The document outlines the goals and topics to be covered in a lecture on data and network security. It will discuss principles of network security including cryptography, authentication, message integrity, and key distribution. It will also cover security implementations in practice such as firewalls and security at different network layers. The lecture will begin with an introduction to network security and then cover cryptography, authentication, integrity, key distribution, access control with firewalls, attacks and countermeasures, and security across network layers.
Module 6
Advanced Networking
Security problems with internet architecture, Introduction to Software defined networking, Working of SDN, SDN in data centre, SDN applications, Data centre networking, IoT.
Module 6
Advanced Networking
Security problems with internet architecture, Introduction to Software defined networking, Working of SDN, SDN in data centre, SDN applications, Data centre networking, IoT.
Chapter 8SecurityComputer Networking A Top Down Approach .docxrusselldayna
Chapter 8
Security
Computer Networking: A Top Down Approach
6th edition
Jim Kurose, Keith Ross
Addison-Wesley
March 2012
A note on the use of these ppt slides:
We’re making these slides freely available to all (faculty, students, readers). They’re in PowerPoint form so you see the animations; and can add, modify, and delete slides (including this one) and slide content to suit your needs. They obviously represent a lot of work on our part. In return for use, we only ask the following:
If you use these slides (e.g., in a class) that you mention their source (after all, we’d like people to use our book!)
If you post any slides on a www site, that you note that they are adapted from (or perhaps identical to) our slides, and note our copyright of this material.
Thanks and enjoy! JFK/KWR
All material copyright 1996-2012
J.F Kurose and K.W. Ross, All Rights Reserved
Network Security
Chapter 8: Network Security
Chapter goals:
understand principles of network security:
cryptography and its many uses beyond “confidentiality”
authentication
message integrity
security in practice:
firewalls and intrusion detection systems
security in application, transport, network, link layers
2
Network Security
Chapter 8 roadmap
8.1 What is network security?
8.2 Principles of cryptography
8.3 Message integrity, authentication
8.4 Securing e-mail
8.5 Securing TCP connections: SSL
8.6 Network layer security: IPsec
8.7 Securing wireless LANs
8.8 Operational security: firewalls and IDS
3
Network Security
What is network security?
confidentiality: only sender, intended receiver should “understand” message contents
sender encrypts message
receiver decrypts message
authentication: sender, receiver want to confirm identity of each other
message integrity: sender, receiver want to ensure message not altered (in transit, or afterwards) without detection
access and availability: services must be accessible and available to users
4
Network Security
Friends and enemies: Alice, Bob, Trudy
well-known in network security world
Bob, Alice (lovers!) want to communicate “securely”
Trudy (intruder) may intercept, delete, add messages
5
Network Security
Who might Bob, Alice be?
… well, real-life Bobs and Alices!
Web browser/server for electronic transactions (e.g., on-line purchases)
on-line banking client/server
DNS servers
routers exchanging routing table updates
other examples?
6
Network Security
There are bad guys (and girls) out there!
Q: What can a “bad guy” do?
A: A lot! See section 1.6
eavesdrop: intercept messages
actively insert messages into connection
impersonation: can fake (spoof) source address in packet (or any field in packet)
hijacking: “take over” ongoing connection by removing sender or receiver, inserting himself in place
denial of service: prevent service from being used by others (e.g., by overloading resources)
7
Network Security
Chapter 8 roadmap
8.1 What is network security?
8.2 Principles of cryptograph ...
Chapter 8SecurityComputer Networking A Top Down Approach .docxrusselldayna
Chapter 8
Security
Computer Networking: A Top Down Approach
6th edition
Jim Kurose, Keith Ross
Addison-Wesley
March 2012
A note on the use of these ppt slides:
We’re making these slides freely available to all (faculty, students, readers). They’re in PowerPoint form so you see the animations; and can add, modify, and delete slides (including this one) and slide content to suit your needs. They obviously represent a lot of work on our part. In return for use, we only ask the following:
If you use these slides (e.g., in a class) that you mention their source (after all, we’d like people to use our book!)
If you post any slides on a www site, that you note that they are adapted from (or perhaps identical to) our slides, and note our copyright of this material.
Thanks and enjoy! JFK/KWR
All material copyright 1996-2012
J.F Kurose and K.W. Ross, All Rights Reserved
Network Security
Chapter 8: Network Security
Chapter goals:
understand principles of network security:
cryptography and its many uses beyond “confidentiality”
authentication
message integrity
security in practice:
firewalls and intrusion detection systems
security in application, transport, network, link layers
2
Network Security
Chapter 8 roadmap
8.1 What is network security?
8.2 Principles of cryptography
8.3 Message integrity, authentication
8.4 Securing e-mail
8.5 Securing TCP connections: SSL
8.6 Network layer security: IPsec
8.7 Securing wireless LANs
8.8 Operational security: firewalls and IDS
3
Network Security
What is network security?
confidentiality: only sender, intended receiver should “understand” message contents
sender encrypts message
receiver decrypts message
authentication: sender, receiver want to confirm identity of each other
message integrity: sender, receiver want to ensure message not altered (in transit, or afterwards) without detection
access and availability: services must be accessible and available to users
4
Network Security
Friends and enemies: Alice, Bob, Trudy
well-known in network security world
Bob, Alice (lovers!) want to communicate “securely”
Trudy (intruder) may intercept, delete, add messages
5
Network Security
Who might Bob, Alice be?
… well, real-life Bobs and Alices!
