confidentialy using conventional encryption chapter 7
Download
Skip this Video
Download Presentation
CONFIDENTIALY USING CONVENTIONAL ENCRYPTION – Chapter 7

Loading in 2 Seconds...

play fullscreen
1 / 26

CONFIDENTIALY USING CONVENTIONAL ENCRYPTION – Chapter 7 - PowerPoint PPT Presentation


  • 80 Views
  • Uploaded on

Historically – Conventional Encryption Recently – Authentication, Integrity, Signature, Public-key Link End-to-End Traffic-Analysis Key Distribution Random Number Generation.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'CONFIDENTIALY USING CONVENTIONAL ENCRYPTION – Chapter 7' - urian


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
confidentialy using conventional encryption chapter 7
Historically – Conventional Encryption
  • Recently – Authentication, Integrity, Signature, Public-key
  • Link
  • End-to-End
  • Traffic-Analysis
  • Key Distribution
  • Random Number Generation

CONFIDENTIALY USING CONVENTIONAL ENCRYPTION – Chapter 7

confidentiality
Link
  • - both ends of link
  • - many encryps / decryps - all links use it
  • - decrypt at packet switch (read addr.)
  • - unique key / node pair
  • End- to-End
  • - only at ends
  • - data encrypted, not address (header)
  • - one key pair
  • - traffic pattern insecure
  • - authentication from sender

Confidentiality

both link and end to end
- Data secure at nodes
  • - Authentication
  • LINK – low level (physical/link)
  • END-TO-END – network (X.25)
  •  End0
  •  End1 (ends separately
  •  End2 protected)
  • |

Both Link and End-to-End

e mail gateway1
OSI  email gateway  TCP
  • no end-to-end protocol below appl. layer
  • networks terminate at mail gateway
  • mail gateway sets up new transport/network
  • connections
  • need end-to-end encryp. at appl. Layer
  • - disadvantage: many keys

E-mail Gateway

traffic confidentiality
Identities
  • Message Frequency
  • Message Pattern
  • Event Correlation
  • Covert Channel
  • Link
  • Headers encrypted
  • Traffic padding (Fig 7.6)
  • End-to-End
  • Pad data
  • Null messages

Traffic Confidentiality

key distribution
Physically deliver
  • Third party physically select/deliver
  • EKold(Knew) →
  • 4. End-to-End(KDC):
  • A EKA(Knew) C EKB(Knew)B
  • N hosts → (N)choose(2) keys – Fig 7.7
  • KDC – Key hierarchy – Fig 7.8
  • Session Key – temporary : end ↔ end
  • Only N master keys – physical delivery

KEY DISTRIBUTION

key distribution1
User shares Master Key with KDC

Steps 1-3 : Key Distribution

Steps 3,4,5 : Authentication

KEY DISTRIBUTION

key distribution centre kdc hierarchy
LOCAL KDCs

KDCX

KDCA KDCB

A B

Key selected by KDCA, KDCB, or KDCX

Key Distribution Centre (KDC) Hierarchy

lifetime
Shorter Lifetime → Highter Security

→ Reduced Capacity

Connection-oriented:

- change session key periodically

Connectionless:

- new key every exchange

or #transactions

or after time period

LIFETIME

key distribution connection oriented

Key Distribution (connection-oriented)

End-to-End (X.25,TCP), FEP obtains session keys

decentralised key control

Decentralised Key Control

Not practical for large networks

- avoids trusted third party

key usage
key types : Data, PIN, File

key tags : Session/Master/Encryp/Decryp

Control Vector:

associate session key with control vector

(Fig 7.12)

KEY USAGE

random number generation
Linear Congruential Generator
  • Xn+1 = (aXn + c) mod m
  • Encryption : DES (OFB) – (Fig 7.14)
  • Blum Blum Shub (BBS)
  • X0 = s2 mod n
  • for i = 1 to infinity
  • Xi = (Xi-1)2 mod n
  • Bi = Xi mod 2

Random Number Generation

ad