SlideShare a Scribd company logo

31 Network Security

Download as PPT, PDF
Ahmar Hashmi
Ahmar Hashmi

Network security can provide five services: message confidentiality, message integrity, message authentication, message nonrepudiation, and entity authentication. These services use cryptographic techniques like encryption, hashing, digital signatures, and challenge-response authentication to protect messages and verify identities on a network. Key management is also important to securely distribute and maintain the cryptographic keys needed to provide these security services.

Education
1 of 49
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
31.2 31-1 SECURITY SERVICES31-1 SECURITY SERVICES Network security can provide five services. Four of theseNetwork security can provide five services. Four of these services are related to the message exchanged using theservices are related to the message exchanged using the network. The fifth service provides entity authenticationnetwork. The fifth service provides entity authentication or identification.or identification. Message Confidentiality Message Integrity Message Authentication Message Nonrepudiation Entity Authentication Topics discussed in this section:Topics discussed in this section:
31.3 Figure 31.1 Security services related to the message or entity
31.4 31-2 MESSAGE CONFIDENTIALITY31-2 MESSAGE CONFIDENTIALITY The concept of how to achieve message confidentialityThe concept of how to achieve message confidentiality or privacy has not changed for thousands of years.or privacy has not changed for thousands of years. The message must be encrypted at the sender site andThe message must be encrypted at the sender site and decrypted at the receiver site. This can be done usingdecrypted at the receiver site. This can be done using either symmetric-key cryptography or asymmetric-keyeither symmetric-key cryptography or asymmetric-key cryptography.cryptography. Confidentiality with Symmetric-Key Cryptography Confidentiality with Asymmetric-Key Cryptography Topics discussed in this section:Topics discussed in this section:
31.5 Figure 31.2 Message confidentiality using symmetric keys in two directions
31.6 Figure 31.3 Message confidentiality using asymmetric keys
31.7 31-3 MESSAGE INTEGRITY31-3 MESSAGE INTEGRITY Encryption and decryption provide secrecy, orEncryption and decryption provide secrecy, or confidentiality, but not integrity. However, on occasionconfidentiality, but not integrity. However, on occasion we may not even need secrecy, but instead must havewe may not even need secrecy, but instead must have integrity.integrity. Document and Fingerprint Message and Message Digest Creating and Checking the Digest Hash Function Criteria Hash Algorithms: SHA-1 Topics discussed in this section:Topics discussed in this section:
31.8 To preserve the integrity of a document, both the document and the fingerprint are needed. Note
31.9 Figure 31.4 Message and message digest
31.10 The message digest needs to be kept secret. Note
31.11 Figure 31.5 Checking integrity
31.12 Figure 31.6 Criteria of a hash function
31.13 Can we use a conventional lossless compression method as a hashing function? Solution We cannot. A lossless compression method creates a compressed message that is reversible. You can uncompress the compressed message to get the original one. Example 31.1
31.14 Can we use a checksum method as a hashing function? Solution We can. A checksum function is not reversible; it meets the first criterion. However, it does not meet the other criteria. Example 31.2
31.15 Figure 31.7 Message digest creation
31.16 SHA-1 hash algorithms create an N-bit message digest out of a message of 512-bit blocks. SHA-1 has a message digest of 160 bits (5 words of 32 bits). Note
31.17 Figure 31.8 Processing of one block in SHA-1
31.18 31-4 MESSAGE AUTHENTICATION31-4 MESSAGE AUTHENTICATION A hash function per se cannot provide authentication.A hash function per se cannot provide authentication. The digest created by a hash function can detect anyThe digest created by a hash function can detect any modification in the message, but not authentication.modification in the message, but not authentication. MAC Topics discussed in this section:Topics discussed in this section:
31.19 Figure 31.9 MAC, created by Alice and checked by Bob
31.20 Figure 31.10 HMAC
31.21 31-5 DIGITAL SIGNATURE31-5 DIGITAL SIGNATURE When Alice sends a message to Bob, Bob needs toWhen Alice sends a message to Bob, Bob needs to check the authenticity of the sender; he needs to becheck the authenticity of the sender; he needs to be sure that the message comes from Alice and not Eve.sure that the message comes from Alice and not Eve. Bob can ask Alice to sign the message electronically.Bob can ask Alice to sign the message electronically. In other words, an electronic signature can prove theIn other words, an electronic signature can prove the authenticity of Alice as the sender of the message. Weauthenticity of Alice as the sender of the message. We refer to this type of signature as a digital signature.refer to this type of signature as a digital signature. Comparison Need for Keys Process Topics discussed in this section:Topics discussed in this section:
31.22 A digital signature needs a public-key system. Note
31.23 Figure 31.11 Signing the message itself in digital signature
31.24 In a cryptosystem, we use the private and public keys of the receiver; in digital signature, we use the private and public keys of the sender. Note
31.25 Figure 31.12 Signing the digest in a digital signature
31.26 A digital signature today provides message integrity. Note
31.27 Digital signature provides message authentication. Note
31.28 Figure 31.13 Using a trusted center for nonrepudiation
31.29 Nonrepudiation can be provided using a trusted party. Note
31.30 31-6 ENTITY AUTHENTICATION31-6 ENTITY AUTHENTICATION Entity authentication is a technique designed to let oneEntity authentication is a technique designed to let one party prove the identity of another party. An entity canparty prove the identity of another party. An entity can be a person, a process, a client, or a server. The entitybe a person, a process, a client, or a server. The entity whose identity needs to be proved is called the claimant;whose identity needs to be proved is called the claimant; the party that tries to prove the identity of the claimantthe party that tries to prove the identity of the claimant is called the verifier.is called the verifier. Passwords Challenge-Response Topics discussed in this section:Topics discussed in this section:
31.31 In challenge-response authentication, the claimant proves that she knows a secret without revealing it. Note
31.32 The challenge is a time-varying value sent by the verifier; the response is the result of a function applied on the challenge. Note
31.33 Figure 31.14 Challenge/response authentication using a nonce
31.34 Figure 31.15 Challenge-response authentication using a timestamp
31.35 Figure 31.16 Challenge-response authentication using a keyed-hash function
31.36 Figure 31.17 Authentication, asymmetric-key
31.37 Figure 31.18 Authentication, using digital signature
31.38 31-7 KEY MANAGEMENT31-7 KEY MANAGEMENT We never discussed how secret keys in symmetric-keyWe never discussed how secret keys in symmetric-key cryptography and how public keys in asymmetric-keycryptography and how public keys in asymmetric-key cryptography are distributed and maintained. In thiscryptography are distributed and maintained. In this section, we touch on these two issues. We first discusssection, we touch on these two issues. We first discuss the distribution of symmetric keys; we then discuss thethe distribution of symmetric keys; we then discuss the distribution of asymmetric keys.distribution of asymmetric keys. Symmetric-Key Distribution Public-Key Distribution Topics discussed in this section:Topics discussed in this section:
31.39 Figure 31.19 KDC
31.40 A session symmetric key between two parties is used only once. Note
31.41 Figure 31.30 Creating a session key between Alice and Bob using KDC
31.42 Figure 31.21 Kerberos servers
31.43 Figure 31.22 Kerberos example
31.44 In public-key cryptography, everyone has access to everyone’s public key; public keys are available to the public. Note
31.45 Figure 31.23 Announcing a public key
31.46 Figure 31.24 Trusted center
31.47 Figure 31.25 Controlled trusted center
31.48 Figure 31.26 Certification authority
31.49 Figure 31.27 PKI hierarchy

