network securitythai/mmt1/slides/chapter8... · •authentication using kerberos •authentication...
TRANSCRIPT
![Page 1: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/1.jpg)
Network Security
Chapter 8
![Page 2: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/2.jpg)
Cryptography
• Introduction to Cryptography
• Substitution Ciphers
• Transposition Ciphers
• One-Time Pads
• Two Fundamental Cryptographic Principles
![Page 3: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/3.jpg)
Need for Security
Some people who cause security problems and why.
![Page 4: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/4.jpg)
An Introduction to Cryptography
The encryption model (for a symmetric-key cipher).
![Page 5: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/5.jpg)
Transposition Ciphers
A transposition cipher.
![Page 6: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/6.jpg)
One-Time Pads
The use of a one-time pad for encryption and the
possibility of getting any possible plaintext from
the ciphertext by the use of some other pad.
![Page 7: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/7.jpg)
Quantum Cryptography
An example of quantum cryptography.
![Page 8: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/8.jpg)
Symmetric-Key Algorithms
• DES – The Data Encryption Standard
• AES – The Advanced Encryption Standard
• Cipher Modes
• Other Ciphers
• Cryptanalysis
![Page 9: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/9.jpg)
Product Ciphers
Basic elements of product ciphers. (a) P-box. (b) S-box. (c) Product.
![Page 10: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/10.jpg)
Data Encryption Standard
The data encryption standard. (a) General outline.
(b) Detail of one iteration. The circled + means exclusive OR.
![Page 11: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/11.jpg)
Triple DES
(a) Triple encryption using DES. (b) Decryption.
![Page 12: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/12.jpg)
AES – The Advanced Encryption Standard
Rules for AES proposals
1. The algorithm must be a symmetric block cipher.
2. The full design must be public.
3. Key lengths of 128, 192, and 256 bits supported.
4. Both software and hardware implementations required
5. The algorithm must be public or licensed on
nondiscriminatory terms.
![Page 13: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/13.jpg)
AES (2)
An outline of
Rijndael.
![Page 14: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/14.jpg)
AES (3)
Creating of the state and rk arrays.
![Page 15: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/15.jpg)
Electronic Code Book Mode
The plaintext of a file encrypted as 16 DES blocks.
![Page 16: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/16.jpg)
Cipher Block Chaining Mode
Cipher block chaining. (a) Encryption. (b) Decryption.
![Page 17: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/17.jpg)
Cipher Feedback Mode
(a) Encryption. (c) Decryption.
![Page 18: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/18.jpg)
Stream Cipher Mode
A stream cipher. (a) Encryption. (b) Decryption.
![Page 19: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/19.jpg)
Counter Mode
Encryption using counter mode.
![Page 20: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/20.jpg)
Cryptanalysis
Some common symmetric-key cryptographic algorithms.
![Page 21: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/21.jpg)
Public-Key Algorithms
• RSA
• Other Public-Key Algorithms
![Page 22: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/22.jpg)
RSA
An example of the RSA algorithm.
![Page 23: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/23.jpg)
Digital Signatures
• Symmetric-Key Signatures
• Public-Key Signatures
• Message Digests
• The Birthday Attack
![Page 24: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/24.jpg)
Symmetric-Key Signatures
Digital signatures with Big Brother.
![Page 25: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/25.jpg)
Public-Key Signatures
Digital signatures using public-key cryptography.
![Page 26: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/26.jpg)
Message Digests
Digital signatures using message digests.
![Page 27: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/27.jpg)
SHA-1
Use of SHA-1 and RSA for signing nonsecret messages.
![Page 28: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/28.jpg)
SHA-1 (2)
(a) A message padded out to a multiple of 512 bits.
(b) The output variables. (c) The word array.
![Page 29: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/29.jpg)
Management of Public Keys
• Certificates
• X.509
• Public Key Infrastructures
![Page 30: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/30.jpg)
Problems with Public-Key Encryption
A way for Trudy to subvert public-key encryption.
![Page 31: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/31.jpg)
Certificates
A possible certificate and its signed hash.
![Page 32: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/32.jpg)
X.509
The basic fields of an X.509 certificate.
![Page 33: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/33.jpg)
Public-Key Infrastructures
(a) A hierarchical PKI. (b) A chain of certificates.
![Page 34: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/34.jpg)
Communication Security
• IPsec
• Firewalls
• Virtual Private Networks
• Wireless Security
![Page 35: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/35.jpg)
IPsec
The IPsec authentication header in transport mode for IPv4.
![Page 36: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/36.jpg)
IPsec (2)
(a) ESP in transport mode. (b) ESP in tunnel mode.
![Page 37: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/37.jpg)
Firewalls
A firewall consisting of two packet filters and an application gateway.
