1 / 87

Network Security

Network Security. (Course Details) By ASIM SHAHZAD Assistant Professor University Of Engineering And Technology Taxila. Name: Asim Shahzad MS Telecom Engineering (I.C.T) MS Computer Engineering (U.E.T Taxila)

malory
Télécharger la présentation

Network Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network Security (Course Details) By ASIM SHAHZAD Assistant Professor University Of Engineering And Technology Taxila

  2. Name: Asim Shahzad • MS Telecom Engineering (I.C.T) • MS Computer Engineering (U.E.T Taxila) • Currently started PhD in area of Solitons propagation in Fiber Optics Communication from U.E.T Taxila • Email: asimshahzad@uettaxila.edu.pk • Contact no. 0300 9755694

  3. Theme of Course • 1. Module 1 (Cryptography) • Introduction to Security terms and Algorithms • Overview of Symmetric and Asymmetric Cryptographic Algorithms • 2. Module 2 (Security Architectures and Models) • Security in Network • Multilayer Security • 3. Module 3 (Operations Security) • TCSEC (Trusted Computer Security Evaluation Criteria); The Orange Book • Vulnerabilities of Networked Applications • Worms, viruses, malicious codes arriving from networks, attack on infrastructure • 4. Module 4 (Defense Technologies) • Protection of information in transit; Application and Transport Layer security Protocols • Protection of Networked Applications; Firewalls, and IPS • 5. Module 5 (Application and System Development) • Kerberos, IPSec, SSL/TLS (Case Studies) • 6. Module 6 (Security Management) • Security Planning; Physical Security • Disaster Recovery • Law, Investigation, Ethics; Ethical Hacking

  4. Marks Breakdown • Total Marks 150 • External marks 25 • Final 100 • Internal Sessional Work 25 • Passing Marks 75

  5. Two parts of your course . • How to secure data (data security). • How to secure your networks (network security) we start from data security talk about its various aspects .major concern will be ciphers designing.

  6. Desirable Security Properties • Authenticity • Confidentiality • Integrity • Availability • Accountability and non-repudiation • Freshness • Access control • Privacy of collected information

  7. Cryptology • 􀂄 Some Terminologies • 􀂄 Plain text: The original message • 􀂄 Cipher Text: The coded message • 􀂄 Cipher: algorithm for transforming plaintext to cipher text • 􀂄 Key: info used in cipher; known only to sender/receiver • 􀂄 Encipher (encrypt): converting plaintext to cipher text • 􀂄 Decipher (decrypt): recovering cipher text from plaintext

  8. Contd… Cryptography: study of encryption principles/methods. Cryptanalysis (code breaking): the study of principles/ methods of deciphering cipher text without knowing key. Cryptology: the field of both cryptography and cryptanalysis.

  9. Contd.. • 􀂄 Unconditional security No matter how much computer power is available, the cipher cannot be broken since the cipher text provides insufficient information to uniquely determine the corresponding plaintext. • Computational security Given limited computing resources (e.g. time needed for calculations is greater than age of universe), the cipher cannot be broken.

  10. Conventional Encryption Principles • 􀂄 An encryption scheme has five ingredients: • 􀂄 Plaintext • 􀂄 Encryption algorithm • 􀂄 Secret Key • 􀂄 Cipher text • 􀂄 Decryption algorithm • 􀂄 Security depends on the secrecy of the key, not the secrecy of the algorithm

  11. Cryptology Classified along three independent dimensions: 1)Type of encryption operations used for transforming plaintext to cipher text. substitution / transposition / product 2) Number of keys used symmetric - single-key or secret key encryption asymmetric - two-key or public key encryption 3)Way in which plaintext is processed 􀂄 Block 􀂄 stream

  12. Cryptanalysis • Two general approaches to attack an encryption scheme 1) Cryptanalysis. needs encryption algorithm plus some knowledge regarding the plaintext or some sample plain text cipher text pair. 2) Brute-Force attack 􀂄 attacker tries every possible key to decrypt. 􀂄 needs to check so many keys.

  13. Types of Cryptanalysis • 􀂄 Ciphertext only 􀂄 attacker only knows the encryption algorithm & ciphertext • 􀂄 Known plaintext 􀂄 knows the encryption algorithm & ciphertext 􀂄 additionally knows some sample plaintext-ciphertext pairs • 􀂄 Chosen plaintext attacker selects plaintext and obtain ciphertext to attack cipher • 􀂄 Chosen ciphertext 􀂄 select ciphertext and obtain plaintext to attack cipher

  14. Classical Ciphers .Where letters of plaintext are replaced by other letters or by numbers or symbols. .Or if plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit patterns with cipher text bit patterns.

  15. Caesar Cipher • 􀂄 Earliest known substitution cipher • 􀂄 Devised by Julius Caeser. • 􀂄 First attested use in military affairs. • 􀂄 Replaces each letter by 3rd letter of alphabets • 􀂄 Example: • 􀂄 Plaintext: MEET ME AFTER THE TEA PARTY • Cipher text: PHHW PH DIWHU WKH WHD SDUWB

  16. Contd… • 􀂄 We can generalize Caesar cipher as: • 􀂄 C = E( p) = ( p + k) mod (26) • 􀂄 p = D(C) = (C – k) mod (26) • 􀂄 Where k is the offset e.g., 3 as in our • example • 􀂄 p is the letter to be converted into cipher text • and C is cipher text

  17. Cryptanalysis of Caeser Cipher • 􀂄 Only have 26 possible ciphers • 􀂄 A maps to A,B,..Z .Could simply try each in turn i.e., using a brute force search • Given cipher text, just try all shifts of letters

  18. CAUTION: QUIZ AHEAD • You are free to leave the class room but if seated, then please be silent • If eyes tried to tilt to fellows paper; either for correction or for soliciting info will cancel you quiz on immediate basis • Exams also checks ability, honesty, zeal and struggle towards problem solving attitude • Initial thesis: “everyone is honest, unless he proves himself otherwise” • Hope that initial conditions (thesis) will remain steady state

  19. QUIZ NO 01 • 􀂄 Find the plain text and Key from the • given cipher text • 􀂄 Cipher Text: • 􀂄 TUSBCMRK MW HMWLSRIWXC

  20. Attacks, Services and Mechanisms • Security Attack:Any action that compromises the security of information. • Security Mechanism:A mechanism that is designed to detect, prevent, or recover from a security attack. • Security Service:A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms

  21. Security Attacks

More Related