1 / 8

Bishop: Chapter 11 An Overview of Cipher Techniques (in the context of networks) (11.1-11.3)

Bishop: Chapter 11 An Overview of Cipher Techniques (in the context of networks) (11.1-11.3). Topics. Problems with Design of Ciphers Stream and Block Ciphers A Brief Overview of Network Security  more in Chapter 26 Advanced Topics: SSL, IPsec  next course ( Web Security ).

nina-barlow
Download Presentation

Bishop: Chapter 11 An Overview of Cipher Techniques (in the context of networks) (11.1-11.3)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Bishop: Chapter 11An Overview ofCipher Techniques (in the context of networks) (11.1-11.3) csci5233 Computer Security

  2. Topics • Problems with Design of Ciphers • Stream and Block Ciphers • A Brief Overview of Network Security  more in Chapter 26 • Advanced Topics: SSL, IPsec  next course (Web Security) csci5233 Computer Security

  3. Networks & Cryptography • The ISO/OSI 7-layer network model: Fig. 11-2. • Given C0, …, Cn be a sequence of hosts, and Ci and Ci+1 are neighboring hosts. • End-to-end protocol: A protocol that has C0 and Cn as its end points. Examples: telnet, TCP • Link-layer protocol: A protocol that has Ci and Ci+1 as its end points. Examples: IP ? csci5233 Computer Security

  4. Networks & Cryptography • Cryptographical protocols in a network • End-to-end encryption: The cryptographical processing is only done at the end points (i.e., the source and the destination) Examples: VPN, SSL • Link-layer encryption: The cryptographical processing occurs at each host along the communication path. Examples: The PPP Encryption Control Protocol [RFC 1968] csci5233 Computer Security

  5. Networks & Cryptography • Shared keys • End-to-end encryption Symmetric: A key is shared between the two end-points Asymmetric: Each end knows the public key of the other end. • Link-layer encryption Symmetric: Per-host key sharing: Each host has its own key, which is shared with each of its neighboring hosts, that is, one key per host. Per-host-pair key sharing: Each pair of hosts share a key, that is, one key per link. Asymmetric: Each node knows the public key of its immediate neighbor. csci5233 Computer Security

  6. Networks & Cryptography • In end-to-end encryption, only the source and the destination hosts can read the content of the message. The message is encrypted during transmission. + An attacker cannot read the message by intercepting the message during transmission or by attacking the intermediate hosts along the path. • Traffic Analysis A cryptanalysis method in which the attacker deduces information by analyzing the traffic patterns. Can also be used to locate system vulnerability. See the example on pp. 285-286. csci5233 Computer Security

  7. Networks & Cryptography • More on Network Security Chapter 26 (Bishop) Infrastructure Firewalls DMZ Network availability Chapter 25 Intrusion detection system (IDS) Chapter 27 System security csci5233 Computer Security

  8. Next • Chapter 12: Authentication csci5233 Computer Security

More Related