Who might Bob, Alice be? g.. well real-life bobs and alices o Web browser/server for electronic transactions(e., on-line purchases O on-line banking client/server U DNS servers D routers exchanging routing table updates D other examples? Network Security 7-6
Network Security 7-6 Who might Bob, Alice be? … well, real-life Bobs and Alices! Web browser/server for electronic transactions (e.g., on-line purchases) on-line banking client/server DNS servers routers exchanging routing table updates other examples?
There are bad guys(and girls)out there! Q: What can a bad guy"do? A: a lotl D eavesdrop: intercept messages o actively insert messages into connection o impersonation: can fake(spoof) source address in packet (or any field in packet) hjacking: take over"ongoing connection by removing sender or receiver inserting himself In place o denial of service: prevent service from being used by others(e.g, by overloading resources) more on this later… Network Security 7-7
Network Security 7-7 There are bad guys (and girls) out there! Q: What can a “bad guy” do? A: a lot! eavesdrop: intercept messages actively insert messages into connection impersonation: can fake (spoof) source address in packet (or any field in packet) hijacking: “take over” ongoing connection by removing sender or receiver, inserting himself in place denial of service: prevent service from being used by others (e.g., by overloading resources) more on this later ……
Chapter 7 roadmap 7. 1 What is network security 7.2 Principles of cryptography 7.3 Authentication 7.4 Integrity 7.5 Key distribution and certification 7.6 Access control: firewalls 7.7 Attacks and counter measures 7. 8 Security in many layers Network Security 7-8
Network Security 7-8 Chapter 7 roadmap 7.1 What is network security? 7.2 Principles of cryptography 7.3 Authentication 7.4 Integrity 7.5 Key Distribution and certification 7.6 Access control: firewalls 7.7 Attacks and counter measures 7.8 Security in many layers
The language of cryptography ⊙A|ices ⊙≥Bobs encryption decryption. s. key key plaintext, encryption_ciphertext decryption plaintext algorithm symmetric key crypto: sender, receiver keys identical public-key crypto: encryption key public, decryption key secret(private) Network Security 7-9
Network Security 7-9 The language of cryptography symmetric key crypto: sender, receiver keys identical public-key crypto: encryption key public, decryption key secret (private) plaintext ciphertext plaintext K A encryption algorithm decryption algorithm Alice’s encryption key Bob’s decryption key K B
Symmetric key cryptograph substitution cipher: substituting one thing for another o monoalphabetic cipher: substitute one letter for another plaintext: abcdefghijklmnopqrstuvwxyz ciphertext: mnbvcxzasdfghjklpoiuytrewg E.g. Plaintext: bob. i love you. alice ciphertext: nkn. s gktc wky. mgsbc Q: How hard to break this simple cipher? 口 brute force( how haro? 口 other? Network Security 7-10
Network Security 7-10 Symmetric key cryptography substitution cipher: substituting one thing for another monoalphabetic cipher: substitute one letter for another plaintext: abcdefghijklmnopqrstuvwxyz ciphertext: mnbvcxzasdfghjklpoiuytrewq Plaintext: bob. i love you. alice ciphertext: nkn. s gktc wky. mgsbc E.g.: Q: How hard to break this simple cipher?: ❑ brute force (how hard?) ❑ other?