Register now to access 7 million high quality study materials (What's Course Hero?) Course Hero is the premier provider of high quality online educational resources. With millions of study documents, online tutors, digital flashcards and free courseware, Course Hero is helping students learn more efficiently and effectively. Whether you're interested in exploring new subjects or mastering key topics for your next exam, Course Hero has the tools you need to achieve your goals.
24 Pages
09_ipsec
Course: ICT 2, Spring 2011School: Kungliga Tekniska...
Rating:
Word Count: 1264
Document Preview
AH IPSEC: and ESP Markus Hidell mahidell@kth.se Based on material by Vitaly Shmatikov, Univ. of Texas, and by the previous course teachers 1 Reading Kaufman, chapter 16-17 2 TCP/IP Example 3 IP Security Issues Eavesdropping Modification of packets in transit Identity spoofing (forged source IP addresses) Denial of service Many solutions are application-specific TLS for Web, S/MIME for email, SSH for...
Unformatted Document Excerpt
Coursehero >> Other International >> Kungliga Tekniska högskolan >> ICT 2Course Hero has millions of student submitted documents similar to the one
below including study guides, practice problems, reference materials, practice exams, textbook help and tutor support.
Course Hero has millions of student submitted documents similar to the one
below including study guides, practice problems, reference materials, practice exams, textbook help and tutor support.
AH IPSEC: and ESP
Markus Hidell mahidell@kth.se
Based on material by Vitaly Shmatikov, Univ. of Texas, and by the previous course teachers
1
Reading
Kaufman, chapter 16-17
2
TCP/IP Example
3
IP Security Issues
Eavesdropping Modification of packets in transit Identity spoofing (forged source IP addresses) Denial of service Many solutions are application-specific
TLS for Web, S/MIME for email, SSH for remote login
IPsec aims to provide a framework of open standards for secure communications over IP
Protect every protocol running on top of IPv4 and IPv6
4
Operating system layers
App. TCP IP L2 L1 User process OS kernel
Socket API Device driver
Interface specific
SSL (Secure Socket Layer) changes the API to TCP/IP
Applications change, but OS doesnt
IPSec implemented in OS
Applications and API remain unchanged (at least in theory)
To make full use of IPSec, API and apps have to change!
and accordingly also the applications
Overview of IPsec
Authenticated Keying
Internet Key Exchange (IKE)
Next part of the lecture
Data Encapsulation
ESP: IP Encapsulating Security Payload (RFC 4303) AH: IP Authentication Header (RFC 4302)
Security Architecture (RFC 4301)
Tunnel/transport Mode Databases (Security Association, Policy, Peer Authorization)
6
IPsec: Network Layer Security
IPsec = AH + ESP + IKE
Protection for IP traffic AH provides integrity and origin authentication ESP also confidentiality Sets up keys and algorithms for AH and ESP
AH and ESP rely on an existing security association
Idea: parties must share a set of secret keys and agree on each others IP addresses and crypto algorithms
Internet Key Exchange (IKE)
Goal: establish security association for AH and ESP If IKE is broken, AH and ESP provide no protection!
7
IPsec Security Services
Authentication and integrity for packet sources
Ensures connectionless integrity (for a single packet) and partial sequence integrity (prevent packet replay)
Confidentiality (encapsulation) for packet contents Authentication and encapsulation can be used separately or together Either provided in one of two modes
Transport mode Tunnel mode
8
IPsec Modes
Transport mode
Used to deliver services from host to host or from host to gateway Usually within the same network, but can also be end-to-end across networks
Tunnel mode
Used to deliver services from gateway to gateway or from host to gateway Usually gateways owned by the same organization
With an insecure network in the middle
9
IPsec in Transport Mode
End-to-end security between two hosts Requires IPsec support at each host
10
IPsec in Tunnel Mode
Gateway-to-gateway security
Internal traffic behind gateways not protected Typical application: virtual private network (VPN)
Only requires IPsec support at gateways
11
Tunnel Mode Illustration
Implements IPsec
Implements IPsec
IPsec protects communication on the insecure part of the network
12
Transport Mode vs Tunnel Mode
Transport mode secures packet payload and leaves IP header unchanged
IP header (real dest) IPsec header TCP/UDP header + data
Tunnel mode encapsulates both IP header and payload into IPsec packets
IP header (gateway) IPsec header IP header TCP/UDP header + data (real dest)
13
Security Association (SA)
One-way sender-recipient relationship
Manually configured or negotiated through IKE
SA determines how packets are processed
Cryptographic algorithms, keys, AH/ESP, lifetimes, sequence numbers, mode (transport or tunnel) read Kaufman!
