SlideShare uma empresa Scribd logo

Stallings Kurose and Ross

Information Security Awareness Group
Information Security Awareness Group

Cryptography by Stallings Kurose and Ross

TecnologiaEducação
1 de 62
1 Cryptography Overview Symmetric Key Cryptography Public Key Cryptography Message integrity and digital signatures References: Stallings Kurose and Ross Network Security: Private Communication in a Public World, Kaufman, Perlman, Speciner
2 Cryptography issues Confidentiality: only sender, intended receiver should “understand” message contents sender encrypts message receiver decrypts message End-Point Authentication: sender, receiver want to confirm identity of each other Message Integrity: sender, receiver want to ensure message not altered (in transit, or afterwards) without detection
3 Friends and enemies: Alice, Bob, Trudy well-known in network security world Bob, Alice (lovers!) want to communicate “securely” Trudy (intruder) may intercept, delete, add messages secure sender secure receiver channel data, control messages data data Alice Bob Trudy
4 Who might Bob, Alice be? … well, real-life Bobs and Alices! Web browser/server for electronic transactions (e.g., on-line purchases) on-line banking client/server DNS servers routers exchanging routing table updates
5 The language of cryptography m plaintext message KA(m) ciphertext, encrypted with key KA m = KB(KA(m)) plaintext plaintextciphertext K A encryption algorithm decryption algorithm Alice’s encryption key Bob’s decryption key K B
6 Simple encryption scheme substitution cipher: substituting one thing for another monoalphabetic cipher: substitute one letter for another plaintext: abcdefghijklmnopqrstuvwxyz ciphertext: mnbvcxzasdfghjklpoiuytrewq Plaintext: bob. i love you. alice ciphertext: nkn. s gktc wky. mgsbc E.g.: Key: the mapping from the set of 26 letters to the set of 26 letters
7 Polyalphabetic encryption n monoalphabetic cyphers, M1,M2,…,Mn Cycling pattern: e.g., n=4, M1,M3,M4,M3,M2; M1,M3,M4,M3,M2; For each new plaintext symbol, use subsequent monoalphabetic pattern in cyclic pattern dog: d from M1, o from M3, g from M4 Key: the n ciphers and the cyclic pattern
8 Breaking an encryption scheme Cipher-text only attack: Trudy has ciphertext that she can analyze Two approaches: Search through all keys: must be able to differentiate resulting plaintext from gibberish Statistical analysis Known-plaintext attack: trudy has some plaintext corresponding to some ciphertext eg, in monoalphabetic cipher, trudy determines pairings for a,l,i,c,e,b,o, Chosen-plaintext attack: trudy can get the cyphertext for some chosen plaintext
9 Types of Cryptography Crypto often uses keys: Algorithm is known to everyone Only “keys” are secret Public key cryptography Involves the use of two keys Symmetric key cryptography Involves the use one key Hash functions Involves the use of no keys Nothing secret: How can this be useful?
10 Cryptography Overview Symmetric Key Cryptography Public Key Cryptography Message integrity and digital signatures References: Stallings Kurose and Ross Network Security: Private Communication in a Public World, Kaufman, Perlman, Speciner
11 Symmetric key cryptography symmetric key crypto: Bob and Alice share same (symmetric) key: K e.g., key is knowing substitution pattern in mono alphabetic substitution cipher Q: how do Bob and Alice agree on key value? plaintextciphertext K S encryption algorithm decryption algorithm S K S plaintext message, m K (m) S m = KS(KS(m))
12 Two types of symmetric ciphers Stream ciphers encrypt one bit at time Block ciphers Break plaintext message in equal-size blocks Encrypt each block as a unit
13 Stream Ciphers Combine each bit of keystream with bit of plaintext to get bit of ciphertext m(i) = ith bit of message ks(i) = ith bit of keystream c(i) = ith bit of ciphertext c(i) = ks(i) ⊕ m(i) (⊕ = exclusive or) m(i) = ks(i) ⊕ c(i) keystream generatorkey keystream pseudo random
14 Problems with stream ciphers Known plain-text attack There’s often predictable and repetitive data in communication messages attacker receives some cipher text c and correctly guesses corresponding plaintext m ks = m ⊕ c Attacker now observes c’, obtained with same sequence ks m’ = ks ⊕ c’ Even easier Attacker obtains two ciphertexts, c and c’, generating with same key sequence c ⊕ c’ = m ⊕ m’ There are well known methods for decrypting 2 plaintexts given their XOR Integrity problem too suppose attacker knows c and m (eg, plaintext attack); wants to change m to m’ calculates c’ = c ⊕ (m ⊕ m’) sends c’ to destination
15 RC4 Stream Cipher RC4 is a popular stream cipher Extensively analyzed and considered good Key can be from 1 to 256 bytes Used in WEP for 802.11 Can be used in SSL
16 Block ciphers Message to be encrypted is processed in blocks of k bits (e.g., 64-bit blocks). 1-to-1 mapping is used to map k-bit block of plaintext to k-bit block of ciphertext Example with k=3: input output 000 110 001 111 010 101 011 100 input output 100 011 101 010 110 000 111 001 What is the ciphertext for 010110001111 ?
17 Block ciphers How many possible mappings are there for k=3? How many 3-bit inputs? How many permutations of the 3-bit inputs? Answer: 40,320 ; not very many! In general, 2k ! mappings; huge for k=64 Problem: Table approach requires table with 264 entries, each entry with 64 bits Table too big: instead use function that simulates a randomly permuted table
18 Prototype function 64-bit input S1 8bits 8 bits S2 8bits 8 bits S3 8bits 8 bits S4 8bits 8 bits S7 8bits 8 bits S6 8bits 8 bits S5 8bits 8 bits S8 8bits 8 bits 64-bit intermediate 64-bit output Loop for n rounds 8-bit to 8-bit mapping From Kaufman et al
19 Why rounds in prototpe? If only a single round, then one bit of input affects at most 8 bits of output. In 2nd round, the 8 affected bits get scattered and inputted into multiple substitution boxes. How many rounds? How many times do you need to shuffle cards Becomes less efficient as n increases
20 Encrypting a large message Why not just break message in 64-bit blocks, encrypt each block separately? If same block of plaintext appears twice, will give same cyphertext. How about: Generate random 64-bit number r(i) for each plaintext block m(i) Calculate c(i) = KS( m(i) ⊕ r(i) ) Transmit c(i), r(i), i=1,2,… At receiver: m(i) = KS(c(i)) ⊕ r(i) Problem: inefficient, need to send c(i) and r(i)
21 Cipher Block Chaining (CBC) CBC generates its own random numbers Have encryption of current block depend on result of previous block c(i) = KS( m(i) ⊕ c(i-1) ) m(i) = KS( c(i)) ⊕ c(i-1) How do we encrypt first block? Initialization vector (IV): random block = c(0) IV does not have to be secret Change IV for each message (or session) Guarantees that even if the same message is sent repeatedly, the ciphertext will be completely different each time
22 Symmetric key crypto: DES DES: Data Encryption Standard US encryption standard [NIST 1993] 56-bit symmetric key, 64-bit plaintext input Block cipher with cipher block chaining How secure is DES? DES Challenge: 56-bit-key-encrypted phrase decrypted (brute force) in less than a day No known good analytic attack making DES more secure: 3DES: encrypt 3 times with 3 different keys (actually encrypt, decrypt, encrypt)
23 Symmetric key crypto: DES initial permutation 16 identical “rounds” of function application, each using different 48 bits of key final permutation DES operation
24 AES: Advanced Encryption Standard new (Nov. 2001) symmetric-key NIST standard, replacing DES processes data in 128 bit blocks 128, 192, or 256 bit keys brute force decryption (try each key) taking 1 sec on DES, takes 149 trillion years for AES
25 Cryptography Overview Symmetric Key Cryptography Public Key Cryptography Message integrity and digital signatures References: Stallings Kurose and Ross Network Security: Private Communication in a Public World, Kaufman, Perlman, Speciner
26 Public Key Cryptography symmetric key crypto requires sender, receiver know shared secret key Q: how to agree on key in first place (particularly if never “met”)? public key cryptography radically different approach [Diffie- Hellman76, RSA78] sender, receiver do not share secret key public encryption key known to all private decryption key known only to receiver
27 Public key cryptography plaintext message, m ciphertextencryption algorithm decryption algorithm Bob’s public key plaintext messageK (m) B + K B + Bob’s private key K B - m = K (K (m))B + B -
28 Public key encryption algorithms need K ( ) and K ( ) such thatB B . . given public key K , it should be impossible to compute private key K B B Requirements: 1 2 RSA: Rivest, Shamir, Adelson algorithm + - K (K (m)) = m BB - + + -
29 Prerequisite: modular arithmetic x mod n = remainder of x when divide by n Facts: [(a mod n) + (b mod n)] mod n = (a+b) mod n [(a mod n) - (b mod n)] mod n = (a-b) mod n [(a mod n) * (b mod n)] mod n = (a*b) mod n Thus (a mod n)d mod n = ad mod n Example: x=14, n=10, d=2: (x mod n)d mod n = 42 mod 10 = 6 xd = 142 = 196 xd mod 10 = 6
30 RSA: getting ready A message is a bit pattern. A bit pattern can be uniquely represented by an integer number. Thus encrypting a message is equivalent to encrypting a number. Example m= 10010001 . This message is uniquely represented by the decimal number 145. To encrypt m, we encrypt the corresponding number, which gives a new number (the cyphertext).
31 RSA: Creating public/private key pair 1. Choose two large prime numbers p, q. (e.g., 1024 bits each) 2. Compute n = pq, z = (p-1)(q-1) 3. Choose e (with e<n) that has no common factors with z. (e, z are “relatively prime”). 4. Choose d such that ed-1 is exactly divisible by z. (in other words: ed mod z = 1 ). 5. Public key is (n,e). Private key is (n,d). KB + KB -