Recommended

Chap 12 tcp
Chap 12 tcpChap 12 tcp
Chap 12 tcp
Sparsh Samir
 
ASYNCHRONOUS TRANSFER MODE (ATM)
ASYNCHRONOUS TRANSFER MODE (ATM)ASYNCHRONOUS TRANSFER MODE (ATM)
ASYNCHRONOUS TRANSFER MODE (ATM)
ZillayHuma Mehmood
 
Chapter 31
Chapter 31Chapter 31
Chapter 31
Faisal Mehmood
 
03 Introduction to Physical layer
03 Introduction to Physical layer03 Introduction to Physical layer
03 Introduction to Physical layer
Meenakshi Paul
 
Subnet Mask
Subnet MaskSubnet Mask
Subnet Mask
NetProtocol Xpert
 
Multicast routing protocols in adhoc networks
Multicast routing protocols in adhoc networksMulticast routing protocols in adhoc networks
Multicast routing protocols in adhoc networks
Pradeep Kumar TS
 
Traditional symmetric-key cipher
Traditional symmetric-key cipherTraditional symmetric-key cipher
Traditional symmetric-key cipher
Vasuki Ramasamy
 
Snmp
SnmpSnmp
Snmp
hetaljadav
 

Recommended

Chap 12 tcp
Chap 12 tcpChap 12 tcp
Chap 12 tcp
Sparsh Samir
 
ASYNCHRONOUS TRANSFER MODE (ATM)
ASYNCHRONOUS TRANSFER MODE (ATM)ASYNCHRONOUS TRANSFER MODE (ATM)
ASYNCHRONOUS TRANSFER MODE (ATM)
ZillayHuma Mehmood
 
Chapter 31
Chapter 31Chapter 31
Chapter 31
Faisal Mehmood
 
03 Introduction to Physical layer
03 Introduction to Physical layer03 Introduction to Physical layer
03 Introduction to Physical layer
Meenakshi Paul
 
Subnet Mask
Subnet MaskSubnet Mask
Subnet Mask
NetProtocol Xpert
 
Multicast routing protocols in adhoc networks
Multicast routing protocols in adhoc networksMulticast routing protocols in adhoc networks
Multicast routing protocols in adhoc networks
Pradeep Kumar TS
 
Traditional symmetric-key cipher
Traditional symmetric-key cipherTraditional symmetric-key cipher
Traditional symmetric-key cipher
Vasuki Ramasamy
 
Snmp
SnmpSnmp
Snmp
hetaljadav
 
06 Computer Image Verification and Authentication - Notes
06 Computer Image Verification and Authentication - Notes06 Computer Image Verification and Authentication - Notes
06 Computer Image Verification and Authentication - NotesKranthi
 
An overview of TCP (Transmission Control Protocol)
An overview of TCP (Transmission Control Protocol)An overview of TCP (Transmission Control Protocol)
An overview of TCP (Transmission Control Protocol)
Ammad Marwat
 
Subnet Masks
Subnet MasksSubnet Masks
Subnet Masksswascher
 
Swiching
SwichingSwiching
Swiching
Mohammed Romi
 
Frame Relay
Frame RelayFrame Relay
Frame Relay
kuldeep singh shishodia
 
SSL
SSLSSL
SSL
theekuchi
 
DES
DESDES
DESNaga Srimanyu Timmaraju
 
Message passing in Distributed Computing Systems
Message passing in Distributed Computing SystemsMessage passing in Distributed Computing Systems
Message passing in Distributed Computing Systems
Alagappa Govt Arts College, Karaikudi
 
Data Communication & Computer network: Channel capacity
Data Communication & Computer network: Channel capacityData Communication & Computer network: Channel capacity
Data Communication & Computer network: Channel capacity
Dr Rajiv Srivastava
 
Security Mechanisms
Security MechanismsSecurity Mechanisms
Security Mechanismspriya_trehan
 
E-mail Investigation
E-mail InvestigationE-mail Investigation
E-mail Investigation
edwardbel
 
Chapter 01
Chapter 01Chapter 01
Chapter 01nathanurag
 
Subnetting
SubnettingSubnetting
SubnettingGichelle Amon
 
Application layer
Application layerApplication layer
Application layer
SakthiVinoth78
 
Trends and Challenges in Delay Tolerant Network (DTN) or Mobile Opportunistic...
Trends and Challenges in Delay Tolerant Network (DTN) or Mobile Opportunistic...Trends and Challenges in Delay Tolerant Network (DTN) or Mobile Opportunistic...
Trends and Challenges in Delay Tolerant Network (DTN) or Mobile Opportunistic...
Dr. Mazlan Abbas
 
Chapter 14
Chapter 14Chapter 14
Chapter 14
Faisal Mehmood
 
01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - NotesKranthi
 
Authentication Technologies
Authentication TechnologiesAuthentication Technologies
Authentication TechnologiesNicholas Davis
 