Web browser/server for electronic transactions (e.g., on-line purchases)
on-line banking client/server
DNS servers
routers exchanging routing table updates
other examples?
6
Network Security
There are bad guys (and girls) out there!
Q: What can a “bad guy” do?
A: A lot! See section 1.6
eavesdrop: intercept messages
actively insert messages into connection
impersonation: can fake (spoof) source address in packet (or any field in packet)
hijacking: “take over” ongoing connection by removing sender or receiver, inserting himself in place
denial of service: prevent service from being used by others (e.g., by overloading resources)
7
Network Security
Chapter 8 roadmap
8.1 What is network security?
8.2 Principles of cryptograph ...
Describes Bluetooth protocol in the application layer, Uses Java to explore Bluetooth technology using JSR-82. Has separate discussions for :
1) concept of local and remote device
2) Find out your own MAC Address (Bluetooth )
3) Search for devices
4)Connect to a device over BTSPP
5) Use javax.microedition.io
6) It also works with Java ME (J2ME)
7) concept of UUID and profiles
9) It connects to DUN profile
10) Using AT commands to ethically make calls from another GSM mobile or send SMS from it
This shows how one can use XMPP in one's Java coding to make an IM communication. It'd be really amusing to see your Facebook or Google chat in action with your own code.
This begins your journey to java as a very beginner. Prerequisite of the audience is strong understanding of basic language fundamentals of C or C++ or C# .
This is one of the comprehensive Java slides I made in 2008.
This covers:
a) Constructors
b) static initializers and blocks
c) non-static initializers and blocks
d) this keyword
e) chaining of constructors
This Java slides gives comprehensive understating of :
a) Inheritance
b) super keyword and constructors
c) hierarchical super constructor and execution of blocks and initilaizers
d) static methods and their speciality
e) Method overriding versus overloading
f) why static methods cannot be overridden
h) private methods : why they are not overridden
g) rules of overriding :Exceptions to be thrown
h) dynamic method dispatch what and why
Java Universal super class java.lang.Object is discussed comprehensively with code snippets.
Also covers:
a) Why we need inheritance and dynamic method dispatch
b) Need of a universal parent
c) Delegation and proxies
d) toString(), clone(), equals(), notify()
Comprehensive guide with code snippet that discusses:
1) how an HTML table can be used to select rows from
2) how to render a dynamic table using database
3) How and why to alternate row colors on even-'n'-odd basis
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
The Art of the Pitch: WordPress Relationships and Sales
Sohams cryptography basics
1. Data Security & Cryptology
http://sohamsironline.weeby.com 8-1
Monday, October 13, 2014
2. Data & Network Security
Chapter goals:
understand principles of network security:
cryptography and its many uses beyond
“confidentiality”
authentication
message integrity
key distribution
http://sohamsironline.weeby.com 8-2
security in practice:
firewalls
security in application, transport, network, link
layers
Monday, October 13, 2014
3. http://sohamsironline.weeby.com 8-3
Our roadmap
8.1 What is network security?
8.2 Principles of cryptography
8.3 Authentication
8.4 Integrity
8.5 Key Distribution and certification
8.6 Access control: firewalls
8.7 Attacks and counter measures
8.8 Security in many layers
Monday, October 13, 2014
4. What is network security?
Confidentiality: only sender, intended receiver
should “understand” message contents
http://sohamsironline.weeby.com 8-4
sender encrypts message
receiver decrypts message
Authentication: sender, receiver want to confirm
identity of each other
Message Integrity: sender, receiver want to ensure
message not altered (in transit, or afterwards)
without detection
Access and Availability: services must be accessible
and available to users
Monday, October 13, 2014
5. Friends and enemies: Alice, Bob, Trudy
well-known in network security world
Bob, Alice (Friends) want to communicate “securely”
Trudy (intruder) may intercept, delete, add messages
Alice Bob
http://sohamsironline.weeby.com 8-5
secure
sender
secure
receiver
channel data, control
messages
data data
Trudy
Monday, October 13, 2014
6. Who might Bob, Alice be?
… well, real-life Bobs and Alices!
Web browser/server for electronic
transactions (e.g., on-line purchases)
on-line banking client/server
DNS servers
routers exchanging routing table updates
other examples?
http://sohamsironline.weeby.com 8-6
Monday, October 13, 2014
7. There are bad guys (and girls) out there!
Q: What can a “bad guy” do?
A: a lot!
eavesdrop: intercept messages
actively insert messages into connection
impersonation: can fake (spoof) source address
in packet (or any field in packet)
hijacking: “take over” ongoing connection by
removing sender or receiver, inserting himself
in place
denial of service: prevent service from being
used by others (e.g., by overloading resources)
http://sohamsironline.weeby.com 8-7
more on this later ……
Monday, October 13, 2014
8. http://sohamsironline.weeby.com 8-8
Our roadmap
8.1 What is network security?
8.2 Principles of cryptography
8.3 Authentication
8.4 Integrity
8.5 Key Distribution and certification
8.6 Access control: firewalls
8.7 Attacks and counter measures
8.8 Security in many layers
Monday, October 13, 2014
9. The language of cryptography
plaintext ciphertext plaintext
symmetric key crypto: sender, receiver keys identical
public-key crypto: encryption key public, decryption key
secret (private)
http://sohamsironline.weeby.com 8-9
KA
encryption
algorithm
decryption
algorithm
Alice’s
encryption
key
Bob’s
decryption
key
KB
Monday, October 13, 2014
10. Symmetric key cryptography
ceasar cipher: substitute w/ offset of k
plaintext: abcdefghijklmnopqrstuvwxyz
plaintext: uvwxyzabcdefghijklmnopqrst
Plaintext: bob. i love india.
ciphertext: viv. c fipy chxcu
http://sohamsironline.weeby.com 8-10
E.g.:
Q: How hard to break this simple cipher?:
brute force (how hard?)
other?