SA is uniquely identified by {SPI, dst IP addr, flag}
SPI: Security Parameter Index
Chosen be destination (unless traffic is multicast...)
Flag: ESP or AH Each IPsec implementation keeps a database of SAs SPI is sent with packet, tells recipient which SA to use
14
Sending and Receiving IPsec Packets
When is Alice sending to Bob:
Consult security policy database (SPD) to check if packet should protected with IPsec or not (defined by selectors) SPD provides pointer to the associated SA entry in the security association database (SAD) SA provides SPI, algorithm, key, sequence number, etc. Include the SPI in the message
When Bob receives a message:
Lookup the SA based on the destination address and SPI (in a multicast message the address is not Bob's own) Find algorithm, key, sequence number, etc. After decrypting message, verify that packet matches selector in the policy database (SPD)
15
Encapsulation Formats
AH
Authentication Header Only provides integrity
ESP
Encapsulating Security Payload Provides integrity and/or privacy AH in transport mode
Original IP header
AH
TCP header
Data
16
AH: Authentication Header
RFC 4302 Sender authentication Integrity for packet contents and IP header Sender and receiver must share a secret key
This key is used in HMAC computation The key is set up by IKE key establishment protocol and recorded in the Security Association (SA)
AHv2, RFC 4302 Let authentication header implement IP integrity by holding a hash of a shared secret and the content of an IP packet
17
AH and IP Header
Mutable fields
may change
Service type Fragm. offset TTL Header checksum
Predictable fields
may change in a predictable way
Dst address (source routing)
Immutable fields
will not change
the rest....
Mutable fields cant be included in the AHs end-to-end integrity check
18
Authentication Header Format
Provides integrity and origin authentication Authenticates portions of the IP header Anti-replay service (to counter denial of service) No confidentiality
Next header (TCP)
Payload length
Reserved
Security parameters index (SPI) Sequence number ICV: Integrity Check Value (HMAC of IP header, AH, payload)
Identifies security association (shared keys and algorithms) Anti-replay Authenticates source, verifies integrity of payload 19
ESP: Encapsulating Security Payload
RFC 4303 Adds new header and trailer fields to packet Transport mode
Confidentiality of packet between two hosts Complete hole through firewalls Used sparingly
Tunnel mode
Confidentiality of packet between two gateways or a host and a gateway Implements VPN tunnels FW filtering can be done on packets before they enter tunnel
20
ESP Security Guarantees
Confidentiality and integrity for packet payload
Symmetric cipher negotiated as part of security assoc
Optionally provides authentication (similar to AH) Can work in transport
Original IP header ESP header
Encrypted (inner)
TCP/UDP segment ESP trailer ESP auth
or tunnel mode (problem with NAT) Authenticated (outer)
New IP header ESP header Original IP header TCP/UDP segment ESP trailer ESP auth
21
ESP Packet
Identifies security association (shared keys and algorithms) Anti-replay TCP segment (transport mode) or entire IP packet (tunnel mode) Pad to block size for cipher, also hide actual payload length Type of payload HMAC-based Integrity Check Value (similar to AH)
22
Virtual Private Networks (VPN)
ESP is often used to implement a VPN
Packets go from internal network to a gateway with TCP/IP headers for address in another network Entire packet hidden by encryption
Including original headers so destination addresses are hidden
Receiving gateway decrypts packet and forwards original IP packet to receiving address in the network that it protects
This is known as a VPN tunnel
Secure communication between parts of the same organization over public Internet
23
Use Cases Summary
Host-Host
Transport mode (Or tunnel mode) Secure connection (host-host) H H Secure tunnel (gw-gw) H GW Secure tunnel (host-gw) GW H
Gateway-Gateway
Tunnel mode
Host-Gateway
Tunnel mode
H
GW
H
Find millions of documents on Course Hero - Study Guides, Lecture Notes, Reference Materials, Practice Exams and more.
Course Hero has millions of course specific materials providing students with the best way to expand
their education.
