Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Security Chapter 8 12/13/20151. Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental.

Published byGwendoline Bradford Modified over 8 years ago

Similar presentations

Presentation on theme: "Network Security Chapter 8 12/13/20151. Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental."— Presentation transcript:

1 Network Security Chapter 8 12/13/20151

2 Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles 12/13/2015www.ishuchita.com2

3 Need for Security Some people who cause security problems and why. 12/13/2015www.ishuchita.com3

4 An Introduction to Cryptography The encryption model (for a symmetric-key cipher). 12/13/2015www.ishuchita.com4

5 Transposition Ciphers A transposition cipher. 12/13/2015www.ishuchita.com5

6 One-Time Pads The use of a one-time pad for encryption and the possibility of getting any possible plaintext from the ciphertext by the use of some other pad. 12/13/20156

7 Quantum Cryptography An example of quantum cryptography. 12/13/2015www.ishuchita.com7

8 Symmetric-Key Algorithms DES – The Data Encryption Standard AES – The Advanced Encryption Standard Cipher Modes Other Ciphers Cryptanalysis 12/13/2015www.ishuchita.com8

9 Product Ciphers Basic elements of product ciphers. (a) P-box. (b) S-box. (c) Product. 12/13/2015www.ishuchita.com9

10 Data Encryption Standard The data encryption standard. (a) General outline. (b) Detail of one iteration. The circled + means exclusive OR. 12/13/2015www.ishuchita.com10

11 Triple DES (a) Triple encryption using DES. (b) Decryption. 12/13/2015www.ishuchita.com11

12 AES – The Advanced Encryption Standard Rules for AES proposals 1.The algorithm must be a symmetric block cipher. 2.The full design must be public. 3.Key lengths of 128, 192, and 256 bits supported. 4.Both software and hardware implementations required 5.The algorithm must be public or licensed on nondiscriminatory terms. 12/13/2015www.ishuchita.com12

13 AES (2) An outline of Rijndael. 12/13/2015www.ishuchita.com13

14 AES (3) Creating of the state and rk arrays. 12/13/2015www.ishuchita.com14

15 Electronic Code Book Mode The plaintext of a file encrypted as 16 DES blocks. 12/13/2015www.ishuchita.com15

16 Cipher Block Chaining Mode Cipher block chaining. (a) Encryption. (b) Decryption. 12/13/2015www.ishuchita.com16

17 Cipher Feedback Mode (a) Encryption. (c) Decryption. 12/13/2015www.ishuchita.com17

18 Stream Cipher Mode A stream cipher. (a) Encryption. (b) Decryption. 12/13/2015www.ishuchita.com18

19 Counter Mode Encryption using counter mode. 12/13/2015www.ishuchita.com19

20 Cryptanalysis Some common symmetric-key cryptographic algorithms. 12/13/2015www.ishuchita.com20

21 Public-Key Algorithms RSA Other Public-Key Algorithms 12/13/2015www.ishuchita.com21

22 RSA An example of the RSA algorithm. 12/13/2015www.ishuchita.com22

23 Digital Signatures Symmetric-Key Signatures Public-Key Signatures Message Digests The Birthday Attack 12/13/2015www.ishuchita.com23

24 Symmetric-Key Signatures Digital signatures with Big Brother. 12/13/2015www.ishuchita.com24

25 Public-Key Signatures Digital signatures using public-key cryptography. 12/13/2015www.ishuchita.com25

26 Message Digests Digital signatures using message digests. 12/13/2015www.ishuchita.com26

27 SHA-1 Use of SHA-1 and RSA for signing nonsecret messages. 12/13/2015www.ishuchita.com27

28 SHA-1 (2) (a) A message padded out to a multiple of 512 bits. (b) The output variables. (c) The word array. 12/13/2015www.ishuchita.com28

29 Management of Public Keys Certificates X.509 Public Key Infrastructures 12/13/2015www.ishuchita.com29

30 Problems with Public-Key Encryption A way for Trudy to subvert public-key encryption. 12/13/2015www.ishuchita.com30

31 Certificates A possible certificate and its signed hash. 12/13/2015www.ishuchita.com31

32 X.509 The basic fields of an X.509 certificate. 12/13/2015www.ishuchita.com32

33 Public-Key Infrastructures (a) A hierarchical PKI. (b) A chain of certificates. 12/13/2015www.ishuchita.com33

34 Communication Security IPsec Firewalls Virtual Private Networks Wireless Security 12/13/2015www.ishuchita.com34

35 IPsec The IPsec authentication header in transport mode for IPv4. 12/13/2015www.ishuchita.com35

36 IPsec (2) (a) ESP in transport mode. (b) ESP in tunnel mode. 12/13/2015www.ishuchita.com36

37 Firewalls A firewall consisting of two packet filters and an application gateway. 12/13/2015www.ishuchita.com37

38 Virtual Private Networks (a) A leased-line private network. (b) A virtual private network. 12/13/2015www.ishuchita.com38

39 802.11 Security Packet encryption using WEP. 12/13/2015www.ishuchita.com39

40 Authentication Protocols Authentication Based on a Shared Secret Key Establishing a Shared Key: Diffie-Hellman Authentication Using a Key Distribution Center Authentication Using Kerberos Authentication Using Public-Key Cryptography 12/13/2015www.ishuchita.com40

