There are bad guys(and girls)out there! Q: What can a bad guy"do? A: a lotl D eavesdrop: intercept messages o actively insert messages into connection o impersonation: can fake(spoof) source address in packet (or any field in packet) hjacking: take over"ongoing connection by removing sender or receiver inserting himself In place o denial of service: prevent service from being used by others(e.g, by overloading resources) more on this later… 361.F2003
Comp 361, Fall 2003 7: Network Security 6 There are bad guys (and girls) out there! Q: What can a “bad guy” do? A: a lot! eavesdrop: intercept messages actively insert messages into connection impersonation: can fake (spoof) source address in packet (or any field in packet) hijacking: “take over” ongoing connection by removing sender or receiver, inserting himself in place denial of service: prevent service from being used by others (e.g., by overloading resources) more on this later ……
Chapter 7 roadmap 7. 1 What is network security 7.2 Principles of cryptography 7.3 Authentication 7.4 Integrity 7.5 Key distribution and certification 7.6 Access control: firewalls 7.7 Attacks and counter measures 7. 8 Security in many layers 361.F2003
Comp 361, Fall 2003 7: Network Security 7 Chapter 7 roadmap 7.1 What is network security? 7.2 Principles of cryptography 7.3 Authentication 7.4 Integrity 7.5 Key Distribution and certification 7.6 Access control: firewalls 7.7 Attacks and counter measures 7.8 Security in many layers
The language of cryptography ⊙A|ices ⊙≥Bobs encryption decryption. s. key key plaintext, encryption_ciphertext decryption plaintext algorithm symmetric key crypto: sender, receiver keys identical public-key crypto: encryption key public, decryption key secret(private) 361.F2003
Comp 361, Fall 2003 7: Network Security 8 The language of cryptography symmetric key crypto: sender, receiver keys identical public-key crypto: encryption key public, decryption key secret (private) plaintext ciphertext plaintext K A encryption algorithm decryption algorithm Alice’s encryption key Bob’s decryption key K B
Symmetric key cryptograph substitution cipher: substituting one thing for another o monoalphabetic cipher: substitute one letter for another plaintext: abcdefghijklmnopqrstuvwxyz ciphertext: mnbvcxzasdfghjklpoiuytrewg E.g. Plaintext: bob. i love you. alice ciphertext: nkn. s gktc wky. mgsbc Q: How hard to break this simple cipher? 口 brute force( how haro? 口 other? 361.F2003
Comp 361, Fall 2003 7: Network Security 9 Symmetric key cryptography substitution cipher: substituting one thing for another monoalphabetic cipher: substitute one letter for another plaintext: abcdefghijklmnopqrstuvwxyz ciphertext: mnbvcxzasdfghjklpoiuytrewq Plaintext: bob. i love you. alice ciphertext: nkn. s gktc wky. mgsbc E.g.: Q: How hard to break this simple cipher?: ❑ brute force (how hard?) ❑ other?
Symmetric key cryptograph A-B B plaintext encryption-ciphertext decryption plaintext message, m algorithm algorithm A A-B、A-B symmetric key crypto: Bob and Alice share know same (symmetric) key: K A-B D eg, key is knowing substitution pattern in mono alphabetic substitution cipher 0 Q: how do bob and alice agree on key value? 361.F2003
Comp 361, Fall 2003 7: Network Security 10 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K e.g., key is knowing substitution pattern in mono alphabetic substitution cipher Q: how do Bob and Alice agree on key value? ciphertext plaintext KA-B encryption algorithm decryption algorithm A-B KA-B plaintext message, m K (m) A-B K (m) A-B m = K ( ) A-B