ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.

Slides:



Advertisements
Similar presentations
Internet Protocol Security (IP Sec)
Advertisements

Secure Mobile IP Communication
Chapter 10 Real world security protocols
Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
IPSec In Depth. Encapsulated Security Payload (ESP) Must encrypt and/or authenticate in each packet Encryption occurs before authentication Authentication.
Security at the Network Layer: IPSec
Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.
Cryptography and Network Security Chapter 16 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 5 Network Security Protocols in Practice Part I
Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
Henric Johnson1 Ola Flygt Växjö University, Sweden IP Security.
Crypto – chapter 16 - noack Introduction to network stcurity Chapter 16 - Stallings.
IPsec – IKE CS 470 Introduction to Applied Cryptography
1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.
CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 23 Jonathan Katz.
W O R L D W I D E L E A D E R I N S E C U R I N G T H E I N T E R N E T IKE Tutorial.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
Internet Security CSCE 813 IPsec. CSCE Farkas2 Reading Today: – Oppliger: IPSec: Chapter 14 – Stalllings: Network Security Essentials, 3 rd edition,
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Internet Protocol Security (IPSec)
CMSC 414 Computer (and Network) Security Lecture 25 Jonathan Katz.
Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.
Strong Password Protocols
Protocol Basics. IPSec Provides two modes of protection –Tunnel Mode –Transport Mode Authentication and Integrity Confidentiality Replay Protection.
SYSTEM ADMINISTRATION Chapter 13 Security Protocols.
1 Chapter 8 Panko, Corporate Computer and Network Security Copyright 2004 Prentice-Hall Cryptographic Systems: SSL/TLS, VPNs, and Kerberos.
1 Lecture 14: Real-Time Communication Security real-time communication – two parties interact in real time (as opposed to delayed communication like )
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
1 Chapter 8 Copyright 2003 Prentice-Hall Cryptographic Systems: SSL/TLS, VPNs, and Kerberos.
1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.
1 Network Security Lecture 8 IP Sec Waleed Ejaz
Lecture 14 ISAKMP / IKE Internet Security Association and Key Management Protocol / Internet Key Exchange CIS CIS 5357 Network Security.
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
Information management 1 Groep T Leuven – Information department 1/26 IPSec IP Security (IPSec)
/IPsecurity.ppt 1 - Chapter 6 of William Stallings. Network Security Essentials (2nd edition). Prentice Hall.
IT:Network:Apps.  RRAS does nice job of routing ◦ NAT is nice ◦ BASIC firewall ok but somewhat weak  Communication on network (WS to SRV) is in clear.
1 Lecture 16: IPsec IKE history of IKE Photurus IKE phases –phase 1 aggressive mode main mode –phase 2.
Network Security David Lazăr.
IPsec IPsec (IP security) Security for transmission over IP networks –The Internet –Internal corporate IP networks –IP packets sent over public switched.
11 SECURING NETWORK COMMUNICATION Chapter 9. Chapter 9: SECURING NETWORK COMMUNICATION2 OVERVIEW  List the major threats to network communications. 
IPSec ● IP Security ● Layer 3 security architecture ● Enables VPN ● Delivers authentication, integrity and secrecy ● Implemented in Linux, Cisco, Windows.
IP Security: Security Across the Protocol Stack. IP Security There are some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS.
1 CMPT 471 Networking II Authentication and Encryption © Janice Regan,
The School of Electrical Engineering and Computer Science (EECS) CS/ECE Network Security Dr. Attila Altay Yavuz Authentication Protocols (I): Secure Handshake.
Chapter 8 IP Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI.
Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol.
Group 9 Chapter 8.3 – 8.6. Public Key Algorithms  Symmetric Key Algorithms face an inherent problem  Keys must be distributed to all parties but kept.
Cryptography and Network Security (CS435) Part Thirteen (IP Security)
IPSec  general IP Security mechanisms  provides  authentication  confidentiality  key management  Applications include Secure connectivity over.
IPSec – IP Security Protocol By Archis Raje. What is IPSec IP Security – set of extensions developed by IETF to provide privacy and authentication to.
IPSec is a suite of protocols defined by the Internet Engineering Task Force (IETF) to provide security services at the network layer. standard protocol.
CMSC 414 Computer and Network Security Lecture 27 Jonathan Katz.
1 IPSec: An Overview Dr. Rocky K. C. Chang 4 February, 2002.
IPSEC Modes of Operation. Breno de MedeirosFlorida State University Fall 2005 IPSEC  To establish a secure IPSEC connection two nodes must execute a.
K. Salah1 Security Protocols in the Internet IPSec.
Security Data Transmission and Authentication Lesson 9.
IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.
8-1Network Security Virtual Private Networks (VPNs) motivation:  institutions often want private networks for security.  costly: separate routers, links,
@Yuan Xue CS 285 Network Security IP Security Yuan Xue Fall 2013.
Chapter 5 Network Security Protocols in Practice Part I
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
The University of Adelaide, School of Computer Science
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
Presentation transcript:

ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall

Exercise: Chapters 13, 15-18

1. [Kaufman] 13.1 Design a variant of Kerberos in which the workstation generates a TGT. The TGT will be encrypted with the user’s master key rather than the KDC’s master key. How does this compare with standard Kerberos in terms of efficiency, security, etc.? What happens in each scheme if the user changes her password during a login session?

1. [Kaufman] 13.1

2. [Kaufman] 15.4 Compare the following schemes for obtaining Bob's public key, in terms of bandwidth and computation efficiency, security, flexibility, and any other criteria you can think of: downloading Bob's key from the node located at a particular IP address (via an unauthenticated interaction), looking up Bob's key in a directory via an unauthenticated interaction, having an authenticated conversation to the directory, having the directory sign the information you request, storing and retrieving certificates from the directory, having no directory but having each principal responsible for keeping its own certificate and sending it to someone who needs to talk to it.

2. [Kaufman] 15.4

3. [Kaufman] 16.7 Devise a protocol based on a pre-shared secret key that hides identities and gives PFS for identity hiding. Make two variants, one in which an active attacker can learn only the initiator's identity, and one in which an active attacker can learn only the target's identity.

3. [Kaufman] 16.7

4. [Kaufman] In the Protocol 16-6, explain why Bob knows that Alice is the real Alice, and not someone replaying Alice's messages. How does Alice know that it's the real Bob if she uses a different a each time? Modify the protocol to allow both Alice and Bob to reuse their a and b values, and yet have both sides be able to know they are talking to a live partner.Protocol 16-6

4. [Kaufman] 16.11

5. [Kaufman] 17.1 Suppose Alice is sending packets to Bob using IPsec. Suppose Bob's TCP acknowledgment gets lost, and Alice's TCP, assuming the packet was lost, retransmits the packet. Will Bob's IPsec implementation notice that the packet is a duplicate and discard it?

5. [Kaufman] 17.1 No. IPsec treats a retransmitted TCP packet as a new IPsec packet. It is up to TCP to notice the packet is a duplicate.

6. [Kaufman] 17.4 Would it be possible for the SA to be defined only by the destination address and the SPI (i.e., leave out whether it's ESP or AH)? Would this require any changes to the IPsec protocol? Would an implementation of a receiver that defined the SA based solely on destination address and SPI interwork with one that did what the IPsec specification says?

6. [Kaufman] 17.4

7. [Kaufman] 17.5 When sending encrypted traffic from firewall to firewall, why does there need to be an extra IP header? Why can't the firewall simply encrypt the packet, leaving the source and destination as the original source and destination?

7. [Kaufman] 17.5

8. [Stallings] 16.4 The IPsec architecture document states that when two transport mode SA's are bundled to allow both AH and ESP protocols on the same end-to-end flow, only one ordering of security protocols seems appropriate: performing the ESP protocol before performing the AH protocol. Why is this approach recommended rather than authentication before encryption?

8. [Stallings] 16.4 This order of processing facilitates rapid detection and rejection of replayed or bogus packets by the receiver, prior to decrypting the packet, hence potentially reducing the impact of denial of service attacks. It also allows for the possibility of parallel processing of packets at the receiver, i.e., decryption can take place in parallel with authentication.

9. [Kaufman] 18.1 Suppose if Alice's aggressive-mode IKE connection initiate is refused, Alice starts up another aggressive-mode connection initiate with her next (and weaker) choice of Diffie-Hellman group, rather than starting a main-mode exchange telling Bob all her supported Diffie-Hellman groups. What is the vulnerability, given an active attacker?

9. [Kaufman] 18.1 The active attacker can trick Alice into using weak crypto. The bad guy can impersonate Bob and refuse Alice’s strong crypto proposal. Then Alice will retry with a weaker proposal.

10. [Kaufman] 18.5 How can you modify aggressive mode with public signature keys (see § Public Signature Keys, Aggressive Mode) to hide the endpoint identifiers from eavesdroppers? Which identity will be hidden from an active attacker? Give a disadvantage of this

10. [Kaufman] 18.5

11. [Kaufman] 18.8 Design a protocol in which authentication is one- way since only one side has a public key. Do the protocol with a public signature key. Now do it with a public encryption key.

11. [Kaufman] 18.8

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.