Network Security

About This Presentation

Title:

Description:

Number of Views:17

Avg rating:3.0/5.0

Slides: 17

Provided by: dh460

Category:

Tags: automated | computer | network | security | systems

Transcript and Presenter's Notes

Title: Network Security

1
Network Security
2
Security Threats

3
Security Threats

Passive attacks
Eavesdropping on, or monitoring, transmissions
Electronic mail, file transfers, and
client/server exchanges are examples of
transmissions that can be monitored
Active attacks
Modification of transmitted data
Attempts to gain unauthorized access to computer
systems

4
Encryption Methods

The essential technology underlying virtually all
automated network and computer security
applications is cryptography
Two fundamental approaches are in use
conventional encryption, also known as symmetric
encryption
public-key encryption, also known as asymmetric
encryption

5
Conventional Encryption

The only form of encryption prior to late 1970s
Five components to the algorithm
Plaintext The original message or data
Encryption algorithm Performs various
substitutions and transformations on the
plaintext.
Secret key Input to the encryption algorithm.
Substitutions and transformations performed
depend on this key
Ciphertext Scrambled message produced as output.
depends on the plaintext and the secret key
Decryption algorithm Encryption algorithm run in
reverse. Uses ciphertext and the secret key to
produce the original plaintext.

6
Conventional Encryption Operation
7
Conventional Encryption Requirements Weaknesses

8
Public-Key Encryption

Based on mathematical functions rather than on
simple operations on bit patterns
Asymmetric, involving the use of two separate
keys
Misconceptions about public key encryption
it is more secure from cryptanalysis
it is a general-purpose technique that has made
conventional encryption obsolete

9
Public-Key Encryption Components

10
Public-Key Encryption Operation
11
Public-Key Signature Operation
12
Characteristics of Public-Key

Infeasible to determine the decryption key given
knowledge of the cryptographic algorithm and the
encryption key.
Either of the two related keys can be used for
encryption, with the other used for decryption.
Slow, but provides tremendous flexibility to
perform a number of security-related functions
Most widely used algorithm is RSA

13
Location of Encryption Devices

Link encryption
Each vulnerable communications link is equipped
on both ends with an encryption device.
All traffic over all communications links is
secured.
Vulnerable at each switch
End-to-end encryption
the encryption process is carried out at the two
end systems.
Encrypted data are transmitted unaltered across
the network to the destination, which shares a
key with the source to decrypt the data
Packet headers cannot be secured

14
Conventional EncryptionKey Distribution

15
Public-Key EncryptionKey Distribution

Parties create a pair of keys public key is
broadly distributed, private key is not
To reduce computational overhead, the following
process is then used
1. Prepare a message.
2. Encrypt that message using conventional
encryption with a one-time conventional session
key.
3. Encrypt the session key using public-key
encryption with recipients public key.
4. Attach the encrypted session key to the
message and send it.

16
Public Key Certificates

1. A public key is generated by the user and
submitted to Agency X for certification.
2. X determines by some procedure, such as a
face-to-face meeting, that this is authentically
the users public key.
3. X appends a timestamp to the public key,
generates the hash code of the result, and
encrypts that result with Xs private key forming
the signature.
4. The signature is attached to the public key.