Presentation is loading. Please wait.

Presentation is loading. Please wait.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand."— Presentation transcript:

1 TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand four aspects of security Know how and where IPSec, TLS, and PGP provide security Firewall Objectives

2 TCP/IP Protocol Suite 2 28.1 CRYPTOGRAPHY The word cryptography in Greek means “secret writing.” The term today refers to the science and art of transforming messages to make them secure and immune to attacks. The topics discussed in this section include: Symmetric-Key Cryptography Asymmetric-Key Cryptography Comparison

3 TCP/IP Protocol Suite 3 Figure 28.1 Cryptography components

4 TCP/IP Protocol Suite 4 In cryptography, the encryption/decryption algorithms are public; the keys are secret. Note:

5 TCP/IP Protocol Suite 5 In symmetric-key cryptography, the same key is used by the sender (for encryption) and the receiver (for decryption). The key is shared. Note:

6 TCP/IP Protocol Suite 6 Figure 28.2 Symmetric-key cryptography

7 TCP/IP Protocol Suite 7 In symmetric-key cryptography, the same key is used in both directions. Note:

8 TCP/IP Protocol Suite 8 Figure 28.3 Caesar cipher

9 TCP/IP Protocol Suite 9 Figure 28.4 Transpositional cipher

10 TCP/IP Protocol Suite 10 Figure 28.5 Data Encryption Standard (DES)

11 TCP/IP Protocol Suite 11 Figure 28.6 Iteration block

12 TCP/IP Protocol Suite 12 Figure 28.7 Triple DES

13 TCP/IP Protocol Suite 13 The DES cipher uses the same concept as the Caesar cipher, but the encryption/ decryption algorithm is much more complex. Note:

14 TCP/IP Protocol Suite 14 Figure 28.8 Public-key cryptography

15 TCP/IP Protocol Suite 15 Figure 28.9 RSA

16 TCP/IP Protocol Suite 16 Symmetric-key cryptography is often used for long messages. Note:

17 TCP/IP Protocol Suite 17 Asymmetric-key algorithms are more efficient for short messages. Note:

18 TCP/IP Protocol Suite 18 28.6 SECURITY IN THE INTERNET IP Level Security: IPSec Transport Layer Security Application Layer Security: PGP

19 TCP/IP Protocol Suite 19 Figure 28.27 Transport mode

20 TCP/IP Protocol Suite 20 Figure 28.28 Tunnel mode

21 TCP/IP Protocol Suite 21 Figure 28.29 Authentication Header (AH)

22 TCP/IP Protocol Suite 22 The AH protocol provides message authentication and integrity, but not privacy. Note:

23 TCP/IP Protocol Suite 23 Figure 28.30 Encapsulating Security Payload (ESP)

24 TCP/IP Protocol Suite 24 ESP provides message authentication, integrity, and privacy. Note:

25 TCP/IP Protocol Suite 25 Figure 28.31 Position of TLS

26 TCP/IP Protocol Suite 26 Figure 28.35 PGP at the sender site

27 TCP/IP Protocol Suite 27 Figure 28.36 PGP at the receiver site

28 TCP/IP Protocol Suite 28 28.7 FIREWALLS A firewall is a device (usually a router or a computer) installed between the internal network of an organization and the rest of the Internet. It is designed to forward some packets and filter (not forward) others. A firewall is a device (usually a router or a computer) installed between the internal network of an organization and the rest of the Internet. It is designed to forward some packets and filter (not forward) others. The topics discussed in this section include: Packet-Filter Firewall Proxy Firewall

29 TCP/IP Protocol Suite 29 Figure 28.37 Firewall

30 TCP/IP Protocol Suite 30 Figure 28.38 Packet-filter firewall

31 TCP/IP Protocol Suite 31 A packet-filter firewall filters at the network or transport layer. Note:

32 TCP/IP Protocol Suite 32 Figure 28.39 Proxy firewall

33 TCP/IP Protocol Suite 33 A proxy firewall filters at the application layer. Note:

Download ppt "TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand."

Similar presentations

IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.

IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.
1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.

1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.

IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.
Security at the Network Layer: IPSec

Security at the Network Layer: IPSec
Henric Johnson1 Chapter 6 IP Security Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter 6 IP Security Henric Johnson Blekinge Institute of Technology, Sweden
Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.

Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.
McGraw-Hill © ©The McGraw-Hill Companies, Inc., 2004 Chapter 31 Security Protocols in the Internet.

McGraw-Hill © ©The McGraw-Hill Companies, Inc., 2004 Chapter 31 Security Protocols in the Internet.
Crypto – chapter 16 - noack Introduction to network stcurity Chapter 16 - Stallings.

Crypto – chapter 16 - noack Introduction to network stcurity Chapter 16 - Stallings.
IPsec: Internet Protocol Security Chong, Luon, Prins, Trotter.

IPsec: Internet Protocol Security Chong, Luon, Prins, Trotter.
Part 5:Security Network Security (Access Control, Encryption, Firewalls)

Part 5:Security Network Security (Access Control, Encryption, Firewalls)
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.

1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.
Chapter 29 Internet Security

Chapter 29 Internet Security
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Chapter 6 IP Security. Outline Internetworking and Internet Protocols (Appendix 6A) IP Security Overview IP Security Architecture Authentication Header.

Chapter 6 IP Security. Outline Internetworking and Internet Protocols (Appendix 6A) IP Security Overview IP Security Architecture Authentication Header.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
K. Salah1 Security Protocols in the Internet IPSec.

K. Salah1 Security Protocols in the Internet IPSec.

Similar presentations

Ads by Google