[Network]Network Security
来源:互联网 发布:印度 网络空间作战部队 编辑:程序博客网 时间:2024/04/30 11:53
1 What is network security
access && understand && modification
2 Principles of Cryptography
symmetric key
encryption key public decryption key secret
2.1 Symmetric Key
substitution cipher: encryption on a side, decryption on another side.
DES: Data Encryption Standard
56-bit symmetric key 64-bit plaintext input
AES: Advanced Encryption Standard
3 Message Integrity
3.1 Message Authentication Code
Hash code used belowmake secret encrypted
3.2 Digital Signatures
A valid digital signature gives a recipient reason to believe that the message was created by a known sender, such that the sender cannot deny having sent the message (authentication and non-repudiation) and that the message was not altered in transit (integrity).
-- From WikiHash H(m) first, then sign it Ks(H(m))
Send both clear message m and Ks(H(m)) to receiver. Receiver Hash m and decrypt H(m), to compare them whether they are same.
Certification Authorities
The third company to verify the public key of Bob's.
A valid digital signature gives a recipient reason to believe that the message was created by a known sender, such that the sender cannot deny having sent the message (authentication and non-repudiation) and that the message was not altered in transit (integrity).-- From Wiki
Hash H(m) first, then sign it Ks(H(m))
Send both clear message m and Ks(H(m)) to receiver. Receiver Hash m and decrypt H(m), to compare them whether they are same.
Certification Authorities
The third company to verify the public key of Bob's.
4 End Point Authentication
4.1 Authentication
Other method can be attacked by other host playback process.
5 Securing e-mail
5.1 Secrecy
sender:1. random symmetric private key, Ksy2. message m, Ks(m)3. use receiver's public key to encrypt the Ks, Kry(Ks)4. send both Ksy(m) and Kr(Ks) to receiverreceiver:1. Use own public key to decrypt the Ksy2. Use Ksy to decrypt message m
5.2 Sender Authentication
sender:1. sign the message m2. send both clear message m and signed message Ksen(H(m))receiver:decrypt the signed message.5.3 Combination
Three Keys: sender sign key, receiver public key, symmetric key
6 Securing TCP: SSL
6.1 Service
6.2 ProcessTwo parts: Client/Server authentication, data encryption
1. HandshakeEstablish TCP connectionAuthentication2. Key Derivation4 keysMAC key and encrption key3. Data Transfercompute MACencrypt data and MACform SSL format record6.3 Mechanism
Apply for key for encryption and keep secret between server and client.
7 Network Layer: IPsec
AH or ESP
8 Wireless LANs
WEP
9 Firewall and IDS
IDS: Inspection and correclation
0 0
- [Network]Network Security
- Network Security
- network security
- network security
- Network Security Hacks
- Network Security Technologies
- Network security bible
- Inside Network Perimeter Security
- Linux Network Security
- Home Network Security Simplified
- Network Security Hacks [ILLUSTRATED]
- Network Security Illustrated
- Network Security JumpStart
- Mastering Network Security
- Practical Network Security Monitoring
- Network Security Tools
- Network Security Mark
- 5.5 NETWORK SECURITY
- HOOK其他进程API和全局HOOK-API
- Android bitmap中Matrix的几个操作
- 精益设计:“纸上谈兵”的说服力
- 基于cocos2dx的2D手游美术资源制作技术选型(1)(2)
- 数据结构中的几种排序
- [Network]Network Security
- 浅谈C#中的枚举
- 帽子的搭配
- 关于排序的一些整理
- android animation-list 使用
- drymkdtykmt是人们月收入院门口日三一可没
- 程序猿大学毕业初感悟
- magento发送自定义邮件功能
- qt-android-5.3.0的Examples部署错误的修复办法