Monday, October 13, 2014
11. Symmetric key cryptography
substitution cipher: substituting one thing for another
monoalphabetic cipher: substitute one letter for another
plaintext: abcdefghijklmnopqrstuvwxyz
ciphertext: mnbvcxzasdfghjklpoiuytrewq
Plaintext: bob. i love you. alice
ciphertext: nkn. s gktc wky. mgsbc
http://sohamsironline.weeby.com 8-11
E.g.:
Q: How hard to break this simple cipher?:
brute force (how hard?)
other?
Monday, October 13, 2014
12. http://sohamsironline.weeby.com 8-12
Puzzle
64! = 1.2680e+89
Come up with a cryptographic scheme that
has 64!^2 possible keys
64^4?
How long will it take to crack these, in
days, if it you can test 1 key per second?
1.6*10^178/86400
1.6*10^356/86400
Monday, October 13, 2014
13. Symmetric key cryptography
ciphertext plaintext
symmetric key crypto: Bob and Alice share same
(symmetric) key: K
e.g., key is knowing substitution pattern in mono
alphabetic substitution cipher
Question!: how do Bob and Alice agree on key value?
http://sohamsironline.weeby.com 8-13
KA-B
encryption
algorithm
decryption
algorithm
A-B
KA-B
plaintext
message, m
K (m) A-B K (m) m = K ( A - B ) A-B
Monday, October 13, 2014
14. Symmetric key crypto: DES
DES: Data Encryption Standard
US encryption standard [NIST 1993]
56-bit symmetric key, 64-bit plaintext input
How secure is DES?
DES Challenge: 56-bit-key-encrypted phrase
(“Strong cryptography makes the world a safer
place”) decrypted (brute force) in 4 months
no known “backdoor” decryption approach
http://sohamsironline.weeby.com 8-14
making DES more secure:
use three keys sequentially (3-DES) on each datum
use cipher-block chaining
Monday, October 13, 2014
15. http://sohamsironline.weeby.com 8-15
Public Key Cryptography
symmetric key crypto
requires sender,
receiver know shared
secret key
Q: how to agree on key
in first place
(particularly if never
“met”)?
public key cryptography
radically different
approach [Diffie-
Hellman76, RSA78]
sender, receiver do
not share secret key
public encryption key
known to all
private decryption
key known only to
receiver
Monday, October 13, 2014
16. Bob’s public
key
K B +
Bob’s private
key
K B -
+
B -
http://sohamsironline.weeby.com 8-16
Public key cryptography
plaintext
message, m
encryption ciphertext
algorithm
decryption
algorithm
plaintext
K (m) message B +
m = K (K (m)) B
Monday, October 13, 2014
17. Public key encryption algorithms
need K ( B ) and K B ( ) such that . .
+ -
K - (K +
(m)) = m B B
+
given public key K , it should be impossible to compute private key K
http://sohamsironline.weeby.com 8-17
-
B
B
Requirements:
1
2
RSA: Rivest, Shamir, Adelson algorithm
Monday, October 13, 2014
18. RSA: Encryption, decryption
Assume m = (m e mod n)d mod n
1. To encrypt bit pattern, m, compute
c = m e mod n (i.e., remainder when me is divided by n)
2. To decrypt received bit pattern, c, compute
m = c d mod n (i.e., remainder when cd is divided by n)
http://sohamsironline.weeby.com 8-18
c
Monday, October 13, 2014
19. RSA: How? m = (m e mod n)d mod n
Useful number theory result: If p,q prime and
n = pq, then:
x y mod n = x y m o d ( p - 1 ) ( q - 1 ) mod n
(using number theory result above)
(So we choose ed to be divisible by
http://sohamsironline.weeby.com 8-19
(m e mod n) d mod n = m e d mod n
= m e d m o d ( p - 1 ) ( q - 1 ) mod n
= m 1 mod n
= m
(p-1)(q-1) with remainder 1 )
Monday, October 13, 2014
20. RSA: Choosing keys
1. Choose two large prime numbers p, q.
(e.g., 1024 bits each)
2. Compute n = pq, z = (p-1)(q-1)
3. Choose e (with en) that has no common factors
with z. (e, z are “relatively prime”).
4. Choose d such that ed-1 is exactly divisible by z.
(in other words: ed mod z = 1 ).
5. Public key is (n,e). Private key is (n,d).
http://sohamsironline.weeby.com 8-20
K B +
K B -
Monday, October 13, 2014
21. RSA example:
Bob chooses p=5, q=7. Then n=35, z=24.
e=5 (so e, z relatively prime).
d=29 (so ed-1 exactly divisible by z.
letter m me c = me mod n
l 12 1524832 17
cd letter
c m = cd mod n
17 481968572106750915091411825223071697 12
l
http://sohamsironline.weeby.com 8-21
encrypt:
decrypt:
Monday, October 13, 2014
22. RSA: another important property
The following property will be very useful later:
- + K B (K B (m))
http://sohamsironline.weeby.com 8-22
K B (KB (m)) = m
+ -
=
use public key
first, followed
by private key
use private key
first, followed
by public key
Result is the same!
Monday, October 13, 2014
23. http://sohamsironline.weeby.com 8-23
Our roadmap
8.1 What is network security?
8.2 Principles of cryptography
8.3 Authentication
8.4 Integrity
8.5 Key Distribution and certification
8.6 Access control: firewalls
8.7 Attacks and counter measures
8.8 Security in many layers
Monday, October 13, 2014
24. Authentication
Goal: Bob wants Alice to “prove” her identity
to him
Protocol ap1.0: Alice says “I am Alice”
Failure scenario??
http://sohamsironline.weeby.com 8-24
“I am Alice”
Monday, October 13, 2014
25. Authentication
Goal: Bob wants Alice to “prove” her identity
to him
Protocol ap1.0: Alice says “I am Alice”
in a network,
Bob can not “see”
Alice, so Trudy simply
declares
herself to be Alice
http://sohamsironline.weeby.com 8-25
“I am Alice”
Monday, October 13, 2014
26. Authentication: another try
Protocol ap2.0: Alice says “I am Alice” in an IP packet
containing her source IP address
Failure scenario??
http://sohamsironline.weeby.com 8-26
Alice’s “I am Alice”
IP address
Monday, October 13, 2014
27. Authentication: another try
Protocol ap2.0: Alice says “I am Alice” in an IP packet
containing her source IP address
Trudy can create
a packet
“spoofing”
Alice’s “I am Alice” Alice’s address
IP address
http://sohamsironline.weeby.com 8-27
Monday, October 13, 2014
28. Authentication: another try
Protocol ap3.0: Alice says “I am Alice” and sends her
secret password to “prove” it.
Failure scenario??
http://sohamsironline.weeby.com 8-28
Alice’s
password
Alice’s “I’m Alice”
IP addr
Alice’s OK
IP addr
Monday, October 13, 2014
29. Authentication: another try
Protocol ap3.0: Alice says “I am Alice” and sends her
secret password to “prove” it.
playback attack: Trudy
records Alice’s packet
and later
plays it back to Bob
http://sohamsironline.weeby.com 8-29
Alice’s
password
Alice’s “I’m Alice”
IP addr
Alice’s OK
IP addr
Alice’s
password
Alice’s “I’m Alice”
IP addr
Monday, October 13, 2014
30. Authentication: yet another try
Protocol ap3.1: Alice says “I am Alice” and sends her
encrypted secret password to “prove” it.
Failure scenario??
http://sohamsironline.weeby.com 8-30
encrypted
password
Alice’s “I’m Alice”
IP addr
Alice’s OK
IP addr
Monday, October 13, 2014
31. Authentication: another try
Protocol ap3.1: Alice says “I am Alice” and sends her
encrypted secret password to “prove” it.
record
and
playback
still works!
http://sohamsironline.weeby.com 8-31
encrypted
password
Alice’s “I’m Alice”
IP addr
Alice’s OK
IP addr
encrypted
password
Alice’s “I’m Alice”
IP addr
Monday, October 13, 2014
32. Authentication: yet another try
Goal: avoid playback attack
Nonce: number (R) used only once –in-a-lifetime
ap4.0: to prove Alice “live”, Bob sends Alice nonce, R.
http://sohamsironline.weeby.com 8-32
Failures, drawbacks?
Alice
must return R, encrypted with shared secret key
“I am Alice”
R
K (R) A-B
Alice is live, and
only Alice knows
key to encrypt
nonce, so it must
be Alice!
Monday, October 13, 2014
33. Authentication: ap5.0
ap4.0 requires shared symmetric key
can we authenticate using public key techniques?
ap5.0: use nonce, public key cryptography
KA
+
- http://sohamsironline.weeby.com 8-33
“I am Alice”
R
Bob computes
K (R) A -
“send me your public key”
+
KA
(K A (R)) = R
and knows only Alice
could have the private
key, that encrypted R
such -
that
(KA (R)) = R
K A +
Monday, October 13, 2014
34. ap5.0: security hole
Man (woman) in the middle attack: Trudy poses as
Alice (to Bob) and as Bob (to Alice)
I am Alice I am Alice
K - (R)
+
+
http://sohamsironline.weeby.com 8-34
R
T
Send me your public key
K T
K - (R)
A
Send me your public key
+
K A
K T (m)
Trudy gets
T
+m = K -
(K (m)) sends T
m to Alice
encrypted with
Alice’s public key
+
KA (m)
A
m = K -
(K (m)) A
+R
Monday, October 13, 2014
35. ap5.0: security hole
Man (woman) in the middle attack: Trudy poses as
Alice (to Bob) and as Bob (to Alice)
Difficult to detect:
Bob receives everything that Alice sends, and vice
versa. (e.g., so Bob, Alice can meet one week later and
recall conversation)
problem is that Trudy receives all messages as well!
http://sohamsironline.weeby.com 8-35
Monday, October 13, 2014
36. http://sohamsironline.weeby.com 8-36
Updated roadmap
8.1 What is network security?
8.2 Principles of cryptography
8.3 Authentication
8.4 Message integrity
8.5 Key Distribution and certification
8.6 Access control: firewalls
8.7 Attacks and counter measures
8.8 Security in many layers
Monday, October 13, 2014
37. http://sohamsironline.weeby.com 8-37
Digital Signatures
Cryptographic technique analogous to hand-written
signatures.
sender (Bob) digitally signs document,
establishing he is document owner/creator.
verifiable, nonforgeable: recipient (Alice) can
prove to someone that Bob, and no one else
(including Alice), must have signed document
Monday, October 13, 2014
38. Digital Signatures
Simple digital signature for message m:
Bob signs m by encrypting with his private key
KB, creating “signed” message, KB - (-m)
Bob’s private
key K B -
K B -
(m)
http://sohamsironline.weeby.com 8-38
Bob’s message, m
Dear Alice
Oh, how I have missed
you. I think of you all the
time! …(blah blah blah)
Bob
Public key
encryption
algorithm
Bob’s message,
m, signed
(encrypted) with
his private key
Monday, October 13, 2014
39. -
http://sohamsironline.weeby.com 8-39
Digital Signatures (more)
Suppose Alice receives msg m, digital signature K(m)
B Alice verifies m signed by Bob by applying Bob’s
+ public key Kto K(m) then checks K(+
K(m) ) = m.
-
B BBB If K(K(m) ) = m, whoever signed m must have used
BBBob’s private key.
-
- -
+
Alice thus verifies that:
Bob signed m.
No one else signed m.
Bob signed m and not m’.
Non-repudiation:
Alice can take m, and signature KB(m) to
court and prove that Bob signed m.
Monday, October 13, 2014
40. large
message
H: Hash
Function
H(m)
http://sohamsironline.weeby.com 8-40
Message Digests
Computationally expensive
to public-key-encrypt
long messages
Goal: fixed-length, easy-to-
compute digital
“fingerprint”
apply hash function H
to m, get fixed size
message digest, H(m).
m
Hash function properties:
many-to-1
produces fixed-size msg
digest (fingerprint)
given message digest x,
computationally
infeasible to find m such
that x = H(m)
Monday, October 13, 2014
41. Internet checksum: poor crypto hash
function
Internet checksum has some properties of hash function:
produces fixed length digest (16-bit sum) of message
is many-to-one
But given message with given hash value, it is easy to find
another message with same hash value:
message ASCII format
http://sohamsironline.weeby.com 8-41
message ASCII format
I O U 1
0 0 . 9
9 B O B
49 4F 55 31
30 30 2E 39
39 42 4F 42
B2 C1 D2 AC
I O U 9
0 0 . 1
9 B O B
49 4F 55 39
30 30 2E 31
39 42 4F 42
different messages B2 C1 D2 AC
but identical checksums!
Monday, October 13, 2014
42. Digital signature = signed message digest
encrypted
msg digest
-
http://sohamsironline.weeby.com 8-42
Bob sends digitally signed
message:
large
message
m
H: Hash
function H(m)
digital
signature
(encrypt)
Bob’s
private
key K B -
+
Alice verifies signature and
integrity of digitally signed
message:
encrypted
msg digest
-
KB(H(m))
KB(H(m))
large
message
m
H: Hash
function
H(m)
digital
signature
(decrypt)
H(m)
Bob’s
public
key K B +
equal
?
Monday, October 13, 2014
43. Hash Function Algorithms
MD5 hash function widely used (RFC 1321)
computes 128-bit message digest in 4-step
process.
arbitrary 128-bit string x, appears difficult to
construct msg m whose MD5 hash is equal to x.
http://sohamsironline.weeby.com 8-43
SHA-1 is also used.
US standard [NIST, FIPS PUB 180-1]
160-bit message digest
Monday, October 13, 2014
44. http://sohamsironline.weeby.com 8-44
Our roadmap
8.1 What is network security?
8.2 Principles of cryptography
8.3 Authentication
8.4 Integrity
8.5 Key distribution and certification
8.6 Access control: firewalls
8.7 Attacks and counter measures
8.8 Security in many layers
Monday, October 13, 2014
45. http://sohamsironline.weeby.com 8-45
Trusted Intermediaries
Symmetric key problem:
How do two entities
establish shared secret
key over network?
Solution:
trusted key distribution
center (KDC) acting as
intermediary between
entities
Public key problem:
When Alice obtains
Bob’s public key (from
web site, e-mail,
diskette), how does she
know it is Bob’s public
key, not Trudy’s?
Solution:
trusted certification
authority (CA)
Monday, October 13, 2014
46. Key Distribution Center (KDC)
Alice, Bob need shared symmetric key.
KDC: server shares different secret key with each
registered user (many users)
Alice, Bob know own symmetric keys, KA-KDC KB-KDC , for
communicating with KDC.
KP-KDC
KB-KDC
KX-KDC
KY-KDC
KZ-KDC
http://sohamsironline.weeby.com 8-46
KB-KDC
KA-KDC
KA-KDC
KP-KDC
KDC
Monday, October 13, 2014
47. Key Distribution Center (KDC)
Q: How does KDC allow Bob, Alice to determine shared
symmetric secret key to communicate with each other?
KDC
generates
R1
http://sohamsironline.weeby.com 8-47
Alice
knows
R1
Bob knows to
use R1 to
communicate
with Alice
KA-KDC(A,B)
KA-KDC(R1, KB-KDC(A,R1) )
KB-KDC(A,R1)
Alice and Bob communicate: using R1 as
session key for shared symmetric encryption
Monday, October 13, 2014
48. Certification Authorities
Certification authority (CA): binds public key to
particular entity, E.
E (person, router) registers its public key with CA.
E provides “proof of identity” to CA.
