network security. security threats 8intercept 8interrupt 8modification 8fabrication
TRANSCRIPT
Network Security
Security Threats
Intercept Interrupt Modification Fabrication
Security Threats
Passive attacks Eavesdropping on, or monitoring, transmissions Electronic mail, file transfers, and client/server exchanges
are examples of transmissions that can be monitored
Active attacks Modification of transmitted data Attempts to gain unauthorized access to computer
systems
Encryption Methods
The essential technology underlying virtually all automated network and computer security applications is cryptography
Two fundamental approaches are in use: conventional encryption, also known as symmetric
encryption public-key encryption, also known as asymmetric
encryption
Conventional Encryption The only form of encryption prior to late 1970s Five components to the algorithm
Plaintext: The original message or data Encryption algorithm: Performs various substitutions and transformations on
the plaintext. Secret key: Input to the encryption algorithm. Substitutions and
transformations performed depend on this key Ciphertext: Scrambled message produced as output. depends on the plaintext
and the secret key Decryption algorithm: Encryption algorithm run in reverse. Uses ciphertext
and the secret key to produce the original plaintext.
Conventional Encryption Operation
Conventional Encryption Requirements & Weaknesses
Requirements A strong encryption algorithm Secure process for sender & receiver to obtain secret keys
Methods of Attack Cryptanalysis Brute force
Public-Key Encryption
Based on mathematical functions rather than on simple operations on bit patterns
Asymmetric, involving the use of two separate keys Misconceptions about public key encryption
it is more secure from cryptanalysis it is a general-purpose technique that has made
conventional encryption obsolete
Public-Key Encryption Components
Plaintext Encryption algorithm Public key Private key Ciphertext Decryption algorithm
Public-Key Encryption Operation
Public-Key Signature Operation
Characteristics of Public-Key Infeasible to determine the decryption key given
knowledge of the cryptographic algorithm and the encryption key.
Either of the two related keys can be used for encryption, with the other used for decryption.
Slow, but provides tremendous flexibility to perform a number of security-related functions
Most widely used algorithm is RSA
Location of Encryption Devices Link encryption
Each vulnerable communications link is equipped on both ends with an encryption device.
All traffic over all communications links is secured. Vulnerable at each switch
End-to-end encryption the encryption process is carried out at the two end systems. Encrypted data are transmitted unaltered across the network to the
destination, which shares a key with the source to decrypt the data Packet headers cannot be secured
Conventional EncryptionKey Distribution
Both parties must have the secret key Key is changed frequently Requires either manual delivery of keys, or a third-
party encrypted channel Most effective method is a Key Distribution Center
(e.g. Kerberos)
Public-Key EncryptionKey Distribution
Parties create a pair of keys; public key is broadly distributed, private key is not
To reduce computational overhead, the following process is then used:1. Prepare a message.
2. Encrypt that message using conventional encryption with a one-time conventional session key.
3. Encrypt the session key using public-key encryption with recipient’s public key.
4. Attach the encrypted session key to the message and send it.
Public Key Certificates
1. A public key is generated by the user and submitted to Agency X for certification.
2. X determines by some procedure, such as a face-to-face meeting, that this is authentically the user’s public key.
3. X appends a timestamp to the public key, generates the hash code of the result, and encrypts that result with X’s private key forming the signature.
4. The signature is attached to the public key.