SlideShare a Scribd company logo
1 of 24
Download to read offline
NETWORK SECURITY
(18EC821)
Visvesvaraya Technological University
Dr. Shivashankar
Professor
Department of Electronics & Communication
Engineering
RRIT, Bangalore
1
Dr. Shivashankar, E&CE, RRIT
Course Outcomes
After Completion of the course, student will be able to:
▪Explain network security services and mechanisms and explain security
concepts.
▪Understand the concept of Transport Level Security and Secure Socket
Layer.
▪Explain security concerns in Internet Protocol Security.
▪Explain Intruders, Intrusion detection and Malicious Software.
▪Describe Firewalls, Firewall characteristics, Biasing and Configuration.
▪Text Book:
1. Cryptography and Network Security Principles and Practice, Pearson
Education Inc., William Stallings 5th Edition, ISBN: 978-81-317-6166-3.
2. Cryptography and Network Security, Atul Kahate, TMH, 2003.
▪Reference:
▪Cryptography and Network Security, Behrouz A Forouzan, TMH, 2007.
2
Dr. Shivashankar, E&CE, RRIT
MODULE-2 TRANSPORT LAYER SECURITY
Web Security Considerations
• Web Security deals with the security of data over the internet/network or
web or while it is being transferred to the internet.
• For e.g. when you are transferring data between client and server and you
have to protect that data that security of data is your web security.
• Web presents new challenges not generally appreciated in the context of
computer and network security:
➢ The Internet is two-way.
➢ The Web is increasingly serving as a highly visible outlet for corporate and
product information and as the platform for business transactions.
➢ Web browsers are very easy to use.
➢ • A Web server can be exploited as a launching pad into the corporation’s or
agency’s entire computer complex.
➢ Casual and untrained (in security matters) users are common clients for Web-
based services.
3
Dr. Shivashankar, E&CE, RRIT
Web Security Threats
• Web security threats are a form of internet-
borne cybersecurity risk that could expose users to online harm
and cause undesired actions or events.
• Web security issues can severely damage businesses and
individuals.
• Common types of web security threats include computer viruses,
data theft, and phishing attacks.
• Classify Web security threats is in terms of the location of the
threat: Web server, Web browser, and network traffic between
browser and server.
4
Dr. Shivashankar, E&CE, RRIT
A Comparison of Threats on the Web
5
Dr. Shivashankar, E&CE, RRIT
Threats Consequences Countermeasures
Integrity • Modification of user data
• Trojan horse browser
• Modification of memory •
Modification of message traffic in
transit
• Loss of information
• Compromise of
machine
• Vulnerabilty to all
other threats
Cryptographic
Confidentiality • Theft of info from server • Theft
of data from client • Info about
network configuration
• Info about which client talks to
server
• Loss of information
• Loss of privacy
Encryption, Web
proxies
Denial of
Service
• Killing of user threads
• Filling up disk or memory
• Isolating machine by DNS
attacks
• Disruptive
• Annoying
• Prevent user from
getting work done
Difficult to prevent
Authentication • Impersonation of legitimate
users
• Data forgery
• Misrepresentation
of user
• Belief that false
information is valid
Cryptographic
techniques
Web Traffic Security Approaches
▪One way to provide Web security is to use IP Security. The advantage of using
IPsec is that it is transparent to end users and applications and provides a
general-purpose solution.
▪Further, IPsec includes a filtering capability so that only selected traffic need
incur the overhead of IPsec processing.
6
Dr. Shivashankar, E&CE, RRIT
(a) Network level
(b) Transport level (c) Application level
Secure Socket Layer (SSL)
▪Provides security to the data that is transferred between web browser
and server.
▪SSL encrypts the link between a web server and a browser which ensures
that all data passed between them remain private and free from attack.
SSL Architecture
▪SSL is designed to make use of TCP to provide a reliable end-to-end
secure service.
7
Dr. Shivashankar, E&CE, RRIT
Figure 16.2 SSL Protocol Stack
CONTI…
▪Two important SSL concepts are the SSL session and the SSL connection:
• Connection: A connection is a transport that provides a suitable type of service.
• Session: An SSL session is an association between a client and a server. Sessions are
created by the Handshake Protocol. Sessions define a set of cryptographic security
parameters which can be shared among multiple connections.
A session state is defined by the following parameters.
• Session identifier: An arbitrary byte sequence chosen by the server.
• Peer certificate: An X509.v3 certificate of the peer. This element of the state may be null.
• Compression method: The algorithm used to compress data prior to encryption. • Cipher
spec: Specifies the bulk data encryption algorithm
• Master secret: 48-byte secret shared between the client and server.
• Is resumable: A flag indicating whether the session can be used to initiate new
connections.
• Server and client random: Byte sequences that are chosen by the server and client for
each connection.
• Server write MAC secret: The secret key used in MAC operations on data sent by the
server.
• Client write MAC secret: The secret key used in MAC operations on data sent by the