32 RSA: Encryption, decryption 0. Given (n,e) and (n,d) as computed above 1. To encrypt message m (<n), compute c = m mod ne 2. To decrypt received bit pattern, c, compute m = c mod nd m = (m mod n)e mod n dMagic happens! c
33 RSA example: Bob chooses p=5, q=7. Then n=35, z=24. e=5 (so e, z relatively prime). d=29 (so ed-1 exactly divisible by z). bit pattern m me c = m mod ne 0000l000 12 24832 17 c m = c mod nd 17 481968572106750915091411825223071697 12 c d encrypt: decrypt: Encrypting 8-bit messages.
34 Why does RSA work? Must show that cd mod n = m where c = me mod n Fact: for any x and y: xy mod n = x(y mod z) mod n where n= pq and z = (p-1)(q-1) Thus, cd mod n = (me mod n)d mod n = med mod n = m(ed mod z) mod n = m1 mod n = m
35 RSA: another important property The following property will be very useful later: K (K (m)) = m BB - + K (K (m))BB + - = use public key first, followed by private key use private key first, followed by public key Result is the same!
36 Follows directly from modular arithmetic: (me mod n)d mod n = med mod n = mde mod n = (md mod n)e mod n K (K (m)) = m BB - + K (K (m))BB + - =Why ?
37 Why is RSA Secure? Suppose you know Bob’s public key (n,e). How hard is it to determine d? Essentially need to find factors of n without knowing the two factors p and q. Fact: factoring a big number is hard. Generating RSA keys Have to find big primes p and q Approach: make good guess then apply testing rules (see Kaufman)
38 Session keys Exponentiation is computationally intensive DES is at least 100 times faster than RSA Session key, KS Bob and Alice use RSA to exchange a symmetric key KS Once both have KS, they use symmetric key cryptography
39 Diffie-Hellman Allows two entities to agree on shared key. But does not provide encryption p is a large prime; g is a number less than p. p and g are made public Alice and Bob each separately choose 512- bit random numbers, SA and SB. the private keys Alice and Bob compute public keys: TA = gS A mod p ; TB = gS B mod p ;
40 Diffie-Helman (2) Alice and Bob exchange TA and TB in the clear Alice computes (TB)S A mod p Bob computes (TA)S B mod p shared secret: S = (TB)S A mod p = = gS A S B mod p = (TA)S B mod p Even though Trudy might sniff TB and TA, Trudy cannot easily determine S. Problem: Man-in-the-middle attack: Alice doesn’t know for sure that TB came from Bob; may be Trudy instead See Kaufman et al for solutions
41 Diffie-Hellman: Toy Example p = 11 and g = 5 Private keys: SA = 3 and SB = 4 Public keys: TA = gS A mod p = 53 mod 11 = 125 mod 11 = 4 TB = gS B mod p = 54 mod 11 = 625 mod 11 = 9 Exchange public keys & compute shared secret: (TB)S A mod p = 93 mod 11 = 729 mod 11 = 3 (TA)S B mod p = 44 mod 11 = 256 mod 11 = 3 Shared secret: 3 = symmetric key
42 Cryptography Overview Symmetric Key Cryptography Public Key Cryptography Message integrity and digital signatures References: Stallings Kurose and Ross Network Security: Private Communication in a Public World, Kaufman, Perlman, Speciner
43 Message Integrity Allows communicating parties to verify that received messages are authentic. Content of message has not been altered Source of message is who/what you think it is Message has not been artificially delayed (playback attack) Sequence of messages is maintained Let’s first talk about message digests
44 Message Digests Function H( ) that takes as input an arbitrary length message and outputs a fixed-length string: “message signature” Note that H( ) is a many- to-1 function H( ) is often called a “hash function” Desirable properties: Easy to calculate Irreversibility: Can’t determine m from H(m) Collision resistance: Computationally difficult to produce m and m’ such that H(m) = H(m’) Seemingly random output large message m H: Hash Function H(m)
45 Internet checksum: poor message digest Internet checksum has some properties of hash function: produces fixed length digest (16-bit sum) of input is many-to-one But given message with given hash value, it is easy to find another message with same hash value. Example: Simplified checksum: add 4-byte chunks at a time: I O U 1 0 0 . 9 9 B O B 49 4F 55 31 30 30 2E 39 39 42 D2 42 message ASCII format B2 C1 D2 AC I O U 9 0 0 . 1 9 B O B 49 4F 55 39 30 30 2E 31 39 42 D2 42 message ASCII format B2 C1 D2 ACdifferent messages but identical checksums!
46 Hash Function Algorithms MD5 hash function widely used (RFC 1321) computes 128-bit message digest in 4-step process. SHA-1 is also used. US standard [NIST, FIPS PUB 180-1] 160-bit message digest
47 Message Authentication Code (MAC) message H( ) s message message s H( ) compare s = shared secret Authenticates sender Verifies message integrity No encryption ! Also called “keyed hash” Notation: MDm = H(s||m) ; send m||MDm
48 HMAC Popular MAC standard Addresses some subtle security flaws 1. Concatenates secret to front of message. 2. Hashes concatenated message 3. Concatenates the secret to front of digest 4. Hashes the combination again.
49 Example: OSPF Recall that OSPF is an intra-AS routing protocol Each router creates map of entire AS (or area) and runs shortest path algorithm over map. Router receives link- state advertisements (LSAs) from all other routers in AS. Attacks: Message insertion Message deletion Message modification How do we know if an OSPF message is authentic?
50 OSPF Authentication Within an Autonomous System, routers send OSPF messages to each other. OSPF provides authentication choices No authentication Shared password: inserted in clear in 64- bit authentication field in OSPF packet Cryptographic hash Cryptographic hash with MD5 64-bit authentication field includes 32-bit sequence number MD5 is run over a concatenation of the OSPF packet and shared secret key MD5 hash then appended to OSPF packet; encapsulated in IP datagram
End-point authentication Want to be sure of the originator of the message – end-point authentication. Assuming Alice and Bob have a shared secret, will MAC provide message authentication. We do know that Alice created the message. But did she send it? 51
MAC Transfer $1M from Bill to Trudy MAC Transfer $1M from Bill to Trudy Playback attack MAC = f(msg,s)
“I am Alice” R MAC Transfer $1M from Bill to Susan MAC = f(msg,s,R) Defending against playback attack: nonce
54 Digital Signatures Cryptographic technique analogous to hand- written signatures. sender (Bob) digitally signs document, establishing he is document owner/creator. Goal is similar to that of a MAC, except now use public-key cryptography verifiable, nonforgeable: recipient (Alice) can prove to someone that Bob, and no one else (including Alice), must have signed document
55 Digital Signatures Simple digital signature for message m: Bob signs m by encrypting with his private key KB, creating “signed” message, KB(m) -- Dear Alice Oh, how I have missed you. I think of you all the time! …(blah blah blah) Bob Bob’s message, m Public key encryption algorithm Bob’s private key KB - Bob’s message, m, signed (encrypted) with his private key KB - (m)
56 large message m H: Hash function H(m) digital signature (encrypt) Bob’s private key KB - + Bob sends digitally signed message: Alice verifies signature and integrity of digitally signed message: KB(H(m)) - encrypted msg digest KB(H(m)) - encrypted msg digest large message m H: Hash function H(m) digital signature (decrypt) H(m) Bob’s public key KB + equal ? Digital signature = signed message digest
57 Digital Signatures (more) Suppose Alice receives msg m, digital signature KB(m) Alice verifies m signed by Bob by applying Bob’s public key KB to KB(m) then checks KB(KB(m) ) = m. If KB(KB(m) ) = m, whoever signed m must have used Bob’s private key. + + - - - - + Alice thus verifies that: Bob signed m. No one else signed m. Bob signed m and not m’. Non-repudiation:  Alice can take m, and signature KB(m) to court and prove that Bob signed m. -
58 Public-key certification Motivation: Trudy plays pizza prank on Bob Trudy creates e-mail order: Dear Pizza Store, Please deliver to me four pepperoni pizzas. Thank you, Bob Trudy signs order with her private key Trudy sends order to Pizza Store Trudy sends to Pizza Store her public key, but says it’s Bob’s public key. Pizza Store verifies signature; then delivers four pizzas to Bob. Bob doesn’t even like Pepperoni
59 Certification Authorities Certification authority (CA): binds public key to particular entity, E. E (person, router) registers its public key with CA. E provides “proof of identity” to CA. CA creates certificate binding E to its public key. certificate containing E’s public key digitally signed by CA – CA says “this is E’s public key” Bob’s public key KB + Bob’s identifying information digital signature (encrypt) CA private key KCA - KB + certificate for Bob’s public key, signed by CA
60 Certification Authorities When Alice wants Bob’s public key: gets Bob’s certificate (Bob or elsewhere). apply CA’s public key to Bob’s certificate, get Bob’s public key Bob’s public keyKB + digital signature (decrypt) CA public key KCA + KB +
61 Certificates: summary Primary standard X.509 (RFC 2459) Certificate contains: Issuer name Entity name, address, domain name, etc. Entity’s public key Digital signature (signed with issuer’s private key) Public-Key Infrastructure (PKI) Certificates and certification authorities Often considered “heavy”
62 Cryptography Overview Symmetric Key Cryptography Public Key Cryptography Message integrity and digital signatures References: Stallings Kurose and Ross Network Security: Private Communication in a Public World, Kaufman, Perlman, Speciner

Recomendados

6.hash mac
6.hash mac6.hash mac
6.hash macVirendrakumar Dhotre
 
Pkcs 5
Pkcs 5Pkcs 5
Pkcs 5snakesv
 
Data Protection Techniques and Cryptography
Data Protection Techniques and CryptographyData Protection Techniques and Cryptography
Data Protection Techniques and CryptographyTalha SAVAS
 
1329 n 9460
1329 n 94601329 n 9460
1329 n 9460kicknit123
 
Double DES & Triple DES
Double DES & Triple DESDouble DES & Triple DES
Double DES & Triple DESHemant Sharma
 
Cupdf.com public key-cryptography-569692953829a
Cupdf.com public key-cryptography-569692953829aCupdf.com public key-cryptography-569692953829a
Cupdf.com public key-cryptography-569692953829ajsk1950
 
security
securitysecurity
securityIsrael Marcus
 
Hash function
Hash functionHash function
Hash functionHarry Potter
 

Recomendados

6.hash mac
6.hash mac6.hash mac
6.hash macVirendrakumar Dhotre
 
Pkcs 5
Pkcs 5Pkcs 5
Pkcs 5snakesv
 
Data Protection Techniques and Cryptography
Data Protection Techniques and CryptographyData Protection Techniques and Cryptography
Data Protection Techniques and CryptographyTalha SAVAS
 
1329 n 9460
1329 n 94601329 n 9460
1329 n 9460kicknit123
 
Double DES & Triple DES
Double DES & Triple DESDouble DES & Triple DES
Double DES & Triple DESHemant Sharma
 
Cupdf.com public key-cryptography-569692953829a
Cupdf.com public key-cryptography-569692953829aCupdf.com public key-cryptography-569692953829a
Cupdf.com public key-cryptography-569692953829ajsk1950
 
security
securitysecurity
securityIsrael Marcus
 
Hash function
Hash functionHash function
Hash functionHarry Potter
 
Hash Techniques in Cryptography
Hash Techniques in CryptographyHash Techniques in Cryptography
Hash Techniques in CryptographyBasudev Saha
 
Message Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmMessage Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmAjay Karri
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniquesDr.Florence Dayana
 
Trible data encryption standard (3DES)
Trible data encryption standard (3DES)Trible data encryption standard (3DES)
Trible data encryption standard (3DES)Ahmed Mohamed Mahmoud
 
Hash crypto
Hash cryptoHash crypto
Hash cryptoHarry Potter
 
Chapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutanChapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutannewbie2019
 
Secret key cryptography
Secret key cryptographySecret key cryptography
Secret key cryptographyPrabhat Goel
 
Message authentication with md5
Message authentication with md5Message authentication with md5
Message authentication with md5志璿 楊
 
Information and data security cryptographic hash functions
Information and data security cryptographic hash functionsInformation and data security cryptographic hash functions
Information and data security cryptographic hash functionsMazin Alwaaly
 
Conventional Encryption NS2
Conventional Encryption NS2Conventional Encryption NS2
Conventional Encryption NS2koolkampus
 
(Crypto) DES And RSA Algorithms Overview
(Crypto) DES And RSA Algorithms Overview(Crypto) DES And RSA Algorithms Overview
(Crypto) DES And RSA Algorithms OverviewEL Bachir Nouni
 
01204427-Hash_Crypto (1).ppt
01204427-Hash_Crypto (1).ppt01204427-Hash_Crypto (1).ppt
01204427-Hash_Crypto (1).pptGnanalakshmiV
 
CRYPTOGRAPHY & NETWOK SECURITY- Symmetric key Ciphers
CRYPTOGRAPHY & NETWOK SECURITY- Symmetric key CiphersCRYPTOGRAPHY & NETWOK SECURITY- Symmetric key Ciphers
CRYPTOGRAPHY & NETWOK SECURITY- Symmetric key CiphersJyothishmathi Institute of Technology and Science Karimnagar
 
Cs8792 cns - unit iv
Cs8792 cns - unit ivCs8792 cns - unit iv
Cs8792 cns - unit ivArthyR3
 
Hash& mac algorithms
Hash& mac algorithmsHash& mac algorithms
Hash& mac algorithmsHarry Potter
 
Secure hashing algorithm
Secure hashing algorithmSecure hashing algorithm
Secure hashing algorithmKarteek Paruchuri
 
An Introduction to RSA Public-Key Cryptography
An Introduction to RSA Public-Key CryptographyAn Introduction to RSA Public-Key Cryptography
An Introduction to RSA Public-Key CryptographyDavid Boyhan, JD, CIPP
 
network security
network security network security
network security SayantanRoy14
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniquesJanani S
 
network security
network securitynetwork security
network securitySrinivasa Rao
 
Information system security wk5-1-pki
Information system security wk5-1-pkiInformation system security wk5-1-pki
Information system security wk5-1-pkiBee Lalita
 
CMACs and MACS based on block ciphers, Digital signature
CMACs and MACS based on block ciphers, Digital signatureCMACs and MACS based on block ciphers, Digital signature
CMACs and MACS based on block ciphers, Digital signatureAdarsh Patel
 

Mais conteúdo relacionado

Mais procurados

Hash Techniques in Cryptography
Hash Techniques in CryptographyHash Techniques in Cryptography
Hash Techniques in CryptographyBasudev Saha
 
Message Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmMessage Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmAjay Karri
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniquesDr.Florence Dayana
 
Trible data encryption standard (3DES)
Trible data encryption standard (3DES)Trible data encryption standard (3DES)
Trible data encryption standard (3DES)Ahmed Mohamed Mahmoud
 
Chapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutanChapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutannewbie2019
 
Secret key cryptography
Secret key cryptographySecret key cryptography
Secret key cryptographyPrabhat Goel
 
Message authentication with md5
Message authentication with md5Message authentication with md5
Message authentication with md5志璿 楊
 
Information and data security cryptographic hash functions
Information and data security cryptographic hash functionsInformation and data security cryptographic hash functions
Information and data security cryptographic hash functionsMazin Alwaaly
 
Conventional Encryption NS2
Conventional Encryption NS2Conventional Encryption NS2
Conventional Encryption NS2koolkampus
 
(Crypto) DES And RSA Algorithms Overview
(Crypto) DES And RSA Algorithms Overview(Crypto) DES And RSA Algorithms Overview
(Crypto) DES And RSA Algorithms OverviewEL Bachir Nouni
 
01204427-Hash_Crypto (1).ppt
01204427-Hash_Crypto (1).ppt01204427-Hash_Crypto (1).ppt
01204427-Hash_Crypto (1).pptGnanalakshmiV
 
Cs8792 cns - unit iv
Cs8792 cns - unit ivCs8792 cns - unit iv
Cs8792 cns - unit ivArthyR3
 
Hash& mac algorithms
Hash& mac algorithmsHash& mac algorithms
Hash& mac algorithmsHarry Potter
 
An Introduction to RSA Public-Key Cryptography
An Introduction to RSA Public-Key CryptographyAn Introduction to RSA Public-Key Cryptography
An Introduction to RSA Public-Key CryptographyDavid Boyhan, JD, CIPP
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniquesJanani S
 

Mais procurados (19)

Hash Techniques in Cryptography
Hash Techniques in CryptographyHash Techniques in Cryptography
Hash Techniques in Cryptography
 
Message Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmMessage Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 Algorithm
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniques
 
Trible data encryption standard (3DES)
Trible data encryption standard (3DES)Trible data encryption standard (3DES)
Trible data encryption standard (3DES)
 
Hash crypto
Hash cryptoHash crypto
Hash crypto
 
Chapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutanChapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutan
 
Secret key cryptography
Secret key cryptographySecret key cryptography
Secret key cryptography
 
Message authentication with md5
Message authentication with md5Message authentication with md5
Message authentication with md5
 
Information and data security cryptographic hash functions
Information and data security cryptographic hash functionsInformation and data security cryptographic hash functions
Information and data security cryptographic hash functions
 
Conventional Encryption NS2
Conventional Encryption NS2Conventional Encryption NS2
Conventional Encryption NS2
 
(Crypto) DES And RSA Algorithms Overview
(Crypto) DES And RSA Algorithms Overview(Crypto) DES And RSA Algorithms Overview
(Crypto) DES And RSA Algorithms Overview
 
01204427-Hash_Crypto (1).ppt
01204427-Hash_Crypto (1).ppt01204427-Hash_Crypto (1).ppt
01204427-Hash_Crypto (1).ppt
 
CRYPTOGRAPHY & NETWOK SECURITY- Symmetric key Ciphers
CRYPTOGRAPHY & NETWOK SECURITY- Symmetric key CiphersCRYPTOGRAPHY & NETWOK SECURITY- Symmetric key Ciphers
CRYPTOGRAPHY & NETWOK SECURITY- Symmetric key Ciphers
 
Cs8792 cns - unit iv
Cs8792 cns - unit ivCs8792 cns - unit iv
Cs8792 cns - unit iv
 
Hash& mac algorithms
Hash& mac algorithmsHash& mac algorithms
Hash& mac algorithms
 
Secure hashing algorithm
Secure hashing algorithmSecure hashing algorithm
Secure hashing algorithm
 
An Introduction to RSA Public-Key Cryptography
An Introduction to RSA Public-Key CryptographyAn Introduction to RSA Public-Key Cryptography
An Introduction to RSA Public-Key Cryptography
 
network security
network security network security
network security
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniques
 

Destaque

Information system security wk5-1-pki
Information system security wk5-1-pkiInformation system security wk5-1-pki
Information system security wk5-1-pkiBee Lalita
 
CMACs and MACS based on block ciphers, Digital signature
CMACs and MACS based on block ciphers, Digital signatureCMACs and MACS based on block ciphers, Digital signature
CMACs and MACS based on block ciphers, Digital signatureAdarsh Patel
 
What is digital signature or DSC
What is digital signature or DSCWhat is digital signature or DSC
What is digital signature or DSCAdv Prashant Mali
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 

Destaque (8)

network security
network securitynetwork security
network security
 
Information system security wk5-1-pki
Information system security wk5-1-pkiInformation system security wk5-1-pki
Information system security wk5-1-pki
 
CMACs and MACS based on block ciphers, Digital signature
CMACs and MACS based on block ciphers, Digital signatureCMACs and MACS based on block ciphers, Digital signature
CMACs and MACS based on block ciphers, Digital signature
 
What is digital signature or DSC
What is digital signature or DSCWhat is digital signature or DSC
What is digital signature or DSC
 
Security
SecuritySecurity
Security
 
Cryptography and Network Security William Stallings Lawrie Brown
Cryptography and Network Security William Stallings Lawrie BrownCryptography and Network Security William Stallings Lawrie Brown
Cryptography and Network Security William Stallings Lawrie Brown
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, ...
Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, ...Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, ...
Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, ...
 

Semelhante a Stallings Kurose and Ross

Jaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batchJaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batchJaimin Jani
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_cryptoHarry Potter
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_cryptoJames Wong
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_cryptoYoung Alista
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_cryptoDavid Hoen
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_cryptoTony Nguyen
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_cryptoLuis Goldster
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_cryptoFraboni Ec
 
02 Information System Security
02 Information System Security02 Information System Security
02 Information System SecurityShu Shin
 
Chapter 8 - Computer Networking a top-down Approach 7th
Chapter 8 - Computer Networking a top-down Approach 7thChapter 8 - Computer Networking a top-down Approach 7th
Chapter 8 - Computer Networking a top-down Approach 7thAndy Juan Sarango Veliz
 
Cryptography Key Management.pptx
Cryptography Key Management.pptxCryptography Key Management.pptx
Cryptography Key Management.pptxSurendraBasnet6
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network securityNagendra Um
 
introduction to cryptography
introduction to cryptographyintroduction to cryptography
introduction to cryptographyPriyamvada Singh
 
introduction to cryptography (basics of it)
introduction to cryptography (basics of it)introduction to cryptography (basics of it)
introduction to cryptography (basics of it)neonaveen
 

Semelhante a Stallings Kurose and Ross (20)

Jaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batchJaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batch
 
20CS2008 Computer Networks
20CS2008 Computer Networks 20CS2008 Computer Networks
20CS2008 Computer Networks
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
 
02 Information System Security
02 Information System Security02 Information System Security
02 Information System Security
 
Chapter 8 - Computer Networking a top-down Approach 7th
Chapter 8 - Computer Networking a top-down Approach 7thChapter 8 - Computer Networking a top-down Approach 7th
Chapter 8 - Computer Networking a top-down Approach 7th
 
Cryptography Key Management.pptx
Cryptography Key Management.pptxCryptography Key Management.pptx
Cryptography Key Management.pptx
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network security
 
introduction to cryptography
introduction to cryptographyintroduction to cryptography
introduction to cryptography
 
Digital signatures
Digital signaturesDigital signatures
Digital signatures
 
Encryption
EncryptionEncryption
Encryption
 
Digital signatures
Digital signaturesDigital signatures
Digital signatures
 
crypto1.ppt
crypto1.pptcrypto1.ppt
crypto1.ppt
 
needed.ppt
needed.pptneeded.ppt
needed.ppt
 
introduction to cryptography (basics of it)
introduction to cryptography (basics of it)introduction to cryptography (basics of it)
introduction to cryptography (basics of it)
 

Mais de Information Security Awareness Group

Securing the Data in Big Data Security Analytics by Kevin Bowers, Nikos Trian...
Securing the Data in Big Data Security Analytics by Kevin Bowers, Nikos Trian...Securing the Data in Big Data Security Analytics by Kevin Bowers, Nikos Trian...
Securing the Data in Big Data Security Analytics by Kevin Bowers, Nikos Trian...Information Security Awareness Group
 
Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf...
Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf... Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf...
Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf...Information Security Awareness Group
 
Mobile Devices – Using Without Losing Mark K. Mellis, Associate Information S...
Mobile Devices – Using Without Losing Mark K. Mellis, Associate Information S...Mobile Devices – Using Without Losing Mark K. Mellis, Associate Information S...
Mobile Devices – Using Without Losing Mark K. Mellis, Associate Information S...Information Security Awareness Group
 
Addressing Big Data Security Challenges: The Right Tools for Smart Protection...
Addressing Big Data Security Challenges: The Right Tools for Smart Protection...Addressing Big Data Security Challenges: The Right Tools for Smart Protection...
Addressing Big Data Security Challenges: The Right Tools for Smart Protection...Information Security Awareness Group
 
Big data analysis concepts and references by Cloud Security Alliance
Big data analysis concepts and references by Cloud Security AllianceBig data analysis concepts and references by Cloud Security Alliance
Big data analysis concepts and references by Cloud Security AllianceInformation Security Awareness Group
 
Authorization Policy in a PKI Environment Mary Thompson Srilekha Mudumbai A...
Authorization Policy in a PKI Environment Mary Thompson Srilekha Mudumbai A... Authorization Policy in a PKI Environment Mary Thompson Srilekha Mudumbai A...
Authorization Policy in a PKI Environment Mary Thompson Srilekha Mudumbai A...Information Security Awareness Group
 
Introduction to distributed security concepts and public key infrastructure m...
Introduction to distributed security concepts and public key infrastructure m...Introduction to distributed security concepts and public key infrastructure m...
Introduction to distributed security concepts and public key infrastructure m...Information Security Awareness Group
 
OThe Open Science Grid: Concepts and Patterns Ruth Pordes, Mine Altunay, Bria...
OThe Open Science Grid: Concepts and Patterns Ruth Pordes, Mine Altunay, Bria...OThe Open Science Grid: Concepts and Patterns Ruth Pordes, Mine Altunay, Bria...
OThe Open Science Grid: Concepts and Patterns Ruth Pordes, Mine Altunay, Bria...Information Security Awareness Group
 
Optimal Security Response to Attacks on Open Science Grids Mine Altunay, Sven...
Optimal Security Response to Attacks on Open Science Grids Mine Altunay, Sven...Optimal Security Response to Attacks on Open Science Grids Mine Altunay, Sven...
Optimal Security Response to Attacks on Open Science Grids Mine Altunay, Sven...Information Security Awareness Group
 

Mais de Information Security Awareness Group (20)

Securing the Data in Big Data Security Analytics by Kevin Bowers, Nikos Trian...
Securing the Data in Big Data Security Analytics by Kevin Bowers, Nikos Trian...Securing the Data in Big Data Security Analytics by Kevin Bowers, Nikos Trian...
Securing the Data in Big Data Security Analytics by Kevin Bowers, Nikos Trian...
 
Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf...
Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf... Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf...
Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf...
 
Mobile Devices – Using Without Losing Mark K. Mellis, Associate Information S...
Mobile Devices – Using Without Losing Mark K. Mellis, Associate Information S...Mobile Devices – Using Without Losing Mark K. Mellis, Associate Information S...
Mobile Devices – Using Without Losing Mark K. Mellis, Associate Information S...
 
IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,
 
Addressing Big Data Security Challenges: The Right Tools for Smart Protection...
Addressing Big Data Security Challenges: The Right Tools for Smart Protection...Addressing Big Data Security Challenges: The Right Tools for Smart Protection...
Addressing Big Data Security Challenges: The Right Tools for Smart Protection...
 
Big data analysis concepts and references by Cloud Security Alliance
Big data analysis concepts and references by Cloud Security AllianceBig data analysis concepts and references by Cloud Security Alliance
Big data analysis concepts and references by Cloud Security Alliance
 
Big data analysis concepts and references
Big data analysis concepts and referencesBig data analysis concepts and references
Big data analysis concepts and references
 
PKI by Tim Polk
PKI by Tim PolkPKI by Tim Polk
PKI by Tim Polk
 
Authorization Policy in a PKI Environment Mary Thompson Srilekha Mudumbai A...
Authorization Policy in a PKI Environment Mary Thompson Srilekha Mudumbai A... Authorization Policy in a PKI Environment Mary Thompson Srilekha Mudumbai A...
Authorization Policy in a PKI Environment Mary Thompson Srilekha Mudumbai A...
 
