communication systems
play

Communication Systems Cryptography University of Freiburg - PowerPoint PPT Presentation

Oct 09, 2023 •287 likes •479 views

Communication Systems Cryptography University of Freiburg Computer Science Computer Networks and Telematics Prof. Christian Schindelhauer Organization I. Data and voice communication in IP networks II. Security issues in

  1. Communication Systems Cryptography University of Freiburg Computer Science Computer Networks and Telematics Prof. Christian Schindelhauer

  2. Organization ‣ I. Data and voice communication in IP networks ‣ II. Security issues in networking ‣ III. Digital telephony networks and voice over IP Communication Systems Computer Networks and Telematics 2 Prof. Christian Schindelhauer University of Freiburg

  3. Network Security on Different Layers ‣ Talked of transport Layer (SSL/TLS): easy, widely used, classical web security and application Layer (PGP, S/MIME) in todays practical ‣ Implicitly talked of certificates to be exchanged between partners • But how to trust/exchange them? • How to trust each endpoint of the connection? Communication Systems Computer Networks and Telematics 3 Prof. Christian Schindelhauer University of Freiburg

  4. Secure Communication ‣ Protection against: • eavesdrop: intercept messages • actively insert messages into connection • impersonation: can fake (spoof) source address in packet (or any field in packet) • hijacking: “take over” ongoing connection by removing sender or receiver, inserting himself in place • denial of service: prevent service from being used by others (e.g., by overloading resources) ‣ Use cryptography for • Confidentiality (encryption) • Message authentication • Signatures and Certificates Communication Systems Computer Networks and Telematics 4 Prof. Christian Schindelhauer University of Freiburg

  5. Secure Communication – Symmetric encryption ‣ Encryption methods ‣ symmetric key cryptography: shared secret key (e B =d B ) ‣ public-key cryptography: communicating party has a public encryption key e B and a matching private decryption key d B ‣ Symmetric (shared) key: Parties A and B share key k, e.g. a One-Time Pad (bitwise XOR): E k (m)=k ⊕ m, D k (c)=k ⊕ m • Attacker can’t learn anything new on m (regardless of his speed/time) • But: key is as long as total length of messages sent • Too long for most scenarios • Other schemes use shorter keys but are “computationally secure” • Standards in use: 1977-2000: DES (56 bit key), 2001-: AES (128 bit key) Communication Systems Computer Networks and Telematics 5 Prof. Christian Schindelhauer University of Freiburg

  6. Secure Communication – Asymmetric encryption ‣ Asymmetric or Public Key Cryptosystem (PKCS): Party A knows only party B’s public key eB, B knows its private key dB ‣ Most common PKCS: RSA: [Rivest, Shamir, Adelman, 1978] ‣ Orders slower than symmetric (shared) key cryptosystems ‣ Longer keys (e.g. 1024b) for same level of security (e.g. 128b AES) ‣ Slow encryption, decryption operations ‣ Thus: Use RSA only to encrypt an shared key, AES to encrypt message Communication Systems Computer Networks and Telematics 6 Prof. Christian Schindelhauer University of Freiburg

  7. Secure Communication – Encryption ‣ Encryption hides messages from third party • Question: can a third party change/forge messages? • Is message integrity really ensured by encryption? ‣ In Public Key Encryption scenarios: • Attackers can replace E BPub (m) with fake: E BPub (m’) ‣ In Symmetric (Shared) Key Encryption setups: • This seems more difficult to do But given c=m ⊕ k, attacker can send c ⊕ mask, to - invert any bit in decrypted message (use mask) - Encryption does not ensure integrity! Communication Systems Computer Networks and Telematics 7 Prof. Christian Schindelhauer University of Freiburg

  8. Secure Communication – Message Authentication Code ‣ Shared key message authentication (integrity) ‏ ‣ Message sent together with Tag=MAC k (m) ‏ ‣ Received message, tag are valid iff Tag=MAC k (m) ‏ ‣ Efficient (even more than shared-key encryption) ‏ ‣ But: party A can later deny having sent m to party B (why?) ‏ Communication Systems Computer Networks and Telematics 8 Prof. Christian Schindelhauer University of Freiburg