client.
8
Dr. Shivashankar, E&CE, RRIT
SSL Record Protocol
▪The SSL Record Protocol provides two services for SSL connections:
• Confidentiality: The Handshake Protocol defines a shared secret
key that is used for conventional encryption of SSL payloads.
• Message Integrity: The Handshake Protocol also defines a shared
secret key that is used to form a message authentication code
(MAC).
9
Dr. Shivashankar, E&CE, RRIT
Figure 16.3 SSL Record Protocol Operation
CONTI…
SSL Record Protocol processing is to prepare a header consisting of the following
fields:
• Content Type (8 bits): The higher-layer protocol used to process the enclosed
fragment.
• Major Version (8 bits): Indicates major version of SSL in use. For SSLv3, the
value is 3.
• Minor Version (8 bits): Indicates minor version in use. For SSLv3, the value is 0.
• Compressed Length (16 bits): The length in bytes of the plaintext fragment. The
maximum value is .
10
Dr. Shivashankar, E&CE, RRIT
Figure 16.4 SSL Record Format
Handshake Protocol
▪The most complex part of SSL is the Handshake Protocol.
▪This protocol allows the server and client to authenticate each other and to negotiate an encryption
and MAC algorithm and cryptographic keys to be used to protect data sent in an SSL record.
▪The Handshake Protocol is used before any application data is transmitted.
Each message has three fields:
• Type (1 byte): Indicates one of 10 messages. Table 16.2 lists the defined message types.
• Length (3 bytes): The length of the message in bytes.
• Content ( ≥ 0 bytes): The parameters associated with this message.
11
Dr. Shivashankar, E&CE, RRIT
Transport Layer Security
▪Transport Layer Securities (TLS) are designed to provide security at the transport
layer.
▪TLS was derived from a security protocol called Secure Socket Layer (SSL). TLS
ensures that no third party may eavesdrop or tampers with any message.
▪TLS is an IETF standardization initiative whose goal is to produce an Internet
standard version of SSL
▪TLS is defined as a Proposed Internet Standard in RFC 5246. RFC 5246 is very
similar to SSLv3. In this section, we highlight the differences.
▪Version Number:
▪For the current version of TLS, the major version is 3 and the minor version is 3.
▪Message Authentication Code:
▪There are two differences between the SSLv3 and TLS MAC schemes: the actual
algorithm and the scope of the MAC calculation. TLS makes use of the HMAC
algorithm defined in RFC 2104.
12
Dr. Shivashankar, E&CE, RRIT
CONTI…
▪Pseudorandom Function TLS makes use of a pseudorandom function referred to
as PRF to expand secrets into blocks of data for purposes of key generation or
validation.
▪The objective is to make use of a relatively small shared secret value but to
generate longer blocks of data in a way that is secure from the kinds of attacks
made on hash functions and MACs.
13
Dr. Shivashankar, E&CE, RRIT
Figure 16.7 TLS Function P_hash(secret, seed)
CONTI…
Alert Codes
▪TLS supports all of the alert codes defined in SSLv3 with the exception of no_certificate.
• record_overflow: A TLS record was received with a payload (ciphertext)
• unknown_CA: A valid certificate chain or partial chain was received
• access_denied: A valid certificate was received.
• decode_error: A message could not be decoded, because either a field was out of its
specified range or the length of the message was incorrect.
• protocol_version: The protocol version the client attempted to negotiate
• insufficient_security: Returned instead of handshake_failure when a negotiation has
failed specifically because the server requires ciphers more secure than those supported
by the client.
• unsupported_extension: Sent by clients that receive an extended server hello containing
an extension not in the corresponding client hello.
• internal_error: An internal error unrelated to the peer or the correctoness of the
protocol makes it impossible to continue.
• decrypt_error: A handshake cryptographic operation failed, including being unable to
verify a signature, decrypt a key exchange, or validate a finished message.
14
Dr. Shivashankar, E&CE, RRIT
CONTI…
Cipher Suites
There are several small differences between the cipher suites
available under SSLv3 and under TLS:
• Key Exchange: TLS supports all of the key exchange techniques of
SSLv3 with the exception of Fortezza.
• Symmetric Encryption Algorithms: TLS includes all of the
symmetric encrypotion algorithms found in SSLv3, with the
exception of Fortezza.
Client Certificate Types
TLS defines the following certificate types to be requested in a
certificate_request message:
rsa_sign, dss_sign, rsa_fixed_dh, and dss_fixed_dh.
These are all defined in SSLv3.
15
Dr. Shivashankar, E&CE, RRIT
HTTP
▪HTTPS (HTTP over SSL) refers to the combination of HTTP and SSL to implement
secure communication between a Web browser and a Web server.
▪The HTTPS capability is built into all modern Web browsers. Its use depends on
the Web server supporting HTTPS communication. For example, search engines
▪https:// rather than http://. A normal HTTP connection uses port 80. If HTTPS is
specified, port 443 is used, which invokes SSL.
When HTTPS is used, the following elements of the communication are
encrypted:
▪ URL of the requested document
• Contents of the document
• Contents of browser forms (filled in by browser user)
• Cookies sent from browser to server and from server to browser
•Contents of HTTP header HTTPS is documented in RFC 2818, HTTP Over TLS.
There is no fundamental change in using HTTP over either SSL or TLS, and both
implementations are referred to as HTTPS.
16
Dr. Shivashankar, E&CE, RRIT
CONTI…
Connection Initiation
▪For HTTPS, the agent acting as the HTTP client also acts as the TLS client.
▪The client initiates a connection to the server on the appropriate port and then
sends the TLS ClientHello to begin the TLS handshake.
▪When the TLS handshake has finished, the client may then initiate the first HTTP
request. All HTTP data is to be sent as TLS application data.
Need to be clear that there are three levels of awareness of a connection in
HTTPS.
1. At the HTTP level, an HTTP client requests a connection to an HTTP server by
sending a connection request to the next lowest layer.
2. At the level of TLS, a session is established between a TLS client and a TLS
server. This session can support one or more connections at any time.
3. A TLS request to establish a connection begins with the establishment of a
TCP connection between the TCP entity on the client side and the TCP entity
on the server side.
17
Dr. Shivashankar, E&CE, RRIT
CONTI…
Connection Closure
▪An HTTP client or server can indicate the closing of a connection by including
the following line in an HTTP record: Connection: close. This indicates that the
connection will be closed after this record is delivered.
The closure of an HTTPS connection requires that TLS close the connection with
the peer TLS entity on the remote side, which will involve closing the underlying
TCP connection.
1. At the TLS level, the proper way to close a connection is for each side to use
the TLS alert protocol to send a close_notify alert.
2. TLS implementations must initiate an exchange of closure alerts before
closing a connection.
3. A TLS implementation may, after sending a closure alert, close the
connection without waiting for the peer to send its closure alert, generating
an “incomplete close”
18
Dr. Shivashankar, E&CE, RRIT
SECURE SHELL (SSH)
▪SSH uses the client-server model, connecting a Secure Shell client application,
which is the end where the session is displayed, with an SSH server, which is the
end where the session runs.
▪Secure Shell (SSH) is a protocol for secure network communications designed to
be relatively simple and inexpensive to implement.
▪SSH also provides a more general client/server capability and can be used for
such network functions as file transfer and e-mail.
▪A new version, SSH2, fixes a number of security flaws in the original scheme.
SSH2 is documented as a proposed standard in IETF RFCs 4250 through 4256.
▪SSH client and server applications are widely available for most operating
systems.
▪It has become the method of choice for remote login and X tunneling and is
rapidly becoming one of the most pervasive applications for encryption
technology outside of embedded systems.
19
Dr. Shivashankar, E&CE, RRIT
Conti…
▪ Figure 16.8 SSH Protocol Stack
20
Dr. Shivashankar, E&CE, RRIT
Conti…
▪Transport Layer Protocol: Provides server authentication, data confidentiality,
and data integrity with forward secrecy. The transport layer may optionally
provide compression.
▪User Authentication Protocol: Authenticates the user to the server.
▪Connection Protocol: Multiplexes multiple logical communications channels
over a single, underlying SSH connection.
21
Dr. Shivashankar, E&CE, RRIT
Figure 16.10 SSH Transport Layer Protocol
Packet Formation
Conti…
▪1. In the SSLv3 the padding bits are ____________ with the secret key.
a)Padded
b)XORed
c)Concatenated
d) ANDed
2. Which of the following is not a valid input to the PRF in SSLv3?
a) secret value
b) identifying label
c) initialization vector
d) secret value
3. Which of the following alert codes is not supported by SSLv3?
a) record_overflow
b) no_certificate
c) internal_error
d) decode_error
4. We encounter the record_overflow error when the payload length exceeds –
a) 214 + 1024
b) 216 + 1024
c) 214 + 2048
d) 216 + 2048
6. Calculation of the certificate_verify in TLS involves the use of a finished_label. The finished_label is the string-
a) client finished for the client
b) client finished for the client, server finished for the server
c) server finished for the server
d) client finished for the server, server finished for the client
22
Dr. Shivashankar, E&CE, RRIT
Conti…
▪7. In TLS padding cann be upto a maximum of –
a) 79 bytes
b) 127 bytes
c) 255 bytes
d) none of the mentioned
8. URL stands for –
a) Universal Remote Locator
b) Universal Resource Language
c) Uniform Resource Locator
d) Uniform Resource Language
9. HTTPS stands for Hypertext Transfer Protocol over TLS.
a) True
b) False
10. An HTTP connection uses port _________ whereas HTTPS uses port ____________ and invokes SSL.
a) 40; 80
b) 60; 620
c) 80; 443
d) 620; 80
11. Which of the following are valid authentication methods?
a) Public Key Based
b) Password Based
c) Host Based
d) All of the mentioned
8.The SSH Connection Protocol runs on top of the SSH Transport Layer Protocol and assumes that a secure
authentication connection is in use.
a) True
b) False
23
Dr. Shivashankar, E&CE, RRIT
Thank you
Dr. Shivashankar, E&CE, RRIT 24

