Pseudo-Summary of Network Security (Tanenbaum)

From Chapter 8 of Computer Networks (4th Ed), Tanenbaum
PART I

Possible main threats to our system:

• casual intruders who have fun snooping on others' private video streams and/or test out security systems
• professional intruders who steal data (i.e. the paid video streams on the Telco server/s) and pirate it

Data Link Layer security -- use link encryption (easy to implement on packets on a point-to-point line)

Basics of Cryptography

• cryptanalysis - breaking ciphers
• cryptography - devising ciphers
• cryptology - item one and two combined
• Decryption(Encryption(P)) = P
• substitution ciphers, transposition, one-time pads
• Principles: redundancy, freshness (protect against replay attacks)

Symmetric Key Algorithms

• Data Encryption Standard (DES) // Triple DES
  
• Advanced ES (AES) // Rijndael (great security and speed; best-known symmetric key encryption algorithm together with DES)

Cipher Modes

• Electronic Code Book Mode
• Cipher Block Chaining Mode
• Stream Cipher Mode
• Counter Mode

Cryptanalysis Developments

• Differential cryptanalysis
• Linear cryptanalysis
• Power analysis (3v for 1 bit, 1v for 0 bit)
• Timing analysis (if-then-else loops have predictable time durations which can be exploited)

Next: Public Key Algorithms