CA creates certificate binding E to its public key.
certificate containing E’s public key digitally signed by CA
– CA says “this is E’s public key”
http://sohamsironline.weeby.com 8-48
Bob’s
public
key K B +
Bob’s
identifying
information
digital
signature
(encrypt)
CA
private
-
key K CA
K B +
certificate for
Bob’s public key,
signed by CA
Monday, October 13, 2014
49. Certification Authorities
When Alice wants Bob’s public key:
gets Bob’s certificate (Bob or elsewhere).
apply CA’s public key to Bob’s certificate, get
Bob’s public key
Bob’s
public
key K B +
http://sohamsironline.weeby.com 8-49
digital
signature
(decrypt)
CA
public
K +
key CA
K B +
Monday, October 13, 2014
50. A certificate contains:
Serial number (unique to issuer)
info about certificate owner, including algorithm
and key value itself (not shown) info about certificate issuer
valid dates
digital signature by issuer
http://sohamsironline.weeby.com 8-50
Monday, October 13, 2014
51. http://sohamsironline.weeby.com 8-51
Chapter 8 roadmap
8.1 What is network security?
8.2 Principles of cryptography
8.3 Authentication
8.4 Integrity
8.5 Key Distribution and certification
8.6 Access control: firewalls
8.7 Attacks and counter measures
8.8 Security in many layers
Monday, October 13, 2014
52. http://sohamsironline.weeby.com 8-52
Firewalls
firewall
isolates organization’s internal net from larger
Internet, allowing some packets to pass,
blocking others.
administered
network
public
Internet
firewall
Monday, October 13, 2014
53. http://sohamsironline.weeby.com 8-53
Firewalls: Why
prevent denial of service attacks:
SYN flooding: attacker establishes many bogus TCP
connections, no resources left for “real” connections.
prevent illegal modification/access of internal data.
e.g., attacker replaces CIA’s homepage with
something else
allow only authorized access to inside network (set of
authenticated users/hosts)
two types of firewalls:
application-level
packet-filtering
Monday, October 13, 2014
54. Should arriving
packet be allowed
in? Departing packet
let out?
http://sohamsironline.weeby.com 8-54
Packet Filtering
internal network connected to Internet via
router firewall
router filters packet-by-packet, decision to
forward/drop packet based on:
source IP address, destination IP address
TCP/UDP source and destination port numbers
ICMP message type
TCP SYN and ACK bits
Monday, October 13, 2014
55. http://sohamsironline.weeby.com 8-55
Packet Filtering
Example 1: block incoming and outgoing
datagrams with IP protocol field = 17 and with
either source or dest port = 23.
All incoming and outgoing UDP flows and telnet
connections are blocked.
Example 2: Block inbound TCP segments with
ACK=0.
Prevents external clients from making TCP
connections with internal clients, but allows
internal clients to connect to outside.
Monday, October 13, 2014
56. http://sohamsironline.weeby.com 8-56
Application gateways
Filters packets on
application data as well
as on IP/TCP/UDP fields.
Example: allow select
internal users to telnet
outside.
host-to-gateway
telnet session
gateway-to-remote
host telnet session
application
gateway
router and filter
1. Require all telnet users to telnet through gateway.
2. For authorized users, gateway sets up telnet connection to
dest host. Gateway relays data between 2 connections
3. Router filter blocks all telnet connections not originating
from gateway.
Monday, October 13, 2014
57. Limitations of firewalls and gateways
http://sohamsironline.weeby.com 8-57
IP spoofing: router
can’t know if data
“really” comes from
claimed source
if multiple app’s. need
special treatment, each
has own app. gateway.
client software must
know how to contact
gateway.
e.g., must set IP address
of proxy in Web
browser
filters often use all or
nothing policy for UDP.
tradeoff: degree of
communication with
outside world, level of
security
many highly protected
sites still suffer from
attacks.
Monday, October 13, 2014
58. http://sohamsironline.weeby.com 8-58
Our roadmap
8.1 What is network security?
8.2 Principles of cryptography
8.3 Authentication
8.4 Integrity
8.5 Key Distribution and certification
8.6 Access control: firewalls
8.7 Attacks and counter measures
8.8 Security in many layers
Monday, October 13, 2014
59. Internet security threats
Mapping:
before attacking: “case the joint” – find out
what services are implemented on network
Use ping to determine what hosts have
addresses on network
Port-scanning: try to establish TCP connection
to each port in sequence (see what happens)
nmap (http://www.insecure.org/nmap/) mapper:
“network exploration and security auditing”
Countermeasures?
http://sohamsironline.weeby.com 8-59
Monday, October 13, 2014
60. Internet security threats
Mapping: countermeasures
record traffic entering network
look for suspicious activity (IP addresses, ports
being scanned sequentially)
http://sohamsironline.weeby.com 8-60
Monday, October 13, 2014
61. Internet security threats
Packet sniffing:
broadcast media
promiscuous NIC reads all packets passing by
can read all unencrypted data (e.g. passwords)
e.g.: C sniffs B’s packets
http://sohamsironline.weeby.com 8-61
A
B
C
src:B dest:A payload
Countermeasures?
Monday, October 13, 2014
62. Internet security threats
Packet sniffing: countermeasures
all hosts in organization run software that
checks periodically if host interface in
promiscuous mode.
one host per segment of broadcast media
(switched Ethernet at hub)
encryption
http://sohamsironline.weeby.com 8-62
A
B
C
src:B dest:A payload
Monday, October 13, 2014
63. Internet security threats
IP Spoofing:
can generate “raw” IP packets directly from
application, putting any value into IP source
address field
receiver can’t tell if source is spoofed
e.g.: C pretends to be B
http://sohamsironline.weeby.com 8-63
A
B
C
src:B dest:A payload
Countermeasures?
