Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 31 Network Security

Published byRonald Simpson Modified over 9 years ago

Similar presentations

Presentation on theme: "Chapter 31 Network Security"— Presentation transcript:

1 Chapter 31 Network Security
Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

2 Topics discussed in this section:
SECURITY SERVICES Network security can provide five services. Four of these services are related to the message exchanged using the network. The fifth service provides entity authentication or identification. Topics discussed in this section: Message Confidentiality Message Integrity Message Authentication Message Nonrepudiation Entity Authentication

3 Figure 31.1 Security services related to the message or entity

4 Topics discussed in this section:
MESSAGE INTEGRITY Encryption and decryption provide secrecy, or confidentiality, but not integrity. However, on occasion we may not even need secrecy, but instead must have integrity. Topics discussed in this section: Document and Fingerprint Message and Message Digest Creating and Checking the Digest Hash Function Criteria Hash Algorithms: SHA-1

5 To preserve the integrity of a document,
Note To preserve the integrity of a document, both the document and the fingerprint are needed.

6 Figure 31.4 Message and message digest
Notations: m: message H(m): message digest of m by using hash function H()

7 The message digest needs to be kept secret, or unalterable by others.
Note The message digest needs to be kept secret, or unalterable by others.

8 Figure 31.5 Checking integrity
Notes: We need to make sure the digest cannot be altered by attacker

9 Figure 31.6 Criteria of a hash function
One-wayness: Cannot recover message m given its digest H(m) Weak collision resistance: Given message m, cannot generate another message m’ such that H(m’)=H(m)  ensure integrity Strong collision resistance: (a stronger requirement than above one) Sender cannot generate two messages m and m’ such that H(m)=H(m’)  ensure nonrepudation

10 Example 31.1 Can we use a conventional lossless compression method as a hashing function? Solution We cannot. A lossless compression method creates a compressed message that is reversible. You can uncompress the compressed message to get the original one.

11 Example 31.2 Can we use a checksum method as a hashing function?
Solution We cannot. A checksum function is not reversible; it meets the first criterion. However, it does not meet the other criteria. That is to say, an attacker can easily modify a message without being detected.

12 Figure 31.7 Message digest creation

13 512-bit blocks. SHA-1 has a message digest of 160 bits.
Note SHA-1 hash algorithms create an N-bit message digest out of a message of 512-bit blocks. SHA-1 has a message digest of 160 bits. Another popular hash algorithm is MD5 (message digest algorithm 5). It is an older generation than SHA-1.

14 Topics discussed in this section:
MESSAGE AUTHENTICATION A hash function per se cannot provide authentication. The digest created by a hash function can detect any modification in the message, but not authentication. Topics discussed in this section: MAC (message authentication code): can be used to ensure both integrity and authentication

15 Figure 31.9 MAC, created by Alice and checked by Bob
Message itself is unencrypted

16 Figure 31.10 HMAC (Hashed MAC): uses keyless hash function
Why not stop here? Reason: we can directly use mature keyless hash function such as SHA-1 or MD5

17 Topics discussed in this section:
DIGITAL SIGNATURE When Alice sends a message to Bob, Bob needs to check the authenticity of the sender; he needs to be sure that the message comes from Alice and not Eve. Bob can ask Alice to sign the message electronically. In other words, an electronic signature can prove the authenticity of Alice as the sender of the message. We refer to this type of signature as a digital signature. Topics discussed in this section: Comparison Need for Keys Process

18 A digital signature needs a public-key system.
Note A digital signature needs a public-key system. Notations: m: message H(m): message digest of m by using hash function H() KA- :Private key of user A KA+ :Public key of user A KAB: Symmetric key between A and B K(m): ciphertext of message m by using encryption key K

19 Figure 31.11 Signing the message itself in digital signature
Public KA+ Private KA- Provide no confidentiality (message is not secret) Problem: Too expensive to sign message itself using public key system

20 Note For message confidentiality, we use the private and public keys of the receiver; In digital signature (integrity, authentication, nonrepudation), we use the private and public keys of the sender.

21 Figure 31.12 Signing the digest in a digital signature
KA- KA+

22 Integrity Authentication Nonrepudiation
Digital signature provides three out of the five services we mentioned for security systems Integrity Authentication Nonrepudiation

23 Topics discussed in this section:
KEY MANAGEMENT We never discussed how secret keys in symmetric-key cryptography and how public keys in asymmetric-key cryptography are distributed and maintained. In this section, we touch on these two issues. We first discuss the distribution of symmetric keys; we then discuss the distribution of asymmetric keys. Topics discussed in this section: Symmetric-Key Distribution Public-Key Distribution

24 Figure 31.19 KDC (key distribution center)

25 A session symmetric key between two parties is used only once.
Note A session symmetric key between two parties is used only once.

26 Figure 31.30 Creating a session key between Alice and Bob using KDC

27 public keys are available to the public.
Note In public-key cryptography, everyone has access to everyone’s public key; public keys are available to the public.

28 Figure 31.23 Announcing a public key
Problem: How can you know what you get is really Bob’s public key?

29 Certification Authorities
Certification authority (CA): binds public key to particular entity, E. E (person, router) registers its public key with CA. E provides “proof of identity” to CA. CA creates certificate binding E to its public key. certificate containing E’s public key digitally signed by CA – CA says “this is E’s public key” - K CA (K ) B + digital signature (encrypt) K B + Bob’s public key K B + CA private key certificate for Bob’s public key, signed by CA - Bob’s identifying information K CA

30 Certification Authorities
When Alice wants Bob’s public key: gets Bob’s certificate (Bob or elsewhere). apply CA’s public key to Bob’s certificate, get Bob’s public key K B + - K CA (K ) B + digital signature (decrypt) Bob’s public key K B + CA public key + K CA

31 A certificate contains:
Serial number (unique to issuer) info about certificate owner, including algorithm and key value itself (not shown) info about certificate issuer valid dates digital signature by issuer

32 Internet Web Security Architecture
Web Server B CA K+B K-CA(K+B) Client A Cert Request K-CA(K+B) K+B(KAB, R) KAB(R) R (nonce) is used to prevent replay attack KAB(m)

33 Internet Web Security Conditions
Clients’ web browsers have built-in CAs. CAs are trustable Web servers have certificates in CAs. Q: What if a server has no certificate? Example: SSH servers

Download ppt "Chapter 31 Network Security"

Similar presentations

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
1 Key Establishment Symmetric key problem: How do two entities establish shared secret key in the first place? Solutions: Deffie-Hellman trusted key distribution.

1 Key Establishment Symmetric key problem: How do two entities establish shared secret key in the first place? Solutions: Deffie-Hellman trusted key distribution.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
8: Network Security8-1 22 – Integrity, Firewalls.

8: Network Security – Integrity, Firewalls.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 30 Message Security, User Authentication, and Key Management.

McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 30 Message Security, User Authentication, and Key Management.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
1 Key Establishment Symmetric key problem: How do two entities establish shared secret key over network? Solution: trusted key distribution center (KDC)

1 Key Establishment Symmetric key problem: How do two entities establish shared secret key over network? Solution: trusted key distribution center (KDC)
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.

Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.

Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
Computer Science Public Key Management Lecture 5.

Computer Science Public Key Management Lecture 5.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Behzad Akbari Spring 2012 1 In the Name of the Most High.

Behzad Akbari Spring In the Name of the Most High.
AQA Computing A2 © Nelson Thornes 2009 Section 6.4 1 Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.

AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.

Similar presentations

Ads by Google