Wireless and Email Security CSCI 5857: Encoding and Encryption.

Slides:

Advertisements

Similar presentations

Authentication.

Advertisements

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Secure Socket Layer.

CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.

COMP043-Cryptology Week 4 – Certs and Sigs. Digital Signatures Digital signatures provide –Integrity –Authenticity and –Non-repudiation How do they work?

IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005

CSE  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE

IEEE Wireless Local Area Networks (WLAN’s).

EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.

Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.

Chapter 8 Web Security.

WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.

Wireless Security Issues David E. Hudak, Ph.D. Senior Software Architect Karlnet, Inc.

IEEE Wireless LAN Standard

Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.

 An electrical device that sends or receives radio or television signals through electromagnetic waves.

WLAN What is WLAN? Physical vs. Wireless LAN

CSCI 6962: Server-side Design and Programming

Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.

Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),

Wireless Networking.

SSL and https for Secure Web Communication CSCI 5857: Encoding and Encryption.

32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.

Wireless Security Beyond WEP. Wireless Security Privacy Authorization (access control) Data Integrity (checksum, anti-tampering)

Chapter 5 WIRELESS NETWORK SECURITY

Network Security Lecture 9 Presented by: Dr. Munam Ali Shah.

Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

Shambhu Upadhyaya Security –Upper Layer Authentication Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 10)

Lecture 14 ISAKMP / IKE Internet Security Association and Key Management Protocol / Internet Key Exchange CIS CIS 5357 Network Security.

Cryptography and Network Security (CS435) Part Fourteen (Web Security)

Chapter 21 Distributed System Security Copyright © 2008.

December 2008Prof. Reuven Aviv, SSL1 Web Security with SSL Network Security Prof. Reuven Aviv King Mongkut’s University of Technology Faculty of information.

Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.

Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.

1 SSL - Secure Sockets Layer The Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) is based on SSL.

Wireless LAN Security. Security Basics Three basic tools – Hash function. SHA-1, SHA-2, MD5… – Block Cipher. AES, RC4,… – Public key / Private key. RSA.

Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.

Link-Layer Protection in i WLANs With Dummy Authentication Will Mooney, Robin Jha.

Lecture 24 Wireless Network Security

Security fundamentals Topic 5 Using a Public Key Infrastructure.

Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 24 “Wireless Network Security”.

Csci388 Wireless and Mobile Security – Key Hierarchies for WPA and RSN

Wireless security Wi–Fi (802.11) Security

7.6 Secure Network Security / G.Steffen1. In This Section Threats to Protection List Overview of Encrypted Processing Example.

802.11b Security CSEP 590 TU Osama Mazahir. Introduction Packets are sent out into the air for anyone to receive Eavesdropping is a much larger concern.

Wireless Network Security CSIS 5857: Encoding and Encryption.

Secure Socket Layer SSL and TLS. SSL Protocol Peer negotiation for algorithm support Public key encryptionPublic key encryption -based key exchange and.

Mar 28, 2003Mårten Trolin1 This lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.

Chapter 7 : Web Security Lecture #1-Week 12 Dr.Khalid Dr. Mohannad Information Security CIT 460 Information Security Dr.Khalid Dr. Mohannad 1.

Lesson Introduction ●Authentication protocols ●Key exchange protocols ●Kerberos Security Protocols.

CSEN 1001 Computer and Network Security Amr El Mougy Mouaz ElAbsawi.

IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.

@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.

Lecture 7 (Chapter 17) Wireless Network Security Prepared by Dr. Lamiaa M. Elshenawy 1.

EECS  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 

Port Based Network Access Control

July 19, Secure Messaging Models Co-existence and Interoperability Russell W. Chung New York, NY July 19, 2005.

CompTIA Security+ Study Guide (SY0-401)

The Secure Sockets Layer (SSL) Protocol

Presentation transcript:

Wireless and Security CSCI 5857: Encoding and Encryption

Outline Wireless network security –Wireless LAN structures –Authentication –Key management DKIM security –Authentication between ISPs

Wireless LAN Structure

Wireless LAN Terminology Station: Device capable of IEEE wireless connectivity (wireless laptop, etc.) Distribution System: Backbone system for long- distance communication (lines/satellite/etc.) Access point: Bridge between station and distribution system (or between stations in same BSS) Basic Service Set (BSS): Set of stations in range of access point

Wireless LAN Structure

Differences from LAN security: Any transmission may be listened to by any device in range of access point  All transmissions must be secured Other wireless devices in range of AP can attempt to connect to it  Any device wishing to communicate through access point must be authenticated

802.11i RSN Services Access control: –Preventing access to access point until authentication Authentication: –Mutual authentication between stations and access points, and key generation Privacy: –Encrypting/hashing/etc. of messages to insure confidentiality/information integrity/etc.

Authentication Server Authentication server –Contacted by AP when station requests access –Uses authentication protocol to establish station identity –AP blocks communication with rest of network until authentication complete

IEEE i Operation Phases

Discovery Phase Station contacts AP Station passes security suite to AP (like SSL) AP responds with chosen algorithms

Authentication Phase Station sends request to AP for connection to authentication server Extensible authentication protocol (EAP) used for mutual authentication

Authentication Phase Extensible Authentication Protocol: –Based on challenge-response –Station and AS share secret information (such as symmetric key) –AS sends challenge to station (via AP) –Station sends response –May repeat with multiple challenges (10 – 20) for added protection against replay attacks

Key Management Phase Possible methods: –Station and AP already share pre-shared key (PSK) previously installed on station –AS generates and sends master session key (MSK) to station as part of EAP challenge response Used to generate pairwise master key

Key Management Phase HMAC-SHA1 used to generate Pairwise transient key from –Pairwise master key –MAC address of station and AP (prevents replay attacks) PTK consists of –Key used for confirmation of other keys –Key used to encrypt other keys –Actual temporal key used to securely transmit data

Key Management Phase Handshake between station and AP used to establish and confirm keys used for secure transmission

Domain Keys Identified Mail Proposed Internet Standard RFC 4871, has been widely adopted Goal: Minimize fake sent – purportedly from another user trusted by recipient –Spam, fraud, viruses, etc. Signing/validation done at provider level –Individual users do not need to be involved in process 16

Internet Mail Architecture 17 Sender composes mail in mail client software Mail client software sends contents to sender’s ISP sent to mail server of recipient’s ISP Recipient retrieves from their ISP’s server

DKIM Authentication Sender submits to their ISP’s server signed by sending server using their public key 18

DKIM Authentication 19 Receiving ISP requests certificate from sending ISP Receiving ISP validates signature using sender’s public key Recipient only receives validated