Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Chapter 10 Network Security. 2 Security Requirements zConfidentiality zIntegrity zAvailability.

Published byBrayan Brick Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Chapter 10 Network Security. 2 Security Requirements zConfidentiality zIntegrity zAvailability."— Presentation transcript:

1 1 Chapter 10 Network Security

2 2 Security Requirements zConfidentiality zIntegrity zAvailability

3 3 Security Threats

4 4 Encryption – Ingredients (Conventional)

5 5 Encryption – Basics zRequirements yStrong encryption algorithm ySender and receiver must obtain secret key securely yOnce key is known, all communication using this key is readable zAttacks yCrypt analysis yBrute force

6 6 Encryption – Algorithms zBlock cipher yProcess plain text in fixed block sizes producing block of cipher text of equal size zSchemes/algorithms  DES – Data Encryption Standard  DEA – Data Encryption Algoritm  TDEA – Triple Data Encryption Algoritm

7 7 Encryption - DES Algorithm

8 8 Encryption – Strength of DES zDeclared insecure in 1998 zElectronic Frontier Foundation zDES Cracker machine zDES now worthless zAlternatives include TDEA

9 9 Encryption – Location of Encryption Devices

10 10 Encryption – Key Distribution zKey selected by A and delivered to B zThird party selects key and delivers to A and B zUse old key to encrypt and transmit new key from A to B zUse old key to transmit new key from third party to A and B

11 11 Encryption – Automatic Key Distribution

12 12 Authentication – Basics zProtection against active attacks zAuthentication allows receiver to verify that message is authentic yMessage has not been altered yMessage is from authentic source yMessage timeliness zAuthentication may be achieved using encryption

13 13 Authentication – Without Encryption zAdvantages of authentication without encryption yEncryption is slow yEncryption hardware expensive yEncryption hardware optimized to large data yAlgorithms covered by patents yAlgorithms subject to export controls (from USA) zAuthentication tag generated and appended to each message

14 14 Authentication – Using Message Authentication Code

15 15 Authen- tication - Using One Way Hash

16 16 Authentication – Secure Hash Functions zHash function must have following properties yCan be applied to any size data block yProduce fixed length output yEasy to compute yNot feasible to reverse yNot feasible to find two message that give the same hash zExample: The SHA-1 Secure Hash Function

17 17 Public Key Encryption – Basics zBased on mathematical algorithms zAsymmetric yUse two separate keys yOne key made public yOther key kept private zEither key can be used for encryption, the other for decryption zInfeasible to determine decryption key given encryption key and algorithm

18 18 Public Key Encryption - Ingredients

19 19 Public Key Encryption – Digital Signature zSender encrypts message with their private key zReceiver can decrypt using senders public key zThis authenticates sender, who is only person who has the matching key

20 20 Public Key Encryption – RSA Algorithm

21 21 Public Key Encryption – RSA Example

22 22 IP Security – Basics zIPSec zExample applications ySecure branch office connectivity over Internet ySecure remote access over Internet yExtranet and intranet connectivity yEnhanced electronic commerce security

23 23 IP Security – Scope and Modes zIPSec scope yAuthentication header (AH) yEncapsulated security payload (ESP) yKey exchange zTransport mode yProtection for upper layer protocols yExtends to payload of IP packet yEnd to end between hosts zTunnel mode yProtection for IP packet  Entire packet treated as payload for “ outer ” IP packet  No routers examine “ inner ” packet yMay be implemented at firewall

24 24 Summary zIntro yRequirements (CIA) yAttacks and defences zEncryption (incl. DES) zAuthentication (incl. MAC and one way hash) zPublic-key encryption (incl. digital signatures) zIP security

Download ppt "1 Chapter 10 Network Security. 2 Security Requirements zConfidentiality zIntegrity zAvailability."

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Internet Security CSCE 813 IPsec

Internet Security CSCE 813 IPsec
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
Computer Networks with Internet Technology William Stallings Chapter 16 Network Security.

Computer Networks with Internet Technology William Stallings Chapter 16 Network Security.
Sri Lanka Institute of Information Technology

Sri Lanka Institute of Information Technology
IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.

IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Information Security Principles & Applications Topic 4: Message Authentication 虞慧群

Information Security Principles & Applications Topic 4: Message Authentication 虞慧群
Henric Johnson1 Chapter 6 IP Security Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter 6 IP Security Henric Johnson Blekinge Institute of Technology, Sweden
Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.

Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.
Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.

Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.
Henric Johnson1 Ola Flygt Växjö University, Sweden +46 470 70 86 49 IP Security.

Henric Johnson1 Ola Flygt Växjö University, Sweden IP Security.
Henric Johnson1 Chapter 6 IP Security. Henric Johnson2 Outline Internetworking and Internet Protocols IP Security Overview IP Security Architecture Authentication.

Henric Johnson1 Chapter 6 IP Security. Henric Johnson2 Outline Internetworking and Internet Protocols IP Security Overview IP Security Architecture Authentication.
1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.

1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Chapter 18: Network Security Business Data Communications, 5e.

Chapter 18: Network Security Business Data Communications, 5e.
Cryptographic Technologies

Cryptographic Technologies
Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Chapter 6 IP Security. Outline Internetworking and Internet Protocols (Appendix 6A) IP Security Overview IP Security Architecture Authentication Header.

Chapter 6 IP Security. Outline Internetworking and Internet Protocols (Appendix 6A) IP Security Overview IP Security Architecture Authentication Header.

Similar presentations

Ads by Google