From Coulouris, Dollimore and Kindberg Distributed Systems: Concepts and Design. Edition 4 Pearson Education 2005
|
|
- Jody Gallagher
- 5 years ago
- Views:
Transcription
1 Chapter 7: Security From Coulouris, Dollimore and Kindberg Distributed Systems: Concepts and Design Edition 4 Introduction Security policies Provide for the sharing of resources within specified limits Independent of the technology used Security mechanisms Enforce the security policies Security model Resources are encapsulated by processes and must be protected against unauthorized access. Processes interact through network that are shared by users and enemies. 1
2 Threat Leakage The acquisition of information by unauthorized recipients Tampering The unauthorized alteration of information Vandalism Interference with the proper operation of a system without gain to perpetrator Attack Eavesdropping Obtain copies of messages without authority Masquerading Sending or receiving messages using the identity of another principal without authority Message tempering Intercepting messages and altering their contents before passing them on to the intended recipient Replaying Storing intercepted messages and sending them at a later date. It works even with authenticated and encrypted messages Denial of service Flooding a channel or other resource with messages in order to deny access for others 2
3 Threats from Mobile Code Programs are loaded from a remote server, and execute locally Java Each application has its own execution environment Each environment has a security manager that decides which resources are available to the application Once a security manager is set, it cannot be replaced The downloaded classes are stored separately from the local classes, preventing them from replacing local classes The bytecode are checked for validity Type-checking and code-validation mechanisms may not work as well as they are used for communication Information Leakage If the transmission of a message between two processes can be observed, some information can be gleaned from its mere existence A flood of messages to a dealer in a particular stock might indicate a high level of trading in that stock Assign security levels to information and channels Analyze the flow information into channels with the aim of ensuring that high-level information cannot flow into lower-level channels 3
4 Designing Secure Systems Analysis Worst-case assumption Design Validation List of threats Informal or formal (logical proof) Audit No list of threats is likely to be exhaustive Detect violations E.g. security log Balancing costs and inconvenience against the threats Worst-Case Assumptions and Design Guidelines Interfaces are exposed Networks are insecure Limit the lifetime and scope of each secret Algorithm and program code are available Publish the encryption and authentication algorithm, rely only on the secrecy of keys Ensure the algorithm is strong by throwing them open to scrutiny by public Attackers may have access to larger resources Should assume attackers may access the most powerful computers to break the security systems Minimize the trusted base Only trust the portion of a system that implement the security, and all the hardware and software components upon which they rely. 4
5 Security Techniques Cryptography Certificates Access control Credentials Firewalls Cryptography Encoding a message to hide its contents Symmetric: shared secret key, e.g. DES, IDEA, AES Asymmetric: public/private key pairs, e.g. RSA times slow Use Secrecy and integrity Ensure that content is unreadable and unaltered by third parties during transmission Authentication Ensure the identities between pairs of principals Digital signatures Ensure to a third party that a message is an unaltered copy of one produced by the signer 5
6 Figure 7.1 Familiar names for the protagonists in security protocols Alice Bob Carol Dave Eve Mallory Sara First participant Second participant Participant in three- and four-party protocols Participant in four-party protocols Eavesdropper Malicious attacker A server Figure 7.2 Cryptography notations K A K B K AB K Apriv K Apub {M}K [M] K Alice s secret key Bob s secret key Secret key shared between Alice and Bob Alice s private key (known only to Alice) Alice s public key (published by Alice for all to read) Message M encrypted with key K Message Msigned with key K 6
7 Secrecy and Integrity Secret communication with a shared secret key Alice uses K AB and an agreed encryption function E(K AB, M) to encrypt and send any number of messages {M i } KAB to Bob Bob reads the encrypted messages using the corresponding decryption function D(K AB, M) Problems How can Alice send a shared key to Bob securely? How does Bob know that any M i isn t a copy of an earlier encrypted message from Alice that was captured by Mallory and replayed later? Note that replaying works with encrypted messages Authentication Authenticated communication with a server Alice sends an unencrypted message to Sara stating her identity and requesting a ticket for access to Bob Sara sends a response to Alice encrypted in K A consisting of a ticket encrypted in K B and a new secret key K AB for communicating with Bob, i.e. {{Ticket} KB, K AB } KA Alice decrypt the response using K A for ticket and K AB Alice sends the ticket to Bob together with her identity and a request R to access a file: {Ticket} KB, Alice, R The ticket is actually: {K AB, Alice} KB. Bob decrypts the ticket to authenticate the identity of Alice and communicate with Alice using K AB, called session key 7