Key Management and Distribution
Key Management and DistributionKey Management and Distribution
Key Management and Distribution
Syed Bahadur Shah
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
Kathirvel Ayyaswamy
 
30 Cryptography
30 Cryptography30 Cryptography
30 Cryptography
Ahmar Hashmi
 
12 Multiple Access
12 Multiple Access12 Multiple Access
12 Multiple Access
Ahmar Hashmi
 

More Related Content

What's hot

06 Computer Image Verification and Authentication - Notes
06 Computer Image Verification and Authentication - Notes06 Computer Image Verification and Authentication - Notes
06 Computer Image Verification and Authentication - NotesKranthi
 
An overview of TCP (Transmission Control Protocol)
An overview of TCP (Transmission Control Protocol)An overview of TCP (Transmission Control Protocol)
An overview of TCP (Transmission Control Protocol)
Ammad Marwat
 
Subnet Masks
Subnet MasksSubnet Masks
Subnet Masksswascher
 
Swiching
SwichingSwiching
Swiching
Mohammed Romi
 
Frame Relay
Frame RelayFrame Relay
Frame Relay
kuldeep singh shishodia
 
SSL
SSLSSL
SSL
theekuchi
 
Message passing in Distributed Computing Systems
Message passing in Distributed Computing SystemsMessage passing in Distributed Computing Systems
Message passing in Distributed Computing Systems
Alagappa Govt Arts College, Karaikudi
 
Data Communication & Computer network: Channel capacity
Data Communication & Computer network: Channel capacityData Communication & Computer network: Channel capacity
Data Communication & Computer network: Channel capacity
Dr Rajiv Srivastava
 
Security Mechanisms
Security MechanismsSecurity Mechanisms
Security Mechanismspriya_trehan
 
E-mail Investigation
E-mail InvestigationE-mail Investigation
E-mail Investigation
edwardbel
 
Application layer
Application layerApplication layer
Application layer
SakthiVinoth78
 
Trends and Challenges in Delay Tolerant Network (DTN) or Mobile Opportunistic...
Trends and Challenges in Delay Tolerant Network (DTN) or Mobile Opportunistic...Trends and Challenges in Delay Tolerant Network (DTN) or Mobile Opportunistic...
Trends and Challenges in Delay Tolerant Network (DTN) or Mobile Opportunistic...
Dr. Mazlan Abbas
 
Chapter 14
Chapter 14Chapter 14
Chapter 14
Faisal Mehmood
 
01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - NotesKranthi
 
Authentication Technologies
Authentication TechnologiesAuthentication Technologies
Authentication TechnologiesNicholas Davis
 
Key Management and Distribution
Key Management and DistributionKey Management and Distribution
Key Management and Distribution
Syed Bahadur Shah
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
Kathirvel Ayyaswamy
 

What's hot (20)

06 Computer Image Verification and Authentication - Notes
06 Computer Image Verification and Authentication - Notes06 Computer Image Verification and Authentication - Notes
06 Computer Image Verification and Authentication - Notes
 
An overview of TCP (Transmission Control Protocol)
An overview of TCP (Transmission Control Protocol)An overview of TCP (Transmission Control Protocol)
An overview of TCP (Transmission Control Protocol)
 
Subnet Masks
Subnet MasksSubnet Masks
Subnet Masks
 
Swiching
SwichingSwiching
Swiching
 
Frame Relay
Frame RelayFrame Relay
Frame Relay
 
SSL
SSLSSL
SSL
 
DES
DESDES
DES
 
Message passing in Distributed Computing Systems
Message passing in Distributed Computing SystemsMessage passing in Distributed Computing Systems
Message passing in Distributed Computing Systems
 
Data Communication & Computer network: Channel capacity
Data Communication & Computer network: Channel capacityData Communication & Computer network: Channel capacity
Data Communication & Computer network: Channel capacity
 
Security Mechanisms
Security MechanismsSecurity Mechanisms
Security Mechanisms
 
E-mail Investigation
E-mail InvestigationE-mail Investigation
E-mail Investigation
 
Chapter 01
Chapter 01Chapter 01
Chapter 01
 
Subnetting
SubnettingSubnetting
Subnetting
 
Application layer
Application layerApplication layer
Application layer
 
Trends and Challenges in Delay Tolerant Network (DTN) or Mobile Opportunistic...
Trends and Challenges in Delay Tolerant Network (DTN) or Mobile Opportunistic...Trends and Challenges in Delay Tolerant Network (DTN) or Mobile Opportunistic...
Trends and Challenges in Delay Tolerant Network (DTN) or Mobile Opportunistic...
 
Chapter 14
Chapter 14Chapter 14
Chapter 14
 
01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes
 
Authentication Technologies
Authentication TechnologiesAuthentication Technologies
Authentication Technologies
 
Key Management and Distribution
Key Management and DistributionKey Management and Distribution
Key Management and Distribution
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
 

Viewers also liked

30 Cryptography
30 Cryptography30 Cryptography
30 Cryptography
Ahmar Hashmi
 
12 Multiple Access
12 Multiple Access12 Multiple Access
12 Multiple Access
Ahmar Hashmi
 
08 Switching
08 Switching08 Switching
08 Switching
Ahmar Hashmi
 
22 Network Layer_Delivery_forwarding_and_Routing
22 Network Layer_Delivery_forwarding_and_Routing22 Network Layer_Delivery_forwarding_and_Routing
22 Network Layer_Delivery_forwarding_and_Routing
Ahmar Hashmi
 
06 Bandwidth Utilization_Multiplexing_and_Spreading
06 Bandwidth Utilization_Multiplexing_and_Spreading06 Bandwidth Utilization_Multiplexing_and_Spreading
06 Bandwidth Utilization_Multiplexing_and_Spreading
Ahmar Hashmi
 
24 Congestion Control_and_Quality_of_Service
24 Congestion Control_and_Quality_of_Service24 Congestion Control_and_Quality_of_Service
24 Congestion Control_and_Quality_of_Service
Ahmar Hashmi
 
32 Security in_Internet_IP_SEC_SSL/TLS_PGN_VPN_and_Firewalls
32 Security in_Internet_IP_SEC_SSL/TLS_PGN_VPN_and_Firewalls32 Security in_Internet_IP_SEC_SSL/TLS_PGN_VPN_and_Firewalls
32 Security in_Internet_IP_SEC_SSL/TLS_PGN_VPN_and_Firewalls
Ahmar Hashmi
 
29 Multimedia
29 Multimedia29 Multimedia
29 Multimedia
Ahmar Hashmi
 
20 Network Layer_Internet_Protocol
20 Network Layer_Internet_Protocol20 Network Layer_Internet_Protocol
20 Network Layer_Internet_Protocol
Ahmar Hashmi
 
26 Remote Logging_Electronic_Mail_and_File_Transfer
26 Remote Logging_Electronic_Mail_and_File_Transfer26 Remote Logging_Electronic_Mail_and_File_Transfer
26 Remote Logging_Electronic_Mail_and_File_Transfer
Ahmar Hashmi
 
19 Network Layer_Logical_Addressing
19 Network Layer_Logical_Addressing19 Network Layer_Logical_Addressing
19 Network Layer_Logical_Addressing
Ahmar Hashmi
 
10 Error Detection_and_Correction
10 Error Detection_and_Correction10 Error Detection_and_Correction
10 Error Detection_and_Correction
Ahmar Hashmi
 
21 Network Layer_Address_Mapping_Error_Reporting_and_Multicasting
21 Network Layer_Address_Mapping_Error_Reporting_and_Multicasting21 Network Layer_Address_Mapping_Error_Reporting_and_Multicasting
21 Network Layer_Address_Mapping_Error_Reporting_and_Multicasting
Ahmar Hashmi
 
Ch1: Operating System- Introduction
Ch1: Operating System- IntroductionCh1: Operating System- Introduction
Ch1: Operating System- Introduction
Ahmar Hashmi
 
13 Wired Lans_Ethernet
13 Wired Lans_Ethernet13 Wired Lans_Ethernet
13 Wired Lans_Ethernet
Ahmar Hashmi
 
23 Process to_Process_Delivery_UDP_TCP_and_SCTP
23 Process to_Process_Delivery_UDP_TCP_and_SCTP23 Process to_Process_Delivery_UDP_TCP_and_SCTP
23 Process to_Process_Delivery_UDP_TCP_and_SCTP
Ahmar Hashmi
 
18 Virtual Circuit_Networks_Frame_Relay_and_ATM
18 Virtual Circuit_Networks_Frame_Relay_and_ATM18 Virtual Circuit_Networks_Frame_Relay_and_ATM
18 Virtual Circuit_Networks_Frame_Relay_and_ATM
Ahmar Hashmi
 
11 Data Link_Control
11 Data Link_Control11 Data Link_Control
11 Data Link_Control
Ahmar Hashmi
 
17 SONET/SDH
17 SONET/SDH17 SONET/SDH
17 SONET/SDH
Ahmar Hashmi
 
Computer Network Complete Introduction
Computer Network Complete IntroductionComputer Network Complete Introduction
Computer Network Complete Introduction
Ahmar Hashmi
 

Viewers also liked (20)

30 Cryptography
30 Cryptography30 Cryptography
30 Cryptography
 
12 Multiple Access
12 Multiple Access12 Multiple Access
12 Multiple Access
 
08 Switching
08 Switching08 Switching
08 Switching
 
22 Network Layer_Delivery_forwarding_and_Routing
22 Network Layer_Delivery_forwarding_and_Routing22 Network Layer_Delivery_forwarding_and_Routing
22 Network Layer_Delivery_forwarding_and_Routing
 
06 Bandwidth Utilization_Multiplexing_and_Spreading
06 Bandwidth Utilization_Multiplexing_and_Spreading06 Bandwidth Utilization_Multiplexing_and_Spreading
06 Bandwidth Utilization_Multiplexing_and_Spreading
 
24 Congestion Control_and_Quality_of_Service
24 Congestion Control_and_Quality_of_Service24 Congestion Control_and_Quality_of_Service
24 Congestion Control_and_Quality_of_Service
 
32 Security in_Internet_IP_SEC_SSL/TLS_PGN_VPN_and_Firewalls
32 Security in_Internet_IP_SEC_SSL/TLS_PGN_VPN_and_Firewalls32 Security in_Internet_IP_SEC_SSL/TLS_PGN_VPN_and_Firewalls
32 Security in_Internet_IP_SEC_SSL/TLS_PGN_VPN_and_Firewalls
 
29 Multimedia
29 Multimedia29 Multimedia
29 Multimedia
 
20 Network Layer_Internet_Protocol
20 Network Layer_Internet_Protocol20 Network Layer_Internet_Protocol
20 Network Layer_Internet_Protocol
 
26 Remote Logging_Electronic_Mail_and_File_Transfer
26 Remote Logging_Electronic_Mail_and_File_Transfer26 Remote Logging_Electronic_Mail_and_File_Transfer
26 Remote Logging_Electronic_Mail_and_File_Transfer
 
19 Network Layer_Logical_Addressing
19 Network Layer_Logical_Addressing19 Network Layer_Logical_Addressing
19 Network Layer_Logical_Addressing
 
10 Error Detection_and_Correction
10 Error Detection_and_Correction10 Error Detection_and_Correction
10 Error Detection_and_Correction
 
21 Network Layer_Address_Mapping_Error_Reporting_and_Multicasting
21 Network Layer_Address_Mapping_Error_Reporting_and_Multicasting21 Network Layer_Address_Mapping_Error_Reporting_and_Multicasting
21 Network Layer_Address_Mapping_Error_Reporting_and_Multicasting
 
Ch1: Operating System- Introduction
Ch1: Operating System- IntroductionCh1: Operating System- Introduction
Ch1: Operating System- Introduction
 
13 Wired Lans_Ethernet
13 Wired Lans_Ethernet13 Wired Lans_Ethernet
13 Wired Lans_Ethernet
 
23 Process to_Process_Delivery_UDP_TCP_and_SCTP
23 Process to_Process_Delivery_UDP_TCP_and_SCTP23 Process to_Process_Delivery_UDP_TCP_and_SCTP
23 Process to_Process_Delivery_UDP_TCP_and_SCTP
 
