Network Security - PowerPoint PPT Presentation

About This Presentation
Title:

Network Security

Description:

Attempts to gain unauthorized access to computer systems. Encryption Methods ... underlying virtually all automated network and computer security applications is ... – PowerPoint PPT presentation

Number of Views:18
Avg rating:3.0/5.0
Slides: 17
Provided by: dh460
Category:

less

Transcript and Presenter's Notes

Title: Network Security


1
Network Security
2
Security Threats
  • Intercept
  • Interrupt
  • Modification
  • Fabrication

3
Security Threats
  • Passive attacks
  • Eavesdropping on, or monitoring, transmissions
  • Electronic mail, file transfers, and
    client/server exchanges are examples of
    transmissions that can be monitored
  • Active attacks
  • Modification of transmitted data
  • Attempts to gain unauthorized access to computer
    systems

4
Encryption Methods
  • The essential technology underlying virtually all
    automated network and computer security
    applications is cryptography
  • Two fundamental approaches are in use
  • conventional encryption, also known as symmetric
    encryption
  • public-key encryption, also known as asymmetric
    encryption

5
Conventional Encryption
  • The only form of encryption prior to late 1970s
  • Five components to the algorithm
  • Plaintext The original message or data
  • Encryption algorithm Performs various
    substitutions and transformations on the
    plaintext.
  • Secret key Input to the encryption algorithm.
    Substitutions and transformations performed
    depend on this key
  • Ciphertext Scrambled message produced as output.
    depends on the plaintext and the secret key
  • Decryption algorithm Encryption algorithm run in
    reverse. Uses ciphertext and the secret key to
    produce the original plaintext.

6
Conventional Encryption Operation
7
Conventional Encryption Requirements Weaknesses
  • Requirements
  • A strong encryption algorithm
  • Secure process for sender receiver to obtain
    secret keys
  • Methods of Attack
  • Cryptanalysis
  • Brute force

8
Public-Key Encryption
  • Based on mathematical functions rather than on
    simple operations on bit patterns
  • Asymmetric, involving the use of two separate
    keys
  • Misconceptions about public key encryption
  • it is more secure from cryptanalysis
  • it is a general-purpose technique that has made
    conventional encryption obsolete

9
Public-Key Encryption Components
  • Plaintext
  • Encryption algorithm
  • Public key
  • Private key
  • Ciphertext
  • Decryption algorithm

10
Public-Key Encryption Operation
11
Public-Key Signature Operation
12
Characteristics of Public-Key
  • Infeasible to determine the decryption key given
    knowledge of the cryptographic algorithm and the
    encryption key.
  • Either of the two related keys can be used for
    encryption, with the other used for decryption.
  • Slow, but provides tremendous flexibility to
    perform a number of security-related functions
  • Most widely used algorithm is RSA

13
Location of Encryption Devices
  • Link encryption
  • Each vulnerable communications link is equipped
    on both ends with an encryption device.
  • All traffic over all communications links is
    secured.
  • Vulnerable at each switch
  • End-to-end encryption
  • the encryption process is carried out at the two
    end systems.
  • Encrypted data are transmitted unaltered across
    the network to the destination, which shares a
    key with the source to decrypt the data
  • Packet headers cannot be secured

14
Conventional EncryptionKey Distribution
  • Both parties must have the secret key
  • Key is changed frequently
  • Requires either manual delivery of keys, or a
    third-party encrypted channel
  • Most effective method is a Key Distribution
    Center (e.g. Kerberos)

15
Public-Key EncryptionKey Distribution
  • Parties create a pair of keys public key is
    broadly distributed, private key is not
  • To reduce computational overhead, the following
    process is then used
  • 1. Prepare a message.
  • 2. Encrypt that message using conventional
    encryption with a one-time conventional session
    key.
  • 3. Encrypt the session key using public-key
    encryption with recipients public key.
  • 4. Attach the encrypted session key to the
    message and send it.

16
Public Key Certificates
  • 1. A public key is generated by the user and
    submitted to Agency X for certification.
  • 2. X determines by some procedure, such as a
    face-to-face meeting, that this is authentically
    the users public key.
  • 3. X appends a timestamp to the public key,
    generates the hash code of the result, and
    encrypts that result with Xs private key forming
    the signature.
  • 4. The signature is attached to the public key.
Write a Comment
User Comments (0)
About PowerShow.com