1 / 4

Confidentiality using Conventional Encryption

Confidentiality using Conventional Encryption. Chapter 5. Vulnerability points. In-house Corrupted workstation Extra machine with sniffer Wiring closet Sneaky rewiring – for example to phone line Corrupted server/router Hacked – routed to man-in-the middle

bowie
Download Presentation

Confidentiality using Conventional Encryption

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Confidentiality using Conventional Encryption Chapter 5

  2. Vulnerability points • In-house • Corrupted workstation • Extra machine with sniffer • Wiring closet • Sneaky rewiring – for example to phone line • Corrupted server/router • Hacked – routed to man-in-the middle • Interception on external network • Wireless interception • Interception in external packet network • DNS attack • IP spoofing

  3. Encryption points • Link encryption • IP and higher headers are encrypted – less traffic analysis • Requires trust in packet network • Many keys required • Host authentication only • End-to-end encryption • Link headers must be in clear • Packets show link headers • One key per user pair • User responsible and can decide not to encrypt • Can be either protocol (TCP layer) or application layer

  4. Traffic Confidentiality • Defends against traffic analysis • Partner identity • How much communication • Message characteristics – length, response patterns • Relation with external events • Defenses • Link encryption hides users’ headers • Traffic padding (send useless random patterns) – used for end-to-end • Packet tunneling (real thing hidden within innocent-looking packet)

More Related