Below is a small sample set of documents:
Below is a small sample set of documents:
Kungliga Tekniska högskolan - ICT - 2
IPSEC: IKEMarkus Hidell mahidell@kth.seBased on material by Vitaly Shmatikov, Univ. of Texas, and by the previous course teachers1Reading Kaufman, chapter 18 (and some of 16)2Secure Key Establishment Goal: generate and agree on a session key using
Kungliga Tekniska högskolan - ICT - 2
TLS/SSLPeter Sjdin psj@kth.seBased on material by Vitaly Shmatikov, Univ. of Texas, and by the previous course teachers1What is SSL / TLS? Transport Layer Security protocol, version 1.0 De facto standard for Internet security The primary goal of the
Kungliga Tekniska högskolan - ICT - 2
FirewallsMarkus Hidell mahidell@kth.seBased on material by Vitaly Shmatikov, Univ. of Texas, and by the previous course teachers1Reading Kaufman, chapter 232Firewallsadministered network firewallpublic Internet Isolates organizations internal ne
Kungliga Tekniska högskolan - ICT - 2
E-mail SecurityPeter Sjdin psj@kth.seBased on material by Vitaly Shmatikov, Univ. of Texas, and by the previous course teachers1E-mail Security Overview and e-mail spoofing Design considerations PGP S/MIME2Simple Mail Transfer Protocol (SMTP)SMTP
Kungliga Tekniska högskolan - ICT - 3
IK2211 Data Links and Local Area NetworksEthernetPeter Sjdin KTH School of ICTOverview Background and recapitulation High speed Ethernet Spanning Tree Protocol Virtual LANs and large scale EthernetMAC Frame FormatMedia-specific preambleData link la
Kungliga Tekniska högskolan - ICT - 3
IK2211 Data Links and LANs Optical Networks moduleLena Wosinskawosinska@kth.seThe Royal Institute of Technology (KTH), School of Information and Communication Technology (ICT) Next Generation Optical NETworks (NEGONET) http:/www.ict.kth.se/MAP/FMI/Nego
Kungliga Tekniska högskolan - ICT - 3
IK2211 Data Links and Local Area NetworksPeter Sjdin, Markus Hidell KTH School of ICTIntroduction Course planning and organization Staff Modules Lectures Home assignments Laboratory assignments Web site project Course material eLearning portal Introd
Kungliga Tekniska högskolan - ICT - 3
Multi-Protocol Label Switching IK2211 Data Links and Local Area NetworksMPLSMarkus Hidell KTH School of ICTMulti-Protocol Label SwitchingBackground In the late 1990s (1995-1997) several new techniques to simplify IP forwarding appeared Basic idea was
Kungliga Tekniska högskolan - ICT - 3
IK2211 Data Links and Local Area NetworksOptical NetworksPeter Sjdin KTH School of ICTTopics Optical Systems and Devices WDM transmission Add-drop multiplexing Cross-connects Digital Optical SDH/SONET Protection and restoration Control Neighbour d
Kungliga Tekniska högskolan - ICT - 3
IK2211 Data Links and Local Area NetworksWireless NetworksPeter Sjdin KTH School of ICT1About These Slides Slides are to a large extent based on material from Computer Networking: A Top Down Approach, 4th edition. Jim Kurose, Keith Ross. Addison-Wes
California PA - ACCT - 123
Chapter5CostVolumeProfitRelationshipsSolutionstoQuestions51 Thecontributionmargin(CM)ratioisthe ratioofthetotalcontributionmargintototalsales revenue.Itcanbeusedinavarietyofways.For example,thechangeintotalcontributionmargin fromagivenchangeintotalsale
CSU San Marcos - MIS - 304
Tiffany Woodbury Seat: C-4-1Bus 302 Mon. 1-3 Beverlee B. Anderson, Ph.DTitle of Article: Middle East Investors Wait for Fog to Clear Issue Date: February 4, 2011 Page Number(s) Online Appropriate Model for Analysis: Porters Diamond Model Focus: Middle E
CSU San Marcos - MIS - 304
1. What do you think about your boss asking for a memo for his boss? Is that a good thing? Yes, because it outlines the advantages and justifies need of such system and cost of such a system with how its going to affect sales force, calculated advantage a
