What is network security?

Slides:



Advertisements
Similar presentations
Chapter 8 Network Security
Advertisements

Network Security7-1 Chapter 7 Network Security Computer Networking: A Top Down Approach Featuring the Internet, 2 nd edition. Jim Kurose, Keith Ross Addison-Wesley,
1 CS 854 – Hot Topics in Computer and Communications Security Fall 2006 Introduction to Cryptography and Security.
Network Security Hwajung Lee. What is Computer Networks? A collection of autonomous computers interconnected by a single technology –Interconnected via:
1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.
1 Network Security What is network security? Principles of cryptography Authentication Access control: firewalls Attacks and counter measures.
8: Network Security Security. 8: Network Security8-2 Chapter 8 Network Security A note on the use of these ppt slides: We’re making these slides.
Chapter 8 Network Security Computer Networking: A Top Down Approach, 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2009.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
1 ITC242 – Introduction to Data Communications Week 11 Topic 17 Chapter 18 Network Security.
CSE401n:Computer Networks
Network Security understand principles of network security:
Public Key Cryptography
8: Network Security8-1 Chapter 8 Network Security A note on the use of these ppt slides: We’re making these slides freely available to all (faculty, students,
1 Last class r Ethernet r Hubs and Switches r Mobile and wireless networks, CDMA Today r CDMA and IEEE wireless LANs r Network security.
Review and Announcement r Ethernet m Ethernet CSMA/CD algorithm r Hubs, bridges, and switches m Hub: physical layer Can’t interconnect 10BaseT & 100BaseT.
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
Lecture 24 Cryptography CPE 401 / 601 Computer Network Systems slides are modified from Jim Kurose and Keith Ross and Dave Hollinger.
8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on the use of these.
CPSC 441 TUTORIAL TA: FANG WANG NETWORK SECURITY.
Lecture 23 Cryptography CPE 401 / 601 Computer Network Systems Slides are modified from Jim Kurose & Keith Ross.
1-1 1DT066 Distributed Information System Chapter 8 Network Security.
Lecture 17 Network Security CPE 401/601 Computer Network Systems slides are modified from Jim Kurose & Keith Ross All material copyright J.F.
 This Class  Chapter 8. 2 What is network security?  Confidentiality  only sender, intended receiver should “understand” message contents.
22-1 Last time □ SMTP ( ) □ DNS This time □ P2P □ Security.
Ch 8. Security in computer networks Myungchul Kim
Network Security7-1 Chapter 8: Network Security Chapter goals: r understand principles of network security: m cryptography and its many uses beyond “confidentiality”
Day 37 8: Network Security8-1. 8: Network Security8-2 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key:
Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!
8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012.
8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 part 1: Principles of cryptography.
Network Security7-1 Chapter 7 Network Security Computer Networking: A Top Down Approach Featuring the Internet, 2 nd edition. Jim Kurose, Keith Ross Addison-Wesley,
Prof. Younghee Lee 1 1 Computer Networks u Lecture 13: Network Security Prof. Younghee Lee * Some part of this teaching materials are prepared referencing.
ICT 6621 : Advanced NetworkingKhaled Mahbub, IICT, BUET, 2008 Lecture 11 Network Security (1)
Network Security Introduction Light stuff – examples with Alice, Bob and Trudy Serious stuff - Security attacks, mechanisms and services.
Chapter 8 Network Security Thanks and enjoy! JFK/KWR All material copyright J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking:
1-1 1DT066 Distributed Information System Chapter 8 Network Security.
1 Security and Cryptography: basic aspects Ortal Arazi College of Engineering Dept. of Electrical & Computer Engineering The University of Tennessee.
Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 28 Omar Meqdadi Department of Computer Science and Software Engineering.
1 Network Security Basics. 2 Network Security Foundations: r what is security? r cryptography r authentication r message integrity r key distribution.
1 Symmetric key cryptography: DES DES: Data Encryption Standard US encryption standard [NIST 1993] 56-bit symmetric key, 64 bit plaintext input How secure.
Network Security7-1 Today r Reminders m Ch6 Homework due Wed Nov 12 m 2 nd exams have been corrected; contact me to see them r Start Chapter 7 (Security)
+ Security. + What is network security? confidentiality: only sender, intended receiver should “understand” message contents sender encrypts message receiver.
Network Security7-1 Chapter 8: Network Security Chapter goals: r Understand principles of network security: m cryptography and its many uses beyond “confidentiality”
 Last Class  Chapter 7 on Data Presentation Formatting and Compression  This Class  Chapter 8.1. and 8.2.
Cryptography services Lecturer: Dr. Peter Soreanu Students: Raed Awad Ahmad Abdalhalim
8: Network Security8-1 Chapter 8 Network Security A note on the use of these ppt slides: We’re making these slides freely available to all (faculty, students,
Network security 1. Security taxonomy Physical security Resource exhaustion - DDoS system/network vulnerabilities Key-based security.
Network security Cryptographic Principles
Chapter 8: Network Security
CAP6135: Malware and Software Vulnerability Analysis Basic Knowledge on Computer Network Security Cliff Zou Spring 2013 Network Security 1.
ECE/CS 372 – introduction to computer networks Lecture 16
Basic Network Encryption
Chapter 8: Network Security
CAP6135: Malware and Software Vulnerability Analysis Basic Knowledge on Computer Network Security Cliff Zou Spring 2014 Network Security 1.
Chapter 8: Network Security
CAP6135: Malware and Software Vulnerability Analysis Basic Knowledge on Computer Network Security Cliff Zou Spring 2010 Network Security 1.
CAP6135: Malware and Software Vulnerability Analysis Basic Knowledge on Computer Network Security Cliff Zou Spring 2015 Network Security 1.
CAP6135: Malware and Software Vulnerability Analysis Basic Knowledge on Computer Network Security Cliff Zou Spring 2009 Network Security 1.
Network Security Basics
1DT057 Distributed Information System Chapter 8 Network Security
CAP6135: Malware and Software Vulnerability Analysis Basic Knowledge on Computer Network Security Cliff Zou Spring 2016 Network Security 1.
Review and Announcement
Encryption INST 346, Section 0201 April 3, 2018.
Basic Network Encryption
Security: Principles & Symmetric Key Cryptography
Chapter 8: Network Security
Chapter 8: Network Security
Presentation transcript:

What is network security? Confidentiality: only sender, intended receiver should “understand” message contents sender encrypts message receiver decrypts message Authentication: sender, receiver want to confirm identity of each other Message Integrity: sender, receiver want to ensure message not altered (in transit, or afterwards) without detection Access and Availability: services must be accessible and available to users

Friends and enemies: Alice, Bob, Trudy well-known in network security world Bob, Alice (lovers!) want to communicate “securely” Trudy (intruder) may intercept, delete, add messages Alice Bob channel data, control messages secure sender secure receiver data data Trudy

Who might Bob, Alice be? … well, real-life Bobs and Alices! Web browser/server for electronic transactions (e.g., on-line purchases) on-line banking client/server DNS servers routers exchanging routing table updates other examples?

There are bad guys (and girls) out there! Q: What can a “bad guy” do? A: a lot! eavesdrop: intercept messages actively insert messages into connection impersonation: can fake (spoof) source address in packet (or any field in packet) hijacking: “take over” ongoing connection by removing sender or receiver, inserting himself in place denial of service: prevent service from being used by others (e.g., by overloading resources)

Network Security Goals: understand principles of network security: cryptography and its many uses beyond “confidentiality” authentication message integrity key distribution security in practice: firewalls security in application, transport, network, link layers

The language of cryptography Alice’s encryption key Bob’s decryption key K A K B encryption algorithm plaintext ciphertext decryption algorithm plaintext symmetric key crypto: sender, receiver keys identical KA = KB public-key crypto: encryption key public, decryption key secret (private) KA ≠ KB

Symmetric key cryptography substitution cipher: substituting one thing for another monoalphabetic cipher: substitute one letter for another plaintext: abcdefghijklmnopqrstuvwxyz ciphertext: mnbvcxzasdfghjklpoiuytrewq E.g.: Plaintext: bob. i love you. alice ciphertext: nkn. s gktc wky. mgsbc Q: How hard to break this simple cipher?: brute force (how hard?) other?

Symmetric key cryptography A-B K A-B encryption algorithm plaintext message, m ciphertext decryption algorithm plaintext K (m) K (m) A-B m = K ( ) A-B symmetric key crypto: Bob and Alice share know same (symmetric) key: K e.g., key is knowing substitution pattern in mono alphabetic substitution cipher Q: how do Bob and Alice agree on key value? A-B

Symmetric key crypto: DES DES: Data Encryption Standard US encryption standard [NIST 1993] 56-bit symmetric key, 64-bit plaintext input How secure is DES? DES Challenge: 56-bit-key-encrypted phrase (“Strong cryptography makes the world a safer place”) decrypted (brute force) in 4 months no known “backdoor” decryption approach making DES more secure: use three keys sequentially (3-DES) on each datum use cipher-block chaining

Symmetric key crypto: DES DES operation initial permutation 16 identical “rounds” of function application, each using different 48 bits of key final permutation

AES: Advanced Encryption Standard new (Nov. 2001) symmetric-key NIST standard, replacing DES processes data in 128 bit blocks 128, 192, or 256 bit keys brute force decryption (try each key) taking 1 sec on DES, takes 149 trillion years for AES

Public Key Cryptography symmetric key crypto requires sender, receiver know shared secret key Q: how to agree on key in first place (particularly if never “met”)? public key cryptography radically different approach [Diffie-Hellman76, RSA78] sender, receiver do not share secret key public encryption key known to all private decryption key known only to receiver

Public key cryptography + Bob’s public key K B - Bob’s private key K B plaintext message, m encryption algorithm ciphertext decryption algorithm plaintext message K (m) B + m = K (K (m)) B + -

Public key encryption algorithms Requirements: . . need K ( ) and K ( ) such that + B B - 1 K (K (m)) = m B - + + 2 given public key K , it should be impossible to compute private key K B - B RSA: Rivest, Shamir, Adelson algorithm

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.