18 Virtual Circuit_Networks_Frame_Relay_and_ATM
18 Virtual Circuit_Networks_Frame_Relay_and_ATM18 Virtual Circuit_Networks_Frame_Relay_and_ATM
18 Virtual Circuit_Networks_Frame_Relay_and_ATM
 
11 Data Link_Control
11 Data Link_Control11 Data Link_Control
11 Data Link_Control
 
17 SONET/SDH
17 SONET/SDH17 SONET/SDH
17 SONET/SDH
 
Computer Network Complete Introduction
Computer Network Complete IntroductionComputer Network Complete Introduction
Computer Network Complete Introduction
 

Similar to 31 Network Security

E-mail Security Protocol - 2 Pretty Good Privacy (PGP)
E-mail Security Protocol - 2 Pretty Good Privacy (PGP)E-mail Security Protocol - 2 Pretty Good Privacy (PGP)
E-mail Security Protocol - 2 Pretty Good Privacy (PGP)
Vishal Kumar
 
SYMMETRIC-KEY BASED PRIVACYPRESERVING SCHEME FOR MINING SUPPORT COUNTS
SYMMETRIC-KEY BASED PRIVACYPRESERVING SCHEME FOR MINING SUPPORT COUNTSSYMMETRIC-KEY BASED PRIVACYPRESERVING SCHEME FOR MINING SUPPORT COUNTS
SYMMETRIC-KEY BASED PRIVACYPRESERVING SCHEME FOR MINING SUPPORT COUNTS
acijjournal
 
Symmetric-Key Based Privacy-Preserving Scheme For Mining Support Counts
Symmetric-Key Based Privacy-Preserving Scheme For Mining Support CountsSymmetric-Key Based Privacy-Preserving Scheme For Mining Support Counts
Symmetric-Key Based Privacy-Preserving Scheme For Mining Support Counts
acijjournal
 
Seminar report on symmetric key
Seminar report on symmetric keySeminar report on symmetric key
Seminar report on symmetric key
Rajat Tripathi
 
Cgi whpr 35_pki_e
Cgi whpr 35_pki_eCgi whpr 35_pki_e
Cgi whpr 35_pki_e
madunix
 
P01813101103
P01813101103P01813101103
P01813101103
IOSR Journals
 
AN EFFICIENT AND SECURE DIGITAL MULTI-SIGNATURE PROTOCOL BASED ON ECC
AN EFFICIENT AND SECURE DIGITAL MULTI-SIGNATURE PROTOCOL BASED ON ECCAN EFFICIENT AND SECURE DIGITAL MULTI-SIGNATURE PROTOCOL BASED ON ECC
AN EFFICIENT AND SECURE DIGITAL MULTI-SIGNATURE PROTOCOL BASED ON ECC
ijcisjournal
 
Essay On Cryptography
Essay On CryptographyEssay On Cryptography
Essay On Cryptography
Haley Johnson
 
Multi-Biometric Authentication through Hybrid Cryptographic System
Multi-Biometric Authentication through Hybrid Cryptographic SystemMulti-Biometric Authentication through Hybrid Cryptographic System
Multi-Biometric Authentication through Hybrid Cryptographic System
MangaiK4
 
Highly secure scalable compression of encrypted images
Highly secure scalable compression of encrypted imagesHighly secure scalable compression of encrypted images
Highly secure scalable compression of encrypted images
eSAT Journals
 
Vtu network security(10 ec832) unit 3 notes.
Vtu network security(10 ec832) unit 3 notes.Vtu network security(10 ec832) unit 3 notes.
Vtu network security(10 ec832) unit 3 notes.
Jayanth Dwijesh H P
 
Variable length key based visual
Variable length key based visualVariable length key based visual
Variable length key based visual
csandit
 
Collusion tolerable privacy-preserving sum
Collusion tolerable privacy-preserving sumCollusion tolerable privacy-preserving sum
Collusion tolerable privacy-preserving sum
nexgentech15
 
COLLUSION-TOLERABLE PRIVACY-PRESERVING SUM AND PRODUCT CALCULATION WITHOUT SE...
COLLUSION-TOLERABLE PRIVACY-PRESERVING SUM AND PRODUCT CALCULATION WITHOUT SE...COLLUSION-TOLERABLE PRIVACY-PRESERVING SUM AND PRODUCT CALCULATION WITHOUT SE...
COLLUSION-TOLERABLE PRIVACY-PRESERVING SUM AND PRODUCT CALCULATION WITHOUT SE...
Nexgen Technology
 
COLLUSION-TOLERABLE PRIVACY-PRESERVING SUM AND PRODUCT CALCULATION WITHOUT SE...
COLLUSION-TOLERABLE PRIVACY-PRESERVING SUM AND PRODUCT CALCULATION WITHOUT SE...COLLUSION-TOLERABLE PRIVACY-PRESERVING SUM AND PRODUCT CALCULATION WITHOUT SE...
COLLUSION-TOLERABLE PRIVACY-PRESERVING SUM AND PRODUCT CALCULATION WITHOUT SE...
nexgentechnology
 

Similar to 31 Network Security (20)

Ch31
Ch31Ch31
Ch31
 
Ch31
Ch31Ch31
Ch31
 
E-mail Security Protocol - 2 Pretty Good Privacy (PGP)
E-mail Security Protocol - 2 Pretty Good Privacy (PGP)E-mail Security Protocol - 2 Pretty Good Privacy (PGP)
E-mail Security Protocol - 2 Pretty Good Privacy (PGP)
 
SYMMETRIC-KEY BASED PRIVACYPRESERVING SCHEME FOR MINING SUPPORT COUNTS
SYMMETRIC-KEY BASED PRIVACYPRESERVING SCHEME FOR MINING SUPPORT COUNTSSYMMETRIC-KEY BASED PRIVACYPRESERVING SCHEME FOR MINING SUPPORT COUNTS
SYMMETRIC-KEY BASED PRIVACYPRESERVING SCHEME FOR MINING SUPPORT COUNTS
 
Symmetric-Key Based Privacy-Preserving Scheme For Mining Support Counts
Symmetric-Key Based Privacy-Preserving Scheme For Mining Support CountsSymmetric-Key Based Privacy-Preserving Scheme For Mining Support Counts
Symmetric-Key Based Privacy-Preserving Scheme For Mining Support Counts
 