8 Authentication (cont) Authenticated communication with public keys Alice accesses a key distribution service to obtain public-key certificate giving Bob s public key K Bpub Alice creates a new shared key K AB and encrypts it using K Bpub with a public-key algorithm, i.e. {K AB } KBpub Bob selects the corresponding private key K Bpriv to decrypt K AB Problems The key exchange is vulnerable to man-in-the-middle attacks. Mallory may intercept Alice s initial request for Bob s public-key certificate and send a response containing his own public key to Alice. He can then intercept all subsequent messages Digital Signatures Digest function: produce a fixed-length bit pattern that characterizes an arbitrary-length document, similar to checksum function Example: MD5, SHA Digital signatures with a secure digest function Alice computes a fixed-length digest of the document Digest(M) Alice encrypts the digest in her private key, appends it to M and makes the result M, {Digest(M)} KApriv available to the intended users Bob obtains the signed document, extracts M and computes Digest(M) Bob decrypts {Digest(M)} KApriv using Alices public key K Apub and compares the result with his calculated Digest(M). If they match, the signature is valid. 8
9 Certificates A digital certificate is a document containing a short statement in a standard format, such as X509, signed by a principal Example Alice can obtain a certificate from bank, Bob, stating account number to shop online Carol can accept such a certificate for charging items to Alice s account provided she can validate the signature in field 5 Carol needs bank s public key, and thus a certificate stating Bob s public key from trusted authority, Fred, to avoid false public/private key Recursive problem of authenticity: Carol can only rely on this certificate if she can be sure she knows Fred s authentic public key Hard to track down, invalidate, and delete all certificates Figure 7.3 Alice s bank account certificate 1. Certificate type: Account number 2. Name: Alice 3. Account: Certifying authority: Bob s Bank 5. Signature: {Digest(field 2 + field 3)} KBpriv 9
10 Figure 7.4 Public-key certificate for Bob s Bank 1. Certificate type: Public key 2. Name: Bob s Bank 3. Public key: K Bpub 4. Certifying authority: Fred The Bankers Federation 5. Signature: {Digest(field 2 + field 3)} KFpriv Figure 7.12 X509 Certificate format Subject Issuer Period of validity Administrative information Extended Information Distinguished Name, Public Key Distinguished Name, Signature Not Before Date, Not After Date Version, Serial Number 10
11 Figure 7.5 Cipher block chaining plaintext blocks n+3 n+2 n+1 XOR E(K, M) ciphertext blocks n-3 n-2 n-1 n Figure 7.6 Stream cipher keystream number generator n+3 n+2 n+1 E(K, M) buffer XOR plaintext stream ciphertext stream 11
12 Figure 7.13 Performance of encryption and secure digest algorithms Key size/hash size (bits) Extrapolated speed (kbytes/sec.) PRB optimized (kbytes/s) TEA DES Triple-DES IDEA RSA RSA MD SHA Access Control Protected resource request messages: <op, principal, resource> Protection domain An execution environment shared by a collection of processes A set of <resource, rights>, listing the resources that can be accessed by all processes executing within the domain and specifying the operations permitted on each resource Implementations Capabilities Access control lists 12
13 Access Control (cont) Capabilities A binary value acts as an access key allowing the holder access to certain operations on a specified resource An access control check on a service request via only the validation of the capability, no authentication once the capability is obtained Problem: key theft, key retaining or copying Access control lists A list with entries of the form <domain, operations> for each domain that has access to the resource and the operations permitted to the domain A domain is specified by an identifier for a principal or an expression for the membership of the domain, e.g. owner of this file Request is in the form of <op, principal, resource> Credentials It is not convenient for authentication on each operation from a user A credential speaks for a principal E.g. public-key certificate speaks for that user Delegation A form of credential that entitles a principal, or a process acting for a principal, to perform an action with the authority of another principal E.g. printer server It will be wasteful of resources to copy the file, so the file name is passed to the server and it is accessed by the print server on behalf of the user May be achieved using signed certificate of a capability 13
14 Case Study Authentication protocol Needham-Schroeder Kerberos Application-level security protocol TLS (Transport Layer Security) An extension of SSL (Secure Sockets Layer) IEEE WiFi Needham-Schroeder Authentication Protocol To use authentication server for secret keys to clients Nonces are added to messages to avoid replaying attacks Message 3 is a weakness, because an intruder may obtain the key K AB and make a copy of the ticket They may be left in an exposed storage location by a careless or a failed client program running under A s authority 14
15 Figure 7.14 The Needham Schroeder secret-key authentication protocol Header Message Notes 1. A->S: A, B, N A requests S to supply a key for communication A with B. 2. S->A: {N A, B, K AB, S returns a message encrypted in A s secret key, containing a newly generated key K {K AB, A} KB } AB and a KA ticket encrypted in B s secret key. The nonce N A demonstrates that the message was sent in response to the preceding one. A believes that S sent the message because only S knows A s secret key. 3. A->B: {K AB, A} KB A sends the ticket to B. 4. B->A: {N B } KAB B decrypts the ticket and uses the new key K AB to encrypt another nonce N B. 5. A->B: {N B - 1} KAB A demonstrates to B that it was the sender of the previous message by returning an agreed transformation of N B. Kerberos An authentication service A and ticket granting service T Need login to access T via A Need to get tickets to access other services via T To avoid a new ticket and session key for each client-server interaction, most tickets are granted to client with a lifetime of several hours Use time as nonces To guard against replaying attacks To enable the system to revoke users authorities Login Login program sends user name to A in plain text A replies with a session key encrypted in user s password and ticket to T Login will prompt user for password (challenge) to obtain the session key The password will be erased from memory, and is never exposed out of login program 15
