Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Security Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography (confidentiality) 8.3 Message integrity 8.4 End-point authentication.

Published byRuby Holland Modified over 8 years ago

Similar presentations

Presentation on theme: "Network Security Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography (confidentiality) 8.3 Message integrity 8.4 End-point authentication."— Presentation transcript:

1 Network Security Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography (confidentiality) 8.3 Message integrity 8.4 End-point authentication 8.5 Securing e-mail (application) 8.6 Securing TCP connections: SSL (transport) 8.7 Network layer security: IPsec (network) 8.8 Securing wireless LANs (MAC) 8.9 Operational security: firewalls and IDS

2 Network Security Secure e-mail  Alice wants to send secure e-mail, m, to Bob  confidentiality  sender authentication  message integrity  receiver authentication Confidentiality  Symmetric key  key distribution issue  public key encryption  but not efficient for long messages  (symmetric, private) session key

3 Network Security Secure e-mail (confidentiality) Alice:  generates random symmetric private session key, K S  encrypts message with K S (for efficiency)  also encrypts K S with Bob’s public key  sends both K S (m) and K B (K S ) to Bob  Alice wants to send confidential e-mail, m, to Bob. K S ( ). K B ( ). + + K S (m ) K B (K S ) + m KSKS KBKB + Internet KSKS

4 Network Security Secure e-mail (confidentiality) Bob:  uses his private key to decrypt and recover K S  uses K S to decrypt K S (m) to recover m  Alice wants to send confidential e-mail, m, to Bob. K S ( ). K B ( ). + + - K S (m ) K B (K S ) + m KSKS KSKS KBKB + Internet K S ( ). K B ( ). - KBKB - KSKS m K S (m ) K B (K S ) +

5 Network Security Secure e-mail (auth. + msg integrity) Alice wants to provide sender authentication & message integrity (but no confidentiality)  Alice digitally signs message (digital signature)  sends both message (in the clear) and digital signature H( ). K A ( ). - + - H(m ) K A (H(m)) - m KAKA - Internet m K A ( ). + KAKA + K A (H(m)) - m H( ). H(m ) compare

6 Network Security Secure e-mail (all)  Alice wants to provide confidentiality, sender authentication, and message integrity. Alice uses three keys: her private key, Bob’s public key, newly created symmetric key H( ). K A ( ). - + K A (H(m)) - m KAKA - m K S ( ). K B ( ). + + K B (K S ) + KSKS KBKB + Internet KSKS

7 Network Security Secure e-mail (all)  Alice wants to provide confidentiality, sender authentication, and message integrity. Alice uses three keys: her private key, Bob’s public key, newly created symmetric key H( ). K A ( ). - + K A (H(m)) - m KAKA - m K S ( ). K B ( ). + + K B (K S ) + KSKS KBKB + Internet KSKS

8 Network Security Secure e-mail (all) Alice and Bob to obtain each other’s public keys!  certify public keys using CA (CA-signed certificates)  receiver authentication

Download ppt "Network Security Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography (confidentiality) 8.3 Message integrity 8.4 End-point authentication."

Similar presentations

8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on the use of these.

8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on the use of these.
PGP Overview 2004/11/30 Information-Center meeting peterkim.

PGP Overview 2004/11/30 Information-Center meeting peterkim.
Data Security 101 Part 1: PKI and SSL. Reading First, read the VeriSign case, –page 294-297 Second, read section 5.3 –pages 268-279 Finally, briefly skim.

Data Security 101 Part 1: PKI and SSL. Reading First, read the VeriSign case, –page Second, read section 5.3 –pages Finally, briefly skim.
Chapter 8 Network Security Computer Networking: A Top Down Approach, 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2009.

Chapter 8 Network Security Computer Networking: A Top Down Approach, 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2009.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
8-1 Internet security threats Mapping: m before attacking: gather information – find out what services are implemented on network  Use ping to determine.

8-1 Internet security threats Mapping: m before attacking: gather information – find out what services are implemented on network  Use ping to determine.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Chapter 31 Network Security

Chapter 31 Network Security
24-1 Last time □ Message Integrity □ Authentication □ Key distribution and certification.

24-1 Last time □ Message Integrity □ Authentication □ Key distribution and certification.
ECE453 – Introduction to Computer Networks Lecture 18 – Network Security (I)

ECE453 – Introduction to Computer Networks Lecture 18 – Network Security (I)
Network Security7-1 Today r Collect Ch6 HW r Assign Ch7 HW m Ch7 #2,3,4,5,7,9,10,12 m Due Wednesday Nov 19 r Continue with Chapter 7 (Security)

Network Security7-1 Today r Collect Ch6 HW r Assign Ch7 HW m Ch7 #2,3,4,5,7,9,10,12 m Due Wednesday Nov 19 r Continue with Chapter 7 (Security)
Secure e-mail r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.

Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.
Secure connections.

Secure connections.
1-1 1DT066 Distributed Information System Chapter 8 Network Security.

1-1 1DT066 Distributed Information System Chapter 8 Network Security.
8-1Network Security Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity, authentication.

8-1Network Security Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity, authentication.
Network Security7-1 Chapter 7 Network Security Computer Networking: A Top Down Approach Featuring the Internet, 2 nd edition. Jim Kurose, Keith Ross Addison-Wesley,

Network Security7-1 Chapter 7 Network Security Computer Networking: A Top Down Approach Featuring the Internet, 2 nd edition. Jim Kurose, Keith Ross Addison-Wesley,
Chapter 8 Network Security A note on the use of these ppt slides: We’re making these slides freely available to all (faculty, students, readers). They’re.

Chapter 8 Network Security A note on the use of these ppt slides: We’re making these slides freely available to all (faculty, students, readers). They’re.
ICT 6621 : Advanced NetworkingKhaled Mahbub, IICT, BUET, 2008 Lecture 12 Network Security (2)

ICT 6621 : Advanced NetworkingKhaled Mahbub, IICT, BUET, 2008 Lecture 12 Network Security (2)
Final Exam Review Knowledge questions True or false statement (explain why) Protocol Calculation Cover the second half contents.

Final Exam Review Knowledge questions True or false statement (explain why) Protocol Calculation Cover the second half contents.
Chapter 8, slide: 1 ECE/CS 372 – introduction to computer networks Lecture 18 Announcements: r Final exam will take place August 13 th,2012 r HW4 and Lab5.

Chapter 8, slide: 1 ECE/CS 372 – introduction to computer networks Lecture 18 Announcements: r Final exam will take place August 13 th,2012 r HW4 and Lab5.

Similar presentations

Ads by Google