Cryptographic Protocols

Slides:

Advertisements

Similar presentations

IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.

Advertisements

Internet Protocol Security (IP Sec)

Secure Mobile IP Communication

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

Internet Security CSCE 813 IPsec

CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication Security Security Secure Sockets Layer Secure.

IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.

Security at the Network Layer: IPSec

Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.

Cryptography and Network Security Chapter 16 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Crypto – chapter 16 - noack Introduction to network stcurity Chapter 16 - Stallings.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

K. Salah1 Security Protocols in the Internet IPSec.

What is in Presentation What is IPsec Why is IPsec Important IPsec Protocols IPsec Architecture How to Implement IPsec in linux.

Protocol Basics. IPSec Provides two modes of protection –Tunnel Mode –Transport Mode Authentication and Integrity Confidentiality Replay Protection.

SYSTEM ADMINISTRATION Chapter 13 Security Protocols.

32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.

1 Chapter 8 Copyright 2003 Prentice-Hall Cryptographic Systems: SSL/TLS, VPNs, and Kerberos.

1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.

Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

IT:Network:Apps.  RRAS does nice job of routing ◦ NAT is nice ◦ BASIC firewall ok but somewhat weak  Communication on network (WS to SRV) is in clear.

Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.

1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.

Karlstad University IP security Ge Zhang

IPsec IPsec (IP security) Security for transmission over IP networks –The Internet –Internal corporate IP networks –IP packets sent over public switched.

IPsec Introduction 18.2 Security associations 18.3 Internet Security Association and Key Management Protocol (ISAKMP) 18.4 Internet Key Exchange.

11 SECURING NETWORK COMMUNICATION Chapter 9. Chapter 9: SECURING NETWORK COMMUNICATION2 OVERVIEW  List the major threats to network communications. 

IPSec ● IP Security ● Layer 3 security architecture ● Enables VPN ● Delivers authentication, integrity and secrecy ● Implemented in Linux, Cisco, Windows.

IP Security: Security Across the Protocol Stack. IP Security There are some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS.

Chapter 32 Internet Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Virtual Private Network. ATHENA Main Function of VPN  Privacy  Authenticating  Data Integrity  Antireplay.

IP security Ge Zhang Packet-switched network is not Secure! The protocols were designed in the late 70s to early 80s –Very small network.

IPSec and TLS Lesson Introduction ●IPSec and the Internet key exchange protocol ●Transport layer security protocol.

Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol.

1 Lecture 13 IPsec Internet Protocol Security CIS CIS 5357 Network Security.

Security IPsec 1 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Cryptography and Network Security (CS435) Part Thirteen (IP Security)

IPSec – IP Security Protocol By Archis Raje. What is IPSec IP Security – set of extensions developed by IETF to provide privacy and authentication to.

IPSec is a suite of protocols defined by the Internet Engineering Task Force (IETF) to provide security services at the network layer. standard protocol.

Network Layer Security Network Systems Security Mort Anvari.

K. Salah1 Security Protocols in the Internet IPSec.

Securing Access to Data Using IPsec Josh Jones Cosc352.

IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.

Lecture 10 Page 1 CS 236 Online Encryption and Network Security Cryptography is widely used to protect networks Relies on encryption algorithms and protocols.

11 SECURING NETWORK TRAFFIC WITH IPSEC Chapter 6.

第六章 IP 安全. Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

VPNs & IPsec Dr. X Slides adopted by Prof. William Enck, NCSU.

Virtual Private Networks and IPSec

IPSec Detailed Description and VPN

Chapter 5 Network Security Protocols in Practice Part I

UNIT 7- IP Security 1.IP SEC 2.IP Security Architecture

Version B.00 H7076S Module 3 Slides

Encryption and Network Security

Chapter 18 IP Security  IP Security (IPSec)

Internet and Intranet Fundamentals

UNIT.4 IP Security.

IPSec IPSec is communication security provided at the network layer.

CSE565: Computer Security Lecture 23 IP Security

Cryptography and Network Security

9.2 SECURE CHANNELS Medisetty Swathy.

תרגול 11 – אבטחה ברמת ה-IP – IPsec

Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls

Cryptography and Network Security

Presentation transcript:

Cryptographic Protocols By: Kirti Chawla

Set of rules that ensure that source, transit Introduction Needs & Necessity Standard Protocols An Example Looking Back Set of rules that ensure that source, transit and destination exchanges and retains information in secure way.

