Lecture III : Communication Security Mechanisms

Similar documents
06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security

Cryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL

Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls

Cryptography and Network Security Overview & Chapter 1. Network Security. Chapter 0 Reader s s Guide. Standards Organizations.

Cryptographic Concepts

Cryptography and Network Security Chapter 1

Digital Certificates Demystified

9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

Cryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng

Lecture IV : Cryptography, Fundamentals

UNIT - IV Cryptographic Hash Function 31.1

1.264 Lecture 28. Cryptography: Asymmetric keys

Overview. SSL Cryptography Overview CHAPTER 1

Security. Communication security. System Security

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

CIS 4360 Secure Computer Systems Applied Cryptography

Introduction. CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell

CS Computer Networks 1: Authentication

Cryptography and Network Security

Computer Security: Principles and Practice

Public-key Cryptography: Theory and Practice

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L

KALASALINGAM UNIVERSITY

Encryption. INST 346, Section 0201 April 3, 2018

Cryptography and Network Security

CSC 474/574 Information Systems Security

LECTURE NOTES ON PUBLIC- KEY CRYPTOGRAPHY. (One-Way Functions and ElGamal System)

PASSWORDS & ENCRYPTION

Lecture 9a: Secure Sockets Layer (SSL) March, 2004

ISACA CISA. ISACA CISA ( Certified Information Systems Auditor ) Download Full Version :

Message Authentication and Hash function

CSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography

(2½ hours) Total Marks: 75

CS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to talk so much?!? Content taken from the following:

Cryptographic Systems

Cryptography V: Digital Signatures

Chapter 9 Public Key Cryptography. WANG YANG

Cryptography V: Digital Signatures

Outline. CSCI 454/554 Computer and Network Security. Introduction. Topic 5.2 Public Key Cryptography. 1. Introduction 2. RSA

Lecture 3.4: Public Key Cryptography IV

Cryptography in Lotus Notes/Domino Pragmatic Introduction for Administrators

Ref:

SEEM4540 Open Systems for E-Commerce Lecture 03 Internet Security

Outline. Public Key Cryptography. Applications of Public Key Crypto. Applications (Cont d)

Public Key Cryptography and RSA

CS408 Cryptography & Internet Security

Message authentication. Why message authentication. Authentication primitives. and secure hashing. To prevent against:

Deploying a New Hash Algorithm. Presented By Archana Viswanath

Glenda Whitbeck Global Computing Security Architect Spirit AeroSystems

Lecture 6: Overview of Public-Key Cryptography and RSA

CIS 4360 Secure Computer Systems Symmetric Cryptography

Kurose & Ross, Chapters (5 th ed.)

The Network Security Model. What can an adversary do? Who might Bob and Alice be? Computer Networks 12/2/2009. CSC 257/457 - Fall

SSH PK Authentication and Auto login configuration for Chassis Management Controller

Introduction to Network Security Missouri S&T University CPE 5420 Data Integrity Algorithms

CS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to share so many secrets?!?

2.1 Basic Cryptography Concepts

Cryptography and Network Security

IPSec. Slides by Vitaly Shmatikov UT Austin. slide 1

Encryption and Forensics/Data Hiding

Lecture 1 Applied Cryptography (Part 1)

Security: Cryptography

A New Symmetric Key Algorithm for Modern Cryptography Rupesh Kumar 1 Sanjay Patel 2 Purushottam Patel 3 Rakesh Patel 4

Blind Signatures and Their Applications

CS 393 Network Security. Nasir Memon Polytechnic University Module 12 SSL

CSC/ECE 774 Advanced Network Security

Key Exchange. References: Applied Cryptography, Bruce Schneier Cryptography and Network Securiy, Willian Stallings

Introduction to Security

CSC 774 Network Security

A hash function is strongly collision-free if it is computationally infeasible to find different messages M and M such that H(M) = H(M ).

Authentication Part IV NOTE: Part IV includes all of Part III!

