tailieunhanh - Lecture Network security: Chapter 20 - Dr. Munam Ali Shah

In this chapter, we will talk about confidentiality using symmetric encryption, we will also explore link vs. end to end encryption, key distribution design constraints will be explored. | Network Security Lecture 20 Presented by: Dr. Munam Ali Shah Summary of the Previous Lecture In previous lecture we talked about the random numbers and the random number generators We have also discussed random numbers and pseudorandom numbers. The design constraints were also discussed Summary of the previous lecture Random number are the basis for many cryptographic applications. There is no reliable “independent” function to generate random numbers. Present day computers can only approximate random numbers, using pseudo-random numbers generated by Pseudo Random Number Generators (PRNG)s. Attacks on many cryptographic applications are possible by attacks on PRNGs. Computer applications are increasingly turning towards using physical data (external/internal) for getting truly random numbers. Part – 2 (e): Incorporating security in other parts of the network Outlines of today’s lecture We will talk about Confidentiality using symmetric encryption We will also explore Link vs. end to . | Network Security Lecture 20 Presented by: Dr. Munam Ali Shah Summary of the Previous Lecture In previous lecture we talked about the random numbers and the random number generators We have also discussed random numbers and pseudorandom numbers. The design constraints were also discussed Summary of the previous lecture Random number are the basis for many cryptographic applications. There is no reliable “independent” function to generate random numbers. Present day computers can only approximate random numbers, using pseudo-random numbers generated by Pseudo Random Number Generators (PRNG)s. Attacks on many cryptographic applications are possible by attacks on PRNGs. Computer applications are increasingly turning towards using physical data (external/internal) for getting truly random numbers. Part – 2 (e): Incorporating security in other parts of the network Outlines of today’s lecture We will talk about Confidentiality using symmetric encryption We will also explore Link vs. end to end encryption Key Distribution design constraints will be explored Objectives You would be able to present an understanding of deploying security in other parts of the networks. You would understand the potential locations in the network through which attack could be launched Potential locations for confidentiality attacks Insider: eavesdropping the LAN Outsider: from server or host with dial up facility Patch panel is vulnerable if intruder access it physically: (can use low power radio transmitter) Attack through transmission medium Wired (coaxial, twisted pair, fibre optic) Wireless(microwave, satellite) Link vs. end to end encryption have two major placement alternatives link encryption vulnerable links are equipped with encryption device En/decryption occurs independently on every link requires many devices in a large network User has no control over security of these devices Many keys must be provided end-to-end encryption encryption occurs between original source and final .