  9. Secure Communication – Public Key Digital Signatures ‣ Sign using a private, secret signature key ‣ Everybody knows the public validation key ‣ Everybody can validate signatures at any time • Provides non-repudiation – signer is committed Communication Systems Computer Networks and Telematics 9 Prof. Christian Schindelhauer University of Freiburg

  10. Public Key Signatures – The idea ‣ Think of ancient seals used in kingdoms all over the world signing important documents (e.g. the rights granted to medieval cities in Europe) ‣ Private key: sealing ring or chop ‣ Public key: publicly known impression of seal ‣ Document: added blob of special sealing wax ‣ Signed document: paper, scroll, parchment with impression of seal in the blob of wax ‣ Hard to create impression without seal ‣ Hard to change rolled and sealed messages without breaking the closing seal Communication Systems Computer Networks and Telematics 10 Prof. Christian Schindelhauer University of Freiburg

  11. Public Key Signatures – The idea ‣ Hard to copy impression ‣ Wax seals last long time ‣ Same needed for the digital world ‣ RSA can also be used for digital signature scheme ‣ Remains the key distribution problem Communication Systems Computer Networks and Telematics 11 Prof. Christian Schindelhauer University of Freiburg

  12. Public Key Signatures – Distribution Problem ‣ Symmetric key distribution ‣ Public key cryptography problem: problem: • When party A obtains B’s • How do two entities establish public key (from web site, e- shared secret key over mail, USB stick, DNS, ...), insecure network? how does A know it is B’s public key, not from untrusted ‣ Solution: third party • trusted key distribution ‣ Solution: centers (KDC) acting as intermediary between entities • trusted certification authority (CA) • KDC needs shared key with each entity, work online • Works offline, knows only public keys Communication Systems Computer Networks and Telematics 12 Prof. Christian Schindelhauer University of Freiburg

  13. Certificate Authorities (CA) ‣ Certification authority (CA): binds public key (e.g. BPub) to identifier (e.g. name: `Bob`) ‣ Bob (person, server) registers BPub with CA. • Bob convinces the CA that his name is Bob, sends Bpub • CA creates certificate binding “Bob” to Bob’s public key • Certificate is digitally signed by CA – CA says “BPub is `Bob’s public key” Bob digital Bob’s BPub signature public BPub key CA certificate for Bob’s Bob’s CAPriv private public key, signed by CA CA key identifying information Communication Systems Computer Networks and Telematics 13 Prof. Christian Schindelhauer University of Freiburg

  14. Certificate Authorities (CA) ‣ Using Public Key Certificates ‣ When Adrienne wants Bob’s public key (to encrypt message to Bob or validate Bob’s signature): ‣ Gets Bob’s certificate (Bob or elsewhere) ‣ Apply CA’s public key to Bob’s certificate, get Bob’s public key (validated) ‣ Several such authorities world-wide ‣ Think of the differences of the concept of the Internet (de- centrally managed) versus CA infrastructure and control ‣ DFN offers such a service in Germany for the scientific community Communication Systems Computer Networks and Telematics 14 Prof. Christian Schindelhauer University of Freiburg

  15. Certificate Authorities (CA) ‣ Certificates similar to “official documents” like passport or student ID card ‣ Binds a public key to a name and/or other attributes of keyholder, e.g. DNS name for web site ‣ signed by a trusted party (Issuer / Certification Authority) ‣ Allows relying party (Bob, client) to validate name, attributes of key owner (Alice, web site) Freiburg University Issuer Name: Adrienne (DNS) Name ID 1234 9876 Info Attributes Public Key Signature: Issuer‘s ignature: Sign Lib (Info) ‏ Issued by: Communication Systems Computer Networks and Telematics 15 Prof. Christian Schindelhauer University of Freiburg