VPN Overview. VPN Types

IT443 Network Security Administration Spring Gabriel Ghinita University of Massachusetts at Boston

ICT 6541 Applied Cryptography Lecture 8 Entity Authentication/Identification

Public-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7

Verteilte Systeme (Distributed Systems)

Introduction to Cryptography. Vasil Slavov William Jewell College

CCNA Security 1.1 Instructional Resource

LECTURE 4: Cryptography

CRYPTOGRAPHY & DIGITAL SIGNATURE

Data Communication Prof.A.Pal Dept of Computer Science & Engineering Indian Institute of Technology, Kharagpur Lecture - 40 Secured Communication - II

Number Theory and RSA Public-Key Encryption

T Cryptography and Data Security

Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl. Chapter 6 Introduction to Public-Key Cryptography

NETWORK SECURITY & CRYPTOGRAPHY

Cryptography and Network Security Chapter 12. Message Authentication. Message Security Requirements. Public Key Message Encryption

Public Key Cryptography, OpenPGP, and Enigmail. 31/5/ Geek Girls Carrffots GVA

The Tor Network. Cryptography 2, Part 2, Lecture 6. Ruben Niederhagen. June 16th, / department of mathematics and computer science

Most Common Security Threats (cont.)

Slides by Kent Seamons and Tim van der Horst Last Updated: Oct 7, 2013

PROTECTING CONVERSATIONS

ISA 662 Internet Security Protocols. Outline. Prime Numbers (I) Beauty of Mathematics. Division (II) Division (I)

CRYPTOLOGY KEY MANAGEMENT CRYPTOGRAPHY CRYPTANALYSIS. Cryptanalytic. Brute-Force. Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext

Cristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ

Encryption I. An Introduction

Outline. Data Encryption Standard. Symmetric-Key Algorithms. Lecture 4

Other Topics in Cryptography. Truong Tuan Anh

COMP4109 : Applied Cryptography

Chapter 15: Security. Operating System Concepts 8 th Edition,

Transcription:

Lecture III : Communication Security Mechanisms Internet Security: Principles & Practices John K. Zao, PhD (Harvard) SMIEEE Computer Science Department, National Chiao Tung University

2 X.800 : Security Architecture Security Services Service Types Service Layer Mapping Security Mechanisms Mechanism Definition Service - Mechanism Mapping

3 Security Mechanisms Encipherment with Secret / Public Cryptography Data Integrity with One-Way Hash Function Authentication Access Control Digital Signature with Public- Cryptography Traffic Padding Notarization

4 Symmetric / Secret Encipherment Algorithms use same keys for encryption & decryption : Symmetric / Secret must be dispatched in secret Used for bulk encryption / decryption Also used in following security services : Authentication Random Number Generator Clear Encryption Symmetric Cipher Decryption Symmetric Clear

5 Asymmetric / Public Encipherment Algorithms use different keys for encryption & decryption Public is disclosed but Private is kept secret Computationally intensive - based on large prime numbers Also used in following security services : Digital Signatures Authentication Exchange Clear Encryption Public Cipher Decryption Private Clear

6 Data Encryption & Distribution Random Number Generator Public Encryption Symmetric { Symmetric Decryption Private Symmetric Clear Encryption Cipher Decryption Clear

7 Message Digest Message Message Originator Computes a fixed-length message digest from the message using a one-way hash transformation MD5 Message Recipient Validate message integrity by computing the message hash and comparing with the message digest Digest

8 Digital Signature Message Signature is public-key encrypted hash of a document and its relevant parameters MD5 Private Message Signed Document Hash Decryption Digital Signature

9 Digital Signature Validation Message recipients can validate the signature by encrypting it with the public key and comparing with document s hash value Signed Document Message MD5 Public Hash Digital Signature Encryption Hash = Valid?

10 Internet Security - ComSec Services & Mechanisms Spring 2011 Challenge-Response Authentication Challenger sends a challenge of random number to Responder Responder creates a response by digitally signing the challenge with its private key and returns the response to the Challenger Challenger processes the response with public key of legitimate Responder and compare it with original challenge Random Number Generator Challenge Decryption Private Response Same? = Challenge (Recovered) Encryption Public

11 Service - Mechanism Mapping A security service may need to be implemented by several different security mechanisms. Service Mechanism Encipherment Digital Signature Access control Data integrity Authentication Traffic padding Routing Control Notarization Peer Entity Authentication Data Origin Authentication Connection Confidentiality Connectionless Confidentiality Selective Field Confidentiality Traffic Flow Confidentiality Connection Integrity with Recovery Connection Integrity without Recovery Selective Field Connection Integrity Connectionless Integrity Selective Field Connectionless Integrity Non-repudiation Origin Non-repudiation Delivery Y Y Y Y Y Y. Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Access Control Y

12 Internet Security - X.800 Security Services Further Reading book Network Security Essentials, Ch. 1, Introduction, pp. 15 35 Web page: http://williamstallings.com/networksecurity/ Websites X.800 Security Services: http://en.wikipedia.org/wiki/security_service_(telecommunicati on) Availability: http://en.wikipedia.org/wiki/availability

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback