Uploaded bymangaliifunla
PPT, PDF11 views

Explanation about Basic of Network Security Services

Explanation about Basic of Network Security Services

Embed presentation

Download to read offline
31.1 31-1 SECURITY SERVICES 31-1 SECURITY SERVICES Network security can provide five services. Four of these Network security can provide five services. Four of these services are related to the message exchanged using the services are related to the message exchanged using the network. The fifth service provides entity authentication network. The fifth service provides entity authentication or identification. or identification. Message Confidentiality Message Integrity Message Authentication Message Nonrepudiation Entity Authentication Topics discussed in this section: Topics discussed in this section:
31.2 Figure 31.1 Security services related to the message or entity
31.3 31-2 MESSAGE CONFIDENTIALITY 31-2 MESSAGE CONFIDENTIALITY The concept of how to achieve message confidentiality The concept of how to achieve message confidentiality or privacy has not changed for thousands of years. The or privacy has not changed for thousands of years. The message must be encrypted at the sender site and message must be encrypted at the sender site and decrypted at the receiver site. This can be done using decrypted at the receiver site. This can be done using either symmetric-key cryptography or asymmetric-key either symmetric-key cryptography or asymmetric-key cryptography. cryptography. Confidentiality with Symmetric-Key Cryptography Confidentiality with Asymmetric-Key Cryptography Topics discussed in this section: Topics discussed in this section:
31.4 Figure 31.2 Message confidentiality using symmetric keys in two directions
31.5 Figure 31.3 Message confidentiality using asymmetric keys
31.8 31-3 MESSAGE INTEGRITY 31-3 MESSAGE INTEGRITY Encryption and decryption provide secrecy, or Encryption and decryption provide secrecy, or confidentiality, but not integrity. However, on occasion confidentiality, but not integrity. However, on occasion we may not even need secrecy, but instead must have we may not even need secrecy, but instead must have integrity. integrity. Document and Fingerprint Message and Message Digest Creating and Checking the Digest Hash Function Criteria Hash Algorithms: SHA-1 Topics discussed in this section: Topics discussed in this section:
31.9 To preserve the integrity of a document, both the document and the fingerprint are needed. Note
31.10 Figure 31.4 Message and message digest
31.11 The message digest needs to be kept save. Note
31.12 Figure 31.5 Checking integrity
31.13 Figure 31.6 Criteria of a hash function
31.14 Can we use a conventional lossless compression method as a hashing function? Solution We cannot. A lossless compression method creates a compressed message that is reversible. You can uncompress the compressed message to get the original one. Example 31.1
31.15 Can we use a checksum method as a hashing function? Solution We can. A checksum function is not reversible; it meets the first criterion. However, it does not meet the other criteria. Example 31.2
31.16 Figure 31.7 Message digest creation
31.17 SHA-1 hash algorithms create an N-bit message digest out of a message of 512-bit blocks. SHA-1 has a message digest of 160 bits (5 words of 32 bits). Note
31.18 Figure 31.8 Processing of one block in SHA-1
31.19 31-4 MESSAGE AUTHENTICATION 31-4 MESSAGE AUTHENTICATION A hash function per se cannot provide authentication. A hash function per se cannot provide authentication. The digest created by a hash function can detect any The digest created by a hash function can detect any modification in the message, but not authentication. modification in the message, but not authentication. MAC Topics discussed in this section: Topics discussed in this section:
31.20 Figure 31.9 MAC, created by Alice and checked by Bob
31.21 Figure 31.10 HMAC
31.22 31-5 DIGITAL SIGNATURE 31-5 DIGITAL SIGNATURE When Alice sends a message to Bob, Bob needs to check When Alice sends a message to Bob, Bob needs to check the authenticity of the sender; he needs to be sure that the authenticity of the sender; he needs to be sure that the message comes from Alice and not Eve. Bob can ask the message comes from Alice and not Eve. Bob can ask Alice to sign the message electronically. In other words, Alice to sign the message electronically. In other words, an electronic signature can prove the authenticity of an electronic signature can prove the authenticity of Alice as the sender of the message. We refer to this type Alice as the sender of the message. We refer to this type of signature as a digital signature. of signature as a digital signature. Comparison Need for Keys Process Topics discussed in this section: Topics discussed in this section:
31.23 A digital signature needs a public-key system. Note
31.24 Figure 31.11 Signing the message itself in digital signature
31.25 In a cryptosystem, we use the private and public keys of the receiver; in digital signature, we use the private and public keys of the sender. Note
31.26 Figure 31.12 Signing the digest in a digital signature
31.27 A digital signature today provides message integrity. Note
31.28 Digital signature provides message authentication. Note
31.29 Figure 31.13 Using a trusted center for nonrepudiation
31.30 Nonrepudiation can be provided using a trusted party. Note
31.31 31-6 ENTITY AUTHENTICATION 31-6 ENTITY AUTHENTICATION Entity authentication is a technique designed to let one Entity authentication is a technique designed to let one party prove the identity of another party. An entity can be party prove the identity of another party. An entity can be a person, a process, a client, or a server. The entity a person, a process, a client, or a server. The entity whose identity needs to be proved is called the claimant; whose identity needs to be proved is called the claimant; the party that tries to prove the identity of the claimant is the party that tries to prove the identity of the claimant is called the verifier. called the verifier. Passwords Challenge-Response Topics discussed in this section: Topics discussed in this section:
31.32 In challenge-response authentication, the claimant proves that she knows a secret without revealing it. Note
31.33 The challenge is a time-varying value sent by the verifier; the response is the result of a function applied on the challenge. Note
31.34 Figure 31.14 Challenge/response authentication using a nonce
31.35 Figure 31.15 Challenge-response authentication using a timestamp
31.36 Figure 31.16 Challenge-response authentication using a keyed-hash function
31.37 Figure 31.17 Authentication, asymmetric-key
31.38 Figure 31.18 Authentication, using digital signature
31.39 31-7 KEY MANAGEMENT 31-7 KEY MANAGEMENT We never discussed how secret keys in symmetric-key We never discussed how secret keys in symmetric-key cryptography and how public keys in asymmetric-key cryptography and how public keys in asymmetric-key cryptography are distributed and maintained. In this cryptography are distributed and maintained. In this section, we touch on these two issues. We first discuss section, we touch on these two issues. We first discuss the distribution of symmetric keys; we then discuss the the distribution of symmetric keys; we then discuss the distribution of asymmetric keys. distribution of asymmetric keys. Symmetric-Key Distribution Public-Key Distribution Topics discussed in this section: Topics discussed in this section:
31.40 Figure 31.19 KDC
31.41 A session symmetric key between two parties is used only once. Note
31.42 Figure 31.30 Creating a session key between Alice and Bob using KDC
31.43 Figure 31.21 Kerberos servers
31.44 Figure 31.22 Kerberos example
31.45 In public-key cryptography, everyone has access to everyone’s public key; public keys are available to the public. Note
31.46 Figure 31.23 Announcing a public key
31.47 Figure 31.24 Trusted center
31.48 Figure 31.25 Controlled trusted center
31.49 Figure 31.26 Certification authority
31.50 Figure 31.27 PKI hierarchy

More Related Content

PPT
31 Network Security
byAhmar Hashmi
 
PPT
Chapter 31
byFaisal Mehmood
 
PPT
Ch31
bybitistu
 
PPT
Ch31
byWayne Jones Jnr
 
PPT
chapter 31 security of commun networks
byMohammedAbbas653737
 
PPTX
Hashes_and_Digital_Signatures_Slides.pptx
byhomecooking511
 
PPT
Message authentication and hash function
byomarShiekh1
 
PPT
Network securities cn
byDhaval Bhatia
 
31 Network Security
byAhmar Hashmi
 
Chapter 31
byFaisal Mehmood
 
Ch31
bybitistu
 
Ch31
byWayne Jones Jnr
 
chapter 31 security of commun networks
byMohammedAbbas653737
 
Hashes_and_Digital_Signatures_Slides.pptx
byhomecooking511
 
Message authentication and hash function
byomarShiekh1
 
Network securities cn
byDhaval Bhatia
 

Similar to Explanation about Basic of Network Security Services

PPT
UNIT3_class (1).ppt CRYPTOGRAPHY NOTES AND NETWORK
byjeevasreemurali
 
PPT
Digital signature
byAJAL A J
 
PPTX
Digital signatures
byReachLocal Services India
 
PDF
Module 2.Cryptography and Cryptanalysis
bySitamarhi Institute of Technology
 
PPT
Chapter 7 security
byAbDul ThaYyal
 
PPT
Iss lecture 4
byAli Habeeb
 
PPTX
network security for cyber security in bsc.pptx
byKarthikKarthik694746
 
DOCX
Network Security Essentials Applications and StandardsSixth E.docx
byvannagoforth
 
DOCX
Network Security Essentials Applications and StandardsSixth E.docx
bydohertyjoetta
 
PDF
Module 2.pdf
bySitamarhi Institute of Technology
 
PPT
Cryptography and DNS-Computer network.ppt
bySheba56
 
DOCX
Network Security Essentials Applications and StandardsSixth E.docx
byhallettfaustina
 
DOCX
network security
byBishalWosti1
 
PPT
Basic concept of the Computer Networking and DNS SSL
byDhanapalM8
 
DOCX
Cryptography and Network Security Principles and PracticeSeve.docx
bymydrynan
 
PPT
1329 n 9460
bykicknit123
 
PPT
15 ma cs and signatures
bydrewz lin
 
PPTX
Security
bySaqib Shehzad
 
PDF
BAIT1103 Chapter 2
bylimsh
 
PPTX
Part 5 : Sharing resources, security principles and protocols
byOlivier Bonaventure
 
UNIT3_class (1).ppt CRYPTOGRAPHY NOTES AND NETWORK
byjeevasreemurali
 
Digital signature
byAJAL A J
 
Digital signatures
byReachLocal Services India
 
Module 2.Cryptography and Cryptanalysis
bySitamarhi Institute of Technology
 
Chapter 7 security
byAbDul ThaYyal
 
Iss lecture 4
byAli Habeeb
 
network security for cyber security in bsc.pptx
byKarthikKarthik694746
 
Network Security Essentials Applications and StandardsSixth E.docx
byvannagoforth
 
Network Security Essentials Applications and StandardsSixth E.docx
bydohertyjoetta
 
Module 2.pdf
bySitamarhi Institute of Technology
 
Cryptography and DNS-Computer network.ppt
bySheba56
 
Network Security Essentials Applications and StandardsSixth E.docx
byhallettfaustina
 
network security
byBishalWosti1
 
Basic concept of the Computer Networking and DNS SSL
byDhanapalM8
 
Cryptography and Network Security Principles and PracticeSeve.docx
bymydrynan
 
1329 n 9460
bykicknit123
 
15 ma cs and signatures
bydrewz lin
 
Security
bySaqib Shehzad
 
BAIT1103 Chapter 2
bylimsh
 
Part 5 : Sharing resources, security principles and protocols
byOlivier Bonaventure
 

Recently uploaded

PDF
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
PDF
Usage Control for Process Discovery through a Trusted Execution Environment
byValerioGoretti
 
PPTX
Basics of Identity Access Management In mordern Infrastructure
byPrinceXavier18
 
PDF
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
PDF
The year in review - MarvelClient in 2025
bypanagenda
 
PDF
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
PPTX
Ethics in AI - Artificial Intelligence Fundamentals.pptx
byemenyiblessing
 
PDF
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
PPTX
The Future of IT Service Management AI Automation & Beyond.pptx
byChetu
 
PDF
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
PDF
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
PDF
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
PDF
Generative AI in UiPath: Mastering the Generative Extractor for Intelligent D...
byDianaGray10
 
PDF
Agentic Automation for Testers – A Hands-On Deep Dive
byUiPathCommunity
 
PPTX
Ritesh_kumar_Aatmanirbhar Bharat: Make in India, Make for the World.pptx
byriteshrkgs2008
 
PDF
TPPmark2025 Kenta Inoue's answer 12/04/2025
byKenta Inoue
 
PDF
eResource Scheduler Enterprise Resource Management and Scheduling Software.pdf
byeResource Scheduler
 
PDF
Ransomware_Resilience_Strategic_Playbook.pdf
byAfonso Henrique Rodrigues Alves
 
PDF
Top 7 Manufacturing Software for Small Businesses Boosting Growth in 2025
byEnvertis Software Solutions
 
PDF
8 LLM Surveys https://tinyurl.com/bdz8e6fp
byBob Marcus
 
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
Usage Control for Process Discovery through a Trusted Execution Environment
byValerioGoretti
 
Basics of Identity Access Management In mordern Infrastructure
byPrinceXavier18
 
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
The year in review - MarvelClient in 2025
bypanagenda
 
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
Ethics in AI - Artificial Intelligence Fundamentals.pptx
byemenyiblessing
 
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
The Future of IT Service Management AI Automation & Beyond.pptx
byChetu
 
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
Generative AI in UiPath: Mastering the Generative Extractor for Intelligent D...
byDianaGray10
 
Agentic Automation for Testers – A Hands-On Deep Dive
byUiPathCommunity
 
Ritesh_kumar_Aatmanirbhar Bharat: Make in India, Make for the World.pptx
byriteshrkgs2008
 
TPPmark2025 Kenta Inoue's answer 12/04/2025
byKenta Inoue
 
eResource Scheduler Enterprise Resource Management and Scheduling Software.pdf
byeResource Scheduler
 
Ransomware_Resilience_Strategic_Playbook.pdf
byAfonso Henrique Rodrigues Alves
 
Top 7 Manufacturing Software for Small Businesses Boosting Growth in 2025
byEnvertis Software Solutions
 
8 LLM Surveys https://tinyurl.com/bdz8e6fp
byBob Marcus
 

Explanation about Basic of Network Security Services

  • 1.
    31.1 31-1 SECURITY SERVICES 31-1SECURITY SERVICES Network security can provide five services. Four of these Network security can provide five services. Four of these services are related to the message exchanged using the services are related to the message exchanged using the network. The fifth service provides entity authentication network. The fifth service provides entity authentication or identification. or identification. Message Confidentiality Message Integrity Message Authentication Message Nonrepudiation Entity Authentication Topics discussed in this section: Topics discussed in this section:
  • 2.
    31.2 Figure 31.1 Securityservices related to the message or entity
  • 3.
    31.3 31-2 MESSAGE CONFIDENTIALITY 31-2MESSAGE CONFIDENTIALITY The concept of how to achieve message confidentiality The concept of how to achieve message confidentiality or privacy has not changed for thousands of years. The or privacy has not changed for thousands of years. The message must be encrypted at the sender site and message must be encrypted at the sender site and decrypted at the receiver site. This can be done using decrypted at the receiver site. This can be done using either symmetric-key cryptography or asymmetric-key either symmetric-key cryptography or asymmetric-key cryptography. cryptography. Confidentiality with Symmetric-Key Cryptography Confidentiality with Asymmetric-Key Cryptography Topics discussed in this section: Topics discussed in this section:
  • 4.
    31.4 Figure 31.2 Messageconfidentiality using symmetric keys in two directions
  • 5.
    31.5 Figure 31.3 Messageconfidentiality using asymmetric keys
  • 8.
    31.8 31-3 MESSAGE INTEGRITY 31-3MESSAGE INTEGRITY Encryption and decryption provide secrecy, or Encryption and decryption provide secrecy, or confidentiality, but not integrity. However, on occasion confidentiality, but not integrity. However, on occasion we may not even need secrecy, but instead must have we may not even need secrecy, but instead must have integrity. integrity. Document and Fingerprint Message and Message Digest Creating and Checking the Digest Hash Function Criteria Hash Algorithms: SHA-1 Topics discussed in this section: Topics discussed in this section:
  • 9.
    31.9 To preserve theintegrity of a document, both the document and the fingerprint are needed. Note
  • 10.
    31.10 Figure 31.4 Messageand message digest
  • 11.
    31.11 The message digestneeds to be kept save. Note
  • 12.
  • 13.
    31.13 Figure 31.6 Criteriaof a hash function
  • 14.
    31.14 Can we usea conventional lossless compression method as a hashing function? Solution We cannot. A lossless compression method creates a compressed message that is reversible. You can uncompress the compressed message to get the original one. Example 31.1
  • 15.
    31.15 Can we usea checksum method as a hashing function? Solution We can. A checksum function is not reversible; it meets the first criterion. However, it does not meet the other criteria. Example 31.2
  • 16.
  • 17.
    31.17 SHA-1 hash algorithmscreate an N-bit message digest out of a message of 512-bit blocks. SHA-1 has a message digest of 160 bits (5 words of 32 bits). Note
  • 18.
    31.18 Figure 31.8 Processingof one block in SHA-1
  • 19.
    31.19 31-4 MESSAGE AUTHENTICATION 31-4MESSAGE AUTHENTICATION A hash function per se cannot provide authentication. A hash function per se cannot provide authentication. The digest created by a hash function can detect any The digest created by a hash function can detect any modification in the message, but not authentication. modification in the message, but not authentication. MAC Topics discussed in this section: Topics discussed in this section:
  • 20.
    31.20 Figure 31.9 MAC,created by Alice and checked by Bob
  • 21.
  • 22.
    31.22 31-5 DIGITAL SIGNATURE 31-5DIGITAL SIGNATURE When Alice sends a message to Bob, Bob needs to check When Alice sends a message to Bob, Bob needs to check the authenticity of the sender; he needs to be sure that the authenticity of the sender; he needs to be sure that the message comes from Alice and not Eve. Bob can ask the message comes from Alice and not Eve. Bob can ask Alice to sign the message electronically. In other words, Alice to sign the message electronically. In other words, an electronic signature can prove the authenticity of an electronic signature can prove the authenticity of Alice as the sender of the message. We refer to this type Alice as the sender of the message. We refer to this type of signature as a digital signature. of signature as a digital signature. Comparison Need for Keys Process Topics discussed in this section: Topics discussed in this section:
  • 23.
    31.23 A digital signatureneeds a public-key system. Note
  • 24.
    31.24 Figure 31.11 Signingthe message itself in digital signature
  • 25.
    31.25 In a cryptosystem,we use the private and public keys of the receiver; in digital signature, we use the private and public keys of the sender. Note
  • 26.
    31.26 Figure 31.12 Signingthe digest in a digital signature
  • 27.
    31.27 A digital signaturetoday provides message integrity. Note
  • 28.
    31.28 Digital signature providesmessage authentication. Note
  • 29.
    31.29 Figure 31.13 Usinga trusted center for nonrepudiation
  • 30.
    31.30 Nonrepudiation can beprovided using a trusted party. Note
  • 31.
    31.31 31-6 ENTITY AUTHENTICATION 31-6ENTITY AUTHENTICATION Entity authentication is a technique designed to let one Entity authentication is a technique designed to let one party prove the identity of another party. An entity can be party prove the identity of another party. An entity can be a person, a process, a client, or a server. The entity a person, a process, a client, or a server. The entity whose identity needs to be proved is called the claimant; whose identity needs to be proved is called the claimant; the party that tries to prove the identity of the claimant is the party that tries to prove the identity of the claimant is called the verifier. called the verifier. Passwords Challenge-Response Topics discussed in this section: Topics discussed in this section:
  • 32.
    31.32 In challenge-response authentication, theclaimant proves that she knows a secret without revealing it. Note
  • 33.
    31.33 The challenge isa time-varying value sent by the verifier; the response is the result of a function applied on the challenge. Note
  • 34.
    31.34 Figure 31.14 Challenge/responseauthentication using a nonce
  • 35.
    31.35 Figure 31.15 Challenge-responseauthentication using a timestamp
  • 36.
    31.36 Figure 31.16 Challenge-responseauthentication using a keyed-hash function
  • 37.
  • 38.
    31.38 Figure 31.18 Authentication,using digital signature
  • 39.
    31.39 31-7 KEY MANAGEMENT 31-7KEY MANAGEMENT We never discussed how secret keys in symmetric-key We never discussed how secret keys in symmetric-key cryptography and how public keys in asymmetric-key cryptography and how public keys in asymmetric-key cryptography are distributed and maintained. In this cryptography are distributed and maintained. In this section, we touch on these two issues. We first discuss section, we touch on these two issues. We first discuss the distribution of symmetric keys; we then discuss the the distribution of symmetric keys; we then discuss the distribution of asymmetric keys. distribution of asymmetric keys. Symmetric-Key Distribution Public-Key Distribution Topics discussed in this section: Topics discussed in this section:
  • 40.
  • 41.
    31.41 A session symmetrickey between two parties is used only once. Note
  • 42.
    31.42 Figure 31.30 Creatinga session key between Alice and Bob using KDC
  • 43.
  • 44.
  • 45.
    31.45 In public-key cryptography,everyone has access to everyone’s public key; public keys are available to the public. Note
  • 46.
  • 47.
  • 48.
  • 49.
  • 50.