Pki by Steve Lamb
Pki by Steve LambPki by Steve Lamb
Pki by Steve Lamb
 
PKI by Gene Itkis
PKI by Gene ItkisPKI by Gene Itkis
PKI by Gene Itkis
 
Introduction to distributed security concepts and public key infrastructure m...
Introduction to distributed security concepts and public key infrastructure m...Introduction to distributed security concepts and public key infrastructure m...
Introduction to distributed security concepts and public key infrastructure m...
 
OThe Open Science Grid: Concepts and Patterns Ruth Pordes, Mine Altunay, Bria...
OThe Open Science Grid: Concepts and Patterns Ruth Pordes, Mine Altunay, Bria...OThe Open Science Grid: Concepts and Patterns Ruth Pordes, Mine Altunay, Bria...
OThe Open Science Grid: Concepts and Patterns Ruth Pordes, Mine Altunay, Bria...
 
Optimal Security Response to Attacks on Open Science Grids Mine Altunay, Sven...
Optimal Security Response to Attacks on Open Science Grids Mine Altunay, Sven...Optimal Security Response to Attacks on Open Science Grids Mine Altunay, Sven...
Optimal Security Response to Attacks on Open Science Grids Mine Altunay, Sven...
 
THE OPEN SCIENCE GRID Ruth Pordes
THE OPEN SCIENCE GRID Ruth PordesTHE OPEN SCIENCE GRID Ruth Pordes
THE OPEN SCIENCE GRID Ruth Pordes
 
Open Science Grid security-atlas-t2 Bob Cowles
Open Science Grid security-atlas-t2 Bob CowlesOpen Science Grid security-atlas-t2 Bob Cowles
Open Science Grid security-atlas-t2 Bob Cowles
 
Security Open Science Grid Doug Olson
Security Open Science Grid Doug OlsonSecurity Open Science Grid Doug Olson
Security Open Science Grid Doug Olson
 
Open Science Group Security Kevin Hill
Open Science Group Security Kevin HillOpen Science Group Security Kevin Hill
Open Science Group Security Kevin Hill
 
Xrootd proxies Andrew Hanushevsky
Xrootd proxies Andrew HanushevskyXrootd proxies Andrew Hanushevsky
Xrootd proxies Andrew Hanushevsky
 
Privilege Project Vikram Andem
Privilege Project Vikram AndemPrivilege Project Vikram Andem
Privilege Project Vikram Andem
 

Último

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Principled Technologies
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 

Último (20)

