August 7, 2009
Principles of network security:
o cryptography and its many uses beyond ￢ﾀﾜconfidentiality￢ﾀ?
o message integrity
o key distribution
Security in practice:
o Security in application, transport, network, link layers
Confidentiality: only sender, intended receiver should ￢ﾀﾜunderstand￢ﾀ? message contents
o sender encrypts message
o receiver decrypts message
Authentication: sender, receiver want to confirm identity of each other.
Message Integrity: sender, receiver want to ensure message not altered (in transit, or afterwards) without detection.
Access and Availability: services must be accessible and available to users.
Hijacking – ￢ﾀﾜtake over￢ﾀ? ongoing connection by removing sender or receiver, inserting himself in place.
Denial of Service : prevent service from being used by others (e.g., by overloading resources).
Symmetric Key Cryptography: Sender,receiver keys identical.
Public key Cryptography: Encryption key public,Decryption key private.
Data Encryption Standard (DES):
o US Encryption standard (NIST 1993)
o 56 ￢ﾀﾓ bit symmetric key,64-bit plain text input.
Advanced encryption standard (AES):
o New symmetric key (NIST) standard,replacing DES.(Nov 2001)
o Processes data in 128 bit blocks.
o 128,192 or 256 bit keys.