More Related Content

What's hot

What's hot (20)

Network security
Network securityNetwork security
Network security
 
Network security
Network securityNetwork security
Network security
 
Presentation on 5G security
Presentation on 5G securityPresentation on 5G security
Presentation on 5G security
 
Network security
Network securityNetwork security
Network security
 
Network security (syed azam)
Network security (syed azam)Network security (syed azam)
Network security (syed azam)
 
Cellular Network -Ground Reflectio (Two Ray) Model.pdf
Cellular Network -Ground Reflectio (Two Ray) Model.pdfCellular Network -Ground Reflectio (Two Ray) Model.pdf
Cellular Network -Ground Reflectio (Two Ray) Model.pdf
 
Network security
Network securityNetwork security
Network security
 
What is Network Security?
What is Network Security?What is Network Security?
What is Network Security?
 
WSN presentation
WSN presentationWSN presentation
WSN presentation
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network Security
 
Network security chapter 1
Network security   chapter 1Network security   chapter 1
Network security chapter 1
 
Firewall
Firewall Firewall
Firewall
 
Chapter 3 : User Datagram Protocol (UDP)
Chapter 3 : User Datagram Protocol (UDP)Chapter 3 : User Datagram Protocol (UDP)
Chapter 3 : User Datagram Protocol (UDP)
 
E mail forensics
E mail forensicsE mail forensics
E mail forensics
 
Network Security
Network SecurityNetwork Security
Network Security
 
IP Security
IP SecurityIP Security
IP Security
 
Network security
 Network security Network security
Network security
 
Motorola MotoTRBO System Planner
Motorola MotoTRBO System PlannerMotorola MotoTRBO System Planner
Motorola MotoTRBO System Planner
 
NETWORK SECURITY
NETWORK SECURITYNETWORK SECURITY
NETWORK SECURITY
 
Seminar (network security)
Seminar (network security)Seminar (network security)
Seminar (network security)
 

Similar to Network Security_Module_2_Dr Shivashankar

PPT ON WEB SECURITY BY MONODIP SINGHA ROY
PPT ON WEB SECURITY BY MONODIP SINGHA ROYPPT ON WEB SECURITY BY MONODIP SINGHA ROY
PPT ON WEB SECURITY BY MONODIP SINGHA ROY
Monodip Singha Roy
 
SSL Secure socket layer
SSL Secure socket layerSSL Secure socket layer
SSL Secure socket layer
Ahmed Elnaggar
 
BAIT1103 Chapter 4
BAIT1103 Chapter 4BAIT1103 Chapter 4
BAIT1103 Chapter 4
limsh
 

Similar to Network Security_Module_2_Dr Shivashankar (20)

Network Security_Module_2.pdf
Network Security_Module_2.pdfNetwork Security_Module_2.pdf
Network Security_Module_2.pdf
 
Web Security
Web SecurityWeb Security
Web Security
 
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level SecurityCRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
 
SECURE SOCKET LAYER ( WEB SECURITY )
SECURE SOCKET LAYER ( WEB SECURITY )SECURE SOCKET LAYER ( WEB SECURITY )
SECURE SOCKET LAYER ( WEB SECURITY )
 
PPT ON WEB SECURITY BY MONODIP SINGHA ROY
PPT ON WEB SECURITY BY MONODIP SINGHA ROYPPT ON WEB SECURITY BY MONODIP SINGHA ROY
PPT ON WEB SECURITY BY MONODIP SINGHA ROY
 
Secure socket later
Secure socket laterSecure socket later
Secure socket later
 
SSL Secure socket layer
SSL Secure socket layerSSL Secure socket layer
SSL Secure socket layer
 
Network Security Applications
Network Security ApplicationsNetwork Security Applications
Network Security Applications
 
Unit 6
Unit 6Unit 6
Unit 6
 
BAIT1103 Chapter 4
BAIT1103 Chapter 4BAIT1103 Chapter 4
BAIT1103 Chapter 4
 
Lecture 6 web security
Lecture 6 web securityLecture 6 web security
Lecture 6 web security
 
ssl-tls-ipsec-vpn.pptx
ssl-tls-ipsec-vpn.pptxssl-tls-ipsec-vpn.pptx
ssl-tls-ipsec-vpn.pptx
 
PKI & SSL
PKI & SSLPKI & SSL
PKI & SSL
 
VULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOLVULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOL
 
Vulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS ProtocolVulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS Protocol
 
Improving the Secure Socket Layer by Modifying the RSA Algorithm
Improving the Secure Socket Layer by Modifying the RSA AlgorithmImproving the Secure Socket Layer by Modifying the RSA Algorithm
Improving the Secure Socket Layer by Modifying the RSA Algorithm
 
Secure Socket Layer.pptx
Secure Socket Layer.pptxSecure Socket Layer.pptx
Secure Socket Layer.pptx
 
Network Security- Secure Socket Layer
Network Security- Secure Socket LayerNetwork Security- Secure Socket Layer
Network Security- Secure Socket Layer
 
Alfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transitAlfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transit
 
Web security
Web securityWeb security
Web security
 

More from Dr. Shivashankar

More from Dr. Shivashankar (14)

21 Scheme_21EC53_MODULE-5_CCN_Dr. ShivaS
21 Scheme_21EC53_MODULE-5_CCN_Dr. ShivaS21 Scheme_21EC53_MODULE-5_CCN_Dr. ShivaS
21 Scheme_21EC53_MODULE-5_CCN_Dr. ShivaS
 
21 SCHEME_21EC53_VTU_MODULE-4_COMPUTER COMMUNCATION NETWORK.pdf
21 SCHEME_21EC53_VTU_MODULE-4_COMPUTER COMMUNCATION NETWORK.pdf21 SCHEME_21EC53_VTU_MODULE-4_COMPUTER COMMUNCATION NETWORK.pdf
21 SCHEME_21EC53_VTU_MODULE-4_COMPUTER COMMUNCATION NETWORK.pdf
 
21 Scheme_ MODULE-3_CCN.pdf
21 Scheme_ MODULE-3_CCN.pdf21 Scheme_ MODULE-3_CCN.pdf
21 Scheme_ MODULE-3_CCN.pdf
 
21_Scheme_MODULE-1_CCN.pdf
21_Scheme_MODULE-1_CCN.pdf21_Scheme_MODULE-1_CCN.pdf
21_Scheme_MODULE-1_CCN.pdf
 