16 Figure 7.15 System architecture of Kerberos Kerberos Key Distribution Centre Step A 1. Request for TGS ticket Authentication service A Authentication database Ticketgranting service T Client C 2. TGS ticket Login session setup Server session setup DoOperation Step B 3. Request for server ticket 4. Server ticket Step C 5. Service request Request encrypted with session key Reply encrypted with session key Service function Server S TLS Negotiable encryption and authentication algorithm In an open network, it is impractical to assume that all parties use the same client software or that all client and server include a particular encryption algorithm Handshake to establish a secure channel Plain text, then public-key and finally secret private-key cryptography The TLS initial handshake is potential vulnerable to man-in-the-middle attacks Instead of plain text message, a set of public keys for some well-known certificate authorities may be used 16
17 Figure 7.16 TLS protocol stack TLS Handshake protocol TLS Change Cipher Spec TLS Alert Protocol HTTP Telnet TLS Record Protocol Transport layer (usually TCP) Network layer (usually IP) TLS protocols: Other protocols: Figure 7.17 TLS handshake protocol ClientHello ServerHello Establish protocol version, session ID, cipher suite, compression method, exchange random values Certificate Certificate Request ServerHelloDone Optionally send server certificate and request client certificate Client Certificate Certificate Verify Server Send client certificate response if requested Change Cipher Spec Finished Change cipher suite and finish handshake Change Cipher Spec Finished 17
18 Figure 7.18 TLS handshake configuration options Component Description Example Key exchange method Cipher for data transfer Message digest function the method to be used for exchange of a session key the block or stream cipher to be used for data for creating message authentication codes (MACs) RSA with public-key certificates IDEA SHA Figure 7.19 TLS record protocol Application data abcdefghi Fragment/combine Record protocol units Compress abc def ghi Compressed units MAC Encrypted Hash Encrypt Transmit TCP packet 18
19 IEEE WiFi Security Design Wired Equivalent Privacy (WEP) Access control: by a challenge-response protocol (cf. Kerberos). A single key K is assigned by a network administrator and shared between base station and all authorized devices Privacy and integrity: optional encryption mechanism based on RC4. The same key K is also used in encryption. The key lengths are 40, 64 or 128 bits. An encrypted checksum is included in each packet. Weaknesses in the IEEE WiFi Security Design The sharing of a single key by all users of a network : A public-key based protocol for negotiating individual keys, as TLS Base station are never authenticated Whoever knows the current shared key could introduce a spoof base station : base station should supply certificate that can be authenticated by public key from a third party 19
20 Weaknesses in the IEEE WiFi Security Design, cont. In appropriate use of a stream cipher rather than a block cipher Sender and receiver use RC4 to generate the same key stream to encrypt/decrypt the data RC4 need to be restarted with 24-bit initial value and shared key to avoid stream synchronizations errors when packets are lost or corrupted. The initial value is updated and included in clear in each packet transmitted. Shared key cannot be changed normally; the starting value has only 2 24 or about 10 7 different states. : Negotiate a new key after a time less that the worst case for repetition. Figure 7.20 Use of RC4 stream cipher in IEEE WEP Encryption IV K Increment Decryption IV K RC4 RC4 keystream plaintext XOR cipher text IV cipher text IV XOR plaintext IV: initial value K: shared key 20
21 Weaknesses in the IEEE WiFi Security Design, cont. Key lengths of 40 bits and 64 bits were included in the standard to enable products to be shipped abroad by US suppliers : 128 bits only User often do not deploy the protection : Better default settings and documentation 21
Digital Signatures. Secure Digest Functions
Digital Signatures Secure Digest Functions 8 requirements for one-way hash functions given M, H(M) is easy to compute given H(M), M is difficult to compute given M, it is difficult to find M such that
More informationDistributed Systems. Lecture 14: Security. Distributed Systems 1
06-06798 Distributed Systems Lecture 14: Security Distributed Systems 1 What is security? policies and mechanisms threats and attacks Overview Security of electronic transactions secure channels authentication
More informationDistributed Systems. Lecture 14: Security. 5 March,
06-06798 Distributed Systems Lecture 14: Security 5 March, 2002 1 What is security? policies and mechanisms threats and attacks Overview Security of electronic transactions secure channels authentication
More informationCS 425 / ECE 428 Distributed Systems Fall 2017
CS 425 / ECE 428 Distributed Systems Fall 2017 Indranil Gupta (Indy) Dec 5, 2017 Lecture 27: Security All slides IG Security Threats Leakage Unauthorized access to service or data E.g., Someone knows your
More information1.264 Lecture 27. Security protocols Symmetric cryptography. Next class: Anderson chapter 10. Exercise due after class
1.264 Lecture 27 Security protocols Symmetric cryptography Next class: Anderson chapter 10. Exercise due after class 1 Exercise: hotel keys What is the protocol? What attacks are possible? Copy Cut and
More information(2½ hours) Total Marks: 75
(2½ hours) Total Marks: 75 N. B.: (1) All questions are compulsory. (2) Makesuitable assumptions wherever necessary and state the assumptions made. (3) Answers to the same question must be written together.