CSU San Marcos - MIS - 304
MIS 304 Management Information SystemsT.SanaeWoodbury Exercises3TheDeeVideoEpisode1and2Episode1:question141) Whatdoyouthinkaboutthisblogidea? Ithinktheblogideacouldworkifitissimpleandeasytouseandeasytonavigate.It woulddefinitelyhavetobefocusedandpresen
CSU San Marcos - MIS - 304
MIS 304 Management Information SystemsT.SanaeWoodbury Exercises4CompetitiveAdvantagesPart1Slides81) Readthefivesituationsontheslides,andidentifywhichcompetitiveforceitaffects. The five competitive forces determine industry profitability and competitive
CSU San Marcos - MIS - 304
MIS 304 Management Information SystemsExercisesforDeesVideo(46)TiffanySanaeWoodbury Watchthevideo(5episodesoftheDeevideo)containedinthisfolder.Answerthereview questions:Episode4: 1. IfsomeonehadaskedDeebeforeshestartedthisproject,ifsheneededtoknowthed
CSU San Marcos - MIS - 304
T. Sanae WoodburyPart Number 2 3 4 5 6 7 8 9 10 11 12 13 14Description Handle Bar Bar Grip Bar Tang Wagon Body, Metal Front Wheel Assembly Front Wheels Axel Front Wheel Retainer Rear Wheel Assembly Rear Wheels Axel Wheel Retainer Bar StockInventory Lev
CSU San Marcos - MIS - 304
God as Computer ProgrammerGod as Computer Programmer Some Important Theological Questions are Answered if we think of God as a Computer Programmer. Q: Does God control everything that happens in my life? A: He could, if he used the debugger, but it's ted
CSU San Marcos - MIS - 304
D ateofRequ M anager.Fi Manager.La IPAddressT BlockingIn est rstName stName Clinton Clinton Paul oblock 144.25.68.89 both 144.23.67.33 incoming Out 1/1/2008 H illary 1/4/2008 H illary 2/14/2008 Ron 144.23.65.87 incomingStatus Approved Pending PendingSpe
CSU San Marcos - MIS - 304
<html> <title> Onestar Sanae Sending Greetings</title> <body> <h1 align= center> Greetings Professor Fang.</h1> <div align="left" class="Georgia1"> <p>This webpage is brought to you by Mis 304. </p></div> <font face="Georgia, Times New Roman, Times, serif
CSU San Marcos - MIS - 304
VendorName ProductInventoryCostOfSum Copper River Manufacturin g $205,987.50 Illumination, Inc $97,235.00 Plymouth Sales $113,077.50 Slate Distribution $100,550.00 Team Facility $67,175.00CategoryAccessories Clothing Furniture LinensProductInventoryCos
CSU San Marcos - MIS - 304
MANAGEMENTINFORMATION SYSTEMSReview2FangFang DeptofISOM CSUSMCHAPTERSOVERVIEW02/17/11Chapter 1 3 Strategic Use of Information Systems Chapter 4 6 Technology Components of Information Systems Chapter 7-9 Different Types of InformationManagement Infor
CSU San Marcos - MIS - 304
Mis3keyselementsdevelopmentuse,infosystems,businessgoalsobject.Thedevelopmentanduseofinfosystemsthathelp businessesachievetheirgoalsandobjectives.MooresLaw,costofdatacommunicationsanddatastorageisessentiallyzero. Suffficientmoneyreleveanttimilely 8princ1.
CSU San Marcos - MIS - 304
MIS 304 Management Information Systems Tiffany Sanae Woodbury MIS Lab Exercise Chapter 1: MIS and YouThe Spreadsheet in Microsoft Excel file Ch1Ex1 contains records of employee activity on special projects. Open this workbook and examine the data that yo
CSU San Marcos - MIS - 411
TERM PROJECT COVER PAGE AND OUTLINEVersion 08.27.10You must include this page in front of your page 1 Title page. Each Team Member, Please Read, then Sign Below: I HAVE CONTRIBUTED ONLY MY OWN ORIGINAL WORK, UNLESS OTHERWISE NOTED. I HAVE PROPERLY REFER
CSU San Marcos - MIS - 411
Chapter 11. Examples of relationships:2.In this database, the relationship between CUSTOMER and CONTACT HISTORY is one-to-many:10. a. one-to-many b. many-to-many11.
CSU San Marcos - MIS - 411
Tiffany Sanae Woodbury MIS 411 Chapter 1 Homework ExerciseSolve the following textbook problem exercises 1.2.10. a. One to Many b. Many to Many 11.
