1. Network Security

2. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication

3. Security Threats 8Passive attacks 8Eavesdropping on, or monitoring, transmissions 8Electronic mail, file transfers, and client/server exchanges are examples of transmissions that can be monitored 8Active attacks 8Modification of transmitted data 8Attempts to gain unauthorized access to computer systems

4. Encryption Methods 8The essential technology underlying virtually all automated network and computer security applications is cryptography 8Two fundamental approaches are in use: 8conventional encryption, also known as symmetric encryption 8public-key encryption, also known as asymmetric encryption

5. Conventional Encryption 8The only form of encryption prior to late 1970s 8Five components to the algorithm 8Plaintext: The original message or data 8Encryption algorithm: Performs various substitutions and transformations on the plaintext. 8Secret key: Input to the encryption algorithm. Substitutions and transformations performed depend on this key 8Ciphertext: Scrambled message produced as output. depends on the plaintext and the secret key 8Decryption algorithm: Encryption algorithm run in reverse. Uses ciphertext and the secret key to produce the original plaintext.

6. Conventional Encryption Operation

7. Conventional Encryption Requirements & Weaknesses 8Requirements 8A strong encryption algorithm 8Secure process for sender & receiver to obtain secret keys 8Methods of Attack 8Cryptanalysis 8Brute force

8. Public-Key Encryption 8Based on mathematical functions rather than on simple operations on bit patterns 8Asymmetric, involving the use of two separate keys 8Misconceptions about public key encryption 8it is more secure from cryptanalysis 8it is a general-purpose technique that has made conventional encryption obsolete

9. Public-Key Encryption Components 8Plaintext 8Encryption algorithm 8Public key 8Private key 8Ciphertext 8Decryption algorithm

10. Public-Key Encryption Operation

11. Public-Key Signature Operation

12. Characteristics of Public-Key 8Infeasible to determine the decryption key given knowledge of the cryptographic algorithm and the encryption key. 8Either of the two related keys can be used for encryption, with the other used for decryption. 8Slow, but provides tremendous flexibility to perform a number of security-related functions 8Most widely used algorithm is RSA

13. Location of Encryption Devices 8Link encryption 8Each vulnerable communications link is equipped on both ends with an encryption device. 8All traffic over all communications links is secured. 8Vulnerable at each switch 8End-to-end encryption 8the encryption process is carried out at the two end systems. 8Encrypted data are transmitted unaltered across the network to the destination, which shares a key with the source to decrypt the data 8Packet headers cannot be secured

14. Conventional Encryption Key Distribution 8Both parties must have the secret key 8Key is changed frequently 8Requires either manual delivery of keys, or a third- party encrypted channel 8Most effective method is a Key Distribution Center (e.g. Kerberos)

15. Public-Key Encryption Key Distribution 8Parties create a pair of keys; public key is broadly distributed, private key is not 8To reduce computational overhead, the following process is then used: 1. Prepare a message. 2. Encrypt that message using conventional encryption with a one-time conventional session key. 3. Encrypt the session key using public-key encryption with recipient’s public key. 4. Attach the encrypted session key to the message and send it.

16. Public Key Certificates 1. A public key is generated by the user and submitted to Agency X for certification. 2. X determines by some procedure, such as a face-to-face meeting, that this is authentically the user’s public key. 3. X appends a timestamp to the public key, generates the hash code of the result, and encrypts that result with X’s private key forming the signature. 4. The signature is attached to the public key.