21 Scheme_MODULE-2_CCN.pdf
21 Scheme_MODULE-2_CCN.pdf21 Scheme_MODULE-2_CCN.pdf
21 Scheme_MODULE-2_CCN.pdf
 
Wireless Cellular Communication_Module 3_Dr. Shivashankar.pdf
Wireless Cellular Communication_Module 3_Dr. Shivashankar.pdfWireless Cellular Communication_Module 3_Dr. Shivashankar.pdf
Wireless Cellular Communication_Module 3_Dr. Shivashankar.pdf
 
Wireless Cellular Communication_Mudule2_Dr.Shivashankar.pdf
Wireless Cellular Communication_Mudule2_Dr.Shivashankar.pdfWireless Cellular Communication_Mudule2_Dr.Shivashankar.pdf
Wireless Cellular Communication_Mudule2_Dr.Shivashankar.pdf
 
Network Security_3rd Module_Dr. Shivashankar
Network Security_3rd Module_Dr. ShivashankarNetwork Security_3rd Module_Dr. Shivashankar
Network Security_3rd Module_Dr. Shivashankar
 
Network Security-Module_1.pdf
Network Security-Module_1.pdfNetwork Security-Module_1.pdf
Network Security-Module_1.pdf
 
MODULE-3_CCN.pptx
MODULE-3_CCN.pptxMODULE-3_CCN.pptx
MODULE-3_CCN.pptx
 
MODULE-1_CCN.pptx
MODULE-1_CCN.pptxMODULE-1_CCN.pptx
MODULE-1_CCN.pptx
 
MODULE-2_CCN.pptx
MODULE-2_CCN.pptxMODULE-2_CCN.pptx
MODULE-2_CCN.pptx
 
MODULE-5_CCN.pptx
MODULE-5_CCN.pptxMODULE-5_CCN.pptx
MODULE-5_CCN.pptx
 
MODULE-4_CCN.pptx
MODULE-4_CCN.pptxMODULE-4_CCN.pptx
MODULE-4_CCN.pptx
 

Recently uploaded

Artificial intelligence presentation2-171219131633.pdf
Artificial intelligence presentation2-171219131633.pdfArtificial intelligence presentation2-171219131633.pdf
Artificial intelligence presentation2-171219131633.pdf
Kira Dess
 
Scouring of cotton and wool fabric with effective scouring method
Scouring of cotton and wool fabric with effective scouring methodScouring of cotton and wool fabric with effective scouring method
Scouring of cotton and wool fabric with effective scouring method
vimal412355
 
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
AldoGarca30
 

Recently uploaded (20)

Signal Processing and Linear System Analysis
Signal Processing and Linear System AnalysisSignal Processing and Linear System Analysis
Signal Processing and Linear System Analysis
 
Computer Graphics Introduction To Curves
Computer Graphics Introduction To CurvesComputer Graphics Introduction To Curves
Computer Graphics Introduction To Curves
 
What is Coordinate Measuring Machine? CMM Types, Features, Functions
What is Coordinate Measuring Machine? CMM Types, Features, FunctionsWhat is Coordinate Measuring Machine? CMM Types, Features, Functions
What is Coordinate Measuring Machine? CMM Types, Features, Functions
 
Artificial intelligence presentation2-171219131633.pdf
Artificial intelligence presentation2-171219131633.pdfArtificial intelligence presentation2-171219131633.pdf
Artificial intelligence presentation2-171219131633.pdf
 
litvinenko_Henry_Intrusion_Hong-Kong_2024.pdf
litvinenko_Henry_Intrusion_Hong-Kong_2024.pdflitvinenko_Henry_Intrusion_Hong-Kong_2024.pdf
litvinenko_Henry_Intrusion_Hong-Kong_2024.pdf
 
Ground Improvement Technique: Earth Reinforcement
Ground Improvement Technique: Earth ReinforcementGround Improvement Technique: Earth Reinforcement
Ground Improvement Technique: Earth Reinforcement
 
Max. shear stress theory-Maximum Shear Stress Theory ​ Maximum Distortional ...
Max. shear stress theory-Maximum Shear Stress Theory ​  Maximum Distortional ...Max. shear stress theory-Maximum Shear Stress Theory ​  Maximum Distortional ...
Max. shear stress theory-Maximum Shear Stress Theory ​ Maximum Distortional ...
 
Call for Papers - Journal of Electrical Systems (JES), E-ISSN: 1112-5209, ind...
Call for Papers - Journal of Electrical Systems (JES), E-ISSN: 1112-5209, ind...Call for Papers - Journal of Electrical Systems (JES), E-ISSN: 1112-5209, ind...
Call for Papers - Journal of Electrical Systems (JES), E-ISSN: 1112-5209, ind...
 
Scouring of cotton and wool fabric with effective scouring method
Scouring of cotton and wool fabric with effective scouring methodScouring of cotton and wool fabric with effective scouring method
Scouring of cotton and wool fabric with effective scouring method
 
Computer Graphics - Windowing and Clipping
Computer Graphics - Windowing and ClippingComputer Graphics - Windowing and Clipping
Computer Graphics - Windowing and Clipping
 
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptxS1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx
 
5G and 6G refer to generations of mobile network technology, each representin...
5G and 6G refer to generations of mobile network technology, each representin...5G and 6G refer to generations of mobile network technology, each representin...
5G and 6G refer to generations of mobile network technology, each representin...
 
engineering chemistry power point presentation
engineering chemistry  power point presentationengineering chemistry  power point presentation
engineering chemistry power point presentation
 
Introduction to Artificial Intelligence ( AI)
Introduction to Artificial Intelligence ( AI)Introduction to Artificial Intelligence ( AI)
Introduction to Artificial Intelligence ( AI)
 
8th International Conference on Soft Computing, Mathematics and Control (SMC ...
8th International Conference on Soft Computing, Mathematics and Control (SMC ...8th International Conference on Soft Computing, Mathematics and Control (SMC ...
8th International Conference on Soft Computing, Mathematics and Control (SMC ...
 