More informationSecurity issues: Encryption algorithms. Threats Methods of attack. Secret-key Public-key Hybrid protocols. CS550: Distributed OS.
Security issues: Threats Methods of attack Encryption algorithms Secret-key Public-key Hybrid protocols Lecture 15 Page 2 1965-75 1975-89 1990-99 Current Platforms Multi-user timesharing computers Distributed
More informationBackground. Network Security - Certificates, Keys and Signatures - Digital Signatures. Digital Signatures. Dr. John Keeney 3BA33
Background Network Security - Certificates, Keys and Signatures - Dr. John Keeney 3BA33 Slides Sources: Karl Quinn, Donal O Mahoney, Henric Johnson, Charlie Kaufman, Wikipedia, Google, Brian Raiter. Recommended
More informationIssues. Separation of. Distributed system security. Security services. Security policies. Security mechanism
Module 9 - Security Issues Separation of Security policies Precise definition of which entities in the system can take what actions Security mechanism Means of enforcing that policy Distributed system
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet. SSL ensures the secure transmission of data between a client and a server through
More informationAuthentication and Secure Communication. Jeff Chase Duke University
Authentication and Secure Communication Jeff Chase Duke University technology people Where are the boundaries of the system that you would like to secure? Where is the weakest link? What happens when the
More informationLecture 9a: Secure Sockets Layer (SSL) March, 2004
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York University artg@cs.nyu.edu Security Achieved by
More informationInformation Security CS 526
Information Security CS 526 Topic 14: Key Distribution & Agreement, Secure Communication Topic 14: Secure Communication 1 Readings for This Lecture On Wikipedia Needham-Schroeder protocol (only the symmetric
More informationData Security and Privacy. Topic 14: Authentication and Key Establishment
Data Security and Privacy Topic 14: Authentication and Key Establishment 1 Announcements Mid-term Exam Tuesday March 6, during class 2 Need for Key Establishment Encrypt K (M) C = Encrypt K (M) M = Decrypt
More informationAuthentication and Secure Communication. Exhibit A. The First Axiom of Security. Trusted vs. Trustworthy (NSA) technology. people
Authentication and Secure Communication Jeff Chase Duke University people technology Where are the boundaries of the system that you would like to secure? Where is the weakest link? What happens when the
More informationCS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to talk so much?!? Content taken from the following:
50fb6be35f4c3105 9d4ed08fb86d8887 b746c452a9c9443b 15b22f450c76218e CS 470 Spring 2017 9df7031cdbff9d10 b700a92855f16328 5b757e66d2131841 62fedd7d9131e42e Mike Lam, Professor Security a.k.a. Why on earth
More informationCS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to share so many secrets?!?
50fb6be35f4c3105 9d4ed08fb86d8887 b746c452a9c9443b 15b22f450c76218e CS 470 Spring 2018 9df7031cdbff9d10 b700a92855f16328 5b757e66d2131841 62fedd7d9131e42e Mike Lam, Professor Security a.k.a. Why on earth
More informationCryptography (Overview)
Cryptography (Overview) Some history Caesar cipher, rot13 substitution ciphers, etc. Enigma (Turing) Modern secret key cryptography DES, AES Public key cryptography RSA, digital signatures Cryptography
More information06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security
1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security Dr. L. Christofi 1 0. Overview As the knowledge of computer networking and protocols has become more widespread, so the threat of
More information14. Internet Security (J. Kurose)
14. Internet Security (J. Kurose) 1 Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer:
More informationSecurity: Focus of Control
Security: Focus of Control Three approaches for protection against security threats a) Protection against invalid operations b) Protection against unauthorized invocations c) Protection against unauthorized
More informationCryptographic Checksums
Cryptographic Checksums Mathematical function to generate a set of k bits from a set of n bits (where k n). k is smaller then n except in unusual circumstances Example: ASCII parity bit ASCII has 7 bits;
More informationSecurity: Focus of Control. Authentication
Security: Focus of Control Three approaches for protection against security threats a) Protection against invalid operations b) Protection against unauthorized invocations c) Protection against unauthorized
More informationChapter 9: Key Management
Chapter 9: Key Management Session and Interchange Keys Key Exchange Cryptographic Key Infrastructure Storing and Revoking Keys Digital Signatures Slide #9-1 Overview Key exchange Session vs. interchange
More informationCSC 774 Network Security
CSC 774 Network Security Topic 2. Review of Cryptographic Techniques CSC 774 Dr. Peng Ning 1 Outline Encryption/Decryption Digital signatures Hash functions Pseudo random functions Key exchange/agreement/distribution
More informationComputer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08r. Pre-exam 2 Last-minute Review Cryptography Paul Krzyzanowski Rutgers University Spring 2018 March 26, 2018 CS 419 2018 Paul Krzyzanowski 1 Cryptographic Systems March 26, 2018 CS
