dante-stuart
Uploaded by
27 SLIDES
423 VUES
280LIKES

Comprehensive Overview of Security Protocols in Network Communication

DESCRIPTION

This chapter delves into various security protocols essential for safeguarding network communication. Key concepts such as man-in-the-middle attacks, server-client communication, encryption, and decryption techniques are explored. The chapter features detailed illustrations that explain processes like key exchange, authentication headers, and the role of public and private keys in securing data. Additionally, it discusses the handshake protocols and packet structures that ensure secure communication over the internet. Understanding these protocols is vital for enhancing cybersecurity in modern networks.

1 / 27

Télécharger la présentation

Comprehensive Overview of Security Protocols in Network Communication

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 11Security Protocols Chapter Figures

  2. replay Request Server Client Response Server Client Imposter Server Attacker Communication Networks Figure 11.1 – part 1

  3. Server Imposter Client Man in the middle Client Server Communication Networks Figure 11.1 – part 2

  4. Encryption Decryption C=E (P) Ciphertext Plaintext P P K DK(.) EK(.) Key K Key K Communication Networks Figure 11.2

  5. John to Jane, “let’s talk” Receiver Sender r Ek(r) r´ Ek(r´) Communication Networks Figure 11.3

  6. Encryption Decryption C = EK1(P) P Ciphertext Plaintext P DK2(.) EK2(.) Private key K2 Public key K1 Communication Networks Figure 11.4

  7. Receiver Sender John to Jane, “let’s talk” EK1(r) r Communication Networks Figure 11.5

  8. B A KDC D C Communication Networks Figure 11.6

  9. T = gx Receiver Transmitter R = gy K = Tymod p = gxymod p K = Rxmod p = gxymod p Communication Networks Figure 11.7

  10. T T' Man in the middle Receiver Transmitter R R' K1 = R´x = gxy´ K1 = T y´ = gxy´ K2 = R x´ K2 = T´y = gx´ y = gx´ y Communication Networks Figure 11.8

  11. (a) Internet (b) Internet (c) Internet Communication Networks Figure 11.9

  12. (a) Packet header Authentication header Packet payload Authenticated except for changeable fields (b) Authentication header New header Original header Packet payload In tunnel mode Authenticated except for changeable fields in new header Communication Networks Figure 11.10

  13. Internet Tunnel Communication Networks Figure 11.11

  14. (a) Packet header Encryption header Packet + pad payload Encrypted (b) Encryption header New header Authentication header Packet + pad payload Encrypted (c) New header Original header Packet payload Encryption header In tunnel mode Encrypted Communication Networks Figure 11.12

  15. Initiator Host Responder Host HDR, SA Cookie Request HDR, SA Cookie Response HDR, KE, Ni Key Request HDR, KE, Nr Key Response HDR, IDi, Sigi Signature Request HDR, IDr, Sigr Signature Request Communication Networks Figure 11.13

  16. IPv4 Header AH Upper Layer (e.g., TCP or UDP) Communication Networks Figure 11.14

  17. 0 8 16 31 Next Header Length Reserved Security Parameters Index Sequence Number Authentication Data Communication Networks Figure 11.15

  18. 0 16 24 31 Security Parameters Index Sequence Number Payload Data Padding Pad Length Next Header Authentication Data Communication Networks Figure 11.16

  19. Handshake Protocol HTTP Protocol Alert Protocol Change cipher spec Protocol TLS Record Protocol TCP IP Communication Networks Figure 11.17

  20. Client Server ClientHello ServerHello Certificate* ServerKeyExchange* CertificateRequest* ServerHelloDone Certificate* ClientKeyExchange CertificateVerify* [ChangeCipherSpec] Finished [ChangeCipherSpec] Finished Application Data Application Data Communication Networks Figure 11.18

  21. Communication Networks Figure 11.19

  22. Communication Networks Figure 11.20

  23. Communication Networks Figure 11.21

  24. Frame CRC XOR KEY 802.11 header IV Cyphertext Communication Networks Figure 11.22

  25. 64-bit plaintext 56-bit key Generate 16 per-iteration keys Initial permutation 48-bit Key 1 Iteration 1 48-bit Key 2 Iteration 2 48-bit Key 16 Iteration 16 32-bit swap Inverse permutation 64-bit ciphertext Communication Networks Figure 11.23

  26. Ri-1 Li-1 Li-1 f(Ri-1, K) Ri L1 Communication Networks Figure 11.24

  27. (a) Encryption P1 P2 P3 IV … Encrypt Encrypt Encrypt C1 C2 C3 (b) Decryption C3 C1 C2 … Decrypt Decrypt Decrypt IV P3 P1 P2 Communication Networks Figure 11.25

More Related