Presentation is loading. Please wait.

Presentation is loading. Please wait.

L8. Reviews Rocky K. C. Chang, May 2011. Foci of this course 2 Rocky K. C. Chang  Understand the 3 fundamental cryptographic functions and how they are.

Published byAlissa Jacox Modified over 9 years ago

Similar presentations

Presentation on theme: "L8. Reviews Rocky K. C. Chang, May 2011. Foci of this course 2 Rocky K. C. Chang  Understand the 3 fundamental cryptographic functions and how they are."— Presentation transcript:

1 L8. Reviews Rocky K. C. Chang, May 2011

2 Foci of this course 2 Rocky K. C. Chang  Understand the 3 fundamental cryptographic functions and how they are used in network security.  Understand the main elements in securing today ’ s Internet infrastructure.  Exposed to some current Internet security problems.

3 Types of attacks 3 Rocky K. C. Chang  Passive attacks (eavesdropping), e.g.,  ciphertext-only attacks (recognizable plaintext attacks)  Fred has seen some ciphertext.  known-plaintext attacks  Fred has obtained some pairs.  chosen-plaintext attacks  Fred can choose any plaintext he wants.  Active attacks, e.g.,  pretend to be someone else (impersonation)  introduce new messages in the protocol  delete existing messages  substituting one message for another  replay old messages

4 4 Rocky K. C. Chang Three cryptographic functions  Hash functions: require 0 key  Secret key functions: require 1 key  Public key functions: require 2 keys

5 5 Rocky K. C. Chang

6 Symmetric cryptography 6 Rocky K. C. Chang  Secret key functions  Stream cipher vs block cipher  Symmetric cryptography based on substitution (confusion) and diffusion  64-bit DES and 128/192/256-bit AES  Secrecy service  Encrypting data of any size: cipher block chaining (CBC)  Security problems with CBC, e.g., identical and nonidentical ciphertext blocks.

7 7 Rocky K. C. Chang

8 Cryptographic hash functions and MAC 8 Rocky K. C. Chang  Hash functions  3 properties: pre-image resistance, collision resistance, and mixing transformation  The birthday problem and attack  k  1.774  q, where q is the number of distinct hash outputs  The length of a secure hash output ≥ 256 bits  Hash function standards (MDx, SHA-x)  2 problems: length extension and partial message collision  Message authentication codes  A successful attack on MAC  CBC-MAC and HMAC

9 9 Rocky K. C. Chang

10 The public-key cryptography 10 Rocky K. C. Chang  Prime numbers, modulo a prime  A group for the set of numbers modulo a prime p without 0 under multiplication  Compute the multiplicative inverse using the extended Euclid algorithm.  Generate a large prime number.  The Rabin-Miller test determines whether an odd integer is prime.  Each party involved in a public-key cryptographic system is one secret and one public “ key ”.

11 The Diffie-Hellman (DH) protocol 11 Rocky K. C. Chang  The DH protocol uses the multiplicative group modulo p, where p is a very large prime.  A generator g generates a set of numbers 1, g, g 2, …, g t-1 (g t = 1 again).  Subgroups (t < p-1) and group (t = p-1)  The basic Diffie-Hellman (DH) protocol  (g, p) and a random number in (1, 2, …, p-1)  The discrete logarithm problem  Security problems  Using a smaller subgroup ({1}, {1, p-1}) and a safe prime  Squares and nonsquares  Man in the middle attack

12 12 Rocky K. C. Chang

13 The RSA algorithm 13 Rocky K. C. Chang  In RSA, we perform modulo a composite number n = p  q, where p and q are large primes.  Use 2 different exponents e (public) and d (private), such that e  d = 1 mod t, where t = lcm(p – 1, q – 1).  To encrypt m, compute c = m e mod n; to decrypt c, compute c d mod n = m.  To sign m, compute s = m 1/e mod n; to verify the signature, compute s e = m mod n.  Choices of e, p, and q  Pitfalls of using RSA, e.g., encrypting a small message, message signing.

14 14 Rocky K. C. Chang

15 Authentication 15 Rocky K. C. Chang  Network-based, password-based  Cryptographic authentication  Symmetric and asymmetric  Challenge and response  Mutual authentication  2 x one-way authentication.  Reflection attack and man in the middle attack  Principles:  One-way: Have the responder influence on what she encrypts or hashes.  Have both parties have some influence over the quantity signed.

16 16 Rocky K. C. Chang

17 Authenticated key exchange 17 Rocky K. C. Chang  Authenticated Diffie-Hellman exchange  Perfect forward secrecy  Allow both sides to agree on the crypto. algorithms and the DH parameters.  A partial solution to denial-of service attacks using cookies  It is prudent to couple the key exchange with authentication.