GWU - PHYS - 2163
Waves, the Wave Equation, and Phase VelocityWhat is a wave? Forward [f(x-vt)] and backward [f(x+vt)] propagating waves The one-dimensional wave equation Harmonic waves Wavelength, frequency, period, etc. 0 1 2 3f(x) f(x-2) f(x-1) f(x-3)xPhase velocity
GWU - PHYS - 2163
What is a wave?A wave is anything that moves. To displace any function f(x) to the right, just change its argument from x to x-a, where a is a positive number. If we let a = v t, where v is positive and t is time, then the displacement will increase with
GWU - PHYS - 2163
The one-dimensional wave equation and its solutionWell derive the wave equation from Maxwells equations next class. Here it is in its one-dimensional form for scalar (i.e., non-vector) functions, f: 2 2f 1f 2 2 =0 2 x v tLight waves (actually the elect
GWU - PHYS - 2163
Proof that f (x vt) solves the wave equationu = 1 and Write f (x vt) as f (u), where u = x vt. So xNow, use the chain rule:f f = x uf f u = x u x f f u = t u t2 2 f 2 f =v 2 t u 2u =v tSo2 f 2 f x 2 = u 2andf f =v t u Substituting into the wave
GWU - PHYS - 2163
The 1D wave equation for light waves2 E 2 E 2 = 0 2 x tWell use cosine- and sine-wave solutions: where E is the light electric fieldE ( x, t ) = B cos[k ( x vt )] + C sin[k ( x vt )]orkx (kv)tE ( x, t ) = B cos(kx t ) + C sin(kx t )where: k=v=1
GWU - PHYS - 2163
A simpler equation for a harmonic wave:E(x,t) = A cos[(kx t) ]Use the trigonometric identity:cos(zy) = cos(z) cos(y) + sin(z) sin(y)where z = k x t and y = to obtain:E(x,t) = A cos(kx t) cos( ) + A sin(kx t) sin( )which is the same result as before,
GWU - PHYS - 2163
Definitions: Amplitude and Absolute phaseE(x,t) = A cos[(k x t ) ]A = Amplitude = Absolute phase (or initial phase)
GWU - PHYS - 2163
Human waveA typical human wave has a phase velocity of about 20 seats per second.
GWU - PHYS - 2163
The Phase of a WaveThe phase is everything inside the cosine.E(x,t) = A cos( ), where = k x t = (x,y,z,t) and is not a constant, like !In terms of the phase, = / t k = / xAnd / t v = This formula is useful when the wave is really complicated. / x
GWU - PHYS - 2163
Complex numbersConsider a point, P = (x,y), on a 2D Cartesian grid.Let the x-coordinate be the real part and the y-coordinate the imaginary part of a complex number. So, instead of using an ordered pair, (x,y), we write: P = x+iy = A cos( ) + i A sin( )
GWU - PHYS - 2163
Euler's Formulaexp(i ) = cos( ) + i sin( )so the point, P = A cos( ) + i A sin( ), can be written:P = A exp(i )whereA = Amplitude = Phase
GWU - PHYS - 2163
Proof of Euler's Formula exp(i ) = cos( ) + i sin( )Use Taylor Series:x x2 x3 f ( x) = f (0) + f '(0) + f '(0) + f '(0) + . 1! 2! 3!x x 2 x3 x 4 exp( x) = 1 + + + + + . 1! 2! 3! 4! x 2 x 4 x 6 x8 cos( x) = 1 + + + . 2! 4! 6! 8! x x3 x5 x 7 x9 sin( x) =
GWU - PHYS - 2163
Complex number theoremsIf exp(i ) = cos( ) + i sin( )exp(i ) = 1 exp(i / 2) = i exp(-i ) = cos( ) i sin( ) 1 cos( ) = [ exp(i ) + exp(i )] 2 1 sin( ) = [ exp(i ) exp(i ) ] 2i A1exp(i1 ) A2 exp(i 2 ) = A1 A2 exp [ i (1 + 2 ) ]A1exp(i1 ) / A2 exp(i 2 ) =
GWU - PHYS - 2163
More complex number theoremsAny complex number, z, can be written: So and z = Recfw_ z + i Imcfw_ z Recfw_ z = 1/2 ( z + z* ) Imcfw_ z = 1/2i ( z z* )where z* is the complex conjugate of z ( i i ) The "magnitude," | z |, of a complex number is: | z
GWU - PHYS - 2163
We can also differentiate exp(ikx) as if the argument were real.d exp(ikx) = ik exp(ikx) dx Proof : d [ cos(kx) + i sin(kx)] = k sin(kx) + ik cos(kx) dx 1 = ik sin( kx) + cos(kx) i But 1 / i = i, so : = ik [ i sin(kx) + cos(kx) ]
GWU - PHYS - 2163
Waves using complex numbersThe electric field of a light wave can be written:E(x,t) = A cos(kx t )Since exp(i ) = cos( ) + i sin( ), E(x,t) can also be written:E(x,t) = Re cfw_ A exp[i(kx t )] orE(x,t) = 1/2 A exp[i(kx t )] + c.c.We often write the
GWU - PHYS - 2163
Waves using complex amplitudesWe can let the amplitude be complex:E ( x, t ) = A exp i ( kx t ) E ( x, t ) = cfw_ A exp(i ) exp i ( kx t ) cfw_where we've separated the constant stuff from the rapidly changing stuff.The resulting "complex amplitude
