Download
bishop chapter 11 an overview of cipher techniques in the context of networks 11 1 11 3 n.
Skip this Video
Loading SlideShow in 5 Seconds..
Bishop: Chapter 11 An Overview of Cipher Techniques (in the context of networks) (11.1-11.3) PowerPoint Presentation
Download Presentation
Bishop: Chapter 11 An Overview of Cipher Techniques (in the context of networks) (11.1-11.3)

Bishop: Chapter 11 An Overview of Cipher Techniques (in the context of networks) (11.1-11.3)

0 Views Download Presentation
Download Presentation

Bishop: Chapter 11 An Overview of Cipher Techniques (in the context of networks) (11.1-11.3)

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Bishop: Chapter 11An Overview ofCipher Techniques (in the context of networks) (11.1-11.3) csci5233 Computer Security

  2. Topics • Problems with Design of Ciphers • Stream and Block Ciphers • A Brief Overview of Network Security  more in Chapter 26 • Advanced Topics: SSL, IPsec  next course (Web Security) csci5233 Computer Security

  3. Networks & Cryptography • The ISO/OSI 7-layer network model: Fig. 11-2. • Given C0, …, Cn be a sequence of hosts, and Ci and Ci+1 are neighboring hosts. • End-to-end protocol: A protocol that has C0 and Cn as its end points. Examples: telnet, TCP • Link-layer protocol: A protocol that has Ci and Ci+1 as its end points. Examples: IP ? csci5233 Computer Security

  4. Networks & Cryptography • Cryptographical protocols in a network • End-to-end encryption: The cryptographical processing is only done at the end points (i.e., the source and the destination) Examples: VPN, SSL • Link-layer encryption: The cryptographical processing occurs at each host along the communication path. Examples: The PPP Encryption Control Protocol [RFC 1968] csci5233 Computer Security

  5. Networks & Cryptography • Shared keys • End-to-end encryption Symmetric: A key is shared between the two end-points Asymmetric: Each end knows the public key of the other end. • Link-layer encryption Symmetric: Per-host key sharing: Each host has its own key, which is shared with each of its neighboring hosts, that is, one key per host. Per-host-pair key sharing: Each pair of hosts share a key, that is, one key per link. Asymmetric: Each node knows the public key of its immediate neighbor. csci5233 Computer Security

  6. Networks & Cryptography • In end-to-end encryption, only the source and the destination hosts can read the content of the message. The message is encrypted during transmission. + An attacker cannot read the message by intercepting the message during transmission or by attacking the intermediate hosts along the path. • Traffic Analysis A cryptanalysis method in which the attacker deduces information by analyzing the traffic patterns. Can also be used to locate system vulnerability. See the example on pp. 285-286. csci5233 Computer Security

  7. Networks & Cryptography • More on Network Security Chapter 26 (Bishop) Infrastructure Firewalls DMZ Network availability Chapter 25 Intrusion detection system (IDS) Chapter 27 System security csci5233 Computer Security

  8. Next • Chapter 12: Authentication csci5233 Computer Security