![Page 38: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/38.jpg)
Virtual Private Networks
(a) A leased-line private network. (b) A virtual private network.
![Page 39: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/39.jpg)
802.11 Security
Packet encryption using WEP.
![Page 40: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/40.jpg)
Authentication Protocols
• Authentication Based on a Shared Secret Key
• Establishing a Shared Key: Diffie-Hellman
• Authentication Using a Key Distribution Center
• Authentication Using Kerberos
• Authentication Using Public-Key Cryptography
![Page 41: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/41.jpg)
Authentication Based on a Shared Secret Key
Two-way authentication using a challenge-response protocol.
![Page 42: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/42.jpg)
Authentication Based on a Shared Secret Key (2)
A shortened two-way authentication protocol.
![Page 43: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/43.jpg)
Authentication Based on a Shared Secret Key (3)
The reflection attack.
![Page 44: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/44.jpg)
Authentication Based on a Shared Secret Key (4)
A reflection attack on the protocol of Fig. 8-32.
![Page 45: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/45.jpg)
Authentication Based on a Shared Secret Key (5)
Authentication using HMACs.
![Page 46: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/46.jpg)
Establishing a Shared Key:
The Diffie-Hellman Key Exchange
The Diffie-Hellman key exchange.
![Page 47: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/47.jpg)
Establishing a Shared Key:
The Diffie-Hellman Key Exchange
The bucket brigade or man-in-the-middle attack.
![Page 48: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/48.jpg)
Authentication Using a Key Distribution Center
A first attempt at an authentication protocol using a KDC.
![Page 49: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/49.jpg)
Authentication Using a Key Distribution Center (2)
The Needham-Schroeder authentication protocol.
![Page 50: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/50.jpg)
Authentication Using a Key Distribution Center (3)
The Otway-Rees authentication protocol (slightly simplified).
![Page 51: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/51.jpg)
Authentication Using Kerberos
The operation of Kerberos V4.
![Page 52: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/52.jpg)
Authentication Using Public-Key Cryptography
Mutual authentication using public-key cryptography.
![Page 53: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/53.jpg)
E-Mail Security
• PGP – Pretty Good Privacy
• PEM – Privacy Enhanced Mail
• S/MIME
![Page 54: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/54.jpg)
PGP – Pretty Good Privacy
PGP in operation for sending a message.
![Page 55: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/55.jpg)
PGP – Pretty Good Privacy (2)
A PGP message.
![Page 56: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/56.jpg)
Web Security
• Threats
• Secure Naming
• SSL – The Secure Sockets Layer
• Mobile Code Security
![Page 57: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/57.jpg)
Secure Naming
(a) Normal situation. (b) An attack based on breaking
into DNS and modifying Bob's record.
![Page 58: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/58.jpg)
Secure Naming (2)
How Trudy spoofs Alice's ISP.
![Page 59: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/59.jpg)
Secure DNS
An example RRSet for bob.com. The KEY record is Bob's
public key. The SIG record is the top-level com server's signed
has of the A and KEY records to verify their authenticity.
![Page 60: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/60.jpg)
Self-Certifying Names
A self-certifying URL containing a hash of server's
name and public key.
![Page 61: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/61.jpg)
SSL—The Secure Sockets Layer
Layers (and protocols) for a home user browsing with SSL.
![Page 62: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/62.jpg)
SSL (2)
A simplified version of the SSL connection establishment subprotocol.
![Page 63: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/63.jpg)
SSL (3)
Data transmission using SSL.
![Page 64: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/64.jpg)
Java Applet Security
Applets inserted into a Java Virtual Machine
interpreter inside the browser.
![Page 65: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/65.jpg)
Social Issues
• Privacy
• Freedom of Speech
• Copyright
![Page 66: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/66.jpg)
Anonymous Remailers
Users who wish anonymity chain requests through
multiple anonymous remailers.
![Page 67: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/67.jpg)
Freedom of Speech
Possibly banned material:
1. Material inappropriate for children or teenagers.
2. Hate aimed at various ethnic, religious, sexual, or other
groups.
3. Information about democracy and democratic values.
4. Accounts of historical events contradicting the
government's version.
5. Manuals for picking locks, building weapons, encrypting
messages, etc.
![Page 68: Network Securitythai/mmt1/slides/chapter8... · •Authentication Using Kerberos •Authentication Using Public-Key Cryptography. Authentication Based on a Shared Secret Key Two-way](https://reader033.vdocuments.us/reader033/viewer/2022060207/5f03f92e7e708231d40bb01e/html5/thumbnails/68.jpg)
Steganography
(a) Three zebras and a tree. (b) Three zebras, a tree, and the
complete text of five plays by William Shakespeare.