41 Authentication Based on a Shared Secret Key Two-way authentication using a challenge-response protocol. 12/13/2015www.ishuchita.com41

42 Authentication Based on a Shared Secret Key (2) A shortened two-way authentication protocol. 12/13/2015www.ishuchita.com42

43 Authentication Based on a Shared Secret Key (3) The reflection attack. 12/13/2015www.ishuchita.com43

44 Authentication Based on a Shared Secret Key (4) A reflection attack on the protocol of Fig. 8-32.. 12/13/2015www.ishuchita.com44

45 Authentication Based on a Shared Secret Key (5) Authentication using HMACs. 12/13/2015www.ishuchita.com45

46 Establishing a Shared Key: The Diffie-Hellman Key Exchange The Diffie-Hellman key exchange. 12/13/2015www.ishuchita.com46

47 Establishing a Shared Key: The Diffie-Hellman Key Exchange The bucket brigade or man-in-the-middle attack. 12/13/2015www.ishuchita.com47

48 Authentication Using a Key Distribution Center A first attempt at an authentication protocol using a KDC. 12/13/2015www.ishuchita.com48

49 Authentication Using a Key Distribution Center (2) The Needham-Schroeder authentication protocol. 12/13/2015www.ishuchita.com49

50 Authentication Using a Key Distribution Center (3) The Otway-Rees authentication protocol (slightly simplified). 12/13/2015www.ishuchita.com50

51 Authentication Using Kerberos The operation of Kerberos V4. 12/13/2015www.ishuchita.com51

52 Authentication Using Public-Key Cryptography Mutual authentication using public-key cryptography. 12/13/2015www.ishuchita.com52

53 E-Mail Security PGP – Pretty Good Privacy PEM – Privacy Enhanced Mail S/MIME 12/13/2015www.ishuchita.com53

54 PGP – Pretty Good Privacy PGP in operation for sending a message. 12/13/2015www.ishuchita.com54

55 PGP – Pretty Good Privacy (2) A PGP message. 12/13/2015www.ishuchita.com55

56 Web Security Threats Secure Naming SSL – The Secure Sockets Layer Mobile Code Security 12/13/2015www.ishuchita.com56

57 Secure Naming (a) Normal situation. (b) An attack based on breaking into DNS and modifying Bob's record. 12/13/2015www.ishuchita.com57

58 Secure Naming (2) How Trudy spoofs Alice's ISP. 12/13/2015www.ishuchita.com58

59 Secure DNS An example RRSet for bob.com. The KEY record is Bob's public key. The SIG record is the top-level com server's signed has of the A and KEY records to verify their authenticity. 12/13/2015www.ishuchita.com59

60 Self-Certifying Names A self-certifying URL containing a hash of server's name and public key. 12/13/2015www.ishuchita.com60

61 SSL—The Secure Sockets Layer Layers (and protocols) for a home user browsing with SSL. 12/13/2015www.ishuchita.com61

62 SSL (2) A simplified version of the SSL connection establishment subprotocol. 12/13/2015www.ishuchita.com62

63 SSL (3) Data transmission using SSL. 12/13/2015www.ishuchita.com63

64 Java Applet Security Applets inserted into a Java Virtual Machine interpreter inside the browser. 12/13/2015www.ishuchita.com64

65 Social Issues Privacy Freedom of Speech Copyright 12/13/2015www.ishuchita.com65

66 Anonymous Remailers Users who wish anonymity chain requests through multiple anonymous remailers. 12/13/2015www.ishuchita.com66

67 Freedom of Speech Possibly banned material: 1.Material inappropriate for children or teenagers. 2.Hate aimed at various ethnic, religious, sexual, or other groups. 3.Information about democracy and democratic values. 4.Accounts of historical events contradicting the government's version. 5.Manuals for picking locks, building weapons, encrypting messages, etc. 12/13/2015www.ishuchita.com67

68 Steganography (a) Three zebras and a tree. (b) Three zebras, a tree, and the complete text of five plays by William Shakespeare. 12/13/2015www.ishuchita.com68

Download ppt "Network Security Chapter 8 12/13/20151. Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental."

Similar presentations

Crytography Chapter 8.

Crytography Chapter 8.
Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.

Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.
Introduction to Cryptography

Introduction to Cryptography
Network Security Chapter 8. Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic.

Network Security Chapter 8. Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic.
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
Web Security for Network and System Administrators1 Chapter 4 Encryption.

Web Security for Network and System Administrators1 Chapter 4 Encryption.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.

WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.

Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
Cryptographic Technologies

Cryptographic Technologies
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Network Security Chapter 8. Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic.

Network Security Chapter 8. Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Chapter 8 Network Security 4/17/2017 www.noteshit.com.

Chapter 8 Network Security 4/17/2017
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 DISTRIBUTED SYSTEMS.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
Chapter 20: Network Security Business Data Communications, 4e.

Chapter 20: Network Security Business Data Communications, 4e.
Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.

Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.
Network Security Chapter

Network Security Chapter

Similar presentations

Ads by Google