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 

Stallings Kurose and Ross

  • 1. 1 Cryptography Overview Symmetric Key Cryptography Public Key Cryptography Message integrity and digital signatures References: Stallings Kurose and Ross Network Security: Private Communication in a Public World, Kaufman, Perlman, Speciner
  • 2. 2 Cryptography issues Confidentiality: only sender, intended receiver should “understand” message contents sender encrypts message receiver decrypts message End-Point Authentication: sender, receiver want to confirm identity of each other Message Integrity: sender, receiver want to ensure message not altered (in transit, or afterwards) without detection
  • 3. 3 Friends and enemies: Alice, Bob, Trudy well-known in network security world Bob, Alice (lovers!) want to communicate “securely” Trudy (intruder) may intercept, delete, add messages secure sender secure receiver channel data, control messages data data Alice Bob Trudy
  • 4. 4 Who might Bob, Alice be? … well, real-life Bobs and Alices! Web browser/server for electronic transactions (e.g., on-line purchases) on-line banking client/server DNS servers routers exchanging routing table updates
  • 5. 5 The language of cryptography m plaintext message KA(m) ciphertext, encrypted with key KA m = KB(KA(m)) plaintext plaintextciphertext K A encryption algorithm decryption algorithm Alice’s encryption key Bob’s decryption key K B
  • 6. 6 Simple encryption scheme substitution cipher: substituting one thing for another monoalphabetic cipher: substitute one letter for another plaintext: abcdefghijklmnopqrstuvwxyz ciphertext: mnbvcxzasdfghjklpoiuytrewq Plaintext: bob. i love you. alice ciphertext: nkn. s gktc wky. mgsbc E.g.: Key: the mapping from the set of 26 letters to the set of 26 letters
  • 7. 7 Polyalphabetic encryption n monoalphabetic cyphers, M1,M2,…,Mn Cycling pattern: e.g., n=4, M1,M3,M4,M3,M2; M1,M3,M4,M3,M2; For each new plaintext symbol, use subsequent monoalphabetic pattern in cyclic pattern dog: d from M1, o from M3, g from M4 Key: the n ciphers and the cyclic pattern
  • 8. 8 Breaking an encryption scheme Cipher-text only attack: Trudy has ciphertext that she can analyze Two approaches: Search through all keys: must be able to differentiate resulting plaintext from gibberish Statistical analysis Known-plaintext attack: trudy has some plaintext corresponding to some ciphertext eg, in monoalphabetic cipher, trudy determines pairings for a,l,i,c,e,b,o, Chosen-plaintext attack: trudy can get the cyphertext for some chosen plaintext
  • 9. 9 Types of Cryptography Crypto often uses keys: Algorithm is known to everyone Only “keys” are secret Public key cryptography Involves the use of two keys Symmetric key cryptography Involves the use one key Hash functions Involves the use of no keys Nothing secret: How can this be useful?
  • 10. 10 Cryptography Overview Symmetric Key Cryptography Public Key Cryptography Message integrity and digital signatures References: Stallings Kurose and Ross Network Security: Private Communication in a Public World, Kaufman, Perlman, Speciner
  • 11. 11 Symmetric key cryptography symmetric key crypto: Bob and Alice share same (symmetric) key: K e.g., key is knowing substitution pattern in mono alphabetic substitution cipher Q: how do Bob and Alice agree on key value? plaintextciphertext K S encryption algorithm decryption algorithm S K S plaintext message, m K (m) S m = KS(KS(m))
  • 12. 12 Two types of symmetric ciphers Stream ciphers encrypt one bit at time Block ciphers Break plaintext message in equal-size blocks Encrypt each block as a unit
  • 13. 13 Stream Ciphers Combine each bit of keystream with bit of plaintext to get bit of ciphertext m(i) = ith bit of message ks(i) = ith bit of keystream c(i) = ith bit of ciphertext c(i) = ks(i) ⊕ m(i) (⊕ = exclusive or) m(i) = ks(i) ⊕ c(i) keystream generatorkey keystream pseudo random
  • 14. 14 Problems with stream ciphers Known plain-text attack There’s often predictable and repetitive data in communication messages attacker receives some cipher text c and correctly guesses corresponding plaintext m ks = m ⊕ c Attacker now observes c’, obtained with same sequence ks m’ = ks ⊕ c’ Even easier Attacker obtains two ciphertexts, c and c’, generating with same key sequence c ⊕ c’ = m ⊕ m’ There are well known methods for decrypting 2 plaintexts given their XOR Integrity problem too suppose attacker knows c and m (eg, plaintext attack); wants to change m to m’ calculates c’ = c ⊕ (m ⊕ m’) sends c’ to destination
  • 15. 15 RC4 Stream Cipher RC4 is a popular stream cipher Extensively analyzed and considered good Key can be from 1 to 256 bytes Used in WEP for 802.11 Can be used in SSL
  • 16. 16 Block ciphers Message to be encrypted is processed in blocks of k bits (e.g., 64-bit blocks). 1-to-1 mapping is used to map k-bit block of plaintext to k-bit block of ciphertext Example with k=3: input output 000 110 001 111 010 101 011 100 input output 100 011 101 010 110 000 111 001 What is the ciphertext for 010110001111 ?
  • 17. 17 Block ciphers How many possible mappings are there for k=3? How many 3-bit inputs? How many permutations of the 3-bit inputs? Answer: 40,320 ; not very many! In general, 2k ! mappings; huge for k=64 Problem: Table approach requires table with 264 entries, each entry with 64 bits Table too big: instead use function that simulates a randomly permuted table
  • 18. 18 Prototype function 64-bit input S1 8bits 8 bits S2 8bits 8 bits S3 8bits 8 bits S4 8bits 8 bits S7 8bits 8 bits S6 8bits 8 bits S5 8bits 8 bits S8 8bits 8 bits 64-bit intermediate 64-bit output Loop for n rounds 8-bit to 8-bit mapping From Kaufman et al
  • 19. 19 Why rounds in prototpe? If only a single round, then one bit of input affects at most 8 bits of output. In 2nd round, the 8 affected bits get scattered and inputted into multiple substitution boxes. How many rounds? How many times do you need to shuffle cards Becomes less efficient as n increases
  • 20. 20 Encrypting a large message Why not just break message in 64-bit blocks, encrypt each block separately? If same block of plaintext appears twice, will give same cyphertext. How about: Generate random 64-bit number r(i) for each plaintext block m(i) Calculate c(i) = KS( m(i) ⊕ r(i) ) Transmit c(i), r(i), i=1,2,… At receiver: m(i) = KS(c(i)) ⊕ r(i) Problem: inefficient, need to send c(i) and r(i)
  • 21. 21 Cipher Block Chaining (CBC) CBC generates its own random numbers Have encryption of current block depend on result of previous block c(i) = KS( m(i) ⊕ c(i-1) ) m(i) = KS( c(i)) ⊕ c(i-1) How do we encrypt first block? Initialization vector (IV): random block = c(0) IV does not have to be secret Change IV for each message (or session) Guarantees that even if the same message is sent repeatedly, the ciphertext will be completely different each time
  • 22. 22 Symmetric key crypto: DES DES: Data Encryption Standard US encryption standard [NIST 1993] 56-bit symmetric key, 64-bit plaintext input Block cipher with cipher block chaining How secure is DES? DES Challenge: 56-bit-key-encrypted phrase decrypted (brute force) in less than a day No known good analytic attack making DES more secure: 3DES: encrypt 3 times with 3 different keys (actually encrypt, decrypt, encrypt)
  • 23. 23 Symmetric key crypto: DES initial permutation 16 identical “rounds” of function application, each using different 48 bits of key final permutation DES operation
  • 24. 24 AES: Advanced Encryption Standard new (Nov. 2001) symmetric-key NIST standard, replacing DES processes data in 128 bit blocks 128, 192, or 256 bit keys brute force decryption (try each key) taking 1 sec on DES, takes 149 trillion years for AES
  • 25. 25 Cryptography Overview Symmetric Key Cryptography Public Key Cryptography Message integrity and digital signatures References: Stallings Kurose and Ross Network Security: Private Communication in a Public World, Kaufman, Perlman, Speciner
  • 26. 26 Public Key Cryptography symmetric key crypto requires sender, receiver know shared secret key Q: how to agree on key in first place (particularly if never “met”)? public key cryptography radically different approach [Diffie- Hellman76, RSA78] sender, receiver do not share secret key public encryption key known to all private decryption key known only to receiver
  • 27. 27 Public key cryptography plaintext message, m ciphertextencryption algorithm decryption algorithm Bob’s public key plaintext messageK (m) B + K B + Bob’s private key K B - m = K (K (m))B + B -
  • 28. 28 Public key encryption algorithms need K ( ) and K ( ) such thatB B . . given public key K , it should be impossible to compute private key K B B Requirements: 1 2 RSA: Rivest, Shamir, Adelson algorithm + - K (K (m)) = m BB - + + -
  • 29. 29 Prerequisite: modular arithmetic x mod n = remainder of x when divide by n Facts: [(a mod n) + (b mod n)] mod n = (a+b) mod n [(a mod n) - (b mod n)] mod n = (a-b) mod n [(a mod n) * (b mod n)] mod n = (a*b) mod n Thus (a mod n)d mod n = ad mod n Example: x=14, n=10, d=2: (x mod n)d mod n = 42 mod 10 = 6 xd = 142 = 196 xd mod 10 = 6
  • 30. 30 RSA: getting ready A message is a bit pattern. A bit pattern can be uniquely represented by an integer number. Thus encrypting a message is equivalent to encrypting a number. Example m= 10010001 . This message is uniquely represented by the decimal number 145. To encrypt m, we encrypt the corresponding number, which gives a new number (the cyphertext).
  • 31. 31 RSA: Creating public/private key pair 1. Choose two large prime numbers p, q. (e.g., 1024 bits each) 2. Compute n = pq, z = (p-1)(q-1) 3. Choose e (with e<n) that has no common factors with z. (e, z are “relatively prime”). 4. Choose d such that ed-1 is exactly divisible by z. (in other words: ed mod z = 1 ). 5. Public key is (n,e). Private key is (n,d). KB + KB -
