Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Security Celia Li Computer Science and Engineering York University.

Published byChristian Osborne Modified over 8 years ago

Similar presentations

Presentation on theme: "Network Security Celia Li Computer Science and Engineering York University."— Presentation transcript:

1 Network Security Celia Li Computer Science and Engineering York University

2 2 Outline Overview of network security and Cryptography Authentication protocols  Wired networks  Wireless local area networks Key management

3 3 Overview of Network Security Confidentiality  The concealment of information or resources Integrity  Data cannot be modified without being detected Authenticity  A node can ensure the identity of the peer node it is communicating with. Availability  The ability to use the information or resource desired

4 4 Overview of Network Security Security Attacks  An attack is any action that violates security  Common attacks Eavesdropping Integrity attack Authenticity attack Deny of service

5 5 Overview of Network Security Eavesdropping – Message Interception  Unauthorized access to information  Packet sniffers and wiretappers  Illicit coping of data and programs

6 6 Overview of Network Security Integrity Attack – Tampering with Message  Stop the flow of the message  Delay and optionally modify the message  Release the message again

7 7 Overview of Network Security Authenticity Attack – Fabrication  Unauthorized assumption of other’s identity  Generate and distribute objects under this identity

8 8 Overview of Network Security Attack on Availability  Destroy on Availability  Corrupt packets in transit  Denial of Service (DoS)  Crashing the server  Overwhelm the server (use up its resource)

9 9 Security Services Access control  Only authorized actions (e.g., membership enrollment, data transmission) can be performed. Authentication  Assurance that an entity of concern or the origin of a communication is authentic – it’s what it claims to be or from Encryption  Converting data into a form that cannot be easily understood by unauthorized people

10 10 Security Services (cont.) Key management  Generation, distribution and replace of keys Secure routing  A message is eventually delivered to all legitimate nodes within a reasonable amount of time  Despite corrupting, dropping or misrouting the message.

11 11 Overview of Cryptography Why cryptography?  Used to hide information  Network information needs to be communicated through insecure channel  Stored information may be accessed without proper authorization What cryptography can do?  Encryption algorithms: only the authorized party can understand the encrypted message  Digital signature: allow people to verify the authenticity of the message

12 12 Overview of Cryptography Encryption Algorithms  Scrambling of message such that only intended receiver can unscramble them  Encrypting function- produces encrypted message  Decrypting function- extracts original message  Key - parameter that controls encryption/decryption

13 13 Overview of Cryptography What is Key? A piece of information that controls the operation of an encryption algorithm.  A key specifies the particular transformation of plaintext into ciphertext, or vice versa during decryption.  To prevent a key from being guessed, keys need to be generated truly randomly

14 14 Overview of Cryptography Symmetric Encryption Process  Use the same key for both encryption and decryption  Example: DES, 3DES

15 15 Overview of Cryptography Public Key Encryption Process  Use a pair of keys, public key and private key  finding out the private key is extremely difficult, even if the public key is known  Example: RSA, Elliptic Curve

16 16 Overview of Cryptography Example

17 17 Overview of Cryptography Symmetric & Public Key Encryption  Symmetric encryption is fast but not as safe as public key encryption. But because of its speed, it's commonly used for multimedia, e-commerce transactions.  Public key encryption is more complex-- and more secure. More computation is required, so the process takes longer

18 18 Overview of Cryptography Hash Function A reproducible method of turning data into a small number that may serve as a digital "fingerprint" of the data (Message Digest)  If two hashes are different, then the two inputs are different in some way.  If a hash value is calculated for a piece of data, and then one bit of that data is changed, a hash function produces a completely different hash value.  Unidirectional (cannot calculate text from hash)

19 19 Overview of Cryptography Hash Function  Two most-commonly used hash functions: MD5 and SHA-1

20 20 Overview of Cryptography Hash Function for Date Integrity  If the two hashes do not match, the message was altered

21 21 Overview of Cryptography Digital Signature  A number attached to a message, when other people receive the message, he can simply verify the attached number to confirm whether the message has been changed or not.  Gives a recipient reason to believe that the message was created by a known sender.  Commonly used for software distribution, financial transactions, and in other cases where it is important to provide authenticity and integrity.

22 22 Overview of Cryptography Digital Signature Generating Process Hash a document

23 23 Overview of Cryptography Digital Signature Generating Process Sign the message digest

24 24 Overview of Cryptography Digital Signature Verifying Process

25 25 Overview of Cryptography Digital Signature Verifying Process

26 26 Overview of Cryptography Digital Signature Algorithms  The Digital Signature Algorithm (DSA)  The RSA digital signature algorithm  The Elliptic Curve Digital Signature Algorithm (ECDSA)

27 27 Authentication Key management Our Focus

Download ppt "Network Security Celia Li Computer Science and Engineering York University."

Similar presentations

Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
By Md Emran Mazumder Ottawa University Student no: 6282845.

By Md Emran Mazumder Ottawa University Student no:
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Sri Lanka Institute of Information Technology

Sri Lanka Institute of Information Technology
Chapter 11: Cryptography

Chapter 11: Cryptography
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
6/9/2015Madhumita. Chatterjee1 Overview of Computer Security.

6/9/2015Madhumita. Chatterjee1 Overview of Computer Security.
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Cryptography April 20, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.

Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.

1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.

Similar presentations

Ads by Google