Introduction-to- Metrology and Quality.pptx
Introduction-to- Metrology and Quality.pptxIntroduction-to- Metrology and Quality.pptx
Introduction-to- Metrology and Quality.pptx
 
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
 
Adsorption (mass transfer operations 2) ppt
Adsorption (mass transfer operations 2) pptAdsorption (mass transfer operations 2) ppt
Adsorption (mass transfer operations 2) ppt
 
Theory of Time 2024 (Universal Theory for Everything)
Theory of Time 2024 (Universal Theory for Everything)Theory of Time 2024 (Universal Theory for Everything)
Theory of Time 2024 (Universal Theory for Everything)
 
Overview of Transformation in Computer Graphics
Overview of Transformation in Computer GraphicsOverview of Transformation in Computer Graphics
Overview of Transformation in Computer Graphics
 

Network Security_Module_2_Dr Shivashankar

  • 1. NETWORK SECURITY (18EC821) Visvesvaraya Technological University Dr. Shivashankar Professor Department of Electronics & Communication Engineering RRIT, Bangalore 1 Dr. Shivashankar, E&CE, RRIT
  • 2. Course Outcomes After Completion of the course, student will be able to: ▪Explain network security services and mechanisms and explain security concepts. ▪Understand the concept of Transport Level Security and Secure Socket Layer. ▪Explain security concerns in Internet Protocol Security. ▪Explain Intruders, Intrusion detection and Malicious Software. ▪Describe Firewalls, Firewall characteristics, Biasing and Configuration. ▪Text Book: 1. Cryptography and Network Security Principles and Practice, Pearson Education Inc., William Stallings 5th Edition, ISBN: 978-81-317-6166-3. 2. Cryptography and Network Security, Atul Kahate, TMH, 2003. ▪Reference: ▪Cryptography and Network Security, Behrouz A Forouzan, TMH, 2007. 2 Dr. Shivashankar, E&CE, RRIT
  • 3. MODULE-2 TRANSPORT LAYER SECURITY Web Security Considerations • Web Security deals with the security of data over the internet/network or web or while it is being transferred to the internet. • For e.g. when you are transferring data between client and server and you have to protect that data that security of data is your web security. • Web presents new challenges not generally appreciated in the context of computer and network security: ➢ The Internet is two-way. ➢ The Web is increasingly serving as a highly visible outlet for corporate and product information and as the platform for business transactions. ➢ Web browsers are very easy to use. ➢ • A Web server can be exploited as a launching pad into the corporation’s or agency’s entire computer complex. ➢ Casual and untrained (in security matters) users are common clients for Web- based services. 3 Dr. Shivashankar, E&CE, RRIT
  • 4. Web Security Threats • Web security threats are a form of internet- borne cybersecurity risk that could expose users to online harm and cause undesired actions or events. • Web security issues can severely damage businesses and individuals. • Common types of web security threats include computer viruses, data theft, and phishing attacks. • Classify Web security threats is in terms of the location of the threat: Web server, Web browser, and network traffic between browser and server. 4 Dr. Shivashankar, E&CE, RRIT
  • 5. A Comparison of Threats on the Web 5 Dr. Shivashankar, E&CE, RRIT Threats Consequences Countermeasures Integrity • Modification of user data • Trojan horse browser • Modification of memory • Modification of message traffic in transit • Loss of information • Compromise of machine • Vulnerabilty to all other threats Cryptographic Confidentiality • Theft of info from server • Theft of data from client • Info about network configuration • Info about which client talks to server • Loss of information • Loss of privacy Encryption, Web proxies Denial of Service • Killing of user threads • Filling up disk or memory • Isolating machine by DNS attacks • Disruptive • Annoying • Prevent user from getting work done Difficult to prevent Authentication • Impersonation of legitimate users • Data forgery • Misrepresentation of user • Belief that false information is valid Cryptographic techniques
  • 6. Web Traffic Security Approaches ▪One way to provide Web security is to use IP Security. The advantage of using IPsec is that it is transparent to end users and applications and provides a general-purpose solution. ▪Further, IPsec includes a filtering capability so that only selected traffic need incur the overhead of IPsec processing. 6 Dr. Shivashankar, E&CE, RRIT (a) Network level (b) Transport level (c) Application level
  • 7. Secure Socket Layer (SSL) ▪Provides security to the data that is transferred between web browser and server. ▪SSL encrypts the link between a web server and a browser which ensures that all data passed between them remain private and free from attack. SSL Architecture ▪SSL is designed to make use of TCP to provide a reliable end-to-end secure service. 7 Dr. Shivashankar, E&CE, RRIT Figure 16.2 SSL Protocol Stack
  • 8. CONTI… ▪Two important SSL concepts are the SSL session and the SSL connection: • Connection: A connection is a transport that provides a suitable type of service. • Session: An SSL session is an association between a client and a server. Sessions are created by the Handshake Protocol. Sessions define a set of cryptographic security parameters which can be shared among multiple connections. A session state is defined by the following parameters. • Session identifier: An arbitrary byte sequence chosen by the server. • Peer certificate: An X509.v3 certificate of the peer. This element of the state may be null. • Compression method: The algorithm used to compress data prior to encryption. • Cipher spec: Specifies the bulk data encryption algorithm • Master secret: 48-byte secret shared between the client and server. • Is resumable: A flag indicating whether the session can be used to initiate new connections. • Server and client random: Byte sequences that are chosen by the server and client for each connection. • Server write MAC secret: The secret key used in MAC operations on data sent by the server. • Client write MAC secret: The secret key used in MAC operations on data sent by the client. 8 Dr. Shivashankar, E&CE, RRIT
