1 / 27

Network Security

This outline provides an overview of network security and cryptography, including authentication protocols, wired and wireless networks, key management, security attacks, security services, and the basics of cryptography.

dluoma
Download Presentation

Network Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network Security Celia Li Computer Science and Engineering York University

  2. Outline • Overview of network security and Cryptography • Authentication protocols • Wired networks • Wireless local area networks • Key management

  3. Overview of Network Security • Confidentiality • The concealment of information or resources • Integrity • Data cannot be modified without being detected • Authenticity • A node can ensure the identity of the peer node it is communicating with. • Availability • The ability to use the information or resource desired

  4. Overview of Network Security Security Attacks • An attack is any action that violates security • Common attacks • Eavesdropping • Integrity attack • Authenticity attack • Deny of service

  5. Overview of Network Security • Eavesdropping – Message Interception • Unauthorized access to information • Packet sniffers and wiretappers • Illicit coping of data and programs

  6. Overview of Network Security • Integrity Attack – Tampering with Message • Stop the flow of the message • Delay and optionally modify the message • Release the message again

  7. Overview of Network Security • Authenticity Attack – Fabrication • Unauthorized assumption of other’s identity • Generate and distribute objects under this identity

  8. Overview of Network Security • Attack on Availability • Destroy on Availability • Corrupt packets in transit • Denial of Service (DoS) • Crashing the server • Overwhelm the server (use up its resource)

  9. Security Services • Access control • Only authorized actions (e.g., membership enrollment, data transmission) can be performed. • Authentication • Assurance that an entity of concern or the origin of a communication is authentic – it’s what it claims to be or from • Encryption • Converting data into a form that cannot be easily understood by unauthorized people

  10. Security Services (cont.) • Key management • Generation, distribution and replace of keys • Secure routing • A message is eventually delivered to all legitimate nodes within a reasonable amount of time • Despite corrupting, dropping or misrouting the message.

  11. Overview of Cryptography • Why cryptography? • Used to hide information • Network information needs to be communicated through insecure channel • Stored information may be accessed without proper authorization • What cryptography can do? • Encryption algorithms: only the authorized party can understand the encrypted message • Digital signature: allow people to verify the authenticity of the message

  12. Overview of Cryptography • Encryption Algorithms • Scrambling of message such that only intended receiver can unscramble them • Encrypting function- produces encrypted message • Decrypting function- extracts original message • Key - parameter that controls encryption/decryption

  13. Overview of Cryptography • What is Key? • A piece of information that controls the operation of an encryption algorithm. • A key specifies the particular transformation of plaintext into ciphertext, or vice versa during decryption. • To prevent a key from being guessed, keys need to be generated truly randomly

  14. Overview of Cryptography • Symmetric Encryption Process • Use the same key for both encryption and decryption • Example: DES, 3DES

  15. Overview of Cryptography • Public Key Encryption Process • Use a pair of keys, public key and private key • finding out the private key is extremely difficult, even if the public key is known • Example: RSA, Elliptic Curve

  16. Overview of Cryptography • Example

  17. Overview of Cryptography • Symmetric & Public Key Encryption • Symmetric encryption is fast but not as safe as public key encryption. But because of its speed, it's commonly used for multimedia, e-commerce transactions. • Public key encryption is more complex--and more secure. More computation is required, so the process takes longer

  18. Overview of Cryptography • Hash Function • A reproducible method of turning data into a small number that may serve as a digital "fingerprint" of the data (Message Digest) • If two hashes are different, then the two inputs are different in some way. • If a hash value is calculated for a piece of data, and then one bit of that data is changed, a hash function produces a completely different hash value. • Unidirectional (cannot calculate text from hash)

  19. Overview of Cryptography • Hash Function • Two most-commonly used hash functions: MD5 and SHA-1

  20. Overview of Cryptography • Hash Function for Date Integrity • If the two hashes do not match, the message was altered

  21. Overview of Cryptography • Digital Signature • A number attached to a message, when other people receive the message, he can simply verify the attached number to confirm whether the message has been changed or not. • Gives a recipient reason to believe that the message was created by a known sender. • Commonly used for software distribution, financial transactions, and in other cases where it is important to provide authenticity and integrity.

  22. Overview of Cryptography • Digital Signature Generating Process • Hash a document

  23. Overview of Cryptography • Digital Signature Generating Process • Sign the message digest

  24. Overview of Cryptography • Digital Signature Verifying Process

  25. Overview of Cryptography • Digital Signature Verifying Process

  26. Overview of Cryptography • Digital Signature Algorithms • The Digital Signature Algorithm (DSA) • The RSA digital signature algorithm • The Elliptic Curve Digital Signature Algorithm (ECDSA)

  27. Our Focus • Authentication • Key management

More Related