The University of Adelaide, School of Computer Science 31 December 2018 Computer Networks, 5th Edition Chapter 8 Network Security Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer

Copyright © 2012, Elsevier Inc. All rights Reserved FIGURE 8.1 Symmetric-key encryption and decryption. Chapter 8 Copyright © 2012, Elsevier Inc. All rights Reserved

Copyright © 2012, Elsevier Inc. All rights Reserved FIGURE 8.2 Cipher block chaining (CBC). Chapter 8 Copyright © 2012, Elsevier Inc. All rights Reserved

Copyright © 2012, Elsevier Inc. All rights Reserved FIGURE 8.3 Public-key encryption. Chapter 8 Copyright © 2012, Elsevier Inc. All rights Reserved

Copyright © 2012, Elsevier Inc. All rights Reserved FIGURE 8.4 Authentication using public keys. Chapter 8 Copyright © 2012, Elsevier Inc. All rights Reserved

Copyright © 2012, Elsevier Inc. All rights Reserved FIGURE 8.5 Computing a MAC (a) versus computing an HMAC (b). Chapter 8 Copyright © 2012, Elsevier Inc. All rights Reserved

Copyright © 2012, Elsevier Inc. All rights Reserved FIGURE 8.6 Tree-structured certification authority hierarchy. Chapter 8 Copyright © 2012, Elsevier Inc. All rights Reserved

Copyright © 2012, Elsevier Inc. All rights Reserved FIGURE 8.7 A challenge-response protocol. Chapter 8 Copyright © 2012, Elsevier Inc. All rights Reserved

Copyright © 2012, Elsevier Inc. All rights Reserved FIGURE 8.8 A public-key authentication protocol that depends on synchronization. Chapter 8 Copyright © 2012, Elsevier Inc. All rights Reserved

Copyright © 2012, Elsevier Inc. All rights Reserved FIGURE 8.9 A public-key authentication protocol that does not depend on synchronization. Alice checks her own timestamp against her own clock, and likewise for Bob. Chapter 8 Copyright © 2012, Elsevier Inc. All rights Reserved

Copyright © 2012, Elsevier Inc. All rights Reserved FIGURE 8.10 The Needham–Schroeder authentication protocol. Chapter 8 Copyright © 2012, Elsevier Inc. All rights Reserved

Copyright © 2012, Elsevier Inc. All rights Reserved FIGURE 8.11 Kerberos authentication. Chapter 8 Copyright © 2012, Elsevier Inc. All rights Reserved

Copyright © 2012, Elsevier Inc. All rights Reserved FIGURE 8.12 A man-in-the-middle attack. Chapter 8 Copyright © 2012, Elsevier Inc. All rights Reserved

Copyright © 2012, Elsevier Inc. All rights Reserved FIGURE 8.13 PGP’s steps to prepare a message for emailing from Alice to Bob. Chapter 8 Copyright © 2012, Elsevier Inc. All rights Reserved

Copyright © 2012, Elsevier Inc. All rights Reserved FIGURE 8.14 Using SSH port forwarding to secure other TCP-based applications. Chapter 8 Copyright © 2012, Elsevier Inc. All rights Reserved

Copyright © 2012, Elsevier Inc. All rights Reserved FIGURE 8.15 Secure transport layer inserted between application and TCP layers. Chapter 8 Copyright © 2012, Elsevier Inc. All rights Reserved

Copyright © 2012, Elsevier Inc. All rights Reserved FIGURE 8.16 Handshake protocol to establish TLS session. Chapter 8 Copyright © 2012, Elsevier Inc. All rights Reserved

Copyright © 2012, Elsevier Inc. All rights Reserved FIGURE 8.17 IPsec’s ESP format. Chapter 8 Copyright © 2012, Elsevier Inc. All rights Reserved

Copyright © 2012, Elsevier Inc. All rights Reserved FIGURE 8.18 An IP packet with a nested IP packet encapsulated using ESP in tunnel mode. Note that the inner and outer packets have different addresses. Chapter 8 Copyright © 2012, Elsevier Inc. All rights Reserved

Copyright © 2012, Elsevier Inc. All rights Reserved FIGURE 8.19 Use of an Authentication Server in 802.11i. Chapter 8 Copyright © 2012, Elsevier Inc. All rights Reserved

Copyright © 2012, Elsevier Inc. All rights Reserved FIGURE 8.20 A firewall filters packets flowing between a site and the rest of the Internet. Chapter 8 Copyright © 2012, Elsevier Inc. All rights Reserved

Copyright © 2012, Elsevier Inc. All rights Reserved FIGURE 8.21 Diagram for Exercise 18. Chapter 8 Copyright © 2012, Elsevier Inc. All rights Reserved