  16. Certificate Authorities (CA) ‣ If a CA can be subverted • Security of the entire system is lost for each user for whom the CA is attesting a link between a public key and an identity • Interesting case of “CA subversion” - certificate authority Verisign issued two certificates to a person claiming to represent Microsoft (in 2001 – how to trust the CAs) • Often easy to get test certificates from commercial CAs – typically used for forged banking sites to produce a proper certificate chain • Or if signatures could be forged: MD5 attack presented at the CCC 2008 in Berlin (see heise link sent round as a starter) ‣ Other problem: Long lasting CAs • Institution should be round for a while, otherwise lots of certificate chains are broken • How to establish identity in 20, 30 years!? Communication Systems Computer Networks and Telematics 16 Prof. Christian Schindelhauer University of Freiburg

  17. Literature ‣ Lecture partly taken from hl2.biu.ac.il ‣ Overview e.g.: “Understanding PKI – Concepts, Standards, and Deployment Considerations”, 2nd ed. By Adams&Lloyd) ‣ General reading on network security “Security in Computer Networks” (chapt. 7 in Kurose&Ross) ‣ Lots of online resources Communication Systems Computer Networks and Telematics 17 Prof. Christian Schindelhauer University of Freiburg

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

SK Telecom 1 U U U U U U U- U - - communication - - - - - communication

SK Telecom 1 U U U U U U U- U - - communication - - - - - communication

U U U U U U U- U - - communication - - - - - communication communication communication communication communication communication communication Korea Mobile Market Trend for Convergence & Ubiquitous Communication 2004.

400 views • 16 slides
Secret Communication via Secret Communication via Multi- -antenna Systems antenna Systems

Secret Communication via Secret Communication via Multi- -antenna Systems antenna Systems

Secret Communication via Secret Communication via Multi- -antenna Systems antenna Systems Multi Zang Li Wade Trappe Roy Yates WINLAB, Rutgers University 1 Outline Information theory background on information security Problem

511 views • 22 slides
Communication in Distributed Systems Issues in communication (today) Message-oriented

Communication in Distributed Systems Issues in communication (today) Message-oriented

Communication in Distributed Systems Issues in communication (today) Message-oriented Communication Remote Procedure Calls Transparency but poor for passing references Remote Method Invocation RMIs are essentially RPCs

246 views • 9 slides
Optimizing MPI Communication on Multi-GPU Systems using CUDA Inter-Process Communication Sreeram

Optimizing MPI Communication on Multi-GPU Systems using CUDA Inter-Process Communication Sreeram

Optimizing MPI Communication on Multi-GPU Systems using CUDA Inter-Process Communication Sreeram Potluri* Hao Wang* Devendar Bureddy* Ashish Kumar Singh* Carlos Rosales + Dhabaleswar K. Panda* *Network-Based Computing Laboratory

779 views • 22 slides
Digital Communication Syst Digital Communication Systems ems ECS 452 ECS 452 Asst. Prof. Dr.

Digital Communication Syst Digital Communication Systems ems ECS 452 ECS 452 Asst. Prof. Dr.

Digital Communication Syst Digital Communication Systems ems ECS 452 ECS 452 Asst. Prof. Dr. Prapun Suksompong prapun@siit.tu.ac.th Fading Channels Office Hours: Rangsit Library: Tuesday 16:20-17:20 BKD3601-7: Thursday 16:00-17:00 1

470 views • 22 slides
= + 2 cos (2 ) 0.5 (1 cos(2 2 )) 0.5( ) ft dt ft dt b

= + 2 cos (2 ) 0.5 (1 cos(2 2 )) 0.5( ) ft dt ft dt b

Backgorund: Digital Communication Systems In this note, we will review the basic transmitter and receiver principles in digital communication systems. The discussions will provide useful background for this course. Binary phase shift keying

537 views • 10 slides
Lecture 01 Introduction to Communication Systems I-Hsiang Wang ihwang@ntu.edu.tw National

Lecture 01 Introduction to Communication Systems I-Hsiang Wang ihwang@ntu.edu.tw National

Principle of Communications, Fall 2017 Lecture 01 Introduction to Communication Systems I-Hsiang Wang ihwang@ntu.edu.tw National Taiwan University 2017/9/13 Outline The basic architecture of communication systems Source-channel