More informationVerteilte Systeme (Distributed Systems)
Verteilte Systeme (Distributed Systems) Lorenz Froihofer l.froihofer@infosys.tuwien.ac.at http://www.infosys.tuwien.ac.at/teaching/courses/ VerteilteSysteme/ Security Threats, mechanisms, design issues
More informationL13. Reviews. Rocky K. C. Chang, April 10, 2015
L13. Reviews Rocky K. C. Chang, April 10, 2015 1 Foci of this course Understand the 3 fundamental cryptographic functions and how they are used in network security. Understand the main elements in securing
More informationDatasäkerhetsmetoder föreläsning 7
Datasäkerhetsmetoder föreläsning 7 Nyckelhantering Jan-Åke Larsson Cryptography A security tool, not a general solution Cryptography usually converts a communication security problem into a key management
More informationProtocols II. Computer Security Lecture 12. David Aspinall. 17th February School of Informatics University of Edinburgh
Protocols II Computer Security Lecture 12 David Aspinall School of Informatics University of Edinburgh 17th February 2011 Outline Introduction Shared-key Authentication Asymmetric authentication protocols
More information7.3. Cryptographic algorithms
7.3. Cryptographic algorithms Message M (plaintext, a sequence of bits); key K; published encryption functions E, D; {M} K is the ciphertext (another sequence of bits) Symmetric (secret key) cryptography
More informationLecture 15: Cryptographic algorithms
06-06798 Distributed Systems Lecture 15: Cryptographic algorithms 22 March, 2002 1 Overview Cryptographic algorithms symmetric: TEA asymmetric: RSA Digital signatures digital signatures with public key
More informationNetwork Security CHAPTER 31. Solutions to Review Questions and Exercises. Review Questions
CHAPTER 3 Network Security Solutions to Review Questions and Exercises Review Questions. A nonce is a large random number that is used only once to help distinguish a fresh authentication request from
More informationLecture 19: cryptographic algorithms
Lecture 19: cryptographic algorithms Operating Systems and Networks Behzad Bordbar School of Computer Science, University of Birmingham, UK 179 Overview Cryptographic algorithms symmetric: TEA asymmetric:
More informationCSC/ECE 774 Advanced Network Security
Computer Science CSC/ECE 774 Advanced Network Security Topic 2. Network Security Primitives CSC/ECE 774 Dr. Peng Ning 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange;
More informationLecture 1: Course Introduction
Lecture 1: Course Introduction Thomas Johansson T. Johansson (Lund University) 1 / 37 Chapter 9: Symmetric Key Distribution To understand the problems associated with managing and distributing secret keys.
More informationComputer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ
Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ Chapter 8 Network Security Computer Networking: A Top Down Approach, 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2009.
More informationCSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L
CS 3461/5461: Introduction to Computer Networking and Internet Technologies Network Security Study: 21.1 21.5 Kannan Srinivasan 11-27-2012 Security Attacks, Services and Mechanisms Security Attack: Any
More informationInformation Security & Privacy
IS 2150 / TEL 2810 Information Security & Privacy James Joshi Associate Professor, SIS Lecture 2 Sept 4, 2013 Key Management Network Security 1 Objectives Understand/explain the issues related to, and
More informationEncryption. INST 346, Section 0201 April 3, 2018
Encryption INST 346, Section 0201 April 3, 2018 Goals for Today Symmetric Key Encryption Public Key Encryption Certificate Authorities Secure Sockets Layer Simple encryption scheme substitution cipher:
More informationComputer Networking. What is network security? Chapter 7: Network security. Symmetric key cryptography. The language of cryptography
Chapter 7: Network security 15-441 Computer Networking Network Security: Cryptography, Authentication, Integrity Foundations: what is security? cryptography authentication message integrity key distribution
More informationLecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005
Lecture 30 Security April 11, 2005 Cryptography K A ciphertext Figure 7.3 goes here K B symmetric-key crypto: sender, receiver keys identical public-key crypto: encrypt key public, decrypt key secret Symmetric
More informationKey Management. Digital signatures: classical and public key Classic and Public Key exchange. Handwritten Signature
Key Management Digital signatures: classical and public key Classic and Public Key exchange 1 Handwritten Signature Used everyday in a letter, on a check, sign a contract A signature on a signed paper
More informationInternet and Intranet Protocols and Applications
Internet and Intranet Protocols and Applications Lecture 10: Internet and Network Security April 9, 2003 Arthur Goldberg Computer Science Department New York University artg@cs.nyu.edu What is network
More informationEEC-682/782 Computer Networks I
EEC-682/782 Computer Networks I Lecture 25 Wenbing Zhao wenbingz@gmail.com http://academic.csuohio.edu/zhao_w/teaching/eec682.htm (Lecture nodes are based on materials supplied by Dr. Louise Moser at UCSB
More informationEncryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls Overview Cryptography functions Secret key (e.g., DES) Public key (e.g., RSA) Message