Monday, October 13, 2014
64. Internet security threats
IP Spoofing: ingress filtering
routers should not forward outgoing packets
with invalid source addresses (e.g., datagram
source address not in router’s network)
great, but ingress filtering can not be mandated
for all networks
http://sohamsironline.weeby.com 8-64
A
B
C
src:B dest:A payload
Monday, October 13, 2014
65. Internet security threats
Denial of service (DOS):
flood of maliciously generated packets “swamp”
receiver
Distributed DOS (DDOS): multiple coordinated
sources swamp receiver
e.g., C and remote host SYN-attack A
http://sohamsironline.weeby.com 8-65
A
B
C
SYN
SYN SYN SYN
SYN
SYN
SYN
Countermeasures?
Monday, October 13, 2014
66. Internet security threats
Denial of service (DOS): countermeasures
filter out flooded packets (e.g., SYN) before
reaching host: throw out good with bad
traceback to source of floods (most likely an
innocent, compromised machine)
http://sohamsironline.weeby.com 8-66
A
B
C
SYN
SYN SYN SYN
SYN
SYN
SYN
Monday, October 13, 2014
67. http://sohamsironline.weeby.com 8-67
Chapter 8 roadmap
8.1 What is network security?
8.2 Principles of cryptography
8.3 Authentication
8.4 Integrity
8.5 Key Distribution and certification
8.6 Access control: firewalls
8.7 Attacks and counter measures
8.8 Security in many layers
8.8.1. Secure email
8.8.2. Secure sockets
8.8.3. IPsec
8.8.4. Security in 802.11
Monday, October 13, 2014
69. Alice wants to send confidential e-mail, m, to Bob.
KS(m )
+ -
+
http://sohamsironline.weeby.com 8-69
Secure e-mail
KS( ) .
KB( ) + .
+
KB(KS )
m
+
Alice:
generates random symmetric private key, KS.
encrypts message with KS (for efficiency)
also encrypts KS with Bob’s public key.
sends both KS(m) and KB(KS) to Bob.
KS
KS
KB
Internet
KS( ) .
- .
KB( ) KB
-
KS
KS(m ) m
KB(KS )
Monday, October 13, 2014
70. Alice wants to send confidential e-mail, m, to Bob.
KS(m )
+ -
+
http://sohamsironline.weeby.com 8-70
Secure e-mail
KS( ) .
KB( ) + .
+
KB(KS )
m
+
Bob:
uses his private key to decrypt and recover KS
uses KS to decrypt KS(m) to recover m
KS
KS
KB
Internet
KS( ) .
- .
KB( ) KB
-
KS
KS(m ) m
KB(KS )
Monday, October 13, 2014
71. Secure e-mail (continued)
• Alice wants to provide sender authentication
message integrity.
-
+
KA
-
KA(H(m)) H(m )
compare
• Alice digitally signs message.
• sends both message (in the clear) and digital signature.
http://sohamsironline.weeby.com 8-71
H(. ) KA( ) - .
+ -
m
KA -
Internet
m
KA( ) + .
KA(H(m))
m
H(. ) H(m )
Monday, October 13, 2014
72. Internet
http://sohamsironline.weeby.com 8-72
Secure e-mail (continued)
• Alice wants to provide secrecy, sender authentication,
message integrity.
KA -
H(. ) KA( ) - .
-
KA(H(m))
+
m
m
KS( ) .
KB( ) + .
+
+
KS
KB(KS )
KB +
KS
Alice uses three keys: her private key, Bob’s public
key, newly created symmetric key
Monday, October 13, 2014
73. Pretty good privacy (PGP)
A PGP signed message:
http://sohamsironline.weeby.com 8-73
Internet e-mail encryption
scheme, de-facto standard.
uses symmetric key
cryptography, public key
cryptography, hash
function, and digital
signature as described.
provides secrecy, sender
authentication, integrity.
inventor, Phil Zimmerman,
was target of 3-year
federal investigation.
---BEGIN PGP SIGNED MESSAGE---
Hash: SHA1
Bob:My husband is out of town
tonight.Passionately yours,
Alice
---BEGIN PGP SIGNATURE---
Version: PGP 5.0
Charset: noconv
yhHJRHhGJGhgg/12EpJ+lo8gE4vB3mqJ
hFEvZP9t6n7G6m5Gw2
---END PGP SIGNATURE---
Monday, October 13, 2014
74. Secure sockets layer (SSL)
http://sohamsironline.weeby.com 8-74
transport layer
security to any TCP-based
app using SSL
services.
used between Web
browsers, servers for
e-commerce (shttp).
security services:
server authentication
data encryption
client authentication
(optional)
server authentication:
SSL-enabled browser
includes public keys for
trusted CAs.
Browser requests
server certificate,
issued by trusted CA.
Browser uses CA’s
public key to extract
server’s public key from
certificate.
check your browser’s
security menu to see
its trusted CAs.
Monday, October 13, 2014
75. http://sohamsironline.weeby.com 8-75
SSL (continued)
Encrypted SSL session:
Browser generates
symmetric session key,
encrypts it with server’s
public key, sends
encrypted key to server.
Using private key, server
decrypts session key.
Browser, server know
session key
All data sent into TCP
socket (by client or server)
encrypted with session key.
SSL: basis of IETF
Transport Layer
Security (TLS).
SSL can be used for
non-Web applications,
e.g., IMAP.