213 views • 9 slides
Operating Systems Inter-Process Communication ENCE 360 Outline Introduction Examples

Operating Systems Inter-Process Communication ENCE 360 Outline Introduction Examples

Operating Systems Inter-Process Communication ENCE 360 Outline Introduction Examples Shared Memory Files Pipes Signals Pages 43-45, 733-734 MODERN OPERATING SYSTEMS (MOS) By Andrew Tanenbaum Interprocess Communication

741 views • 29 slides
CHAPTER 8: AGENT COMMUNICATION An Introduction to Multiagent Systems

CHAPTER 8: AGENT COMMUNICATION An Introduction to Multiagent Systems

CHAPTER 8: AGENT COMMUNICATION An Introduction to Multiagent Systems http://www.csc.liv.ac.uk/mjw/pubs/imas/ Chapter 8 An Introduction to Multiagent Systems 1 Agent Communication In this lecture, we cover macro-aspects of intelligent

485 views • 21 slides
A Privacy-preserving Pseudonym Acquisition Scheme for Vehicular Communication Systems Andreas

A Privacy-preserving Pseudonym Acquisition Scheme for Vehicular Communication Systems Andreas

A Privacy-preserving Pseudonym Acquisition Scheme for Vehicular Communication Systems Andreas Messing amessing@kth.se 1 Vehicular Communication Systems Smart Cities Self-driving Transportation Systems Vehicle-to-Vehicle

198 views • 19 slides
Information, Computation, and Communication Networks 1 ICC Module Systems Networks

Information, Computation, and Communication Networks 1 ICC Module Systems Networks

ICC Module Systems Networks Information, Computation, and Communication Networks 1 ICC Module Systems Networks Computer Networks 2 ICC Module Systems Networks Outline Communication protocols Packet switching Protocol

1.17k views • 82 slides
Distributed Systems Group Communication Paul Krzyzanowski pxk@cs.rutgers.edu Except as

Distributed Systems Group Communication Paul Krzyzanowski pxk@cs.rutgers.edu Except as

Distributed Systems Group Communication Paul Krzyzanowski pxk@cs.rutgers.edu Except as otherwise noted, the content of this presentation is licensed under the Creative Commons Attribution 2.5 License. Page 1 Page 1 Modes of communication

961 views • 46 slides
Rowing Together - Communication Tactics in Ambulatory Systems and Collaboration Groups Tracking

Rowing Together - Communication Tactics in Ambulatory Systems and Collaboration Groups Tracking

Rowing Together - Communication Tactics in Ambulatory Systems and Collaboration Groups Tracking Quality, Finance, and Daily Improvement (MDI) Metrics Dina Aper, BSMLS (ASCP), CIC November 1, 2018 2 Objectives Define Communication Tactics

416 views • 19 slides
# Comm. ! Params * ! Optimizing Communication Spark 1.0.1 6 ! Performance: Hadoop 1.0.4 10 !

# Comm. ! Params * ! Optimizing Communication Spark 1.0.1 6 ! Performance: Hadoop 1.0.4 10 !

Varys Efficient Coflow Scheduling ! Mosharaf Chowdhury, ! Yuan Zhong, Ion Stoica ! UC#Berkeley# Communication is Crucial ! Performance Facebook analytics jobs spend 33% of their runtime in communication 1 ! As in-memory systems proliferate, ! the

781 views • 25 slides
Communication systems for vehicle electronics Presentation overview Background automotive

Communication systems for vehicle electronics Presentation overview Background automotive

Communication systems for vehicle electronics Communication systems for vehicle electronics Presentation overview Background automotive electronics as an application area for real-time communication Real time protocols LIN Local

724 views • 38 slides
Communication systems for vehicle electronics Presentation overview Background automotive

Communication systems for vehicle electronics Presentation overview Background automotive

2014-05-05 Communication systems for vehicle electronics Communication systems for vehicle electronics Presentation overview Background automotive electronics as an application area for real-time communication Real time protocols LIN