Seminar report on symmetric key
Seminar report on symmetric keySeminar report on symmetric key
Seminar report on symmetric key
 
Public private key
Public private keyPublic private key
Public private key
 
Cgi whpr 35_pki_e
Cgi whpr 35_pki_eCgi whpr 35_pki_e
Cgi whpr 35_pki_e
 
P01813101103
P01813101103P01813101103
P01813101103
 
AN EFFICIENT AND SECURE DIGITAL MULTI-SIGNATURE PROTOCOL BASED ON ECC
AN EFFICIENT AND SECURE DIGITAL MULTI-SIGNATURE PROTOCOL BASED ON ECCAN EFFICIENT AND SECURE DIGITAL MULTI-SIGNATURE PROTOCOL BASED ON ECC
AN EFFICIENT AND SECURE DIGITAL MULTI-SIGNATURE PROTOCOL BASED ON ECC
 
Essay On Cryptography
Essay On CryptographyEssay On Cryptography
Essay On Cryptography
 
Multi-Biometric Authentication through Hybrid Cryptographic System
Multi-Biometric Authentication through Hybrid Cryptographic SystemMulti-Biometric Authentication through Hybrid Cryptographic System
Multi-Biometric Authentication through Hybrid Cryptographic System
 
Highly secure scalable compression of encrypted images
Highly secure scalable compression of encrypted imagesHighly secure scalable compression of encrypted images
Highly secure scalable compression of encrypted images
 
Cryptography
CryptographyCryptography
Cryptography
 
Ch 31
Ch 31Ch 31
Ch 31
 
Vtu network security(10 ec832) unit 3 notes.
Vtu network security(10 ec832) unit 3 notes.Vtu network security(10 ec832) unit 3 notes.
Vtu network security(10 ec832) unit 3 notes.
 
Variable length key based visual
Variable length key based visualVariable length key based visual
Variable length key based visual
 
Collusion tolerable privacy-preserving sum
Collusion tolerable privacy-preserving sumCollusion tolerable privacy-preserving sum
Collusion tolerable privacy-preserving sum
 
COLLUSION-TOLERABLE PRIVACY-PRESERVING SUM AND PRODUCT CALCULATION WITHOUT SE...
COLLUSION-TOLERABLE PRIVACY-PRESERVING SUM AND PRODUCT CALCULATION WITHOUT SE...COLLUSION-TOLERABLE PRIVACY-PRESERVING SUM AND PRODUCT CALCULATION WITHOUT SE...
COLLUSION-TOLERABLE PRIVACY-PRESERVING SUM AND PRODUCT CALCULATION WITHOUT SE...
 
COLLUSION-TOLERABLE PRIVACY-PRESERVING SUM AND PRODUCT CALCULATION WITHOUT SE...
COLLUSION-TOLERABLE PRIVACY-PRESERVING SUM AND PRODUCT CALCULATION WITHOUT SE...COLLUSION-TOLERABLE PRIVACY-PRESERVING SUM AND PRODUCT CALCULATION WITHOUT SE...
COLLUSION-TOLERABLE PRIVACY-PRESERVING SUM AND PRODUCT CALCULATION WITHOUT SE...
 

More from Ahmar Hashmi

28 Network Management_SNMP
28 Network Management_SNMP28 Network Management_SNMP
28 Network Management_SNMP
Ahmar Hashmi
 
27 WWW and_HTTP
27 WWW and_HTTP27 WWW and_HTTP
27 WWW and_HTTP
Ahmar Hashmi
 
25 DNS
25 DNS25 DNS
25 DNS
Ahmar Hashmi
 
16 Wireless WANs_Cellular_Telephone_and_Satellite_Networks
16 Wireless WANs_Cellular_Telephone_and_Satellite_Networks16 Wireless WANs_Cellular_Telephone_and_Satellite_Networks
16 Wireless WANs_Cellular_Telephone_and_Satellite_Networks
Ahmar Hashmi
 
15 Connecting LANs_Backbone_Networks_and_Virtual_LAN
15 Connecting LANs_Backbone_Networks_and_Virtual_LAN15 Connecting LANs_Backbone_Networks_and_Virtual_LAN
15 Connecting LANs_Backbone_Networks_and_Virtual_LAN
Ahmar Hashmi
 
14 Wireless LAN
14 Wireless LAN14 Wireless LAN
14 Wireless LAN
Ahmar Hashmi
 
09 Using Telephone_and_Cable_Networks_for_Data_Transmission
09 Using Telephone_and_Cable_Networks_for_Data_Transmission09 Using Telephone_and_Cable_Networks_for_Data_Transmission
09 Using Telephone_and_Cable_Networks_for_Data_Transmission
Ahmar Hashmi
 
07 Transmission Media
07 Transmission Media07 Transmission Media
07 Transmission Media
Ahmar Hashmi
 
05 Analog Transmission
05 Analog Transmission05 Analog Transmission
05 Analog Transmission
Ahmar Hashmi
 
04 Digital Transmission
04 Digital Transmission04 Digital Transmission
04 Digital Transmission
Ahmar Hashmi
 
03 Data and_Signals
03 Data and_Signals03 Data and_Signals
03 Data and_Signals
Ahmar Hashmi
 
02 Network Models
02 Network Models02 Network Models
02 Network Models
Ahmar Hashmi
 

More from Ahmar Hashmi (12)

28 Network Management_SNMP
28 Network Management_SNMP28 Network Management_SNMP
28 Network Management_SNMP
 
27 WWW and_HTTP
27 WWW and_HTTP27 WWW and_HTTP
27 WWW and_HTTP
 
25 DNS
25 DNS25 DNS
25 DNS
 
16 Wireless WANs_Cellular_Telephone_and_Satellite_Networks
16 Wireless WANs_Cellular_Telephone_and_Satellite_Networks16 Wireless WANs_Cellular_Telephone_and_Satellite_Networks
16 Wireless WANs_Cellular_Telephone_and_Satellite_Networks
 
