network security network security essentials essentials
play

Network Security Network Security Essentials Essentials Chapter 2 - PowerPoint PPT Presentation

Jan 08, 2024 •612 likes •1.16k views

Network Security Network Security Essentials Essentials Chapter 2 Chapter 2 Fourth Edition Fourth Edition by William Stallings by William Stallings Lecture slides by Lawrie Brown Lecture slides by Lawrie Brown Encryption Encryption

  1. Network Security Network Security Essentials Essentials Chapter 2 Chapter 2 Fourth Edition Fourth Edition by William Stallings by William Stallings Lecture slides by Lawrie Brown Lecture slides by Lawrie Brown

  2. Encryption Encryption  What What is is encryption? Why do we need it? encryption? Why do we need it?  No, seriously, let's discuss this. Why do we No, seriously, let's discuss this. Why do we need it? need it?

  3. Symmetric Encryption Symmetric Encryption  or conventional / or conventional / private-key private-key / single-key / single-key  sender and recipient share a common key sender and recipient share a common key  all classical encryption algorithms are all classical encryption algorithms are private-key private-key  was only type prior to invention of public- was only type prior to invention of public- key in 1970’s key in 1970’s  and by far most widely used and by far most widely used

  4. Some Basic Terminology Some Basic Terminology  plaintext plaintext - original message - original message  ciphertext ciphertext - coded message - coded message  cipher cipher - algorithm for transforming plaintext to ciphertext - algorithm for transforming plaintext to ciphertext  key key - info used in cipher known only to sender/receiver - info used in cipher known only to sender/receiver  encipher (encrypt) encipher (encrypt) - converting plaintext to ciphertext - converting plaintext to ciphertext  decipher (decrypt) decipher (decrypt) - recovering ciphertext from plaintext - recovering ciphertext from plaintext  cryptography cryptography - study of encryption principles/methods - study of encryption principles/methods  cryptanalysis (codebreaking) cryptanalysis (codebreaking) - study of principles/ - study of principles/ methods of deciphering ciphertext without without knowing key knowing key methods of deciphering ciphertext  cryptology cryptology - field of both cryptography and cryptanalysis - field of both cryptography and cryptanalysis

  5. Some Basic Terminology Some Basic Terminology  cleartext cleartext - is this the same as plaintext? - is this the same as plaintext?  Also, do all ciphers need a key? Also, do all ciphers need a key? – Is a password the same as a key? Is a password the same as a key? – Are there ciphers that use neither? Are there ciphers that use neither?

  6. Symmetric Cipher Model Symmetric Cipher Model

  7. Requirements Requirements  two requirements for secure use of two requirements for secure use of symmetric encryption: symmetric encryption:  a strong encryption algorithm a strong encryption algorithm  a secret key known only to sender / receiver a secret key known only to sender / receiver  mathematically have: mathematically have: Y = E(K, = E(K, X X ) ) Y X = D(K, = D(K, Y Y ) ) X  assume encryption algorithm is known assume encryption algorithm is known  implies a secure channel to distribute implies a secure channel to distribute key key

  8. Cryptography Cryptography  can characterize cryptographic system by: can characterize cryptographic system by:  type of encryption operations used type of encryption operations used • substitution substitution • transposition transposition • product product  number of keys used number of keys used • single-key or private single-key or private • two-key or public two-key or public  way in which plaintext is processed way in which plaintext is processed • block block • stream stream

  9. Cryptanalysis Cryptanalysis  objective to recover key not just message objective to recover key not just message  general approaches: general approaches:  cryptanalytic attack cryptanalytic attack  brute-force attack brute-force attack  if either succeed all key use compromised if either succeed all key use compromised  Hence the value of Hence the value of perfect forward secrecy perfect forward secrecy

  10. Cryptanalytic Attacks Cryptanalytic Attacks  ciphertext only ciphertext only  only know algorithm & ciphertext, is statistical, only know algorithm & ciphertext, is statistical, know or can identify plaintext know or can identify plaintext  known plaintext known plaintext  know/suspect plaintext & ciphertext know/suspect plaintext & ciphertext  chosen plaintext chosen plaintext  select plaintext and obtain ciphertext select plaintext and obtain ciphertext  chosen ciphertext chosen ciphertext  select ciphertext and obtain plaintext select ciphertext and obtain plaintext  chosen text chosen text  select plaintext or ciphertext to en/decrypt select plaintext or ciphertext to en/decrypt

