Network Security 浙江大学计算机科学与技术学院网络安全浙江大学计算机科学与技术学院.pptVIP

CHAPTER 8: NETWORK SECURITY Introduction Cryptography Symmetric-key algorithms Public-key algorithms Digital signatures Management of public keys Communication security Authentication protocols Email security Web Security Social Issues INTRODUCTION Some people who cause security problems and why. Introduction Network security problems can be divided roughly into four interwined areas: secrecy, authentication, nonrepudiation, and integrity control. Secrecy（保密）: to keep information out of the hands of unauthorized users. Authentication（鉴别）: to determine whom you are talking to before revealing sensitive information or entering into a business deal. (to authenticate people by recognizing their faces, voices, and handwriting). Nonrepudiation（认可）: to deal with signature. (personal signature). Integrity（完整）: How can you be sure that a message you received was really the one sent and not something that a malicious adversary modified in transit or concocted. Introduction Every layer has something to contribute: Physical layer: Wiretapping can be foiled by enclosing transmission lines in sealed tubes containing argon gas at high pressure. (not always work) Data link layer: Packets on a point-to-point line can be encoded as they leave one machine and decoded as they enter another. (not routed) Network layer: Firewalls can be installed to keep packets in or keep packets out. Transport layer: Entire connections can be encrypted, end to end, that is, process to process. Application layer: Issues such as authentication and nonreputation can only be solved at the application layer. CRYPTOGRAPHY Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Cryptography: Introduction The encryption model Cryptography: Introduction Encryption and decryption: Encryption: E_k(P) = C. Decryption: D_k (C) = D_k ( E_k(P) ) = P. The basic model is a stable and publicly known general method parametrized by a se