Network Security Chapter 8. Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic.

Slides:



Advertisements
Similar presentations
Crytography Chapter 8.
Advertisements

Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.
Introduction to Cryptography
Principles of Information Security, 2nd edition1 Cryptography.
Web Security for Network and System Administrators1 Chapter 4 Encryption.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
Cryptographic Technologies
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Network Security Chapter 8. Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Chapter 8 Network Security 4/17/2017
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
Chapter 20: Network Security Business Data Communications, 4e.
Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.
Network Security Chapter
Computer Networks, Fifth Edition by Andrew Tanenbaum and David Wetherall, © Pearson Education-Prentice Hall, 2011 Network Security Chapter 8.
Network Security Sorina Persa Group 3250 Group 3250.
Network Security Chapter Computer Networks, Fifth Edition by Andrew Tanenbaum and David Wetherall, © Pearson Education-Prentice Hall, 2011.
CN8816: Network Security1 Confidentiality, Integrity & Authentication Confidentiality - Symmetric Key Encryption Data Integrity – MD-5, SHA and HMAC Public/Private.
1 Chapter 4 Encryption. 2 Objectives In this chapter, you will: Learn the basics of encryption technology Recognize popular symmetric encryption algorithms.
Network Security E.
Internet Engineering Czesław Smutnicki Discrete Mathematics – Cryptography.
Network Security Chapter 8
1 ECE453 – Introduction to Computer Networks Lecture 19 – Network Security (II)
Network Security Chapter Computer Networks, Fifth Edition by Andrew Tanenbaum and David Wetherall, © Pearson Education-Prentice Hall, 2011.
Computer Networks NYUS FCSIT Spring 2008 Milos STOLIC, Bs.C. Teaching Assistant
Network Security. An Introduction to Cryptography The encryption model (for a symmetric-key cipher).
ECE453 – Introduction to Computer Networks Lecture 18 – Network Security (I)
1 Lecture #22: Network Security. 2 A classic lesson The chain is only as strong as its weakest link!
Introduction Cryptography: process of making and using codes to secure transmission of information Encryption: converting original message into a form.
Secure Socket Layer (SSL)
Network Security. Information secrecy-only specified parties know the information exchanged. Provided by criptography. Information integrity-the information.
Linux Networking and Security Chapter 8 Making Data Secure.
Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.
Network Security by Behzad Akbari Spring 2012 In the Name of the Most High.
每时每刻 可信安全 1The DES algorithm is an example of what type of cryptography? A Secret Key B Two-key C Asymmetric Key D Public Key A.
Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display Chapter 10 Network Security.
Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.
8.4 – 8.5 Securing & Securing TCP connections with SSL By: Amanda Porter.
Network Security David Lazăr.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Security.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED.
Chapter 7: Cryptographic Systems
Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 28 Omar Meqdadi Department of Computer Science and Software Engineering.
Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.
Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.
TCP/IP Protocol Suite 1 Chapter 30 Security Credit: most slides from Forouzan, TCP/IP protocol suit.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Security PART VII.
Network Security Chapter 8 12/13/ Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy
Invitation to Computer Science 5 th Edition Chapter 8 Information Security.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Chapter 7 : Web Security Lecture #1-Week 12 Dr.Khalid Dr. Mohannad Information Security CIT 460 Information Security Dr.Khalid Dr. Mohannad 1.
@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.
Network Security Chapter 8 Institute of Information Science and Technology. Chengdu University YiYong 2008 年 2 月 25 日.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
Opracowanie językowe dr inż. J. Jarnicki
Chapter 8 Network Security.
Network Security Chapter 8
CompTIA Security+ Study Guide (SY0-501)
Chapter 8 Network Security.
Network Security Chapter 8.
Presentation transcript:

Network Security Chapter 8

Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles

Need for Security Some people who cause security problems and why.

An Introduction to Cryptography The encryption model (for a symmetric-key cipher).

Transposition Ciphers A transposition cipher.

One-Time Pads The use of a one-time pad for encryption and the possibility of getting any possible plaintext from the ciphertext by the use of some other pad.

Quantum Cryptography An example of quantum cryptography.

Symmetric-Key Algorithms DES – The Data Encryption Standard AES – The Advanced Encryption Standard Cipher Modes Other Ciphers Cryptanalysis

Product Ciphers Basic elements of product ciphers. (a) P-box. (b) S-box. (c) Product.

Data Encryption Standard The data encryption standard. (a) General outline. (b) Detail of one iteration. The circled + means exclusive OR.

Triple DES (a) Triple encryption using DES. (b) Decryption.

AES – The Advanced Encryption Standard Rules for AES proposals 1.The algorithm must be a symmetric block cipher. 2.The full design must be public. 3.Key lengths of 128, 192, and 256 bits supported. 4.Both software and hardware implementations required 5.The algorithm must be public or licensed on nondiscriminatory terms.