More informationUNIT - IV Cryptographic Hash Function 31.1
UNIT - IV Cryptographic Hash Function 31.1 31-11 SECURITY SERVICES Network security can provide five services. Four of these services are related to the message exchanged using the network. The fifth service
More informationTransport Level Security
2 Transport Level Security : Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l12, Steve/Courses/2013/s2/css322/lectures/transport.tex,
More informationCSC 474/574 Information Systems Security
CSC 474/574 Information Systems Security Topic 2.1 Introduction to Cryptography CSC 474/574 By Dr. Peng Ning 1 Cryptography Cryptography Original meaning: The art of secret writing Becoming a science that
More informationAPNIC elearning: Cryptography Basics
APNIC elearning: Cryptography Basics 27 MAY 2015 03:00 PM AEST Brisbane (UTC+10) Issue Date: Revision: Introduction Presenter Sheryl Hermoso Training Officer sheryl@apnic.net Specialties: Network Security
More informationPotential Security Violations CSE 513: Distributed Systems (Security)
Potential Security Violations CSE 513: Distributed Systems (Security) Guohong Cao Department of Computer Science& Engineering 310 Pond Lab gcao@cse.psu.edu Unauthorized information releases An unauthorized
More informationSankalchand Patel College of Engineering, Visnagar Department of Computer Engineering & Information Technology. Question Bank
Sankalchand Patel College of Engineering, Visnagar Department of Computer Engineering & Information Technology Question Bank Subject: Information Security (160702) Class: BE Sem. VI (CE/IT) Unit-1: Conventional
More informationThe World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to
1 The World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to compromises of various sorts, with a range of threats
More informationToday. Security Technologies and Hierarchical Trust. What you really need to know, Part 1. A Short Quiz. What you really need to know, Part 2
Today Security Technologies and Hierarchical Trust 1. Review/Summary of security technologies Crypto and certificates 2. Combination of techniques in SSL The basis for secure HTTP, ssh, secure IAP, scp,
More informationCSC 482/582: Computer Security. Security Protocols
Security Protocols Topics 1. Basic Concepts of Cryptography 2. Security Protocols 3. Authentication Protocols 4. Key Exchange Protocols 5. Kerberos 6. Public Key Infrastructure Encryption and Decryption
More informationLecture Nov. 21 st 2006 Dan Wendlandt ISP D ISP B ISP C ISP A. Bob. Alice. Denial-of-Service. Password Cracking. Traffic.
15-441 Lecture Nov. 21 st 2006 Dan Wendlandt Worms & Viruses Phishing End-host impersonation Denial-of-Service Route Hijacks Traffic modification Spyware Trojan Horse Password Cracking IP Spoofing DNS
More informationLecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005
Firewalls Lecture 33 Security April 15, 2005 Idea: separate local network from the Internet Trusted hosts and networks Intranet Firewall DMZ Router Demilitarized Zone: publicly accessible servers and networks
More informationChapter 8 Network Security
Chapter 8 Network Security A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you can add, modify, and
More informationCryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology
Cryptography & Key Exchange Protocols Faculty of Computer Science & Engineering HCMC University of Technology Outline 1 Cryptography-related concepts 2 3 4 5 6 7 Key channel for symmetric cryptosystems
More informationCIS 6930/4930 Computer and Network Security. Topic 7. Trusted Intermediaries
CIS 6930/4930 Computer and Network Security Topic 7. Trusted Intermediaries 1 Trusted Intermediaries Problem: authentication for large networks Solution #1 Key Distribution Center (KDC) Representative
More informationS. Erfani, ECE Dept., University of Windsor Network Security
4.11 Data Integrity and Authentication It was mentioned earlier in this chapter that integrity and protection security services are needed to protect against active attacks, such as falsification of data
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 24 April 16, 2012 CPSC 467b, Lecture 24 1/33 Kerberos Secure Shell (SSH) Transport Layer Security (TLS) Digital Rights Management
More informationChapter 8. Network Security. Cryptography. Need for Security. An Introduction to Cryptography 10/7/2010
Cryptography Chapter 8 Network Security Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Need for Security An Introduction
More informationOverview. Cryptographic key infrastructure Certificates. May 13, 2004 ECS 235 Slide #1. Notation
Overview Key exchange Session vs. interchange keys Classical, public key methods Key generation Cryptographic key infrastructure Certificates Key storage Key escrow Key revocation Digital signatures May
More informationL7: Key Distributions. Hui Chen, Ph.D. Dept. of Engineering & Computer Science Virginia State University Petersburg, VA 23806
L7: Key Distributions Hui Chen, Ph.D. Dept. of Engineering & Computer Science Virginia State University Petersburg, VA 23806 9/16/2015 CSCI 451 - Fall 2015 1 Acknowledgement Many slides are from or are
More informationProtocols, Technologies and Standards Secure network protocols for the OSI stack P2.1 WLAN Security WPA, WPA2, IEEE i, IEEE 802.1X P2.