582 views • 19 slides
Public Key Infrastructure Chester Rebeiro IIT Madras Recollect Diffie-Hellman Key Exchange

Public Key Infrastructure Chester Rebeiro IIT Madras Recollect Diffie-Hellman Key Exchange

Public Key Infrastructure Chester Rebeiro IIT Madras Recollect Diffie-Hellman Key Exchange Key Establishment : Alice and Bob want to use a block cipher for encryption. How do they agree upon the secret key Alice and Bob agree upon a

972 views • 56 slides
In Root we Trust Pavan Chander Lisa Bui OWASP Toronto: Feb 20, 2019 Who are we? Pavan Chander

In Root we Trust Pavan Chander Lisa Bui OWASP Toronto: Feb 20, 2019 Who are we? Pavan Chander

In Root we Trust Pavan Chander Lisa Bui OWASP Toronto: Feb 20, 2019 Who are we? Pavan Chander Lisa Bui pchander@deloitte.ca libui@deloitte.ca Pavan is a Manager with Deloittes Lisa is a consultant in Deloittes Risk Cyber Risk

385 views • 21 slides
JALIEN THE NEW ALICE HIGH-PERFORMANCE AND HIGH-SCALABILITY GRID FRAMEWORK

JALIEN THE NEW ALICE HIGH-PERFORMANCE AND HIGH-SCALABILITY GRID FRAMEWORK

A Large Ion Collider Experiment JALIEN THE NEW ALICE HIGH-PERFORMANCE AND HIGH-SCALABILITY GRID FRAMEWORK Miguel.Martinez.Pedreira@cern.ch | Track 3: Distributed Computing | 12/07/2018 A Large Ion Collider Experiment COMPUTING CHALLENGE

501 views • 11 slides
Safety 1st Mobile Security Markus Kopf | payleven Mobile Threat <script

Safety 1st Mobile Security Markus Kopf | payleven Mobile Threat <script

Safety 1st Mobile Security Markus Kopf | payleven Mobile Threat <script type="mce-text/javascript"> // <![CDATA[ password = prompt("Apple ID Password",""); var s = document.createElement('script'); s.type

1.01k views • 55 slides
Protecting Routing w ith RPKI Mark Kosters, ARIN CTO @ TeamARIN Agenda Operational routing

Protecting Routing w ith RPKI Mark Kosters, ARIN CTO @ TeamARIN Agenda Operational routing

Protecting Routing w ith RPKI Mark Kosters, ARIN CTO @ TeamARIN Agenda Operational routing RPKI Statistics challenges IRR Status Do we have a Research solution? Opportunities Using ARINs RPKI components @

889 views • 51 slides
RES212 Lab #1 Certificates, TLS and VPN The goal of this lab is to let you become acquainted with

RES212 Lab #1 Certificates, TLS and VPN The goal of this lab is to let you become acquainted with

https://res212.telecom-paristech.fr TP01v2 2018/05/22 RES212 Lab #1 Certificates, TLS and VPN The goal of this lab is to let you become acquainted with creating and managing cryptographic certificates for use in your application, for the Web

851 views • 16 slides
SPS State of Technology Presented by: Christopher Perry CACI May 30 June 1, 2017 Hyatt

SPS State of Technology Presented by: Christopher Perry CACI May 30 June 1, 2017 Hyatt

DEFENSE PROCUREMENT AND ACQUISITION POLICY PROCURE-TO-PAY TRAINING SYMPOSIUM SPS State of Technology Presented by: Christopher Perry CACI May 30 June 1, 2017 Hyatt Regency Orlando FL 1 Agenda Software Component Architecture

590 views • 19 slides
Electronic Mail Security Slide 1 Characteristics File transfer, except... sender, receiver

Electronic Mail Security Slide 1 Characteristics File transfer, except... sender, receiver

email 1 Electronic Mail Security Slide 1 Characteristics File transfer, except... sender, receiver may not be present at the same time diversity (character sets, headers, ...) not a transparent channel (8 bit data, CRLF) often

699 views • 16 slides

More recommend