  • 9. SSL Record Protocol ▪The SSL Record Protocol provides two services for SSL connections: • Confidentiality: The Handshake Protocol defines a shared secret key that is used for conventional encryption of SSL payloads. • Message Integrity: The Handshake Protocol also defines a shared secret key that is used to form a message authentication code (MAC). 9 Dr. Shivashankar, E&CE, RRIT Figure 16.3 SSL Record Protocol Operation
  • 10. CONTI… SSL Record Protocol processing is to prepare a header consisting of the following fields: • Content Type (8 bits): The higher-layer protocol used to process the enclosed fragment. • Major Version (8 bits): Indicates major version of SSL in use. For SSLv3, the value is 3. • Minor Version (8 bits): Indicates minor version in use. For SSLv3, the value is 0. • Compressed Length (16 bits): The length in bytes of the plaintext fragment. The maximum value is . 10 Dr. Shivashankar, E&CE, RRIT Figure 16.4 SSL Record Format
  • 11. Handshake Protocol ▪The most complex part of SSL is the Handshake Protocol. ▪This protocol allows the server and client to authenticate each other and to negotiate an encryption and MAC algorithm and cryptographic keys to be used to protect data sent in an SSL record. ▪The Handshake Protocol is used before any application data is transmitted. Each message has three fields: • Type (1 byte): Indicates one of 10 messages. Table 16.2 lists the defined message types. • Length (3 bytes): The length of the message in bytes. • Content ( ≥ 0 bytes): The parameters associated with this message. 11 Dr. Shivashankar, E&CE, RRIT
  • 12. Transport Layer Security ▪Transport Layer Securities (TLS) are designed to provide security at the transport layer. ▪TLS was derived from a security protocol called Secure Socket Layer (SSL). TLS ensures that no third party may eavesdrop or tampers with any message. ▪TLS is an IETF standardization initiative whose goal is to produce an Internet standard version of SSL ▪TLS is defined as a Proposed Internet Standard in RFC 5246. RFC 5246 is very similar to SSLv3. In this section, we highlight the differences. ▪Version Number: ▪For the current version of TLS, the major version is 3 and the minor version is 3. ▪Message Authentication Code: ▪There are two differences between the SSLv3 and TLS MAC schemes: the actual algorithm and the scope of the MAC calculation. TLS makes use of the HMAC algorithm defined in RFC 2104. 12 Dr. Shivashankar, E&CE, RRIT
  • 13. CONTI… ▪Pseudorandom Function TLS makes use of a pseudorandom function referred to as PRF to expand secrets into blocks of data for purposes of key generation or validation. ▪The objective is to make use of a relatively small shared secret value but to generate longer blocks of data in a way that is secure from the kinds of attacks made on hash functions and MACs. 13 Dr. Shivashankar, E&CE, RRIT Figure 16.7 TLS Function P_hash(secret, seed)
  • 14. CONTI… Alert Codes ▪TLS supports all of the alert codes defined in SSLv3 with the exception of no_certificate. • record_overflow: A TLS record was received with a payload (ciphertext) • unknown_CA: A valid certificate chain or partial chain was received • access_denied: A valid certificate was received. • decode_error: A message could not be decoded, because either a field was out of its specified range or the length of the message was incorrect. • protocol_version: The protocol version the client attempted to negotiate • insufficient_security: Returned instead of handshake_failure when a negotiation has failed specifically because the server requires ciphers more secure than those supported by the client. • unsupported_extension: Sent by clients that receive an extended server hello containing an extension not in the corresponding client hello. • internal_error: An internal error unrelated to the peer or the correctoness of the protocol makes it impossible to continue. • decrypt_error: A handshake cryptographic operation failed, including being unable to verify a signature, decrypt a key exchange, or validate a finished message. 14 Dr. Shivashankar, E&CE, RRIT
  • 15. CONTI… Cipher Suites There are several small differences between the cipher suites available under SSLv3 and under TLS: • Key Exchange: TLS supports all of the key exchange techniques of SSLv3 with the exception of Fortezza. • Symmetric Encryption Algorithms: TLS includes all of the symmetric encrypotion algorithms found in SSLv3, with the exception of Fortezza. Client Certificate Types TLS defines the following certificate types to be requested in a certificate_request message: rsa_sign, dss_sign, rsa_fixed_dh, and dss_fixed_dh. These are all defined in SSLv3. 15 Dr. Shivashankar, E&CE, RRIT