GWU - PHYS - 2163
Waves using complex amplitudesWe can let the amplitude be complex:E ( x, t ) = A exp i ( kx t ) E ( x, t ) = cfw_ A exp(i ) exp i ( kx t ) cfw_where we've separated the constant stuff from the rapidly changing stuff.The resulting "complex amplitude
GWU - PHYS - 2163
The 3D wave equation for the electric field and its solution!A light wave can propagate in any direction in space. So we must allow the space derivative to be 3D: orr2 2 E E 2 = 0 t2 E 2 E 2 E 2 E + 2 + 2 2 = 0 2 x y z twhich has the solution: where a
GWU - PHYS - 2163
rr E0 exp[i (k r t )] is called a plane wave. %A plane waves contours of maximum field, called wave-fronts or phase-fronts, are planes. They extend over all space.Wave-fronts are helpful for drawing pictures of interfering waves.A wave's wavefronts swe
GWU - PHYS - 2163
Laser beams vs. Plane wavesA plane wave has flat wave-fronts throughout all space. It also has infinite energy. It doesnt exist in reality. A laser beam is more localized. We can approximate a laser beam as a plane wave vs. z times a Gaussian in x and y:
GWU - PHYS - 2163
exp(-x2)Laser pulsesx If we can localize the beam in space by multiplying by a Gaussian in x and y, we can also localize it in time by multiplying by a Gaussian in time.Et t2 x2 + y 2 E ( x, y, z , t ) = E0 exp 2 exp exp[i (kz t )] 2 % % w This is t
GWU - PHYS - 2163
Longitudinal vs. Transverse wavesMotion is along the direction of propagation longitudinal polarizationLongitudinal:Transverse:Motion is transverse to the direction of propagation transverse polarizationSpace has 3 dimensions, of which 2 are transver
GWU - PHYS - 2163
Vector fieldsLight is a 3D vector field.rr A 3D vector field f (r )assigns a 3D vector (i.e., an arrow having both direction and length) to each point in 3D space.Wind patterns: 2D vector fieldA light wave has both electric and magnetic 3D vector fie
GWU - PHYS - 2163
The 3D wave equation for the electric field is actually a vector equation!A light-wave electric field can point in any direction in space:r r2 r E E 2 = 0 t2Note the arrow over the E.which has the solution: where and andr r k ( k x , k y , k z ) r (
GWU - PHYS - 2163
Waves using complex vector amplitudesWe must now allow the complex field E and its amplitude E0 to be % % vectors:rr rr r E ( r , t ) = E0 exp i k r t % %()Note the arrows over the Es!The complex vector amplitude has six numbers that must be specifi
GWU - PHYS - 2163
Light is not only a wave, but also a particle.Photographs taken in dimmer light look grainier.Very very dim Very dim DimBrightVery brightVery very brightWhen we detect very weak light, we find that its made up of particles. We call them photons.
GWU - PHYS - 2163
PhotonsThe energy of a single photon is: h or h = (h/2 )where h is Planck's constant, 6.626 x 10-34 Joule-sec. One photon of visible light contains about 10-19 Joules, not much!. is the photon flux, or the number of photons/sec in a beam. = P / h where
GWU - PHYS - 2163
Counting photons tells us a lot about the light source. Random (incoherent) light sources,such as stars and light bulbs, emit photons with random arrival times and a Bose-Einstein distribution. Laser (coherent) light sources, on the other hand, have a mo
GWU - PHYS - 2163
Photons have momentumIf an atom emits a photon, it recoils in the opposite direction.If the atoms are excited and then emit light, the atomic beam spreads much more than if the atoms are not excited and do not emit.
GWU - PHYS - 2163
PhotonsRadiation PressurePhotons have no mass and always travel at the speed of light. The momentum of a single photon is: h/ , or hk Radiation pressure = Energy Density (Force/Area = Energy/Volume)When radiation pressure cannot be neglected: Comet tail
GWU - PHYS - 2163
Photons"What is known of [photons] comes from observing the results of their being created or annihilated."Eugene HechtWhat is known of nearly everything comes from observing the results of photons being created or annihilated.