Introduction and Overview. Why CSCI 454/554?

Similar documents
Acronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector

06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security

Information Security CS 526

Cryptography and Network Security

BCA III Network security and Cryptography Examination-2016 Model Paper 1

Data Security and Privacy. Topic 14: Authentication and Key Establishment

Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP,

Chapter 8. Network Security. Cryptography. Need for Security. An Introduction to Cryptography 10/7/2010

L13. Reviews. Rocky K. C. Chang, April 10, 2015

The question paper contains 40 multiple choice questions with four choices and students will have to pick the correct one (each carrying ½ marks.).

Total No. of Questions : 09 ] [ Total No.of Pages : 02

10EC832: NETWORK SECURITY

Protecting Information Assets - Week 11 - Cryptography, Public Key Encryption and Digital Signatures. MIS 5206 Protecting Information Assets

Public Key Cryptography, OpenPGP, and Enigmail. 31/5/ Geek Girls Carrffots GVA

Lecture 9a: Secure Sockets Layer (SSL) March, 2004

Cryptography and Network Security

Int ernet w orking. Internet Security. Literature: Forouzan: TCP/IP Protocol Suite : Ch 28

Network Security Chapter 8

Transport Level Security

(a) Symmetric model (b) Cryptography (c) Cryptanalysis (d) Steganography

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

UNIT - IV Cryptographic Hash Function 31.1

Chapter 8. Network Security. Need for Security. An Introduction to Cryptography. Transposition Ciphers One-Time Pads

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L

CRYPTOGRAPHY AND NETWROK SECURITY-QUESTION BANK

14. Internet Security (J. Kurose)

Lecture Nov. 21 st 2006 Dan Wendlandt ISP D ISP B ISP C ISP A. Bob. Alice. Denial-of-Service. Password Cracking. Traffic.

Information Security: Principles and Practice Second Edition. Mark Stamp

CSC 774 Network Security

Cipher Suite Configuration Mode Commands

Introduction to information Security

APNIC elearning: Cryptography Basics

CS 356 Internet Security Protocols. Fall 2013

Introduction to Network Security Missouri S&T University CPE 5420 Exam 2 Logistics

Principles of Information Security, Fourth Edition. Chapter 8 Cryptography

Overview. SSL Cryptography Overview CHAPTER 1

Prof. Shervin Shirmohammadi SITE, University of Ottawa. Security Architecture. Lecture 13: Prof. Shervin Shirmohammadi CEG

Network Encryption 3 4/20/17

Computer Security. 10r. Recitation assignment & concept review. Paul Krzyzanowski. Rutgers University. Spring 2018

Network Security. Chapter 8. MYcsvtu Notes.

Network Security: An Introduction. Hui Chen, Ph.D. Dept. of Engineering & Computer Science Virginia State University Petersburg, VA 23806

David Wetherall, with some slides from Radia Perlman s security lectures.

Syllabus: The syllabus is broadly structured as follows:

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ

Cryptography (Overview)

Cryptography and secure channel. May 17, Networks and Security. Thibault Debatty. Outline. Cryptography. Public-key encryption

Lecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005

Cryptography and Network Security Chapter 16. Fourth Edition by William Stallings

Security+ SY0-501 Study Guide Table of Contents

Security: Focus of Control. Authentication

KALASALINGAM UNIVERSITY

(2½ hours) Total Marks: 75

Computer Networking. What is network security? Chapter 7: Network security. Symmetric key cryptography. The language of cryptography

Chapter 4: Securing TCP connections

Introduction to Cryptography. Vasil Slavov William Jewell College

WAP Security. Helsinki University of Technology S Security of Communication Protocols

CSCE 715: Network Systems Security

Cryptographic Systems

Glenda Whitbeck Global Computing Security Architect Spirit AeroSystems

MLR Institute of Technology

Cryptographic Concepts

Issues. Separation of. Distributed system security. Security services. Security policies. Security mechanism

CS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to talk so much?!? Content taken from the following:

CSCE 715: Network Systems Security

Sankalchand Patel College of Engineering, Visnagar Department of Computer Engineering & Information Technology. Question Bank

Chapter 8 Network Security

Cryptography MIS

CS Computer Networks 1: Authentication

Cryptography CS 555. Topic 16: Key Management and The Need for Public Key Cryptography. CS555 Spring 2012/Topic 16 1

Security: Focus of Control

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2

CPSC 467b: Cryptography and Computer Security

Internet Technology. Security

Encryption. INST 346, Section 0201 April 3, 2018

Cryptography III. Public-Key Cryptography Digital Signatures. 2/1/18 Cryptography III

Name of chapter & details.

Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy

Pretty Good Privacy (PGP

Internet and Intranet Protocols and Applications

CSC/ECE 774 Advanced Network Security

AIT 682: Network and Systems Security

Security and Encryption

Computer Security 3e. Dieter Gollmann. Security.di.unimi.it/sicurezza1415/ Chapter 16: 1

Public-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7

CS6701 CRYPTOGRAPHY AND NETWORK SECURITY 2 Mark Questions & Answers

e-commerce Study Guide Test 2. Security Chapter 10

Computer Security. 10. Exam 2 Review. Paul Krzyzanowski. Rutgers University. Spring 2017

Computer Networks. Wenzhong Li. Nanjing University

Modern cryptography 2. CSCI 470: Web Science Keith Vertanen

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

IP Security. Have a range of application specific security mechanisms

Transport Layer Security

key distribution requirements for public key algorithms asymmetric (or public) key algorithms

Chapter 19 Security. Chapter 19 Security

Ref:

Cryptography SSL/TLS. Network Security Workshop. 3-5 October 2017 Port Moresby, Papua New Guinea

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

HP Instant Support Enterprise Edition (ISEE) Security overview

ח'/סיון/תשע "א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms

CS 425 / ECE 428 Distributed Systems Fall 2017

Transcription:

Introduction and Overview CSCI 454/554 Why CSCI 454/554? Get Credits and Graduate Security is important More job opportunities More research funds 1

Workload Five homework assignments Two exams (open book and notes) Term projects Research-oriented Survey-oriented Project Guideline Any topic related to computer and network security Proposal due on Oct. 5 th Final report due on Dec. 5 th 2

Project Topics DoS attacks Email Spam Phishing attacks Botnets DNS Security Honey-pot Covert Channel Malware analysis Security in Android Grading Policy A+: 95~100 A: 85~94 A-: 80~84 B+: 75~79 B: 70~74 B-: 65~69 C+: 60~64 C: 55~59 3

Why security is hard? Internet is an open system Buggy software Complexity of information management and system administration Highly-motivated attackers Security is hard to measure Weakest link Performance and usability vs security Lack awareness of threats and risks Security Architecture Security Attacks Security Services Security Mechanisms 4

Attacks Passive Eavesdropping Traffic Analysis Active Masquerade Modification Replay attacks DoS attacks Security Services Authentication Privacy (Access Control) Confidentiality Integrity Nonrepudiation 5

Security Mechanisms Cryptography Encryption/Decryption Symmetric Key Asymmetric Key (Public-key system) Entity or Message Authentication (verification) Public-key and Hash function Digital Signature Certificate (Authority) Symmetric Ciphers A single secret key is shared for both parties Classical encryption schemes Scramble (and restore later) Information Substitution and Transposition Steganography Block and Stream ciphers DES, AES, RC5 (block) RC4 (stream) 6

Problems with symmetric key How to distribute the secret key to Alice and Bob? Requirement: secure channel in advance Solution: have a private meeting in person or via Key Distribution Center (KDC) How to conduct digital signature? Public-key Encryption Everyone has a pair of keys (one private K-, one public K+) Public key is open to everyone Diffie and Hellman first proposed RSA is the most widely used public-key system Rivest, Shamir, and Adleman won ACM Turing Award in 2002 because of this work 7

Public-Key Applications Encryption/decryption Alice: KB+(M) Bob: KB- (KB+(M) ) Authentication and Digital Signature Alice: KA-(M) Bob: KA+ (KA-(M) ) Key Exchange (Distribution) Deriving session (symmetric) key Message Authentication MAC: a fingerprint of the whole body (message) with fixed-length Hash functions Produce the fingerprint of a message One-way property Collision resistance MD5 and SHA 8

Kerberos Authentication service used in distributed system (e.g. Local Area Network) Symmetric keys with a trusted key server (KDC) without needing to trust all workstations rather all trust the centralized key server Developed as part of Project Athena at MIT Two versions (4 and 5) PGP (Pretty Good Privacy) Widely used de facto secure email Provides authentication and confidentiality via (RSA, SHA) and DES Originally free, now have commercial versions available too Largely developed by a single person: Phil Zimmermann 9

IPsec IP protocol is the running horse that carries the Internet (Forwarding and Routing) IPsec is transparent to applications IPsec provides: Encryption (ESP) Authentication (AH) Key management (IKE) Web Security (SSL/TLS) Transport layer security service Work as a shim between TCP and applications Originally developed by Netscape Subsequently became Internet standard known as TLS SSL has two layers of protocols Handshake protocol (entity authentication) Record protocol (data confidentiality & integrity) 10

Firewall A choke point of control and monitoring the incoming traffic to a LAN Un-trusted outside, trusted inside Imposes restrictions on network services Only authorized traffic is admitted Auditing and controlling access Detect abnormal behavior, and alarm As Greatwall, it provides perimeter defence Viruses and Worms Both are malicious programs that replicate and propagate to other hosts The spread behavior is different Viruses needs human involvement to spread Worms automatically spread themselves Viruses need host program, but worms are independent 11

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback