Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 8, slide: 1 ECE/CS 372 – introduction to computer networks Lecture 18 Announcements: r Final exam will take place August 13 th,2012 r HW4 and Lab5.

Published byBuddy Stevenson Modified over 8 years ago

Similar presentations

Presentation on theme: "Chapter 8, slide: 1 ECE/CS 372 – introduction to computer networks Lecture 18 Announcements: r Final exam will take place August 13 th,2012 r HW4 and Lab5."— Presentation transcript:

1 Chapter 8, slide: 1 ECE/CS 372 – introduction to computer networks Lecture 18 Announcements: r Final exam will take place August 13 th,2012 r HW4 and Lab5 are posted and are due Wednesday Acknowledgement: slides drawn heavily from Kurose & Ross

2 Chapter 8, slide: 2 Chapter 8: Network Security Goals: r understand principles of network security:  cryptography and its many uses beyond “confidentiality”  authentication  message integrity r Example: securing email

3 Chapter 8, slide: 3 Q: what should Bob & Alice be concerned about? r eavesdrop: messages are intercepted r change: messages are modified r impersonation: entire communication is hijacked by replacing sender or receiver by himself r denial of service: prevent services (e.g., by overloading resources) Bob, Alice want to communicate “securely” sender receiver Messages data Alice Bob Trudy confidentiality integrity authentication availability r Trudy is an enemy (intruder): “bad” guy

4 Chapter 8, slide: 4 Who might Bob, Alice be? … well, real-life Bobs and Alices! r Web browser/server for electronic transactions (e.g., on-line purchases) r on-line banking client/server r DNS servers r routers exchanging routing table updates

5 Chapter 8, slide: 5 What is network security? Goals of network security: Confidentiality: only sender, intended receiver should “understand” message contents  sender encrypts message  receiver decrypts message Authentication: sender, receiver want to confirm identity of each other Integrity: sender, receiver want to ensure message not altered (in transit, or afterwards) without detection Availability: services must be accessible and available to users

6 Chapter 8, slide: 6 Chapter 8 roadmap r Principles of cryptography r Message integrity r Securing email

7 Chapter 8, slide: 7 Cryptography r Cryptography allows a sender to disguise a message so that an intruder can’t gain information from it “ confidentiality ” plaintext ciphertext K A encryption algorithm decryption algorithm Alice’s encryption key Bob’s decryption key K B All terms marked in red are crypto terminology

8 Chapter 8, slide: 8 Types of cryptography symmetric key - both sender and receiver use identical key e.g., sender A encrypts with the key receiver B decrypts with same key public/private keys - two keys (public and private) are to be used e.g., sender A encrypts with B’s public key receiver B decrypts with its Private key

9 Chapter 8, slide: 9 Symmetric key cryptography symmetric key crypto: Bob and Alice share/know same (symmetric) key: K r Q: how do Bob and Alice agree on key value? plaintext ciphertext K A-B encryption algorithm decryption algorithm A-B K plaintext message, m K (m) A-B K (m) A-B m = K ( ) A-B

10 Chapter 8, slide: 10 Symmetric key cryptography monoalphabetic cipher: substituting one letter for another plaintext: abcdefghijklmnopqrstuvwxyz ciphertext: mnbvcxzasdfghjklpoiuytrewq Plaintext: bob. i love you. alice ciphertext: nkn. s gktc wky. mgsbc E.g.: Q: How hard to break this simple cipher?: A: brute force (how hard?) how many possibilities? 26! Q: what is the encryption & decryption key?: A: the mapping

11 Chapter 8, slide: 11 Symmetric key cryptography polyalphabetic cipher: multiple monoalphabetic ciphers Eg.: C1, C2, C2, C3 (with 3 monoalphabetic cipher keys) First letter, apply C1 Second letter, apply C2 Third letter, apply C2 Fourth letter, apply C3 Then, repeat r Harder to break! By avoiding patterns, same letter may appear in different positions r Key is “C1, C2, C2, C3”

12 Chapter 8, slide: 12 Symmetric key cryptography block cipher: msg is encrypted in blocks of k bits (independently) r Each k-bit block is encrypted/mapped r Possible mappings: 2 k ! r Hard to break Problem r Hard to implement, with k=64, sender and receiver need to store a mapping table of 2 64 entries !! Huge!! Solution r Use of functions: break blocks into smaller chunks

13 Chapter 8, slide: 13 Block Cipher r one pass through: one input bit affects eight output bits 64-bit input T1T1 8bits 64-bit scrambler 64-bit output loop for n rounds T2T2 T3T3 T4T4 T6T6 T5T5 T7T7 T8T8 r multiple passes: each input bit affects all output bits

14 Chapter 8, slide: 14 Cipher Block Chaining Problem w/ Cipher Block r if input block is repeated, it produces same cipher text: t=1 m(1) = “HTTP/1.1” block cipher c(1) = “k329aM02” … r cipher block chaining: XOR ith input block, m(i), with previous block of cipher text, c(i-1)  c(0) transmitted to receiver in clear  what happens in “HTTP/1.1” scenario from above? t=17 m(17) = “HTTP/1.1” block cipher c(17) = “k329aM02” + m(i) c(i) block cipher c(i-1)

15 Chapter 8, slide: 15 ECE/CS 372 – introduction to computer networks Lecture 19 Announcements: r Final exam will take place August 13 th,2012 r HW4 and Lab5 are posted and are due Wednesday Acknowledgement: slides drawn heavily from Kurose & Ross

16 Chapter 8, slide: 16 Public key cryptography symmetric key crypto r requires sender, receiver know shared secret key r Q: how to agree on key in first place (particularly if never “met”)? public key cryptography r radically different approach r Two keys  Public key: encryp. key known to all  Private key: decryp. key known only to receiver r Sender uses public key only to encryp r Reciever uses both keys to decryp.

17 Chapter 8, slide: 17 Public key cryptography plaintext message, m ciphertext encryption algorithm decryption algorithm Bob’s public key plaintext message K (m) B + K B + Bob’s private key K B - m = K ( K (m) ) B + B - r Note: only Bob is able to understand (decrypt) message m. Because only Bob has Bob’s private key r This assures “confidentiality”

18 Chapter 8, slide: 18 Public key encryption algorithms need K ( ) and K ( ) such that B B.. given public key K, it should be impossible to compute private key K B B Requirements: 1 2 RSA: Rivest, Shamir, Adleman algorithm + - K (K (m)) = m B B - + + -

19 Chapter 8, slide: 19 RSA: Choosing keys 1. Choose two large prime numbers p, q. (e.g., 1024 bits each) 2. Compute n = pq, z = (p-1)(q-1) 3. Choose e (with e<n) that has no common factors with z. (e, z are “relatively prime”). 4. Choose d such that ed-1 is exactly divisible by z. (in other words: ed mod z = 1 ). 5. Public key is (n,e). Private key is (n,d). K B + K B -

20 Chapter 8, slide: 20 RSA: Encryption, decryption 0. Given (n,e) and (n,d) as computed above 1. To encrypt bit pattern, m, compute c = m mod n e (i.e., remainder when m is divided by n) e 2. To decrypt received bit pattern, c, compute m = c mod n d (i.e., remainder when c is divided by n) d m = (m mod n) e mod n d Magic happens! c

21 Chapter 8, slide: 21 RSA example: Bob chooses p=5, q=7. Then n=35, z=24. e=5 (so e, z relatively prime). d=29 (so ed-1 exactly divisible by z). letter m m e c = m mod n e l 12 1524832 17 c m = c mod n d 17 481968572106750915091411825223071697 12 c d letter l encrypt: decrypt:

22 Chapter 8, slide: 22 Another RSA example: Bob chooses p=5, q=11. Question: Find (n,e) and (n,d) Step 1: Compute n = pq, z = (p-1)(q-1) Step 2: Choose e (with e<n) that has no common factors with z. (e, z are “relatively prime”). Step 3: Choose d such that ed-1 is exactly divisible by z. (in other words: ed mod z = 1 ). Step 4: Public key is (n,e). Private key is (n,d). K B + K B -

23 Chapter 8, slide: 23 RSA: another important property The following property will be very useful later: K ( K (m) ) = m B B - + K ( K (m) ) B B + - = use public key first, followed by private key use private key first, followed by public key Result is the same!

24 Chapter 8, slide: 24 Chapter 8 roadmap r Principles of cryptography r Message integrity r Securing email

25 Chapter 8, slide: 25 Message Integrity/Authentication Bob receives msg from Alice, wants to ensure:  Authentication: message originally came from Alice  Integrity: message not changed since sent by Alice Cryptographic Hashing: r What:  take input m, produce fixed length value, H(m)  e.g., as in Internet checksum r Properties of H:  given m = H(x), (x unknown), it is computationally infeasible to determine x.  difficult to find x  y such that H(x) = H(y)  note: Internet checksum fails this requirement! r Examples  widely used hash functions: MD5, SHA

26 Chapter 8, slide: 26 Internet checksum: poor crypto hash function r Internet checksum has some properties of hash function: ü produces fixed length digest (16-bit sum) of message ü is many-to-one r But given message with given hash value, it is easy to find another message with same hash value: I O U 1 0 0. 9 9 B O B 49 4F 55 31 30 30 2E 39 39 42 4F 42 message ASCII format B2 C1 D2 AC I O U 9 0 0. 1 9 B O B 49 4F 55 39 30 30 2E 31 39 42 4F 42 message ASCII format B2 C1 D2 AC different messages but identical checksums!

27 Chapter 8, slide: 27 MAC: Message Authentication Code m s (shared secret) (message) H(. ) H(m+s) public Internet append m H(m+s) s compare m H(m+s) H(. ) H(m+s) (shared secret) r Does MAC solve  Integrity ?? How ??  Authentication ?? How ?? r Any problem ??  Secret key distribution ?? r So we can’t really authenticate via MAC alone via Hashing via secret key

28 Chapter 8, slide: 28 Digital Signatures via Public Key Crypto simple digital signature for message m: r Bob “signs” m by encrypting with his private key K B, creating “signed” message, K B (m) - - Dear Alice Oh, how I have missed you. I think of you all the time! …(blah blah blah) Bob Bob’s message, m public key encryption algorithm Bob’s private key K B - Bob’s message, m, signed (encrypted) with his private key K B - (m)

29 Chapter 8, slide: 29 Digital Signatures via Public Key Crypto (more) r suppose Alice receives msg m, digital signature K B (m) r Alice verifies m signed by Bob by applying Bob’s public key K B to K B (m) then checks K B (K B (m) ) = m. r if K B (K B (m) ) = m, whoever signed m must have used Bob’s private key. + + - - -- + Alice thus verifies that: ü Bob signed m. ü No one else signed m. ü Bob signed m and not m’. -

30 Chapter 8, slide: 30 MAC via private/public keys m Alice’s private key (message) m public Internet append m compare m K A - K (m) A - A - A - Alice’s public key K A + K (m) A - m m r Note: only Alice would have had her private key r This assures “authentication”

31 Chapter 8, slide: 31 Digital Signatures via Public Key Crypto (more) Problem r Signing data by encryption and decryption is computationally expensive r Imagine encrypting (signing) huge files of data !!! - Solution r Sign hashed output of original msg (sign H(m) only) r Recall hash algorithms turn large msgs into small, fixed length msg r … signed MAC is the solution

32 Chapter 8, slide: 32 large message m H: hash function H(m) digital signature (encrypt) Bob’s private key K B - + Bob sends digitally signed message: Alice verifies signature and integrity of digitally signed message: K B (H(m)) - encrypted msg digest K B (H(m)) - encrypted msg digest large message m H: hash function H(m) digital signature (decrypt) H(m) Bob’s public key K B + equal ? Digital signature = signed MAC = authentication + integrity

33 Chapter 8, slide: 33 Public Key Certification Problem with public key: r When Alice obtains Bob’s public key (from web site, e-mail, diskette), how does she know it is Bob’s public key, not Trudy’s? solution: r trusted certification authority (CA)

34 Chapter 8, slide: 34 Certification Authorities r Certification Authority (CA): binds public key to particular entity, E. r E registers its public key with CA.  E provides “proof of identity” to CA.  CA creates certificate binding E to its public key.  certificate containing E’s public key digitally signed by CA: CA says “This is E’s public key.” Bob’s public key K B + Bob’s identifying information digital signature (encrypt) CA private key K CA - K B + certificate for Bob’s public key, signed by CA - K CA (K ) B +

35 Chapter 8, slide: 35 Certification Authorities r when Alice wants Bob’s public key:  gets Bob’s certificate  apply CA’s public key to Bob’s certificate, get Bob’s public key Bob’s public key K B + digital signature (decrypt) CA public key K CA + K B + - K (K ) B +

36 Chapter 8, slide: 36 Get Bob’s public key from CA CA’s private key (Bob’s public key) public Internet append compare K CA - CA’s public key K CA + K B + r Alice just got Bob’s public key (authenticated key) r Of course, here we assume that you have CA’s public key !!! Need to get it physically !!! K B + K B + - K CA (K ) B + K B + - K CA (K ) B + K CA (K ) B + - K B + K B +

37 Chapter 8, slide: 37 Chapter 8: Recap So far: r Cryptography & confidentiality  Symmetric key  Public key: A wants to send msg m to B. What does A send? A sends K B + (m); hence, ONLY B understands m by applying K B - (K B + (m)) => confidentiality r Authentication & integrity  MAC (Msg Authen. Code): requires symmetric key  Signed MAC: A -> B A sends (m,K A - (m)) to B, Hence, All get m by applying K A + (K A - (m)); Comparison => authen. + integrity, but NOT confidentiality Note: Sender applies receiver’s public key Note: Sender applies its private key

38 Chapter 8, slide: 38 Chapter 8 roadmap r Principles of cryptography r Message integrity r Securing e-mail

39 Chapter 8, slide: 39 Secure e-mail (confidentiality) Alice:  generates random symmetric private key, K S.  encrypts message with K S (for efficiency)  also encrypts K S with Bob’s public key.  sends both K S (m) and K B (K S ) to Bob.  Alice wants to send confidential e-mail, m, to Bob. K S ( ). K B ( ). + + - K S (m ) K B (K S ) + m KSKS KSKS KBKB + Internet K S ( ). K B ( ). - KBKB - KSKS m K S (m ) K B (K S ) + A B Bob:  uses his private key to decrypt and recover K S  uses K S to decrypt K S (m) to recover m Note that to provide confidentiality, sender encrypts with receiver’s public key (ONLY receiver should see msg)

40 Chapter 8, slide: 40 Secure e-mail (authen. + integrity) Alice wants to provide sender authentication/integrity. Alice digitally signs message. sends both message (in the clear) and digital signature. H( ). K A ( ). - + - H(m ) K A (H(m)) - m KAKA - Internet m K A ( ). + KAKA + K A (H(m)) - m H( ). H(m ) compare A B Again note that to provide authenticate/integrity, sender encrypts with its private (all can understand msg)

41 Chapter 8, slide: 41 Secure e-mail (all: confid. + auth. + integrity) Alice wants to provide secrecy, sender authentication, message integrity. Alice uses three keys: her private key, Bob’s public key, newly created symmetric key H( ). K A ( ). - + K A (H(m)) - m KAKA - m K S ( ). K B ( ). + + K B (K S ) + KSKS KBKB + Internet KSKS A

42 Chapter 8, slide: 42 The end of class! Acknowledgement: slides drawn heavily from Kurose & Ross

Download ppt "Chapter 8, slide: 1 ECE/CS 372 – introduction to computer networks Lecture 18 Announcements: r Final exam will take place August 13 th,2012 r HW4 and Lab5."