  11. Brute Force Search Brute Force Search  always possible to simply try every key always possible to simply try every key  most basic attack, proportional to key size most basic attack, proportional to key size  assume either know / recognize plaintext assume either know / recognize plaintext Key Size (bits) Number of Alternative Time required at 1 Time required at 10 6 Keys decryption/µs decryptions/µs 32 2 32 = 4.3  10 9 2 31 µs = 35.8 minutes 2.15 milliseconds 56 2 56 = 7.2  10 16 2 55 µs = 1142 years 10.01 hours 128 2 128 = 3.4  10 38 = 5.4  10 24 years 5.4  10 18 years 2 127 µs 168 2 168 = 3.7  10 50 2 167 µs = 5.9  10 36 years 5.9  10 30 years 26 characters 26! = 4  10 26 2  10 26 µs = 6.4  10 12 years 6.4  10 6 years (permutation)

  12. Feistel Cipher Structure Feistel Cipher Structure  Horst Feistel devised the Horst Feistel devised the feistel cipher feistel cipher  based on concept of invertible product cipher based on concept of invertible product cipher  partitions input block into two halves partitions input block into two halves  process through multiple rounds which process through multiple rounds which  perform a substitution on left data half perform a substitution on left data half  based on round function of right half & subkey based on round function of right half & subkey  then have permutation swapping halves then have permutation swapping halves  implements Shannon’s S-P net concept implements Shannon’s S-P net concept

  13. Feistel Cipher Structure Feistel Cipher Structure

  14. Feistel Cipher Design Elements Feistel Cipher Design Elements  block size block size  key size key size  number of rounds number of rounds  subkey generation algorithm subkey generation algorithm  round function round function  fast software en/decryption fast software en/decryption  ease of analysis ease of analysis

  15. Data Encryption Standard (DES) Data Encryption Standard (DES)  most widely used block cipher in world most widely used block cipher in world  adopted in 1977 by NBS (now NIST) adopted in 1977 by NBS (now NIST)  as FIPS PUB 46 as FIPS PUB 46  encrypts 64-bit data using 56-bit key encrypts 64-bit data using 56-bit key  has widespread use has widespread use  has been considerable controversy over has been considerable controversy over its security its security

  16. DES History DES History  IBM developed Lucifer cipher IBM developed Lucifer cipher  by team led by Feistel in late 60’s by team led by Feistel in late 60’s  used 64-bit data blocks with 128-bit key used 64-bit data blocks with 128-bit key  then redeveloped as a commercial cipher then redeveloped as a commercial cipher with input from NSA and others with input from NSA and others  in 1973 NBS issued request for proposals in 1973 NBS issued request for proposals for a national cipher standard for a national cipher standard  IBM submitted their revised Lucifer which IBM submitted their revised Lucifer which was eventually accepted as the DES was eventually accepted as the DES

  17. DES Design Controversy DES Design Controversy  although DES standard is public although DES standard is public  was considerable controversy over design was considerable controversy over design  in choice of 56-bit key (vs Lucifer 128-bit) in choice of 56-bit key (vs Lucifer 128-bit)  and because design criteria were classified and because design criteria were classified  subsequent events and public analysis subsequent events and public analysis show in fact design was appropriate show in fact design was appropriate  use of DES has flourished use of DES has flourished  especially in financial applications especially in financial applications  still standardised for legacy application use still standardised for legacy application use

  18. Multiple Encryption & DES Multiple Encryption & DES  clear a replacement for DES was needed clear a replacement for DES was needed  theoretical attacks that can break it theoretical attacks that can break it  demonstrated exhaustive key search attacks demonstrated exhaustive key search attacks  AES is a new cipher alternative AES is a new cipher alternative  prior to this alternative was to use multiple prior to this alternative was to use multiple encryption with DES implementations encryption with DES implementations  Triple-DES is the chosen form Triple-DES is the chosen form

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Security Note: These slides are created using information from. Network Security Essentials by

Security Note: These slides are created using information from. Network Security Essentials by

Security Note: These slides are created using information from. Network Security Essentials by William Stallings Computer Networking, A top-down approach by James F.Kurose and Keith W.Ross Maximum Security by Anonymous Lectures and Notes from