18 18 Rocky K. C. Chang

19 Secure network protocols in practice

20 20 Rocky K. C. Chang

21 PKI 21 Rocky K. C. Chang  Alice generates her public/private key pair.  Keep the private key.  Take the public key to the CA, say k  The CA has to verify that Alice is who she says she is.  The CA then issues a digital statement stating that k belongs to Alice.  There will never be a single CA for all or most of all.  There are going to be a large number of PKIs.  Use different key pairs in different PKIs.  Choose between a key server approach and a PKI approach.

22 IPSec 22 Rocky K. C. Chang  Unicast, unidirectional security association at the IP layer  Authentication Header and Encapsulation Security Payload  Partial solution to the replay attack  Tunnel mode and transport mode  Encryption without authentication is useless.  Outbound and inbound packet processing

23 IKEv.1 23 Rocky K. C. Chang  IKE phase 1 (ISAKMP association) and phase 2  The main mode consists of 3 message pairs.  1st pair: ISAKMP SA negotiation  2nd pair: a D-H exchange and an exchange of nonces  3rd pair: Peer authentication  The phase 1 is protected with encryption and authentication.  Establish IPSec associations and the necessary keys.  A new issue here is hiding the identities of the end points

24 TLS 1.0/ SSL 3.0 24 Rocky K. C. Chang  Pros and cons of providing security services at the transport layer instead of the IP layer.  The TLS Handshake and Record layers.  Session states and connection states  The session states can be reused to establish a new connection.  Server and client authentication

25 Network security is more than the above 25 Rocky K. C. Chang  Wireless security: IEEE 802.11i, RFID, Bluetooth, IP telephony, etc  Worms and buffer overflow attacks  Denial-of-service and degradation-of-service attacks  Data security  Covert channel, privacy protection

26 Network security is more than the above 26 Rocky K. C. Chang  Security policies  Operational issues  Human issues  Vulnerability analysis  Auditing  Intrusion detection  System security  Program security  etc

27 27 Rocky K. C. Chang “Security is a chain; it’s only as secure as the weakest link.” “Security is not a product; it itself is a process.” Bruce Schneier

Download ppt "L8. Reviews Rocky K. C. Chang, May 2011. Foci of this course 2 Rocky K. C. Chang  Understand the 3 fundamental cryptographic functions and how they are."

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
The Diffie-Hellman Algorithm

The Diffie-Hellman Algorithm
1 Security for Ad Hoc Network Routing. 2 Ad Hoc Networks Properties Mobile Wireless communication Medium to high bandwidth High variability of connection.

1 Security for Ad Hoc Network Routing. 2 Ad Hoc Networks Properties Mobile Wireless communication Medium to high bandwidth High variability of connection.
ISA 662 IKE Key management for IPSEC Prof. Ravi Sandhu.

ISA 662 IKE Key management for IPSEC Prof. Ravi Sandhu.
Symmetric Encryption Prof. Ravi Sandhu.

Symmetric Encryption Prof. Ravi Sandhu.
Doc.: IEEE 802.11-98/178 Submission July 2000 A. Prasad, A. Raji Lucent TechnologiesSlide 1 A Proposal for IEEE 802.11e Security IEEE 802.11 Task Group.

Doc.: IEEE /178 Submission July 2000 A. Prasad, A. Raji Lucent TechnologiesSlide 1 A Proposal for IEEE e Security IEEE Task Group.
Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.

1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.
PUBLIC KEY CRYPTOSYSTEMS Symmetric Cryptosystems 6/05/2014 | pag. 2.

PUBLIC KEY CRYPTOSYSTEMS Symmetric Cryptosystems 6/05/2014 | pag. 2.
Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998.

Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998.
ECE454/CS594 Computer and Network Security

ECE454/CS594 Computer and Network Security
Network Security7-1 Chapter 7 Network Security Computer Networking: A Top Down Approach Featuring the Internet, 2 nd edition. Jim Kurose, Keith Ross Addison-Wesley,

Network Security7-1 Chapter 7 Network Security Computer Networking: A Top Down Approach Featuring the Internet, 2 nd edition. Jim Kurose, Keith Ross Addison-Wesley,
VPN AND REMOTE ACCESS Mohammad S. Hasan 1 VPN and Remote Access.

VPN AND REMOTE ACCESS Mohammad S. Hasan 1 VPN and Remote Access.
Lecture 5: Cryptographic Hashes

Lecture 5: Cryptographic Hashes
Web security: SSL and TLS

Web security: SSL and TLS
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

Similar presentations

Ads by Google