Similar presentations

Network Security7-1 Chapter 7 Network Security Computer Networking: A Top Down Approach Featuring the Internet, 2 nd edition. Jim Kurose, Keith Ross Addison-Wesley,

Network Security7-1 Chapter 7 Network Security Computer Networking: A Top Down Approach Featuring the Internet, 2 nd edition. Jim Kurose, Keith Ross Addison-Wesley,
Cryptography. 8: Network Security8-2 The language of cryptography symmetric key crypto: sender, receiver keys identical public-key crypto: encryption.

Cryptography. 8: Network Security8-2 The language of cryptography symmetric key crypto: sender, receiver keys identical public-key crypto: encryption.
Public Key Cryptography & Message Authentication By Tahaei Fall 2012.

Public Key Cryptography & Message Authentication By Tahaei Fall 2012.
Network Security Hwajung Lee. What is Computer Networks? A collection of autonomous computers interconnected by a single technology –Interconnected via:

Network Security Hwajung Lee. What is Computer Networks? A collection of autonomous computers interconnected by a single technology –Interconnected via:
1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.

1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.
8: Network Security8-1 21 - Security. 8: Network Security8-2 Chapter 8 Network Security A note on the use of these ppt slides: We’re making these slides.

8: Network Security Security. 8: Network Security8-2 Chapter 8 Network Security A note on the use of these ppt slides: We’re making these slides.
Chapter 8 Network Security Computer Networking: A Top Down Approach, 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2009.

Chapter 8 Network Security Computer Networking: A Top Down Approach, 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2009.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
1 ITC242 – Introduction to Data Communications Week 11 Topic 17 Chapter 18 Network Security.

1 ITC242 – Introduction to Data Communications Week 11 Topic 17 Chapter 18 Network Security.
CSE401n:Computer Networks

CSE401n:Computer Networks
Network Security understand principles of network security:

Network Security understand principles of network security:
Public Key Cryptography

Public Key Cryptography
8: Network Security8-1 Chapter 8 Network Security A note on the use of these ppt slides: We’re making these slides freely available to all (faculty, students,

8: Network Security8-1 Chapter 8 Network Security A note on the use of these ppt slides: We’re making these slides freely available to all (faculty, students,
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.

8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
Lecture 24 Cryptography CPE 401 / 601 Computer Network Systems slides are modified from Jim Kurose and Keith Ross and Dave Hollinger.

Lecture 24 Cryptography CPE 401 / 601 Computer Network Systems slides are modified from Jim Kurose and Keith Ross and Dave Hollinger.
8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on the use of these.

8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on the use of these.
Lecture 23 Cryptography CPE 401 / 601 Computer Network Systems Slides are modified from Jim Kurose & Keith Ross.

Lecture 23 Cryptography CPE 401 / 601 Computer Network Systems Slides are modified from Jim Kurose & Keith Ross.
Lecture 15 Lecture’s outline Public algorithms (usually) that are each other’s inverse.

Lecture 15 Lecture’s outline Public algorithms (usually) that are each other’s inverse.
Behzad Akbari Spring 2012 1 In the Name of the Most High.

Behzad Akbari Spring In the Name of the Most High.
1-1 1DT066 Distributed Information System Chapter 8 Network Security.

1-1 1DT066 Distributed Information System Chapter 8 Network Security.

Similar presentations

Ads by Google