1 / 8

ECE453 – Introduction to Computer Networks

ECE453 – Introduction to Computer Networks. Lecture 18 – Network Security (I). Application Layer Security. Transport Layer Security. Network Layer Security. Link Layer Security. Physical Layer Security. Network Security. User authentication, nonrepudiation. Process-to-process security.

kdishman
Download Presentation

ECE453 – Introduction to Computer Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ECE453 – Introduction to Computer Networks Lecture 18 – Network Security (I)

  2. Application Layer Security Transport Layer Security Network Layer Security Link Layer Security Physical Layer Security Network Security User authentication, nonrepudiation Process-to-process security Firewall, IPSec Link encryption Wire protection Cryptography

  3. Cryptography • Secrecy • Substitution cipher • Transposition cipher • One-time pad • Symmetric-key cryptography • Public-key cryptography • Authentication • Nonrepudiation • Integrity Kerckhoff’s principle: All algorithms must be public; only the keys are secret Refreshness and Redundancy in the message

  4. Columnar Transposition Cipher

  5. One-Time Pad - Unbreakable

  6. Key Distribution – The Weakest Link Using public-key cryptography for key distribution Bob Alice (EB, DB) (EA, DA) EB(P) P = DB(EB(P)) EA(R) R = DA(EA(R)) RSA is one way to realize this procedure

  7. Digital Signature vs. Message Digest for Authentication • Using symmetric-key • Using public-key Big Brother Bob Alice A, KA(B, RA, t, P) KB(A, RA, t, P, KBB(A, t, P)) KBB(A, t, MD(P)) Bob Alice EB(DA(P)) P, DA(MD(P)) Add integrity checking too DB(EB(DA(P))  DA(P) EA(DA(P)  P

  8. Public Key Cryptograph • Allow two people who do not share a common key to communicate with each other securely • Makes signing messages possible without the presence of a trusted third party • Signed MD make it possible to verify integrity of received message • Problem: how to make your public key really public?  Certificates (CA)

More Related