Network Security

1
Network Security

• Slides taken from Computer Networking by Kurose
  and Ross

2
Cryptography

• Greek word meaning secret writing
• Historically the study has been utilized by (1)
  the military, (2) diplomatic corps, (3) diarists,
  and (4) lovers
• Ciphers character-for-character transformation
• Code replaces one word with another
• Vocabulary
• plaintext
• key
• ciphertext

3
Network Security

• Friends and enemies Alice, Bob, Trudy

4
Internet security threats

• Packet sniffing
• can read all unencrypted data (e.g. passwords)
• e.g. C sniffs Bs packets

5
Internet security threats

• IP Spoofing
• can generate raw IP packets directly from
  application, putting any value into IP source
  address field
• receiver cant tell if source is spoofed
• e.g. C pretends to be B

6
Encryption Algorithms

• symmetric key crypto sender, receiver keys
  identical
• public-key crypto encrypt key public, decrypt
  key secret

7
Symmetric key cryptography
8
Symmetric key crypto DES

• DES Data Encryption Standard
• US encryption standard NIST 1993
• 56-bit symmetric key, 64 bit plaintext input
• 19 distinct stages
• How secure is DES?
• DES Challenge 56-bit-key-encrypted phrase
  (Strong cryptography makes the world a safer
  place) decrypted (brute force) in 4 months
• making DES more secure
• use three keys sequentially (3-DES) on each datum

9
Public Key Cryptography
symmetric key crypto public key cryptography
requires sender, receiver know shared secret key Q how to agree on key in first place (particularly if never met)? radically different approach Diffie-Hellman76, RSA78 sender, receiver do not share secret key encryption key public (known to all) decryption key private (known only to receiver)
10
Public key cryptography
eR Receivers public encryption key
dR Receivers private encryption key
11
Public key signature
eS Senders private encryption key
dS Senders public encryption key
12
RSA Choosing keys

• Choose two large prime numbers p, q (e.g., 1024
  bits each) which are 2 larger than a multiple of
  3.
• Define KR pq, the public key, and publish it.
• Compute s (1/3)2(p-1)(q-1)1. Keep p, q, and
  s secret s is the secret key.
• 4. Encrypt using the public key of the receiver
  Break message into blocks cube each block
  divide the cubes by KR and send the remainders to
  the receiver as the ciphertext.
• 5. Decrypt using secret key raise each number in
  the ciphertext to the s power, divide each result
  by KR, and reassemble the blocks.

13
Applications

• Secure Shell (SSH) part of the Linux distribution
• Seems to include secure FTP
• PuTTY for Windows machines
• Includes secure FTP
• PGP for secure email
• Internet e-mail encryption scheme, a de-facto
  standard.
• Uses symmetric key cryptography, and public key
  cryptography
• Inventor, Phil Zimmerman, was target of 3-year
  federal investigation.

14
In-class assignment

• Use telnet to connect to your CSCI account.

• Start putty
• Start -gt CSCI Programs-gt Putty

15
In-class assignment

• Login to your csci account
• User Name first 6 letters of last name followed
  by first initial and middle initial
• Password CSCI followed by last 4 digits of
  student id

16
In-class assignment

• Go to your public_html directory
• Use the cd (i.e., change directory) command

17
In-class assignment

• Edit your web page per the recommendations of
  your peer review using the pico editor.

18
In-class assignment

• Your mouse will be useless during your telnet
  session.
• Useful Pico commands appear at the bottom of the
  screen
• represents the control key
• X means hold the control key down and depress
  the x key at the same time