489 views • 38 slides
What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

Network security Network security Foundations: what is security? cryptography Network Security Network Security authentication message integrity key distribution and certification Security in practice: Srinidhi Varadarajan

332 views • 6 slides
Network Security Essentials Chapter 3 Fourth Edition by William Stallings Lecture slides by

Network Security Essentials Chapter 3 Fourth Edition by William Stallings Lecture slides by

Network Security Essentials Chapter 3 Fourth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 9 Public Key Cryptography and RSA Every Egyptian received two names, which were known respectively as the true name and the

970 views • 81 slides
Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice:

634 views • 36 slides
Guide to Networking Essentials Fifth Edition Chapter 2 Network Design Essentials Objectives

Guide to Networking Essentials Fifth Edition Chapter 2 Network Design Essentials Objectives

Guide to Networking Essentials Fifth Edition Chapter 2 Network Design Essentials Objectives Explain the basics of a network layout Describe the standard networking topologies Explain the variations on standard networking

357 views • 33 slides
17Nov19 Information Security Essentials Recognizing Threats in Your Daily Routine This

17Nov19 Information Security Essentials Recognizing Threats in Your Daily Routine This

17Nov19 Information Security Essentials Recognizing Threats in Your Daily Routine This module will teach you what is information security, how to identify and avoid potential security risks in the workplace and beyond. 1 Introduction

406 views • 7 slides
Guide to Networking Essentials Fifth Edition Chapter 6 Network Communications and Protocols

Guide to Networking Essentials Fifth Edition Chapter 6 Network Communications and Protocols

Guide to Networking Essentials Fifth Edition Chapter 6 Network Communications and Protocols Objectives Explain the function of protocols in a network Describe common protocol suites Guide to Networking Essentials, Fifth Edition 2

916 views • 47 slides
Unix Essentials Devin J. Pohly <djpohly@cse.psu.edu> CMPSC 311: Introduction to Systems

Unix Essentials Devin J. Pohly <djpohly@cse.psu.edu> CMPSC 311: Introduction to Systems

Systems and Internet i Infrastructure Security i Institute for Networking and Security Research Department of Computer Science and Engineering Pennsylvania State University, University Park, PA Unix Essentials Devin J. Pohly

315 views • 20 slides
Economics of network security Harald Vranken 1 Economics of network security Note that

Economics of network security Harald Vranken 1 Economics of network security Note that

Advanced Network Security (2019-2020) Economics of network security Harald Vranken 1 Economics of network security Note that network in this lecture means Physical communication network (eg. Internet, telephony, fax, telegraph)

769 views • 49 slides
Intro, history, hacking Network Security Lecture 1 Welcome to Network Security Should be able

Intro, history, hacking Network Security Lecture 1 Welcome to Network Security Should be able

Intro, history, hacking Network Security Lecture 1 Welcome to Network Security Should be able to Skills identify design and Ability to analyze the implementation security of networked vulnerabilities in network systems protocols

564 views • 33 slides
Security Tunneling Cyber Security Spring 2010 Reading Material IPSec overview Chapter

Security Tunneling Cyber Security Spring 2010 Reading Material IPSec overview Chapter

Security Tunneling Cyber Security Spring 2010 Reading Material IPSec overview Chapter 6 Network Security Essentials, William Stallings SSH RFCs 4251, 4252, 4253 SSL/TLS overview Slide material from Bishop

1.55k views • 69 slides
Guide to Networking Essentials Fifth Edition Chapter 7 Network Architectures Objectives

Guide to Networking Essentials Fifth Edition Chapter 7 Network Architectures Objectives

Guide to Networking Essentials Fifth Edition Chapter 7 Network Architectures Objectives Compare and contrast media access methods used in network architectures Describe the operation of Ethernet Differentiate between Ethernet

825 views • 80 slides
Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn Black J CSCI 6268/TLEN 5831, Fall 2004 Introduction UC Davis PhD in 2000 Cryptography Interested in broader security as well

492 views • 12 slides
Network Security Where we are in the Course Security crosses all layers Application

Network Security Where we are in the Course Security crosses all layers Application

Network Security Where we are in the Course Security crosses all layers Application Transport Network Link Physical CSE 461 University of Washington 2 Security Threats Security is like performance Means many things

