Better News There are a lot of defense mechanisms We'll study some, but by no means all, in this course It's important to understand their limitations Many security holes are based on misunderstanding Security awareness and user"buy-in"help Other important factors: usability and economIcs 2021/2/3 16
Better News There are a lot of defense mechanisms We’ll study some, but by no means all, in this course It’s important to understand their limitations Many security holes are based on misunderstanding Security awareness and user “buy-in” help Other important factors: usability and economics 2021/2/3 16
Today's Lecture Overview of Network Security Cryptographic hash functions User authentication SSl IPSec IKE Distributed Denial of Service(DDos * Firewa‖l Reading list 2021/2/3
Today’s Lecture Overview of Network Security Cryptographic hash functions User authentication SSL IPSec & IKE Distributed Denial of Service (DDoS) Firewall Reading List 2021/2/3 17
Communication on the Internet M M network Alice Bob Learns m-attack on secrecy Changes M-attack on integrity 2021/2/3
Communication on the Internet 2021/2/3 18 network Learns M – attack on secrecy Alice Bob M M Changes M – attack on integrity M’
Integrity VS Secrecy Integrity attacker cannot tamper with message Encryption may not guarantee integrity Intuition attacker may able to mod lify message under encryption without learning what it is This is recognized by industry standards(e.g PKCS Many encryption schemes provide secrecy AND integrity 2021/2/3
Integrity vs. Secrecy Integrity: attacker cannot tamper with message Encryption may not guarantee integrity! Intuition: attacker may able to modify message under encryption without learning what it is This is recognized by industry standards (e.g., PKCS) Many encryption schemes provide secrecy AND integrity 2021/2/3 19
More on Integrity VIRUS bad File goodWill Che cimes hash(goodFile) BigFirm User Idea: given good File and hash(goodFile) very hard to find badFile such that hash(goodFile)=hash(badFile 2021/2/3 20
More on Integrity 2021/2/3 20 goodFile BigFirm™ User VIRUS badFile The Times hash(goodFile) Idea: given goodFile and hash(goodFile), very hard to find badFile such that hash(goodFile)=hash(badFile