Client authentication
can be done with client
certificates.
Monday, October 13, 2014
76. IPsec: Network Layer Security
http://sohamsironline.weeby.com 8-76
Network-layer secrecy:
sending host encrypts the
data in IP datagram
TCP and UDP segments;
ICMP and SNMP
messages.
Network-layer authentication
destination host can
authenticate source IP
address
Two principle protocols:
authentication header
(AH) protocol
encapsulation security
payload (ESP) protocol
For both AH and ESP, source,
destination handshake:
create network-layer
logical channel called a
security association (SA)
Each SA unidirectional.
Uniquely determined by:
security protocol (AH or
ESP)
source IP address
32-bit connection ID
Monday, October 13, 2014
77. Authentication Header (AH) Protocol
http://sohamsironline.weeby.com 8-77
provides source
authentication, data
integrity, no
confidentiality
AH header inserted
between IP header,
data field.
protocol field: 51
intermediate routers
process datagrams as
usual
AH header includes:
connection identifier
authentication data:
source- signed message
digest calculated over
original IP datagram.
next header field:
specifies type of data
(e.g., TCP, UDP, ICMP)
IP header data (e.g AH header ., TCP, UDP segment)
Monday, October 13, 2014
78. http://sohamsironline.weeby.com 8-78
ESP Protocol
provides secrecy, host
authentication, data
integrity.
data, ESP trailer
encrypted.
next header field is in ESP
trailer.
ESP authentication
field is similar to AH
authentication field.
Protocol = 50.
authenticated
IP header ESP TCP/UDP segment
header
ESP
trailer
ESP
authent.
encrypted
Monday, October 13, 2014
79. http://sohamsironline.weeby.com 8-79
IEEE 802.11 security
War-driving: drive around Bay area, see what 802.11
networks available?
More than 9000 accessible from public roadways
85% use no encryption/authentication
packet-sniffing and various attacks easy!
Securing 802.11
encryption, authentication
first attempt at 802.11 security: Wired Equivalent
Privacy (WEP): a failure
current attempt: 802.11i
Monday, October 13, 2014
80. Wired Equivalent Privacy (WEP):
authentication as in protocol ap4.0
host requests authentication from access point
access point sends 128 bit nonce
host encrypts nonce using shared symmetric key
access point decrypts nonce, authenticates host
no key distribution mechanism
authentication: knowing the shared key is enough
http://sohamsironline.weeby.com 8-80
Monday, October 13, 2014
81. http://sohamsironline.weeby.com 8-81
WEP data encryption
Host/AP share 40 bit symmetric key (semi-permanent)
Host appends 24-bit initialization vector (IV) to
create 64-bit key
64 bit key used to generate stream of keys, kIV
i
ki
IV used to encrypt ith byte, di, in frame:
ci = di XOR ki
IV
IV and encrypted bytes, ci sent in frame
Monday, October 13, 2014
82. http://sohamsironline.weeby.com 8-82
802.11 WEP encryption
IV
(per frame)
KS: 40-bit
secret
symmetric
IV k2
key k1
IV k3
IV … kN
IV kN+1
IV… kN+1
IV
d1
d2 d3 … dN
CRC1 … CRC4
c1
c2 c3 … cN
cN+1 … cN+4
plaintext
frame data
plus CRC
key sequence generator
( for given KS, IV)
802.11
header IV
WEP-encrypted data
plus CRC
Figure 7.8-new1: 802.11 Sender-side WEP e WnEcPr pyroptotciool n
Monday, October 13, 2014
83. Breaking 802.11 WEP encryption
Security hole:
24-bit IV, one IV per frame, - IV’s eventually reused
IV transmitted in plaintext - IV reuse detected
Attack:
Trudy causes Alice to encrypt known plaintext d1 d2
d3 d4 …
Trudy sees: ci = di XOR ki
http://sohamsironline.weeby.com 8-83
IV
Trudy knows ci di, so can compute ki
IV
Trudy knows encrypting key sequence k1
IV k2
IV k3
IV …
Next time IV is used, Trudy can decrypt! Monday, October 13, 2014
84. 802.11i: improved security
numerous (stronger) forms of encryption
possible
provides key distribution
uses authentication server separate from
access point
http://sohamsironline.weeby.com 8-84
Monday, October 13, 2014
85. 802.11i: four phases of operation
AP: access point AS:
Authentication
server
STA and AS mutually authenticate, together
generate Master Key (MK). AP servers as “pass through”
http://sohamsironline.weeby.com 8-85
wired
network
STA:
client station
1 Discovery of
security capabilities
3
2
3 STA derives
Pairwise Master
Key (PMK)
AS derives
same PMK,
sends to AP
4 STA, AP use PMK to derive
Temporal Key (TK) used for message
Monday, October 13, 2014
encryption, integrity
86. EAP: extensible authentication protocol
EAP: end-end client (mobile) to authentication
server protocol
EAP sent over separate “links”
mobile-to-AP (EAP over LAN)
AP to authentication server (RADIUS over UDP)
wired
network
http://sohamsironline.weeby.com 8-86
EAP TLS
EAP
EAP over LAN (EAPoL)
IEEE 802.11
RADIUS
UDP/IP
Monday, October 13, 2014
87. Network Security (summary)
Basic techniques…...
cryptography (symmetric and public)
authentication
message integrity
key distribution
…. used in many different security scenarios
http://sohamsironline.weeby.com 8-87
secure email
secure transport (SSL)
IP sec
802.11
Monday, October 13, 2014