ECE509 Cyber Security : Concept, Theory, and Practice Cryptography Spring 2014
Attack Types Passive attack: observe communications and/or data Active attack: modify communications and/or data
What are the security services in the OSI model?
Security Services in OSI Model Physical Layer: Data-Link Layer: Network Layer: Transport Layer: Session Layer: Presentation Layer: Application Layer:
Security Services in OSI Model Confidentiality Integrity Authentication Access Control Non-repudiation
Security Mechanisms to provide the needed security services Checksums/hash algorithms: Authorization and Integrity Encryption: Confidentiality, Integrity, Authentication Digital signatures: Integrity, Authentication, Non- repudiation
Secure Sockets Layer (SSL) Mechanisms: –Hashing SHA: Secure Hash Algorithm MD5: Message-Digest algorithm –Encryptions DES: Data Encryption Standard RSA: Ron Rivest, Adi Shamir, and Leonard Adleman –Signatures DSA: Digital Signature Algorithm RSA: Ron Rivest, Adi Shamir, and Leonard Adleman
Hash Function Data Channel Hashing Message Hash Message Hash Data
MAC (Message Authentication Code) Data Channel MAC Data Channel Message MAC Message MAC
Traditional Encryption (Symmetric Encryption) Common Key Insecure Channel Data
Key Agreement Insecure Channel Data
Public Key Encryption Insecure Channel Data
Digital Signature Data Channel Hashing Message Hash Message Hash Data Encrypt Signature Channel Signature
Digital Signature Data Signature Hashing Decrypt Compare Message Hash
Message/Data Encryption Data Encrypted Session Key Encrypted Session Key Encrypted Session Key Encrypted Session Key Channel
Reading “Understanding Security Using the OSI Model”, SANS Institute InfoSec Reading Room, [ room/whitepapers/protocols/understanding -security-osi-model-377 ] room/whitepapers/protocols/understanding -security-osi-model-377