AES (2) An outline of Rijndael.

AES (3) Creating of the state and rk arrays.

Electronic Code Book Mode The plaintext of a file encrypted as 16 DES blocks.

Cipher Block Chaining Mode Cipher block chaining. (a) Encryption. (b) Decryption.

Cipher Feedback Mode (a) Encryption. (c) Decryption.

Stream Cipher Mode A stream cipher. (a) Encryption. (b) Decryption.

Counter Mode Encryption using counter mode.

Cryptanalysis Some common symmetric-key cryptographic algorithms.

Public-Key Algorithms RSA Other Public-Key Algorithms

RSA An example of the RSA algorithm.

Digital Signatures Symmetric-Key Signatures Public-Key Signatures Message Digests The Birthday Attack

Symmetric-Key Signatures Digital signatures with Big Brother.

Public-Key Signatures Digital signatures using public-key cryptography.

Message Digests Digital signatures using message digests.

SHA-1 Use of SHA-1 and RSA for signing nonsecret messages.

SHA-1 (2) (a) A message padded out to a multiple of 512 bits. (b) The output variables. (c) The word array.

Management of Public Keys Certificates X.509 Public Key Infrastructures

Problems with Public-Key Encryption A way for Trudy to subvert public-key encryption.

Certificates A possible certificate and its signed hash.

X.509 The basic fields of an X.509 certificate.

Public-Key Infrastructures (a) A hierarchical PKI. (b) A chain of certificates.

Communication Security IPsec Firewalls Virtual Private Networks Wireless Security

IPsec The IPsec authentication header in transport mode for IPv4.

IPsec (2) (a) ESP in transport mode. (b) ESP in tunnel mode.

Firewalls A firewall consisting of two packet filters and an application gateway.

Virtual Private Networks (a) A leased-line private network. (b) A virtual private network.

Security Packet encryption using WEP.

Authentication Protocols Authentication Based on a Shared Secret Key Establishing a Shared Key: Diffie-Hellman Authentication Using a Key Distribution Center Authentication Using Kerberos Authentication Using Public-Key Cryptography

Authentication Based on a Shared Secret Key Two-way authentication using a challenge-response protocol.

Authentication Based on a Shared Secret Key (2) A shortened two-way authentication protocol.

Authentication Based on a Shared Secret Key (3) The reflection attack.

Authentication Based on a Shared Secret Key (4) A reflection attack on the protocol of Fig

Authentication Based on a Shared Secret Key (5) Authentication using HMACs.

Establishing a Shared Key: The Diffie-Hellman Key Exchange The Diffie-Hellman key exchange.

Establishing a Shared Key: The Diffie-Hellman Key Exchange The bucket brigade or man-in-the-middle attack.

Authentication Using a Key Distribution Center A first attempt at an authentication protocol using a KDC.

Authentication Using a Key Distribution Center (2) The Needham-Schroeder authentication protocol.

Authentication Using a Key Distribution Center (3) The Otway-Rees authentication protocol (slightly simplified).

Authentication Using Kerberos The operation of Kerberos V4.

Authentication Using Public-Key Cryptography Mutual authentication using public-key cryptography.

Security PGP – Pretty Good Privacy PEM – Privacy Enhanced Mail S/MIME

PGP – Pretty Good Privacy PGP in operation for sending a message.

PGP – Pretty Good Privacy (2) A PGP message.

Web Security Threats Secure Naming SSL – The Secure Sockets Layer Mobile Code Security

Secure Naming (a) Normal situation. (b) An attack based on breaking into DNS and modifying Bob's record.

Secure Naming (2) How Trudy spoofs Alice's ISP.

Secure DNS An example RRSet for bob.com. The KEY record is Bob's public key. The SIG record is the top-level com server's signed has of the A and KEY records to verify their authenticity.

Self-Certifying Names A self-certifying URL containing a hash of server's name and public key.

SSL—The Secure Sockets Layer Layers (and protocols) for a home user browsing with SSL.

SSL (2) A simplified version of the SSL connection establishment subprotocol.

SSL (3) Data transmission using SSL.

Java Applet Security Applets inserted into a Java Virtual Machine interpreter inside the browser.

Social Issues Privacy Freedom of Speech Copyright

Anonymous R ers Users who wish anonymity chain requests through multiple anonymous r ers.

Freedom of Speech Possibly banned material: 1.Material inappropriate for children or teenagers. 2.Hate aimed at various ethnic, religious, sexual, or other groups. 3.Information about democracy and democratic values. 4.Accounts of historical events contradicting the government's version. 5.Manuals for picking locks, building weapons, encrypting messages, etc.

Steganography (a) Three zebras and a tree. (b) Three zebras, a tree, and the complete text of five plays by William Shakespeare.