  • 16. HTTP ▪HTTPS (HTTP over SSL) refers to the combination of HTTP and SSL to implement secure communication between a Web browser and a Web server. ▪The HTTPS capability is built into all modern Web browsers. Its use depends on the Web server supporting HTTPS communication. For example, search engines ▪https:// rather than http://. A normal HTTP connection uses port 80. If HTTPS is specified, port 443 is used, which invokes SSL. When HTTPS is used, the following elements of the communication are encrypted: ▪ URL of the requested document • Contents of the document • Contents of browser forms (filled in by browser user) • Cookies sent from browser to server and from server to browser •Contents of HTTP header HTTPS is documented in RFC 2818, HTTP Over TLS. There is no fundamental change in using HTTP over either SSL or TLS, and both implementations are referred to as HTTPS. 16 Dr. Shivashankar, E&CE, RRIT
  • 17. CONTI… Connection Initiation ▪For HTTPS, the agent acting as the HTTP client also acts as the TLS client. ▪The client initiates a connection to the server on the appropriate port and then sends the TLS ClientHello to begin the TLS handshake. ▪When the TLS handshake has finished, the client may then initiate the first HTTP request. All HTTP data is to be sent as TLS application data. Need to be clear that there are three levels of awareness of a connection in HTTPS. 1. At the HTTP level, an HTTP client requests a connection to an HTTP server by sending a connection request to the next lowest layer. 2. At the level of TLS, a session is established between a TLS client and a TLS server. This session can support one or more connections at any time. 3. A TLS request to establish a connection begins with the establishment of a TCP connection between the TCP entity on the client side and the TCP entity on the server side. 17 Dr. Shivashankar, E&CE, RRIT
  • 18. CONTI… Connection Closure ▪An HTTP client or server can indicate the closing of a connection by including the following line in an HTTP record: Connection: close. This indicates that the connection will be closed after this record is delivered. The closure of an HTTPS connection requires that TLS close the connection with the peer TLS entity on the remote side, which will involve closing the underlying TCP connection. 1. At the TLS level, the proper way to close a connection is for each side to use the TLS alert protocol to send a close_notify alert. 2. TLS implementations must initiate an exchange of closure alerts before closing a connection. 3. A TLS implementation may, after sending a closure alert, close the connection without waiting for the peer to send its closure alert, generating an “incomplete close” 18 Dr. Shivashankar, E&CE, RRIT
  • 19. SECURE SHELL (SSH) ▪SSH uses the client-server model, connecting a Secure Shell client application, which is the end where the session is displayed, with an SSH server, which is the end where the session runs. ▪Secure Shell (SSH) is a protocol for secure network communications designed to be relatively simple and inexpensive to implement. ▪SSH also provides a more general client/server capability and can be used for such network functions as file transfer and e-mail. ▪A new version, SSH2, fixes a number of security flaws in the original scheme. SSH2 is documented as a proposed standard in IETF RFCs 4250 through 4256. ▪SSH client and server applications are widely available for most operating systems. ▪It has become the method of choice for remote login and X tunneling and is rapidly becoming one of the most pervasive applications for encryption technology outside of embedded systems. 19 Dr. Shivashankar, E&CE, RRIT
  • 20. Conti… ▪ Figure 16.8 SSH Protocol Stack 20 Dr. Shivashankar, E&CE, RRIT
  • 21. Conti… ▪Transport Layer Protocol: Provides server authentication, data confidentiality, and data integrity with forward secrecy. The transport layer may optionally provide compression. ▪User Authentication Protocol: Authenticates the user to the server. ▪Connection Protocol: Multiplexes multiple logical communications channels over a single, underlying SSH connection. 21 Dr. Shivashankar, E&CE, RRIT Figure 16.10 SSH Transport Layer Protocol Packet Formation
  • 22. Conti… ▪1. In the SSLv3 the padding bits are ____________ with the secret key. a)Padded b)XORed c)Concatenated d) ANDed 2. Which of the following is not a valid input to the PRF in SSLv3? a) secret value b) identifying label c) initialization vector d) secret value 3. Which of the following alert codes is not supported by SSLv3? a) record_overflow b) no_certificate c) internal_error d) decode_error 4. We encounter the record_overflow error when the payload length exceeds – a) 214 + 1024 b) 216 + 1024 c) 214 + 2048 d) 216 + 2048 6. Calculation of the certificate_verify in TLS involves the use of a finished_label. The finished_label is the string- a) client finished for the client b) client finished for the client, server finished for the server c) server finished for the server d) client finished for the server, server finished for the client 22 Dr. Shivashankar, E&CE, RRIT
  • 23. Conti… ▪7. In TLS padding cann be upto a maximum of – a) 79 bytes b) 127 bytes c) 255 bytes d) none of the mentioned 8. URL stands for – a) Universal Remote Locator b) Universal Resource Language c) Uniform Resource Locator d) Uniform Resource Language 9. HTTPS stands for Hypertext Transfer Protocol over TLS. a) True b) False 10. An HTTP connection uses port _________ whereas HTTPS uses port ____________ and invokes SSL. a) 40; 80 b) 60; 620 c) 80; 443 d) 620; 80 11. Which of the following are valid authentication methods? a) Public Key Based b) Password Based c) Host Based d) All of the mentioned 8.The SSH Connection Protocol runs on top of the SSH Transport Layer Protocol and assumes that a secure authentication connection is in use. a) True b) False 23 Dr. Shivashankar, E&CE, RRIT