Upload
lamthien
View
221
Download
5
Embed Size (px)
Citation preview
1
Chapter 8
Network Security
Computer Networks, 5th Edition
Copyright © 2012, Elsevier Inc. All rights Reserved
2Copyright © 2012, Elsevier Inc. All rights Reserved
FIGURE 8.1 Symmetric-key encryption and decryption.
3Copyright © 2012, Elsevier Inc. All rights Reserved
FIGURE 8.2 Cipher block chaining (CBC).
4Copyright © 2012, Elsevier Inc. All rights Reserved
FIGURE 8.3 Public-key encryption.
5Copyright © 2012, Elsevier Inc. All rights Reserved
FIGURE 8.4 Authentication using public keys.
6Copyright © 2012, Elsevier Inc. All rights Reserved
FIGURE 8.5 Computing a MAC (a) versus computing an HMAC (b).
7Copyright © 2012, Elsevier Inc. All rights Reserved
FIGURE 8.6 Tree-structured certification authority hierarchy.
8Copyright © 2012, Elsevier Inc. All rights Reserved
FIGURE 8.7 A challenge-response protocol.
9Copyright © 2012, Elsevier Inc. All rights Reserved
FIGURE 8.8 A public-key authentication protocol that depends on synchronization.
10Copyright © 2012, Elsevier Inc. All rights Reserved
FIGURE 8.9 A public-key authentication protocol that does not depend on synchronization. Alice checks her own timestamp against her own clock, and likewise for Bob.
11Copyright © 2012, Elsevier Inc. All rights Reserved
FIGURE 8.10 The Needham–Schroeder authentication protocol.
12Copyright © 2012, Elsevier Inc. All rights Reserved
FIGURE 8.11 Kerberos authentication.
13Copyright © 2012, Elsevier Inc. All rights Reserved
FIGURE 8.12 A man-in-the-middle attack.
14Copyright © 2012, Elsevier Inc. All rights Reserved
FIGURE 8.13 PGP’s steps to prepare a message for emailing from Alice to Bob.
15Copyright © 2012, Elsevier Inc. All rights Reserved
FIGURE 8.14 Using SSH port forwarding to secure other TCP-based applications.
16Copyright © 2012, Elsevier Inc. All rights Reserved
FIGURE 8.15 Secure transport layer inserted between application and TCP layers.
17Copyright © 2012, Elsevier Inc. All rights Reserved
FIGURE 8.16 Handshake protocol to establish TLS session.
18Copyright © 2012, Elsevier Inc. All rights Reserved
FIGURE 8.17 IPsec’s ESP format.
19Copyright © 2012, Elsevier Inc. All rights Reserved
FIGURE 8.18 An IP packet with a nested IP packet encapsulated using ESP in tunnel mode. Note that the inner and outer packets have different addresses.
20Copyright © 2012, Elsevier Inc. All rights Reserved
FIGURE 8.19 Use of an Authentication Server in 802.11i.
21Copyright © 2012, Elsevier Inc. All rights Reserved
FIGURE 8.20 A firewall filters packets flowing between a site and the rest of the Internet.
22Copyright © 2012, Elsevier Inc. All rights Reserved
FIGURE 8.21 Diagram for Exercise 18.