  • 32. 32 RSA: Encryption, decryption 0. Given (n,e) and (n,d) as computed above 1. To encrypt message m (<n), compute c = m mod ne 2. To decrypt received bit pattern, c, compute m = c mod nd m = (m mod n)e mod n dMagic happens! c
  • 33. 33 RSA example: Bob chooses p=5, q=7. Then n=35, z=24. e=5 (so e, z relatively prime). d=29 (so ed-1 exactly divisible by z). bit pattern m me c = m mod ne 0000l000 12 24832 17 c m = c mod nd 17 481968572106750915091411825223071697 12 c d encrypt: decrypt: Encrypting 8-bit messages.
  • 34. 34 Why does RSA work? Must show that cd mod n = m where c = me mod n Fact: for any x and y: xy mod n = x(y mod z) mod n where n= pq and z = (p-1)(q-1) Thus, cd mod n = (me mod n)d mod n = med mod n = m(ed mod z) mod n = m1 mod n = m
  • 35. 35 RSA: another important property The following property will be very useful later: K (K (m)) = m BB - + K (K (m))BB + - = use public key first, followed by private key use private key first, followed by public key Result is the same!
  • 36. 36 Follows directly from modular arithmetic: (me mod n)d mod n = med mod n = mde mod n = (md mod n)e mod n K (K (m)) = m BB - + K (K (m))BB + - =Why ?
  • 37. 37 Why is RSA Secure? Suppose you know Bob’s public key (n,e). How hard is it to determine d? Essentially need to find factors of n without knowing the two factors p and q. Fact: factoring a big number is hard. Generating RSA keys Have to find big primes p and q Approach: make good guess then apply testing rules (see Kaufman)
  • 38. 38 Session keys Exponentiation is computationally intensive DES is at least 100 times faster than RSA Session key, KS Bob and Alice use RSA to exchange a symmetric key KS Once both have KS, they use symmetric key cryptography
  • 39. 39 Diffie-Hellman Allows two entities to agree on shared key. But does not provide encryption p is a large prime; g is a number less than p. p and g are made public Alice and Bob each separately choose 512- bit random numbers, SA and SB. the private keys Alice and Bob compute public keys: TA = gS A mod p ; TB = gS B mod p ;
  • 40. 40 Diffie-Helman (2) Alice and Bob exchange TA and TB in the clear Alice computes (TB)S A mod p Bob computes (TA)S B mod p shared secret: S = (TB)S A mod p = = gS A S B mod p = (TA)S B mod p Even though Trudy might sniff TB and TA, Trudy cannot easily determine S. Problem: Man-in-the-middle attack: Alice doesn’t know for sure that TB came from Bob; may be Trudy instead See Kaufman et al for solutions
  • 41. 41 Diffie-Hellman: Toy Example p = 11 and g = 5 Private keys: SA = 3 and SB = 4 Public keys: TA = gS A mod p = 53 mod 11 = 125 mod 11 = 4 TB = gS B mod p = 54 mod 11 = 625 mod 11 = 9 Exchange public keys & compute shared secret: (TB)S A mod p = 93 mod 11 = 729 mod 11 = 3 (TA)S B mod p = 44 mod 11 = 256 mod 11 = 3 Shared secret: 3 = symmetric key
  • 42. 42 Cryptography Overview Symmetric Key Cryptography Public Key Cryptography Message integrity and digital signatures References: Stallings Kurose and Ross Network Security: Private Communication in a Public World, Kaufman, Perlman, Speciner
  • 43. 43 Message Integrity Allows communicating parties to verify that received messages are authentic. Content of message has not been altered Source of message is who/what you think it is Message has not been artificially delayed (playback attack) Sequence of messages is maintained Let’s first talk about message digests
  • 44. 44 Message Digests Function H( ) that takes as input an arbitrary length message and outputs a fixed-length string: “message signature” Note that H( ) is a many- to-1 function H( ) is often called a “hash function” Desirable properties: Easy to calculate Irreversibility: Can’t determine m from H(m) Collision resistance: Computationally difficult to produce m and m’ such that H(m) = H(m’) Seemingly random output large message m H: Hash Function H(m)
  • 45. 45 Internet checksum: poor message digest Internet checksum has some properties of hash function: produces fixed length digest (16-bit sum) of input is many-to-one But given message with given hash value, it is easy to find another message with same hash value. Example: Simplified checksum: add 4-byte chunks at a time: I O U 1 0 0 . 9 9 B O B 49 4F 55 31 30 30 2E 39 39 42 D2 42 message ASCII format B2 C1 D2 AC I O U 9 0 0 . 1 9 B O B 49 4F 55 39 30 30 2E 31 39 42 D2 42 message ASCII format B2 C1 D2 ACdifferent messages but identical checksums!
  • 46. 46 Hash Function Algorithms MD5 hash function widely used (RFC 1321) computes 128-bit message digest in 4-step process. SHA-1 is also used. US standard [NIST, FIPS PUB 180-1] 160-bit message digest
  • 47. 47 Message Authentication Code (MAC) message H( ) s message message s H( ) compare s = shared secret Authenticates sender Verifies message integrity No encryption ! Also called “keyed hash” Notation: MDm = H(s||m) ; send m||MDm
  • 48. 48 HMAC Popular MAC standard Addresses some subtle security flaws 1. Concatenates secret to front of message. 2. Hashes concatenated message 3. Concatenates the secret to front of digest 4. Hashes the combination again.
  • 49. 49 Example: OSPF Recall that OSPF is an intra-AS routing protocol Each router creates map of entire AS (or area) and runs shortest path algorithm over map. Router receives link- state advertisements (LSAs) from all other routers in AS. Attacks: Message insertion Message deletion Message modification How do we know if an OSPF message is authentic?
  • 50. 50 OSPF Authentication Within an Autonomous System, routers send OSPF messages to each other. OSPF provides authentication choices No authentication Shared password: inserted in clear in 64- bit authentication field in OSPF packet Cryptographic hash Cryptographic hash with MD5 64-bit authentication field includes 32-bit sequence number MD5 is run over a concatenation of the OSPF packet and shared secret key MD5 hash then appended to OSPF packet; encapsulated in IP datagram
  • 51. End-point authentication Want to be sure of the originator of the message – end-point authentication. Assuming Alice and Bob have a shared secret, will MAC provide message authentication. We do know that Alice created the message. But did she send it? 51
  • 52. MAC Transfer $1M from Bill to Trudy MAC Transfer $1M from Bill to Trudy Playback attack MAC = f(msg,s)
  • 53. “I am Alice” R MAC Transfer $1M from Bill to Susan MAC = f(msg,s,R) Defending against playback attack: nonce
  • 54. 54 Digital Signatures Cryptographic technique analogous to hand- written signatures. sender (Bob) digitally signs document, establishing he is document owner/creator. Goal is similar to that of a MAC, except now use public-key cryptography verifiable, nonforgeable: recipient (Alice) can prove to someone that Bob, and no one else (including Alice), must have signed document
  • 55. 55 Digital Signatures Simple digital signature for message m: Bob signs m by encrypting with his private key KB, creating “signed” message, KB(m) -- Dear Alice Oh, how I have missed you. I think of you all the time! …(blah blah blah) Bob Bob’s message, m Public key encryption algorithm Bob’s private key KB - Bob’s message, m, signed (encrypted) with his private key KB - (m)
  • 56. 56 large message m H: Hash function H(m) digital signature (encrypt) Bob’s private key KB - + Bob sends digitally signed message: Alice verifies signature and integrity of digitally signed message: KB(H(m)) - encrypted msg digest KB(H(m)) - encrypted msg digest large message m H: Hash function H(m) digital signature (decrypt) H(m) Bob’s public key KB + equal ? Digital signature = signed message digest
  • 57. 57 Digital Signatures (more) Suppose Alice receives msg m, digital signature KB(m) Alice verifies m signed by Bob by applying Bob’s public key KB to KB(m) then checks KB(KB(m) ) = m. If KB(KB(m) ) = m, whoever signed m must have used Bob’s private key. + + - - - - + Alice thus verifies that: Bob signed m. No one else signed m. Bob signed m and not m’. Non-repudiation:  Alice can take m, and signature KB(m) to court and prove that Bob signed m. -
  • 58. 58 Public-key certification Motivation: Trudy plays pizza prank on Bob Trudy creates e-mail order: Dear Pizza Store, Please deliver to me four pepperoni pizzas. Thank you, Bob Trudy signs order with her private key Trudy sends order to Pizza Store Trudy sends to Pizza Store her public key, but says it’s Bob’s public key. Pizza Store verifies signature; then delivers four pizzas to Bob. Bob doesn’t even like Pepperoni
  • 59. 59 Certification Authorities Certification authority (CA): binds public key to particular entity, E. E (person, router) registers its public key with CA. E provides “proof of identity” to CA. CA creates certificate binding E to its public key. certificate containing E’s public key digitally signed by CA – CA says “this is E’s public key” Bob’s public key KB + Bob’s identifying information digital signature (encrypt) CA private key KCA - KB + certificate for Bob’s public key, signed by CA
  • 60. 60 Certification Authorities When Alice wants Bob’s public key: gets Bob’s certificate (Bob or elsewhere). apply CA’s public key to Bob’s certificate, get Bob’s public key Bob’s public keyKB + digital signature (decrypt) CA public key KCA + KB +
  • 61. 61 Certificates: summary Primary standard X.509 (RFC 2459) Certificate contains: Issuer name Entity name, address, domain name, etc. Entity’s public key Digital signature (signed with issuer’s private key) Public-Key Infrastructure (PKI) Certificates and certification authorities Often considered “heavy”
  • 62. 62 Cryptography Overview Symmetric Key Cryptography Public Key Cryptography Message integrity and digital signatures References: Stallings Kurose and Ross Network Security: Private Communication in a Public World, Kaufman, Perlman, Speciner