Protocol ap1.0: Alice says “I am Alice”

Slides:



Advertisements
Similar presentations
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Advertisements

Cryptography. 8: Network Security8-2 The language of cryptography symmetric key crypto: sender, receiver keys identical public-key crypto: encryption.
Outline User authentication –Password authentication, salt –Challenge-response authentication protocols –Biometrics –Token-based authentication Authentication.
1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Authentication Digital Signature Key distribution.
Welcome to CS 395/495 Internet Security: A Measurement-based Approach.
CMSC 414 Computer and Network Security Lecture 19 Jonathan Katz.
1 Network Security What is network security? Principles of cryptography Authentication Access control: firewalls Attacks and counter measures.
8: Network Security Security. 8: Network Security8-2 Chapter 8 Network Security A note on the use of these ppt slides: We’re making these slides.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
1 ITC242 – Introduction to Data Communications Week 11 Topic 17 Chapter 18 Network Security.
CSE401n:Computer Networks
Outline User authentication –Password authentication, salt –Challenge-response authentication protocols –Biometrics –Token-based authentication Authentication.
Network Security understand principles of network security:
8: Network Security8-1 Chapter 8 Network Security A note on the use of these ppt slides: We’re making these slides freely available to all (faculty, students,
Outline User authentication –Password authentication, salt –Challenge-response authentication protocols –Biometrics –Token-based authentication Authentication.
Review and Announcement r Ethernet m Ethernet CSMA/CD algorithm r Hubs, bridges, and switches m Hub: physical layer Can’t interconnect 10BaseT & 100BaseT.
Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.
Outline User authentication
Lecture 24 Cryptography CPE 401 / 601 Computer Network Systems slides are modified from Jim Kurose and Keith Ross and Dave Hollinger.
Objectives Understand the challenge-response authentication protocol and its attacks Understand the basic mechanisms of trusted intermediaries for distributed.
Computer Networking Lecture 4 – Applications DNS, SSL.
8-1Network Security Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity, authentication.
Network Security – Part 2 (Continued) Lecture Notes for May 8, 2006 V.T. Raja, Ph.D., Oregon State University.
8: Network Security8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents  sender encrypts.
8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 part 1: Principles of cryptography.
Network Security7-1 Chapter 7 Network Security Computer Networking: A Top Down Approach Featuring the Internet, 2 nd edition. Jim Kurose, Keith Ross Addison-Wesley,
23-1 Last time □ P2P □ Security ♦ Intro ♦ Principles of cryptography.
ICT 6621 : Advanced NetworkingKhaled Mahbub, IICT, BUET, 2008 Lecture 11 Network Security (1)
Secure Sockets Layer (SSL) and Transport layer security (TLS)
1 Security and Cryptography: basic aspects Ortal Arazi College of Engineering Dept. of Electrical & Computer Engineering The University of Tennessee.
Upper OSI Layers Natawut Nupairoj, Ph.D. Department of Computer Engineering Chulalongkorn University.
8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 part 2: Message integrity.
1 Network Security Basics. 2 Network Security Foundations: r what is security? r cryptography r authentication r message integrity r key distribution.
Authentication. Goal: Bob wants Alice to “prove” her identity to him Protocol ap1.0: Alice says “I am Alice” Failure scenario?? “I am Alice”
8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on the use of these.
Network Security7-1 Today r Reminders m Ch6 Homework due Wed Nov 12 m 2 nd exams have been corrected; contact me to see them r Start Chapter 7 (Security)
Chapter 10: Network Security Chapter goals: r understand principles of network security: m cryptography and its many uses beyond “confidentiality” m authentication.
Network Security7-1 Chapter 7: Network Security Chapter goals: r understand principles of network security: m cryptography and its many uses beyond “confidentiality”
Identify Friend or Foe (IFF) Chapter 9 Simple Authentication protocols Namibia Angola 1. N 2. E(N,K) SAAF Impala Russian MIG 1 Military needs many specialized.
Chapter 9 Simple Authentication Protocols Simple Security Protocol Authentication Protocols Authentication and TCP Chapter 9 Simple Authentication protocols.
8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on the use of these.
Network Security. 2 Why Network Security?  Malicious people share your network  Problem made more severe the more the Internet became commercialized.
8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on the use of these.
Digital Signatures Cryptographic technique analogous to hand-written signatures. sender (Bob) digitally signs document, establishing he is document owner/creator.
Chapter 7 Network Security
Network Security Primitives
חישוב ציון תרגילי בית: מי שלא יגיש את הפרויקט בזמן (PA3):
Handshake Protocols COEN 150.
Digital Signatures Cryptographic technique analogous to hand-written signatures. sender (Bob) digitally signs document, establishing he is document owner/creator.
Network Security Basics
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
CMPE 252A : Computer Networks
Review and Announcement
Protocol ap1.0: Alice says “I am Alice”
CS2911 Week 9, Class 1 Today Discussion on RSA Video Eavesdropping
CSE 4213: Computer Networks II
Digital Signatures Cryptographic technique analogous to hand-written signatures. sender (Bob) digitally signs document, establishing he is document owner/creator.
Lecture 10: Network Security.
Lecture 4 RFID and Wireless Security
Digital Signatures Cryptographic technique analogous to hand-written signatures. sender (Bob) digitally signs document, establishing he is document owner/creator.
Digital Signatures Cryptographic technique analogous to hand-written signatures. sender (Bob) digitally signs document, establishing he is document owner/creator.
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
Security: Integrity, Authentication, Non-repudiation
CS2911 Week 8, Class 1 Today Week 8, Lab period Muddiest Point
Digital Signatures Cryptographic technique analogous to hand-written signatures. sender (Bob) digitally signs document, establishing he is document owner/creator.
Chapter 8 roadmap 8.1 What is network security?
Key Exchange With Public Key Cryptography
Presentation transcript:

