Presentation is loading. Please wait.

Presentation is loading. Please wait.

Csci5233 Computer Security1 Bishop: Chapter 11 An Overview of Cipher Techniques (in the context of networks) (11.1-11.3)

Published byDebra Harvey Modified over 9 years ago

Similar presentations

Presentation on theme: "Csci5233 Computer Security1 Bishop: Chapter 11 An Overview of Cipher Techniques (in the context of networks) (11.1-11.3)"— Presentation transcript:

1 csci5233 Computer Security1 Bishop: Chapter 11 An Overview of Cipher Techniques (in the context of networks) (11.1-11.3)

2 csci5233 Computer Security2 Topics

3 csci5233 Computer Security3 Networks & Cryptography The ISO/OSI 7-layer network model: Fig. 11-2. Given C 0, …, C n be a sequence of hosts, and C i and C i+1 are neighboring hosts. –End-to-end protocol: A protocol that has C 0 and C n as its end points. Examples: telnet, TCP –Link-layer protocol: A protocol that has C i and C i+1 as its end points. Examples: IP ?

4 csci5233 Computer Security4 Networks & Cryptography Cryptographical protocols in a network –End-to-end encryption: The cryptographical processing is only done at the end points (i.e., the source and the destination) Examples: VPN, SSL –Link-layer encryption: The cryptographical processing occurs at each host along the communication path. Examples: The PPP Encryption Control Protocol [RFC 1968]

5 csci5233 Computer Security5 Networks & Cryptography Shared keys –End-to-end encryption Symmetric: A key is shared between the two end-points Asymmetric: Each end knows the public key of the other end. –Link-layer encryption Symmetric: Per-host key sharing: Each host has its own key, which is shared with each of its neighboring hosts, that is, one key per host. Per-host-pair key sharing: Each pair of hosts share a key, that is, one key per link. Asymmetric: Each node knows the public key of its immediate neighbor.

6 csci5233 Computer Security6 Networks & Cryptography In end-to-end encryption, only the source and the destination hosts can read the content of the message. The message is encrypted during transmission. + An attacker cannot read the message by intercepting the message during transmission or by attacking the intermediate hosts along the path. Traffic Analysis A cryptanalysis method in which the attacker deduces information by analyzing the traffic patterns. Can also be used to locate system vulnerability. See the example on pp. 285-286.

7 csci5233 Computer Security7 Networks & Cryptography More on Network Security Chapter 26 (Bishop) Infrastructure Firewalls DMZ Network availability Chapter 25 Intrusion detection system (IDS) Chapter 27 System security

8 csci5233 Computer Security8 Next Chapter 12: Authentication

Download ppt "Csci5233 Computer Security1 Bishop: Chapter 11 An Overview of Cipher Techniques (in the context of networks) (11.1-11.3)"

Similar presentations

Routing Routing in an internetwork is the process of directing the transmission of data across two connected networks. Bridges seem to do this function.

Routing Routing in an internetwork is the process of directing the transmission of data across two connected networks. Bridges seem to do this function.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
SCSC 455 Computer Security Virtual Private Network (VPN)

SCSC 455 Computer Security Virtual Private Network (VPN)
IP Security. Overview In 1994, Internet Architecture Board (IAB) issued a report titled “Security in the Internet Architecture”. This report identified.

IP Security. Overview In 1994, Internet Architecture Board (IAB) issued a report titled “Security in the Internet Architecture”. This report identified.
Mobile IP Security Dominic Maguire Research Essay Presentation Communications Infrastructure Module MSc Communications Software, WIT 1 1 1 0 11 0.

Mobile IP Security Dominic Maguire Research Essay Presentation Communications Infrastructure Module MSc Communications Software, WIT
16-1 Last time Internet Application Security and Privacy Authentication Security controls using cryptography Link-layer security: WEP.

16-1 Last time Internet Application Security and Privacy Authentication Security controls using cryptography Link-layer security: WEP.
A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.

A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.
IS Network and Telecommunications Risks

IS Network and Telecommunications Risks
7.3 Network Security Controls 1Network Security / G.Steffen.

7.3 Network Security Controls 1Network Security / G.Steffen.
Confidentiality using Symmetric Encryption traditionally symmetric encryption is used to provide message confidentiality consider typical scenario –workstations.

Confidentiality using Symmetric Encryption traditionally symmetric encryption is used to provide message confidentiality consider typical scenario –workstations.
Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.
CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
Chapter 20: Network Security Business Data Communications, 4e.

Chapter 20: Network Security Business Data Communications, 4e.
CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS

CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS
1/28/2010 Network Plus Security Review Identify and Describe Security Risks People –Phishing –Passwords Transmissions –Man in middle –Packet sniffing.

1/28/2010 Network Plus Security Review Identify and Describe Security Risks People –Phishing –Passwords Transmissions –Man in middle –Packet sniffing.
Web Server Administration Chapter 10 Securing the Web Environment.

Web Server Administration Chapter 10 Securing the Web Environment.
32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.

32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.

Similar presentations

Ads by Google