Tuesday, July 19, 2005

Pseudo-Summary of Network Security (Tanenbaum)

From Chapter 8 of Computer Networks (4th Ed), Tanenbaum
PART I

Possible main threats to our system:
  • casual intruders who have fun snooping on others' private video streams and/or test out security systems
  • professional intruders who steal data (i.e. the paid video streams on the Telco server/s) and pirate it
Data Link Layer security -- use link encryption (easy to implement on packets on a point-to-point line)

Basics of Cryptography
  • cryptanalysis - breaking ciphers
  • cryptography - devising ciphers
  • cryptology - item one and two combined
  • Decryption(Encryption(P)) = P
  • substitution ciphers, transposition, one-time pads
  • Principles: redundancy, freshness (protect against replay attacks)
Symmetric Key Algorithms
  • Data Encryption Standard (DES) // Triple DES
  • Advanced ES (AES) // Rijndael (great security and speed; best-known symmetric key encryption algorithm together with DES)
Cipher Modes
  • Electronic Code Book Mode
  • Cipher Block Chaining Mode
  • Stream Cipher Mode
  • Counter Mode
Cryptanalysis Developments
  • Differential cryptanalysis
  • Linear cryptanalysis
  • Power analysis (3v for 1 bit, 1v for 0 bit)
  • Timing analysis (if-then-else loops have predictable time durations which can be exploited)
Next: Public Key Algorithms

0 Comments:

Post a Comment

<< Home