1 / 13

Lecture Topics: 12/06

Lecture Topics: 12/06. SSL Final Exam HW 7 & 8 Important concepts in 410 Other references Evaluations. SSL Question. Why is the nonce sent as clear text? doesn’t having the plaintext and the ciphertext make finding the symmetric key easier?

hfred
Télécharger la présentation

Lecture Topics: 12/06

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Lecture Topics: 12/06 • SSL • Final Exam • HW 7 & 8 • Important concepts in 410 • Other references • Evaluations

  2. SSL Question • Why is the nonce sent as clear text? • doesn’t having the plaintext and the ciphertext make finding the symmetric key easier? • For modern encryption algorithms, having the plaintext and the ciphertext doesn’t help you much • Avoid doing public key cryptography when you can because it’s so expensive

  3. Nonce 1 [Amazon.com, AmazonPubKey]VerisignPubKey 2 [SecretSessionKey]AmazonPubKey 3 Establishing a secure connection with SSL 4 [Credit Card Number]SecretSessionKey [Nonce]SecretSessionKey 5 Simplified SSL • Some additional information is transferred with each message, but this simplified version contains all of the necessary details You

  4. Explanation of Simplified SSL • The client sends the server a nonce to prevent a replay attack, and the server stores this nonce • The server sends the client a certificate, which contains it’s name and public key. This certificate has been digitally signed by Verisign (a trusted third party) • The client chooses a secret (symmetric) session key to use for this connection. It encrypts this key with the server’s public key and sends it to the server. • The server decrypts the session key using it’s private key. It sends the original nonce back to the client encrypted with the session key. The client now has verified that it is actually talking with the correct server, because only the correct server can decrypt the session key sent in step 3. • Any remaining secret communication between the client and server can use the session key. • There is much more to SSL than what is presented here. There are a vast number of options and features.

  5. Final Exam • Wednesday Dec 13th at 8:30-10:20 in Thomson 125 • Mostly over OS topics (85%) • see the review sheet for what you need to know • at least twice as long as the midterm • more difficult than the midterm • Exam based on topics covered in lecture • Review sessions (based on your questions) • Sunday Dec 10th 5:00-7:30 in Johnson 223 • no Seahawks game • Monday Dec 11th 5:00-7:30 in Johnson 119 • Office hours: • Monday no office hours • Tuesday Dec 12th 12:30-4:30 • send me mail if you have questions

  6. Johnson

  7. HW 7 & HW 8 • HW 7 graded out of 95 • mean = 81 • median = 90 • HW 8 graded out of 70 • mean = 60 • median = 61

  8. Grading • Each homework counts 5%, drop one • Programming assignments took more time • best grade out of HW #6, #7, or #9 will count 8% • worst grade of any other homework (after drop) will count 2% • (only if your grade is better under this scheme) • Will email a grade report to everyone by Friday (including everything but HW 9) • HW 9 will be available in my office hours next Tuesday

  9. Key Concepts • Make the common case fast and the uncommon case correct • Caches (common case has locality) • L1 & L2 caches • TLB • File cache • Memory a cache for virtual memory • DNS caches common translations

  10. Key Concepts • Any computer science problem can be solved by adding a layer of indirection • Virtual addresses • Handles (OS must control access) • file handles • process handles • Network file servers (e.g. NFS) • looks like a local disk but it’s across a network • DNS: you want to type www.cnn.com, but IP needs 207.25.71.20

  11. Additional Resources • Architecture • P&H “Computer Organization & Design” is the standard undergrad book • H&P “Computer Architecture: A Quantitative Approach, Second Edition” is the standard graduate book • more advanced topics • Operating Systems • “Inside Windows NT” or “Inside Windows 2000” • “The Design of the UNIX Operating System” • “Design and Implementation of the 4.4 BSD Operating System”

  12. Additional Resources • Networks • “TCP/IP Illustrated Volume 1” Richard Stevens • “Computer Networks: A Systems Approach 2nd Edition” Peterson and Davie • don’t get the first edition • Cryptography • “Applied Cryptography” Bruce Schneier • “Cryptography : Theory and Practice (Discrete Mathematics and Its Applications)” Douglas R. Stinson • Miscellaneous • “Mythical Man-Month” Fred Brooks • “Programming Pearls” Jon Bentley • Perl • “Learning Perl” Schwartz and Christiansen • “Programming Perl” Larry Wall

  13. Thank You • I’ve had a tremendous amount of time teaching this class • a lot of work but worth it • We’ve covered a lot of topics in a short amount of time • we’ve covered most of what is important • hopefully, you’ve learned something • Continue to email me questions about operating systems

More Related