.g., RSA) Secret (e.g., DES) Message digest (e.g., MD5) services Authentication Privacy integrity Spring 2000 CS 461

Secret Key (DES) Plaintext Encrypt with secret key Ciphertext Decrypt with Spring 2000 CS 461

64-bit key (56-bits + 8-bit parity) 16 rounds Each Round Initial permutation Round 1 Round 2 Round 16 56-bit key Final permutation … + F L i – 1 R K Spring 2000 CS 461

Repeat for larger messages Block 1 IV DES Cipher 2 3 4 + Spring 2000 CS 461

Public Key (RSA) Encryption & Decryption c = memod n m = cdmod n Plaintext Encrypt with public key Ciphertext Decrypt with private key Encryption & Decryption c = memod n m = cdmod n Spring 2000 CS 461

RSA (cont) Choose two large prime numbers p and q (each 256 bits) Multiply p and q together to get n Choose the encryption key e, such that e and (p - 1) x (q - 1) are relatively prime. Two numbers are relatively prime if they have no common factor greater than one Compute decryption key d such that d = e-1mod ((p - 1) x (q - 1)) Construct public key as (e, n) Construct public key as (d, n) Discard (do not disclose) original primes p and q Spring 2000 CS 461

Message Digest Cryptographic checksum One-way function Relevance just as a regular checksum protects the receiver from accidental changes to the message, a cryptographic checksum protects the receiver from malicious changes to the message. One-way function given a cryptographic checksum for a message, it is virtually impossible to figure out what message produced that checksum; it is not computationally feasible to find two messages that hash to the same cryptographic checksum. Relevance if you are given a checksum for a message and you are able to compute exactly the same checksum for that message, then it is highly likely this message produced the checksum you were given. Spring 2000 CS 461

Authentication Protocols Three-way handshake Spring 2000 CS 461

Trusted third party (Kerberos) , B A E (( T , L , K E , B (( T ), , K L , ), K , A A ), K ) B E (( A , E T (( ), T , K L ), , K , A ), K ) B K ) + 1, ( T E Spring 2000 CS 461

Public key authentication Spring 2000 CS 461

Message Integrity Protocols Digital signature using RSA special case of a message integrity where the code can only have been generated by one participant compute signature with private key and verify with public key Keyed MD5 sender: m + MD5(m + k) + E(k, private) receiver recovers random key using the sender’s public key applies MD5 to the concatenation of this random key message MD5 with RSA signature sender: m + E(MD5(m), private) decrypts signature with sender’s public key compares result with MD5 checksum sent with message Spring 2000 CS 461

Key Distribution Certificate Certified Authority (CA) special type of digitally signed document: “I certify that the public key in this document belongs to the entity named in this document, signed X.” the name of the entity being certified the public key of the entity the name of the certified authority a digital signature Certified Authority (CA) administrative entity that issues certificates useful only to someone that already holds the CA’s public key. Spring 2000 CS 461

Key Distribution (cont) Chain of Trust if X certifies that a certain public key belongs to Y, and Y certifies that another public key belongs to Z, then there exists a chain of certificates from X to Z someone that wants to verify Z’s public key has to know X’s public key and follow the chain Certificate Revocation List Spring 2000 CS 461

Firewalls Filter-Based Solution example Rest of the Internet Local site Firewall Filter-Based Solution example ( 192.12.13.14, 1234, 128.7.6.5, 80 ) (*,*, 128.7.6.5, 80 ) default: forward or not forward? how dynamic? Spring 2000 CS 461

Proxy-Based Firewalls Problem: complex policy Example: web server Solution: proxy Design: transparent vs. classical Limitations: attacks from within Company net Firewall W eb server Random external user Remote company Internet External client External HTTP/TCP connection Proxy Firewall Internal HTTP/TCP connection Local server Spring 2000 CS 461

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.