Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lecture Topics: 12/06 SSL Final Exam HW 7 & 8 Important concepts in 410 Other references Evaluations.

Published byGriffin Warner Modified over 9 years ago

Similar presentations

Presentation on theme: "Lecture Topics: 12/06 SSL Final Exam HW 7 & 8 Important concepts in 410 Other references Evaluations."— Presentation transcript:

1 Lecture Topics: 12/06 SSL Final Exam HW 7 & 8 Important concepts in 410 Other references Evaluations

2 SSL Question Why is the nonce sent as clear text? –doesn’t having the plaintext and the ciphertext make finding the symmetric key easier? For modern encryption algorithms, having the plaintext and the ciphertext doesn’t help you much Avoid doing public key cryptography when you can because it’s so expensive

3 Simplified SSL Some additional information is transferred with each message, but this simplified version contains all of the necessary details Nonce 1 [Amazon.com, AmazonPubKey] VerisignPubKey 2 [SecretSessionKey] AmazonPubKey 3 [Nonce] SecretSessionKey 4 [Credit Card Number] SecretSessionKey 5 Establishing a secure connection with SSL You

4 Explanation of Simplified SSL 1.The client sends the server a nonce to prevent a replay attack, and the server stores this nonce 2.The server sends the client a certificate, which contains it’s name and public key. This certificate has been digitally signed by Verisign (a trusted third party) 3.The client chooses a secret (symmetric) session key to use for this connection. It encrypts this key with the server’s public key and sends it to the server. 4.The server decrypts the session key using it’s private key. It sends the original nonce back to the client encrypted with the session key. The client now has verified that it is actually talking with the correct server, because only the correct server can decrypt the session key sent in step 3. 5.Any remaining secret communication between the client and server can use the session key. There is much more to SSL than what is presented here. There are a vast number of options and features.

5 Final Exam Wednesday Dec 13 th at 8:30-10:20 in Thomson 125 Mostly over OS topics (85%) –see the review sheet for what you need to know –at least twice as long as the midterm –more difficult than the midterm Exam based on topics covered in lecture Review sessions (based on your questions) –Sunday Dec 10 th 5:00-7:30 in Johnson 223 no Seahawks game –Monday Dec 11 th 5:00-7:30 in Johnson 119 Office hours: –Monday no office hours –Tuesday Dec 12 th 12:30-4:30 –send me mail if you have questions

6 Johnson

7 HW 7 & HW 8 HW 7 graded out of 95 –mean = 81 –median = 90 HW 8 graded out of 70 –mean = 60 –median = 61

8 Grading Each homework counts 5%, drop one Programming assignments took more time –best grade out of HW #6, #7, or #9 will count 8% –worst grade of any other homework (after drop) will count 2% –(only if your grade is better under this scheme) Will email a grade report to everyone by Friday (including everything but HW 9) HW 9 will be available in my office hours next Tuesday

9 Key Concepts Make the common case fast and the uncommon case correct Caches (common case has locality) –L1 & L2 caches –TLB –File cache –Memory a cache for virtual memory –DNS caches common translations

10 Key Concepts Any computer science problem can be solved by adding a layer of indirection Virtual addresses Handles (OS must control access) –file handles –process handles Network file servers (e.g. NFS) –looks like a local disk but it’s across a network DNS: you want to type www.cnn.com, but IP needs 207.25.71.20

11 Additional Resources Architecture –P&H “Computer Organization & Design” is the standard undergrad book –H&P “Computer Architecture: A Quantitative Approach, Second Edition” is the standard graduate book more advanced topics Operating Systems –“Inside Windows NT” or “Inside Windows 2000” –“The Design of the UNIX Operating System” –“Design and Implementation of the 4.4 BSD Operating System”

12 Additional Resources Networks –“TCP/IP Illustrated Volume 1” Richard Stevens –“Computer Networks: A Systems Approach 2 nd Edition” Peterson and Davie don’t get the first edition Cryptography –“Applied Cryptography” Bruce Schneier –“Cryptography : Theory and Practice (Discrete Mathematics and Its Applications)” Douglas R. Stinson Miscellaneous –“Mythical Man-Month” Fred Brooks –“Programming Pearls” Jon Bentley Perl –“Learning Perl” Schwartz and Christiansen –“Programming Perl” Larry Wall

13 Thank You I’ve had a tremendous amount of time teaching this class –a lot of work but worth it We’ve covered a lot of topics in a short amount of time –we’ve covered most of what is important –hopefully, you’ve learned something Continue to email me questions about operating systems

Download ppt "Lecture Topics: 12/06 SSL Final Exam HW 7 & 8 Important concepts in 410 Other references Evaluations."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Cryptography and Network Security

Cryptography and Network Security
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.

Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.
CMSC 414 Computer (and Network) Security Lecture 26 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 26 Jonathan Katz.
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
CSCD 433/533 Advanced Computer Networks Lecture 1 Course Overview Fall 2011.

CSCD 433/533 Advanced Computer Networks Lecture 1 Course Overview Fall 2011.
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.

Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.

Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
Copyright © 1995-2003 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.
Internet and Intranet Protocols and Applications Lecture 0: Administrivia January 23, 2002 Joseph Conron Computer Science Department New York University.

Internet and Intranet Protocols and Applications Lecture 0: Administrivia January 23, 2002 Joseph Conron Computer Science Department New York University.
Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)

Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)
1 CSE 651: Introduction to Network Security Steve Lai Spring 2010.

1 CSE 651: Introduction to Network Security Steve Lai Spring 2010.
SSL (Secure Socket Layer) and Secure Web Pages Rob Sodders, University of Florida CIS4930 “Advanced Web Design” Spring 2004

SSL (Secure Socket Layer) and Secure Web Pages Rob Sodders, University of Florida CIS4930 “Advanced Web Design” Spring 2004
1 Authentication Protocols Celia Li Computer Science and Engineering York University.

1 Authentication Protocols Celia Li Computer Science and Engineering York University.
Masud Hasan 03-60-475 Secure Email Project 1. Secure Email It uses Digital Certificate combined with S/MIME capable email clients to digitally sign and.

Masud Hasan Secure Project 1. Secure It uses Digital Certificate combined with S/MIME capable clients to digitally sign and.
Cryptography 101 Frank Hecker

Cryptography 101 Frank Hecker

Similar presentations

Ads by Google