Information is not confined We need to exchange information Introduction Needs & Necessity Standard Protocols An Example Looking Back Information is not confined We need to exchange information Standard means of exchanging information

Key exchange protocols Introduction Needs & Necessity Standard Protocols An Example Looking Back Categories Examples Secret sharing Key exchange protocols Identity Authentication protocols Presence of Secret Zero-knowledge proofs Channel Subliminal channel Group Secrets Secure multiparty computation

Key exchange protocols Introduction Needs & Necessity Standard Protocols An Example Looking Back Sender Receiver A key that should be kept secret It is required to be shared Should be valid for a session only

Authentication protocols Introduction Needs & Necessity Standard Protocols An Example Looking Back Home Mobile You need to access resource that are displaced You need to prove your identity without physical relocation Should be time-bound access to resources

Prove possession of secret but don’t divulge it Zero knowledge proofs Introduction Needs & Necessity Standard Protocols An Example Looking Back A Q User Challenger/System Prove possession of secret but don’t divulge it A basic element called trust is there, although however minimum Access to resource based upon this proof

Secret has to go under the eyes of Scrutinizer Subliminal channel Introduction Needs & Necessity Standard Protocols An Example Looking Back Scrutinizer Sender Receiver Secret has to go under the eyes of Scrutinizer The message should appear “innocuous” to Scrutinizer Sender and receiver know the scheme to get secret

Secure multiparty computation Introduction Needs & Necessity Standard Protocols An Example Looking Back Sender Receiver Each member has secret that should not be shared All know the combined result No member can stop or delay any information that’s circulating

Security Protocols Kerberos IPSec SSL/HTTPS Introduction Needs & Necessity Standard Protocols An Example Looking Back Security Protocols Kerberos IPSec SSL/HTTPS

IPSec Introduction Needs & Necessity Standard Protocols An Example Looking Back A set of rules for protecting data at IP layer. It supports both authentication and security of data-packets originating from IP based network. Transport IP-Header Payload Tunnel IP-Header IP-Header Payload

Transport with AH header Authentication Introduction Needs & Necessity Standard Protocols An Example Looking Back IPSec supports authentication by non-repudiation of payload and/or complete packet. The header is called AH or Authentication Header. Transport with AH header IP-header AH-header Payload Tunnel with AH header IP-Header AH-header IP-header Payload

Transport with ESP header Security Introduction Needs & Necessity Standard Protocols An Example Looking Back IPSec supports security by encrypting of payload and/or complete packet. The header is called ESP or Encapsulated Security Payload. Transport with ESP header IP-header ESP-header Payload Tunnel with ESP header IP-Header ESP-header IP-header Payload

Security Associations Introduction Needs & Necessity Standard Protocols An Example Looking Back Security Association is collection of facts that allows two parties to maintain a secure session. All security associations contain certain parameters and destination address. Security Association Database Authentication & security algorithms used Keys used for both algorithms Lifetime of key Lifetime of SA Sensitivity level Structure of SA

How it works ? Authentication Introduction Needs & Necessity Standard Protocols An Example Looking Back Authentication Public Network Security Public Network

Kerberos Introduction Needs & Necessity Standard Protocols An Example Looking Back It’s authentication protocol, which allows controlled and legitimate usage of resources by it’s users.

Components Introduction Needs & Necessity Standard Protocols An Example Looking Back A User who wishes to use some resources on network A Key Distribution Center that gives user a session key, when he logs in. An Authentication Server which authenticates user. A Ticket Granting Server which allows usage of multiple resources on network.

… 1 2 N How it works ? Introduction Needs & Necessity Standard Protocols An Example Looking Back … User AS KDC 1 2 N TGS

Realms Introduction Needs & Necessity Standard Protocols An Example Looking Back KDC Network 2 Network 1 TGS TGS AS AS AS User Network 3 Network N TGS AS TGS

SSL/HTTPS Introduction Needs & Necessity Standard Protocols An Example Looking Back It’s a session or application level protocol to ensure security. SSL is Secure Socket Layer and HTTPS is Secure Hyper Text Transfer Protocol.

Components Introduction Needs & Necessity Standard Protocols An Example Looking Back A User who wishes to use some resources or communicate with other user. A User or Server who wishes to communicate (to provide some service) with above user needs to prove his identity. A Hacker

How it works ? Introduction Needs & Necessity Standard Protocols An Example Looking Back Hello Cert Prove MAC User Server Hacker

A user needs to carry information on the go from incumbent system. Introduction Needs & Necessity Standard Protocols An Example Looking Back A user needs to carry information on the go from incumbent system. Information needs to be authenticated before it leaves incumbent system. A component in system provides mechanism of authenticating information after scrutiny based upon following measures: 1. Ask information bearer of the source of information. 2. Scrutinize based upon information at hand and their persistent knowledge.

How it works ? 2 User 3 Policy Implementer 1 Authenticating component Introduction Needs & Necessity Standard Protocols An Example Looking Back 2 User Policy Implementer 3 1 Authenticating component

Are you familiar with the protocol in previous slide ? Introduction Needs & Necessity Standard Protocols An Example Looking Back Are you familiar with the protocol in previous slide ?