15 Connecting LANs_Backbone_Networks_and_Virtual_LAN
15 Connecting LANs_Backbone_Networks_and_Virtual_LAN15 Connecting LANs_Backbone_Networks_and_Virtual_LAN
15 Connecting LANs_Backbone_Networks_and_Virtual_LAN
 
14 Wireless LAN
14 Wireless LAN14 Wireless LAN
14 Wireless LAN
 
09 Using Telephone_and_Cable_Networks_for_Data_Transmission
09 Using Telephone_and_Cable_Networks_for_Data_Transmission09 Using Telephone_and_Cable_Networks_for_Data_Transmission
09 Using Telephone_and_Cable_Networks_for_Data_Transmission
 
07 Transmission Media
07 Transmission Media07 Transmission Media
07 Transmission Media
 
05 Analog Transmission
05 Analog Transmission05 Analog Transmission
05 Analog Transmission
 
04 Digital Transmission
04 Digital Transmission04 Digital Transmission
04 Digital Transmission
 
03 Data and_Signals
03 Data and_Signals03 Data and_Signals
03 Data and_Signals
 
02 Network Models
02 Network Models02 Network Models
02 Network Models
 

Recently uploaded

Digital Artifact 2 - Investigating Pavilion Designs
Digital Artifact 2 - Investigating Pavilion DesignsDigital Artifact 2 - Investigating Pavilion Designs
Digital Artifact 2 - Investigating Pavilion Designs
chanes7
 
Lapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdfLapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdf
Jean Carlos Nunes Paixão
 
2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...
Sandy Millin
 
Operation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela TaraOperation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela Tara
Balvir Singh
 
The Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collectionThe Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collection
Israel Genealogy Research Association
 
The Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptxThe Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptx
DhatriParmar
 
Advantages and Disadvantages of CMS from an SEO Perspective
Advantages and Disadvantages of CMS from an SEO PerspectiveAdvantages and Disadvantages of CMS from an SEO Perspective
Advantages and Disadvantages of CMS from an SEO Perspective
Krisztián Száraz
 
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
MysoreMuleSoftMeetup
 
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
Levi Shapiro
 
The Diamond Necklace by Guy De Maupassant.pptx
The Diamond Necklace by Guy De Maupassant.pptxThe Diamond Necklace by Guy De Maupassant.pptx
The Diamond Necklace by Guy De Maupassant.pptx
DhatriParmar
 
1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx
JosvitaDsouza2
 
The approach at University of Liverpool.pptx
The approach at University of Liverpool.pptxThe approach at University of Liverpool.pptx
The approach at University of Liverpool.pptx
Jisc
 
Acetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docxAcetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docx
vaibhavrinwa19
 
Chapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptxChapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptx
Mohd Adib Abd Muin, Senior Lecturer at Universiti Utara Malaysia
 
The Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official PublicationThe Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official Publication
Delapenabediema
 
STRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBC
STRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBCSTRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBC
STRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBC
kimdan468
 
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdfUnit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Thiyagu K
 
special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
Special education needs
 
JEE1_This_section_contains_FOUR_ questions
JEE1_This_section_contains_FOUR_ questionsJEE1_This_section_contains_FOUR_ questions
JEE1_This_section_contains_FOUR_ questions
ShivajiThube2
 
Normal Labour/ Stages of Labour/ Mechanism of Labour
Normal Labour/ Stages of Labour/ Mechanism of LabourNormal Labour/ Stages of Labour/ Mechanism of Labour
Normal Labour/ Stages of Labour/ Mechanism of Labour
Wasim Ak
 

Recently uploaded (20)

Digital Artifact 2 - Investigating Pavilion Designs
Digital Artifact 2 - Investigating Pavilion DesignsDigital Artifact 2 - Investigating Pavilion Designs
Digital Artifact 2 - Investigating Pavilion Designs
 
Lapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdfLapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdf
 
2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...
 
Operation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela TaraOperation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela Tara
 
The Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collectionThe Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collection
 
The Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptxThe Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptx
 
Advantages and Disadvantages of CMS from an SEO Perspective
Advantages and Disadvantages of CMS from an SEO PerspectiveAdvantages and Disadvantages of CMS from an SEO Perspective
Advantages and Disadvantages of CMS from an SEO Perspective
 
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
 
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
 
The Diamond Necklace by Guy De Maupassant.pptx
The Diamond Necklace by Guy De Maupassant.pptxThe Diamond Necklace by Guy De Maupassant.pptx
The Diamond Necklace by Guy De Maupassant.pptx
 
1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx
 
The approach at University of Liverpool.pptx
The approach at University of Liverpool.pptxThe approach at University of Liverpool.pptx
The approach at University of Liverpool.pptx
 
Acetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docxAcetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docx
 
Chapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptxChapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptx
 
The Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official PublicationThe Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official Publication
 
STRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBC
STRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBCSTRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBC
STRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBC
 
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdfUnit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdf
 
special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
 
JEE1_This_section_contains_FOUR_ questions
JEE1_This_section_contains_FOUR_ questionsJEE1_This_section_contains_FOUR_ questions
JEE1_This_section_contains_FOUR_ questions
 
Normal Labour/ Stages of Labour/ Mechanism of Labour
Normal Labour/ Stages of Labour/ Mechanism of LabourNormal Labour/ Stages of Labour/ Mechanism of Labour
Normal Labour/ Stages of Labour/ Mechanism of Labour
 