932 views • 55 slides
Network Security Where we are in the Course Security crosses all layers Application

Network Security Where we are in the Course Security crosses all layers Application

Network Security Where we are in the Course Security crosses all layers Application Transport Network Link Physical CSE 461 University of Washington 2 Security Threats Security is like performance Means many things

374 views • 13 slides
Network Security Where we are in the Course Security crosses all layers Applicatjon

Network Security Where we are in the Course Security crosses all layers Applicatjon

Network Security Where we are in the Course Security crosses all layers Applicatjon Transport Network Link Physical CSE 461 University of Washington 2 Security Threats Security is like performance Means many things

1.12k views • 92 slides
Chapter 2 Chapter 2 Conventional Encryption Conventional Encryption Message Confidentiality

Chapter 2 Chapter 2 Conventional Encryption Conventional Encryption Message Confidentiality

Chapter 2 Chapter 2 Conventional Encryption Conventional Encryption Message Confidentiality Message Confidentiality Henric Johnson Blekinge Institute of Technology, Sweden http://www.its.bth.se/staff/hjo/ henric.johnson@bth.se Henric

584 views • 26 slides
Network Security: Secret Key Cryptography Henning Schulzrinne Columbia University, New York

Network Security: Secret Key Cryptography Henning Schulzrinne Columbia University, New York

1 Network Security: Secret Key Cryptography Henning Schulzrinne Columbia University, New York schulzrinne@cs.columbia.edu Columbia University, Fall 2000 1999-2000, Henning Schulzrinne c Last modified September 28, 2000 Slide 1 Secret

1.23k views • 16 slides
Kryptographie Data Encryption Standard (DES) Uwe Egly Vienna University of Technology Institute

Kryptographie Data Encryption Standard (DES) Uwe Egly Vienna University of Technology Institute

Kryptographie Data Encryption Standard (DES) Uwe Egly Vienna University of Technology Institute of Information Systems Knowledge-Based Systems Group November 30, 2010 1 / 32 Block Ciphers Block ciphers (BCs) are symmetric-key algorithms

950 views • 32 slides
CS 683 - Security and Privacy Fall 2019 Instructor: Karim Eldefrawy University of San Francisco

CS 683 - Security and Privacy Fall 2019 Instructor: Karim Eldefrawy University of San Francisco

CS 683 - Security and Privacy Fall 2019 Instructor: Karim Eldefrawy University of San Francisco http://www.cs.usfca.edu/~keldefrawy/teaching /fall2019/cs683/cs683_main.htm 1 Mi Midterm rm Revi view (Le Lectures 1-8) 8) 2 Co Comp

730 views • 61 slides
Session 2 Introduction to Cryptography and Symmetric Encryption Sbastien Combfis Fall 2019

Session 2 Introduction to Cryptography and Symmetric Encryption Sbastien Combfis Fall 2019

I5020 Computer Security Session 2 Introduction to Cryptography and Symmetric Encryption Sbastien Combfis Fall 2019 This work is licensed under a Creative Commons Attribution NonCommercial NoDerivatives 4.0 International License.

1.25k views • 49 slides
Von Neumann Execution Model Fetch: send PC to memory transfer instruction from memory

Von Neumann Execution Model Fetch: send PC to memory transfer instruction from memory

Von Neumann Execution Model Fetch: send PC to memory transfer instruction from memory to CPU increment PC Decode & read ALU input sources Execute an ALU operation memory operation branch target calculation

515 views • 22 slides
Dataflow Anomaly Detection Presented By Archana Viswanath Computer Science and Engineering The

Dataflow Anomaly Detection Presented By Archana Viswanath Computer Science and Engineering The

Dataflow Anomaly Detection Presented By Archana Viswanath Computer Science and Engineering The Pennsylvania State University Anomaly Intrusion Detection Systems Anomaly Intrusion Detection Systems Model normal behavior. Attack - Any

417 views • 20 slides
Class 3 Review; questions Basic Analyses (3) Assign (see Schedule for links)

Class 3 Review; questions Basic Analyses (3) Assign (see Schedule for links)

Class 3 Review; questions Basic Analyses (3) Assign (see Schedule for links) Representation and Analysis of Software (Sections 1-5) Additional readings: Data-flow analysis Control/program-dependence analysis

741 views • 26 slides

More recommend