P2 Protocols, Technologies and Standards Secure network protocols for the OSI stack P2.1 WLAN Security WPA, WPA2, IEEE 802.11i, IEEE 802.1X P2.2 IP Security IPsec transport mode (host-to-host), ESP and
More informationGrenzen der Kryptographie
Microsoft Research Grenzen der Kryptographie Dieter Gollmann Microsoft Research 1 Summary Crypto does not solve security problems Crypto transforms security problems Typically, the new problems relate
More informationCristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.
CS355: Cryptography Lecture 17: X509. PGP. Authentication protocols. Key establishment. Public Keys and Trust Public Key:P A Secret key: S A Public Key:P B Secret key: S B How are public keys stored How
More informationLecture 1 Applied Cryptography (Part 1)
Lecture 1 Applied Cryptography (Part 1) Patrick P. C. Lee Tsinghua Summer Course 2010 1-1 Roadmap Introduction to Security Introduction to Cryptography Symmetric key cryptography Hash and message authentication
More informationIntroduction. Trusted Intermediaries. CSC/ECE 574 Computer and Network Security. Outline. CSC/ECE 574 Computer and Network Security.
Trusted Intermediaries CSC/ECE 574 Computer and Network Security Topic 7. Trusted Intermediaries Problem: authentication for large networks Solution #1 Key Distribution Center () Representative solution:
More informationSpring 2010: CS419 Computer Security
Spring 2010: CS419 Computer Security Vinod Ganapathy Lecture 7 Topic: Key exchange protocols Material: Class handout (lecture7_handout.pdf) Chapter 2 in Anderson's book. Today s agenda Key exchange basics
More informationDistributed Systems Principles and Paradigms
Distributed Systems Principles and Paradigms Chapter 09 (version April 7, 2008) Maarten van Steen Vrije Universiteit Amsterdam, Faculty of Science Dept. Mathematics and Computer Science Room R4.20. Tel:
More informationEEC-682/782 Computer Networks I
EEC-682/782 Computer Networks I Lecture 24 Wenbing Zhao wenbingz@gmail.com http://academic.csuohio.edu/zhao_w/teaching/eec682.htm (Lecture nodes are based on materials supplied by Dr. Louise Moser at UCSB
More informationCryptography CS 555. Topic 16: Key Management and The Need for Public Key Cryptography. CS555 Spring 2012/Topic 16 1
Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography CS555 Spring 2012/Topic 16 1 Outline and Readings Outline Private key management between two parties Key management
More informationCSCI 667: Concepts of Computer Security. Lecture 9. Prof. Adwait Nadkarni
CSCI 667: Concepts of Computer Security Lecture 9 Prof. Adwait Nadkarni 1 Derived from slides by William Enck, Micah Sherr, Patrick McDaniel, Peng Ning, and Vitaly Shmatikov Authentication Alice? Bob?
More informationPublic-key Cryptography: Theory and Practice
Public-key Cryptography Theory and Practice Department of Computer Science and Engineering Indian Institute of Technology Kharagpur Chapter 1: Overview What is Cryptography? Cryptography is the study of
More informationSecurity. Alessandro Margara Slides based on previous work by Matteo Migliavacca and Alessandro Sivieri
Security Alessandro Margara alessandro.margara@polimi.it Slides based on previous work by Matteo Migliavacca and Alessandro Sivieri Why security in a DS course? Sharing of resources is the motivating factor
More informationCryptographic Protocols 1
Cryptographic Protocols 1 Luke Anderson luke@lukeanderson.com.au 5 th May 2017 University Of Sydney Overview 1. Crypto-Bulletin 2. Problem with Diffie-Hellman 2.1 Session Hijacking 2.2 Encrypted Key Exchange
More informationCS Computer Networks 1: Authentication
CS 3251- Computer Networks 1: Authentication Professor Patrick Traynor 4/14/11 Lecture 25 Announcements Homework 3 is due next class. Submit via T-Square or in person. Project 3 has been graded. Scores
More informationTransport Layer Security
Transport Layer Security TRANSPORT LAYER SECURITY PERFORMANCE TESTING OVERVIEW Transport Layer Security (TLS) and its predecessor Secure Sockets Layer (SSL), are the most popular cryptographic protocols
More information1.264 Lecture 28. Cryptography: Asymmetric keys
1.264 Lecture 28 Cryptography: Asymmetric keys Next class: Anderson chapters 20. Exercise due before class (Reading doesn t cover same topics as lecture) 1 Asymmetric or public key encryption Receiver
More informationKALASALINGAM UNIVERSITY
KALASALINGAM UNIVERSITY (Kalasalingam Academy of Research and Education) DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING CLASS NOTES CRYPTOGRAPHY AND NETWOTK SECURITY (CSE 405) Prepared by M.RAJA AP/CSE
More informationE-commerce security: SSL/TLS, SET and others. 4.1
E-commerce security: SSL/TLS, SET and others. 4.1 1 Electronic payment systems Purpose: facilitate the safe and secure transfer of monetary value electronically between multiple parties Participating parties:
More informationWAP Security. Helsinki University of Technology S Security of Communication Protocols
WAP Security Helsinki University of Technology S-38.153 Security of Communication Protocols Mikko.Kerava@iki.fi 15.4.2003 Contents 1. Introduction to WAP 2. Wireless Transport Layer Security 3. Other WAP
More informationCS 356 Internet Security Protocols. Fall 2013
CS 356 Internet Security Protocols Fall 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter 5
More informationCryptography Lecture 9 Key distribution and trust, Elliptic curve cryptography
Cryptography Lecture 9 Key distribution and trust, Elliptic curve cryptography Key Management The first key in a new connection or association is always delivered via a courier Once you have a key, you
More informationDistributed Systems. 25. Authentication Paul Krzyzanowski. Rutgers University. Fall 2018
Distributed Systems 25. Authentication Paul Krzyzanowski Rutgers University Fall 2018 2018 Paul Krzyzanowski 1 Authentication For a user (or process): Establish & verify identity Then decide whether to
More information0/41. Alice Who? Authentication Protocols. Andreas Zeller/Stephan Neuhaus. Lehrstuhl Softwaretechnik Universität des Saarlandes, Saarbrücken
0/41 Alice Who? Authentication Protocols Andreas Zeller/Stephan Neuhaus Lehrstuhl Softwaretechnik Universität des Saarlandes, Saarbrücken The Menu 1/41 Simple Authentication Protocols The Menu 1/41 Simple
More informationCS November 2018
Authentication Distributed Systems 25. Authentication For a user (or process): Establish & verify identity Then decide whether to allow access to resources (= authorization) Paul Krzyzanowski Rutgers University
More informationDistributed Systems
Security: Four Important Cryptographic Protocols 1! The enemy Copy of m Process p m The enemy m Communication channel Process q Instructor s Guide for Coulouris, Dollimore, Kindberg and Blair, Distributed
More informationDavid Wetherall, with some slides from Radia Perlman s security lectures.
David Wetherall, with some slides from Radia Perlman s security lectures. djw@cs.washington.edu Networks are shared: Want to secure communication between legitimate participants from others with (passive
More informationCSE 127: Computer Security Cryptography. Kirill Levchenko
CSE 127: Computer Security Cryptography Kirill Levchenko October 24, 2017 Motivation Two parties want to communicate securely Secrecy: No one else can read messages Integrity: messages cannot be modified
More informationTrusted Intermediaries
AIT 682: Network and Systems Security Topic 7. Trusted Intermediaries Instructor: Dr. Kun Sun Trusted Intermediaries Problem: authentication for large networks Solution #1 Key Distribution Center (KDC)
More informationAIT 682: Network and Systems Security
AIT 682: Network and Systems Security Topic 7. Trusted Intermediaries Instructor: Dr. Kun Sun Trusted Intermediaries Problem: authentication for large networks Solution #1 Key Distribution Center (KDC)
More informationModule: Cryptographic Protocols. Professor Patrick McDaniel Spring CMPSC443 - Introduction to Computer and Network Security
CMPSC443 - Introduction to Computer and Network Security Module: Cryptographic Protocols Professor Patrick McDaniel Spring 2009 1 Key Distribution/Agreement Key Distribution is the process where we assign
More informationSession key establishment protocols
our task is to program a computer which gives answers which are subtly and maliciously wrong at the most inconvenient possible moment. -- Ross Anderson and Roger Needham, Programming Satan s computer Session
More informationAcknowledgments. CSE565: Computer Security Lectures 16 & 17 Authentication & Applications
CSE565: Computer Security Lectures 16 & 17 Authentication & Applications Shambhu Upadhyaya Computer Science & Eng. University at Buffalo Buffalo, New York 14260 Lec 16.1 Acknowledgments Material for some
More informationChapter 4: Securing TCP connections
Managing and Securing Computer Networks Guy Leduc Chapter 5: Securing TCP connections Computer Networking: A Top Down Approach, 6 th edition. Jim Kurose, Keith Ross Addison-Wesley, March 2012. (section
More informationSession key establishment protocols
our task is to program a computer which gives answers which are subtly and maliciously wrong at the most inconvenient possible moment. -- Ross Anderson and Roger Needham, Programming Satan s computer Session
More informationT Cryptography and Data Security
T-79.4501 Cryptography and Data Security Lecture 10: 10.1 Random number generation 10.2 Key management - Distribution of symmetric keys - Management of public keys Stallings: Ch 7.4; 7.3; 10.1 1 The Use
More information