Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Networks NYUS FCSIT Spring 2008 Milos STOLIC, Bs.C. Teaching Assistant

Published byRichard Bennett Modified over 9 years ago

Similar presentations

Presentation on theme: "Computer Networks NYUS FCSIT Spring 2008 Milos STOLIC, Bs.C. Teaching Assistant"— Presentation transcript:

1 Computer Networks NYUS FCSIT Spring 2008 Milos STOLIC, Bs.C. Teaching Assistant stolic@unys.edu.mk

2 Network Security Chapter 8

3 Need for Security Some people who cause security problems and why.

4 An Introduction to Cryptography The encryption model (for a symmetric-key cipher).

5 Symmetric-Key Algorithms DES – The Data Encryption Standard AES – The Advanced Encryption Standard Cryptanalysis

6 Product Ciphers Basic elements of product ciphers. (a) P-box. (b) S-box. (c) Product.

7 Data Encryption Standard The data encryption standard. (a) General outline. (b) Detail of one iteration. The circled + means exclusive OR.

8 Triple DES (a) Triple encryption using DES. (b) Decryption.

9 AES – The Advanced Encryption Standard Rules for AES proposals 1.The algorithm must be a symmetric block cipher. 2.The full design must be public. 3.Key lengths of 128, 192, and 256 bits supported. 4.Both software and hardware implementations required 5.The algorithm must be public or licensed on nondiscriminatory terms.

10 Cryptanalysis Some common symmetric-key cryptographic algorithms.

11 Public-Key Algorithms RSA Other Public-Key Algorithms

12 Digital Signatures Symmetric-Key Signatures Public-Key Signatures Message Digests

13 Symmetric-Key Signatures Digital signatures with Big Brother.

14 Public-Key Signatures Digital signatures using public-key cryptography.

15 Message Digests Digital signatures using message digests.

16 Management of Public Keys Certificates X.509 Public Key Infrastructures

17 Problems with Public-Key Encryption A way for Trudy to subvert public-key encryption.

18 Certificates A possible certificate and its signed hash.

19 X.509 The basic fields of an X.509 certificate.

20 Public-Key Infrastructures (a) A hierarchical PKI. (b) A chain of certificates.

21 Communication Security IPsec Firewalls Virtual Private Networks Wireless Security

22 IPsec The IPsec authentication header in transport mode for IPv4.

23 IPsec (2)‏ (a) ESP in transport mode. (b) ESP in tunnel mode.

24 Firewalls A firewall consisting of two packet filters and an application gateway.

25 Virtual Private Networks (a) A leased-line private network. (b) A virtual private network.

26 802.11 Security Packet encryption using WEP.

27 Authentication Protocols Authentication Based on a Shared Secret Key Authentication Using a Key Distribution Center Authentication Using Kerberos Authentication Using Public-Key Cryptography

28 Authentication Based on a Shared Secret Key Two-way authentication using a challenge-response protocol.

29 Authentication Based on a Shared Secret Key (2)‏ A shortened two-way authentication protocol.

30 Authentication Based on a Shared Secret Key (3)‏ The reflection attack.

31 Authentication Based on a Shared Secret Key (5)‏ Authentication using HMACs.

32 Authentication Using a Key Distribution Center A first attempt at an authentication protocol using a KDC.

33 Authentication Using a Key Distribution Center (2)‏ The Needham-Schroeder authentication protocol.

34 Authentication Using a Key Distribution Center (3)‏ The Otway-Rees authentication protocol (slightly simplified).

35 Authentication Using Kerberos The operation of Kerberos V4.

36 Authentication Using Public-Key Cryptography Mutual authentication using public-key cryptography.

37 E-Mail Security PGP – Pretty Good Privacy PEM – Privacy Enhanced Mail S/MIME

38 Web Security Threats Secure Naming SSL – The Secure Sockets Layer Mobile Code Security

39 Secure Naming (a) Normal situation. (b) An attack based on breaking into DNS and modifying Bob's record.

40 Secure Naming (2)‏ How Trudy spoofs Alice's ISP.

41 Secure DNS An example RRSet for bob.com. The KEY record is Bob's public key. The SIG record is the top-level com server's signed has of the A and KEY records to verify their authenticity.

42 Self-Certifying Names A self-certifying URL containing a hash of server's name and public key.

43 SSL—The Secure Sockets Layer Layers (and protocols) for a home user browsing with SSL.

44 SSL (2)‏ A simplified version of the SSL connection establishment subprotocol.

45 SSL (3)‏ Data transmission using SSL.

46 Java Applet Security Applets inserted into a Java Virtual Machine interpreter inside the browser.

Download ppt "Computer Networks NYUS FCSIT Spring 2008 Milos STOLIC, Bs.C. Teaching Assistant"

Similar presentations

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Chapter 5 Network Security Protocols in Practice Part I

Chapter 5 Network Security Protocols in Practice Part I
Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.

Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.
Introduction to Cryptography

Introduction to Cryptography
Network Security Chapter 8. Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic.

Network Security Chapter 8. Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic.
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.

WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.

Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Network Security Chapter 8. Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic.

Network Security Chapter 8. Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Topic 11: Key Distribution and Agreement 1 Information Security CS 526 Topic 11: Key Distribution & Agreement, Secure Communication.

Topic 11: Key Distribution and Agreement 1 Information Security CS 526 Topic 11: Key Distribution & Agreement, Secure Communication.
Chapter 8 Network Security 4/17/2017 www.noteshit.com.

Chapter 8 Network Security 4/17/2017
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 DISTRIBUTED SYSTEMS.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
Chapter 20: Network Security Business Data Communications, 4e.

Chapter 20: Network Security Business Data Communications, 4e.
Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.

Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.

Similar presentations

Ads by Google