Protocol ap1.0: Alice says “I am Alice” Authentication Goal: Bob wants Alice to “prove” her identity to him Protocol ap1.0: Alice says “I am Alice” “I am Alice” Failure scenario?? 8: Network Security

Authentication Goal: Bob wants Alice to “prove” her identity to him Protocol ap1.0: Alice says “I am Alice” in a network, Bob can not “see” Alice, so Trudy simply declares herself to be Alice “I am Alice” 8: Network Security

Authentication: another try Protocol ap2.0: Alice says “I am Alice” in an IP packet containing her source IP address “I am Alice” Alice’s IP address Failure scenario?? 8: Network Security

Authentication: another try Protocol ap2.0: Alice says “I am Alice” in an IP packet containing her source IP address Trudy can create a packet “spoofing” Alice’s address “I am Alice” Alice’s IP address 8: Network Security

Authentication: another try Protocol ap3.0: Alice says “I am Alice” and sends her secret password to “prove” it. “I’m Alice” Alice’s IP addr password Failure scenario?? OK Alice’s IP addr 8: Network Security

Authentication: another try Protocol ap3.0: Alice says “I am Alice” and sends her secret password to “prove” it. Alice’s IP addr Alice’s password “I’m Alice” playback attack: Trudy records Alice’s packet and later plays it back to Bob OK Alice’s IP addr “I’m Alice” Alice’s IP addr password 8: Network Security

Authentication: yet another try Protocol ap3.1: Alice says “I am Alice” and sends her encrypted secret password to “prove” it. “I’m Alice” Alice’s IP addr encrypted password Failure scenario?? OK Alice’s IP addr 8: Network Security

Authentication: another try Protocol ap3.1: Alice says “I am Alice” and sends her encrypted secret password to “prove” it. Alice’s IP addr encrypted password “I’m Alice” record and playback still works! OK Alice’s IP addr “I’m Alice” Alice’s IP addr encrypted password 8: Network Security

Authentication: yet another try Goal: avoid playback attack Nonce: number (R) used only once –in-a-lifetime ap4.0: to prove Alice “live”, Bob sends Alice nonce, R. Alice must return R, encrypted with shared secret key “I am Alice” R K (R) A-B Alice is live, and only Alice knows key to encrypt nonce, so it must be Alice! Failures, drawbacks? 8: Network Security

“send me your public key” Authentication: ap5.0 ap4.0 requires shared symmetric key can we authenticate using public key techniques? ap5.0: use nonce, public key cryptography “I am Alice” Bob computes R (K (R)) = R A - K + K (R) A - and knows only Alice could have the private key, that encrypted R such that “send me your public key” K A + (K (R)) = R A - K + 8: Network Security

sends m to Alice encrypted with Alice’s public key ap5.0: security hole Man (woman) in the middle attack: Trudy poses as Alice (to Bob) and as Bob (to Alice) I am Alice I am Alice R T K (R) - R A K (R) - Send me your public key T K + Send me your public key A K + T K (m) + Trudy gets T m = K (K (m)) + - A K (m) + sends m to Alice encrypted with Alice’s public key A m = K (K (m)) + - 8: Network Security

ap5.0: security hole Man (woman) in the middle attack: Trudy poses as Alice (to Bob) and as Bob (to Alice) Difficult to detect: Bob receives everything that Alice sends, and vice versa. (e.g., so Bob, Alice can meet one week later and recall conversation) problem is that Trudy receives all messages as well! 8: Network Security

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.