31 Network Security

  • 1. 31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
  • 2. 31.2 31-1 SECURITY SERVICES31-1 SECURITY SERVICES Network security can provide five services. Four of theseNetwork security can provide five services. Four of these services are related to the message exchanged using theservices are related to the message exchanged using the network. The fifth service provides entity authenticationnetwork. The fifth service provides entity authentication or identification.or identification. Message Confidentiality Message Integrity Message Authentication Message Nonrepudiation Entity Authentication Topics discussed in this section:Topics discussed in this section:
  • 3. 31.3 Figure 31.1 Security services related to the message or entity
  • 4. 31.4 31-2 MESSAGE CONFIDENTIALITY31-2 MESSAGE CONFIDENTIALITY The concept of how to achieve message confidentialityThe concept of how to achieve message confidentiality or privacy has not changed for thousands of years.or privacy has not changed for thousands of years. The message must be encrypted at the sender site andThe message must be encrypted at the sender site and decrypted at the receiver site. This can be done usingdecrypted at the receiver site. This can be done using either symmetric-key cryptography or asymmetric-keyeither symmetric-key cryptography or asymmetric-key cryptography.cryptography. Confidentiality with Symmetric-Key Cryptography Confidentiality with Asymmetric-Key Cryptography Topics discussed in this section:Topics discussed in this section:
  • 5. 31.5 Figure 31.2 Message confidentiality using symmetric keys in two directions
  • 6. 31.6 Figure 31.3 Message confidentiality using asymmetric keys
  • 7. 31.7 31-3 MESSAGE INTEGRITY31-3 MESSAGE INTEGRITY Encryption and decryption provide secrecy, orEncryption and decryption provide secrecy, or confidentiality, but not integrity. However, on occasionconfidentiality, but not integrity. However, on occasion we may not even need secrecy, but instead must havewe may not even need secrecy, but instead must have integrity.integrity. Document and Fingerprint Message and Message Digest Creating and Checking the Digest Hash Function Criteria Hash Algorithms: SHA-1 Topics discussed in this section:Topics discussed in this section:
  • 8. 31.8 To preserve the integrity of a document, both the document and the fingerprint are needed. Note
  • 9. 31.9 Figure 31.4 Message and message digest
  • 10. 31.10 The message digest needs to be kept secret. Note
  • 12. 31.12 Figure 31.6 Criteria of a hash function
  • 13. 31.13 Can we use a conventional lossless compression method as a hashing function? Solution We cannot. A lossless compression method creates a compressed message that is reversible. You can uncompress the compressed message to get the original one. Example 31.1
  • 14. 31.14 Can we use a checksum method as a hashing function? Solution We can. A checksum function is not reversible; it meets the first criterion. However, it does not meet the other criteria. Example 31.2
  • 15. 31.15 Figure 31.7 Message digest creation
  • 16. 31.16 SHA-1 hash algorithms create an N-bit message digest out of a message of 512-bit blocks. SHA-1 has a message digest of 160 bits (5 words of 32 bits). Note
  • 17. 31.17 Figure 31.8 Processing of one block in SHA-1
  • 18. 31.18 31-4 MESSAGE AUTHENTICATION31-4 MESSAGE AUTHENTICATION A hash function per se cannot provide authentication.A hash function per se cannot provide authentication. The digest created by a hash function can detect anyThe digest created by a hash function can detect any modification in the message, but not authentication.modification in the message, but not authentication. MAC Topics discussed in this section:Topics discussed in this section:
  • 19. 31.19 Figure 31.9 MAC, created by Alice and checked by Bob
  • 21. 31.21 31-5 DIGITAL SIGNATURE31-5 DIGITAL SIGNATURE When Alice sends a message to Bob, Bob needs toWhen Alice sends a message to Bob, Bob needs to check the authenticity of the sender; he needs to becheck the authenticity of the sender; he needs to be sure that the message comes from Alice and not Eve.sure that the message comes from Alice and not Eve. Bob can ask Alice to sign the message electronically.Bob can ask Alice to sign the message electronically. In other words, an electronic signature can prove theIn other words, an electronic signature can prove the authenticity of Alice as the sender of the message. Weauthenticity of Alice as the sender of the message. We refer to this type of signature as a digital signature.refer to this type of signature as a digital signature. Comparison Need for Keys Process Topics discussed in this section:Topics discussed in this section:
  • 22. 31.22 A digital signature needs a public-key system. Note
  • 23. 31.23 Figure 31.11 Signing the message itself in digital signature
  • 24. 31.24 In a cryptosystem, we use the private and public keys of the receiver; in digital signature, we use the private and public keys of the sender. Note
  • 25. 31.25 Figure 31.12 Signing the digest in a digital signature
  • 26. 31.26 A digital signature today provides message integrity. Note
  • 27. 31.27 Digital signature provides message authentication. Note
  • 28. 31.28 Figure 31.13 Using a trusted center for nonrepudiation
  • 29. 31.29 Nonrepudiation can be provided using a trusted party. Note
  • 30. 31.30 31-6 ENTITY AUTHENTICATION31-6 ENTITY AUTHENTICATION Entity authentication is a technique designed to let oneEntity authentication is a technique designed to let one party prove the identity of another party. An entity canparty prove the identity of another party. An entity can be a person, a process, a client, or a server. The entitybe a person, a process, a client, or a server. The entity whose identity needs to be proved is called the claimant;whose identity needs to be proved is called the claimant; the party that tries to prove the identity of the claimantthe party that tries to prove the identity of the claimant is called the verifier.is called the verifier. Passwords Challenge-Response Topics discussed in this section:Topics discussed in this section:
  • 31. 31.31 In challenge-response authentication, the claimant proves that she knows a secret without revealing it. Note
  • 32. 31.32 The challenge is a time-varying value sent by the verifier; the response is the result of a function applied on the challenge. Note
  • 33. 31.33 Figure 31.14 Challenge/response authentication using a nonce
  • 34. 31.34 Figure 31.15 Challenge-response authentication using a timestamp
  • 35. 31.35 Figure 31.16 Challenge-response authentication using a keyed-hash function
  • 37. 31.37 Figure 31.18 Authentication, using digital signature
  • 38. 31.38 31-7 KEY MANAGEMENT31-7 KEY MANAGEMENT We never discussed how secret keys in symmetric-keyWe never discussed how secret keys in symmetric-key cryptography and how public keys in asymmetric-keycryptography and how public keys in asymmetric-key cryptography are distributed and maintained. In thiscryptography are distributed and maintained. In this section, we touch on these two issues. We first discusssection, we touch on these two issues. We first discuss the distribution of symmetric keys; we then discuss thethe distribution of symmetric keys; we then discuss the distribution of asymmetric keys.distribution of asymmetric keys. Symmetric-Key Distribution Public-Key Distribution Topics discussed in this section:Topics discussed in this section:
  • 40. 31.40 A session symmetric key between two parties is used only once. Note
  • 41. 31.41 Figure 31.30 Creating a session key between Alice and Bob using KDC
  • 44. 31.44 In public-key cryptography, everyone has access to everyone’s public key; public keys are available to the public. Note