Part_12_EE450_Network_Security

Part_12_EE450_Network_Security - Overview of Network...

Info iconThis preview shows pages 1–12. Sign up to view the full content.

View Full Document Right Arrow Icon
1 Overview of Network Security EE450: Introduction to Computer Networks Professor A. Zahid
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 Outline • What is network security? • Principles of cryptography • Authentication • Integrity • Key Distribution and certification • Access control: firewalls • Attacks and counter measures • Security in many layers
Background image of page 2
3 Network Security Confidentiality : only sender, intended receiver should “understand” message contents – sender encrypts message – receiver decrypts message Authentication : sender, receiver want to confirm identity of each other Message Integrity : sender, receiver want to ensure message not altered (in transit, or afterwards) without detection Access and Availability : services must be accessible and available to users
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4 Let us meet the Players Bob, Alice want to communicate “securely” Trudy (intruder) may intercept, delete, add messages secure sender secure receiver channel data, control messages data data Alice Bob Trudy
Background image of page 4
5 Who might Bob and Alice be? •w e l l , real-lifeBobs and Alices! • Web browser/server for electronic transactions (e.g., on-line purchases) • on-line banking client/server •D N S s e r v e r s • routers exchanging routing table updates •O t h e r s
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
6 Bad Guys and Bad Girls • Q: What can Trudy do? •A : a l o t ! – eavesdrop: intercept messages – actively insert messages into connection – impersonation: can fake (spoof) source address in packet (or any field in packet) – hijacking: “take over” ongoing connection by removing sender or receiver, inserting herself in place – denial of service: prevent service from being used by others (e.g., by overloading resources)
Background image of page 6
7 Message Confidentiality The concept of how to achieve message confidentiality or privacy has not changed for thousands of years. The message must be encrypted at the sender site and decrypted at the receiver site. This can be done using either symmetric - key cryptography or asymmetric cryptography.
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
8 Cryptography plaintext plaintext ciphertext K A encryption algorithm decryption algorithm Alice’s encryption key Bob’s decryption key K B • Symmetric key crypto: sender, receiver keys identical • Public-key crypto: encryption key public, decryption key secret (private)
Background image of page 8
9 Symmetric Key Cryptography plaintext ciphertext K A-B encryption algorithm decryption algorithm K A-B plaintext message, m K (m) A-B K (m) A-B m = K () A-B • symmetric key crypto: Bob and Alice share same (symmetric) key: K • e.g., key is knowing substitution pattern in mono alphabetic substitution cipher •C h a l l e n g e : How do Bob and Alice agree on key value? Ex: Data Encryption Standard, DES
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
10 Example: Substitution Cipher • substitution cipher: substituting one thing for another – Mono-alphabetic cipher: substitute one letter for another plaintext: abcdefghijklmnopqrstuvwxyz ciphertext: mnbvcxzasdfghjklpoiuytrewq Plaintext: Bob. i love you. Alice ciphertext: nkn. s gktc wky. mgsbc
Background image of page 10
11 Public Key (Asymmetric) Cryptography plaintext message, m ciphertext encryption algorithm decryption
Background image of page 11

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 12
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 12/29/2009 for the course EE 450 at USC.

Page1 / 40

Part_12_EE450_Network_Security - Overview of Network...

This preview shows document pages 1 - 12. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online