Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure connections.

Published byGabriella Washington Modified over 8 years ago

Similar presentations

Presentation on theme: "Secure connections."— Presentation transcript:

1 Secure connections

2 Secure connections examples
Application Layer – Pretty Good Privacy Transport Layer Secure Socket Layer Network Layer Ipsec (VPN) DataLink Layer Wifi – WEP (not part of curriculum) Physical Layer N/A

3 Secure Application layer email - PGP (Pretty Good Privacy)
Alice wants to send confidential , m, to Bob KS( ) . KB( ) + - KS(m ) KB(KS ) m KS KB Internet

4 Secure Application layer email - PGP (Pretty Good Privacy)
Alice wants to provide sender authentication message integrity H( ) . KA( ) - + H(m ) KA(H(m)) m KA Internet compare

5 PGP – Both confidential & Integrity
. KA( ) - + KA(H(m)) m KA KS( ) KB( ) KB(KS ) KS KB Internet

6 Secure Transport layer Secure Socket Layer (SSL)
SSL support Confidential (HTTPS is based on SSL) SSL can support Integrity Four keys (part of EMS – Encrypted Master Secret): Kc = encryption key for data sent from client to server Mc = MAC key for data sent from client to server Ks = encryption key for data sent from server to client Ms = MAC key for data sent from server to client

7 Secure Transport layer - Secure Socket Layer (SSL)
Normal TCP 3way Connection hello certificate, nonce KB+(MS) = EMS type 0, seq 1, data type 0, seq 2, data type 0, seq 3, data type 1, seq 4, close type 1, seq 2, close encrypted bob.com

8 Secure Network layer IPsec (Virtual Private Network - VPN)
edge routers IPsec-aware (tunnel) IPsec hosts IPsec-aware

9 Secure Network layer IPsec (Virtual Private Network - VPN)
Authentication Header (AH) protocol provides source authentication & data integrity but not confidentiality Encapsulation Security Protocol (ESP) provides source authentication, data integrity, and confidentiality more widely used than AH

10 VPN SA – or VPN as tunnel - the most often used security at Network layer
/24 /24 security association Internet headquarters branch office R1 R2 new IP header ESP hdr original IP hdr Original IP datagram payload trl auth encrypted “enchilada” authenticated padding pad length next header SPI Seq #

11 Secure DataLink layer WEP - Wired Equivalent Privacy
authentication request nonce (128 bytes) nonce encrypted shared key success if decrypted value equals nonce Not very secure ! – use WPA -- Wifi Protected Access

12 Secure DataLink layer EAP- Extensible Authentication Protocol
EAP TLS EAP EAP over LAN (EAPoL) IEEE RADIUS UDP/IP wired network Network Security

Download ppt "Secure connections."

Similar presentations

IPSec.

IPSec.
Security S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents Security requirements Public key cryptography Key agreement/transport.

Security S Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents Security requirements Public key cryptography Key agreement/transport.
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)

Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
Security in Networks (Part 2) CPSC 363 Computer Networks Ellen Walker Hiram College (Includes figures from Computer Networking by Kurose & Ross, © Addison.

Security in Networks (Part 2) CPSC 363 Computer Networks Ellen Walker Hiram College (Includes figures from Computer Networking by Kurose & Ross, © Addison.
8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on the use of these.

8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on the use of these.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication E-Mail Security E-Mail Security Secure Sockets Layer Secure.

CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication Security Security Secure Sockets Layer Secure.
IPSec In Depth. Encapsulated Security Payload (ESP) Must encrypt and/or authenticate in each packet Encryption occurs before authentication Authentication.

IPSec In Depth. Encapsulated Security Payload (ESP) Must encrypt and/or authenticate in each packet Encryption occurs before authentication Authentication.
Lecture 24 Secure Communications CPE 401 / 601 Computer Network Systems Slides are modified from Jim Kurose & Keith Ross.

Lecture 24 Secure Communications CPE 401 / 601 Computer Network Systems Slides are modified from Jim Kurose & Keith Ross.
IPsec Internet Headquarters Branch Office SA R1 R2

IPsec Internet Headquarters Branch Office SA R1 R2
McGraw-Hill © ©The McGraw-Hill Companies, Inc., 2004 Chapter 31 Security Protocols in the Internet.

McGraw-Hill © ©The McGraw-Hill Companies, Inc., 2004 Chapter 31 Security Protocols in the Internet.
Part 5:Security Network Security (Access Control, Encryption, Firewalls)

Part 5:Security Network Security (Access Control, Encryption, Firewalls)
Lecture 25 Secure Communications CPE 401 / 601 Computer Network Systems slides are modified from Jim Kurose & Keith Ross and Dave Hollinger.

Lecture 25 Secure Communications CPE 401 / 601 Computer Network Systems slides are modified from Jim Kurose & Keith Ross and Dave Hollinger.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
1 Pertemuan 11 IPSec dan SSL Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 11 IPSec dan SSL Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Chapter 6 IP Security. Outline Internetworking and Internet Protocols (Appendix 6A) IP Security Overview IP Security Architecture Authentication Header.

Chapter 6 IP Security. Outline Internetworking and Internet Protocols (Appendix 6A) IP Security Overview IP Security Architecture Authentication Header.
Network security and Hot topics in networking EECS 489 Computer Networks Z. Morley Mao Wednesday, April 11,

Network security and Hot topics in networking EECS 489 Computer Networks Z. Morley Mao Wednesday, April 11,
Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 23 Virtual Private Networks (VPNs)

Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 23 Virtual Private Networks (VPNs)

Similar presentations

Ads by Google