DOC PREVIEW
MASON ECE 646 - Lecture 14 Security Protocols

This preview shows page 1 out of 4 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 4 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 4 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

1Security ProtocolsECE 646 - Lecture 14Algorithms(e.g., DES, AES, RSA)Security mechanisms(e.g., digital signatures)Security protocols(e.g., S-MIME, SSL, IPSec)Secure Communication Systems(e.g., DMS)CryptographiccomponentNon-cryptographiccomponent(communications,administration,OS security,database security,etc.)100%2Cost of cryptography in the layer model of the Internet Application layerhttp, ftp, e-mailTransport layertcp, udpInternet protocol layeripNetwork access layerethernet, atmPhysical layerS/MIME, PGPSSLIPsecCost of adding cryptographyS/MIME: Secure Electronic E-mail• work on the corresponding Internet standard started by IETF, 1997• multiple products using S/MIME(e.g., Netscape Communicator, Microsoft Outlook, etc.)• enables secure communication between e-mail programsfrom various companiesCompetition: PGP (in the past also PEM, MOSS)Cryptographic algorithms:Triple DES, RC2-40 / RSA, D-H, DSA / SHA-1, MD5• protocol developed by RSA Data Security, Inc. in cooperationwith consortium of several big companies in 19953SSL: Secure WWW• protocol developed by Netscape in 1994• the most widely deployed security protocolSecure browsers, e.g., Netscape, MS ExplorerSecure servers, e.g., Netscape, MicrosoftCompetition: Practically none, in the past S-HTTP, PCT• SSL v. 3.0 in use since 1996, SSL v.2.0 withdrawnSecure Sockets Layer• since 1996 work on the equivalent Internet standard IETFTLS - Transport Layer Security, TLS 1.0 = SSL 3.1Multiple libraries: SSL Ref (Netscape), OpenSSL (open source), SSL Plus (Consensus Development), SSLeay, SSLJava, etc.SSL: Secure WWWCryptographic algorithms:Confidentiality: none, RC4-40, RC2-40, DES-40RC4-128, RC2-128, DES, IDEA, Triple DESDigital signatures: RSA, DSSHash functions: SHA-1, MD5Key agreement: RSA, D-H, Fortezzaclientbrowserserver WWW1. Parameter negotiation2. Server authentication3. Client authentication (only on request)4. Key Exchange5. Confidential and authenticated message exchangeserver4IPsec: Virtual Private Networks (VPN)Local networkSecuritygatewayInternet• local networks may belong to the same or different organizations• security gateways may come from different vendorsRemote userLocal networkLocal networkSecuritygatewaySecuritygatewayVPN = Economic alternative to networks based on leased linesIPsec: Virtual Private Networks (VPN)• S/WAN (Secure Wide Area Network) interoperability test for productsdeveloped by various vendors, 1995• development by IETF (Internet Engineering Task Force) started in 1994, first IPSec version, RFC 1825-29, published in 1995• IPsec required in IPv6, optional w IPv4Algorithms:confidentiality: DES, Triple DES, AES, and othersauthentication: HMAC-MD5, HMAC-SHA-1key agreement: IKECompetition: PPTP


View Full Document

MASON ECE 646 - Lecture 14 Security Protocols

Documents in this Course
Load more
Download Lecture 14 Security Protocols
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Lecture 14 Security Protocols and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Lecture 14 Security Protocols 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?