-
8/3/2019 Intro to Net Security
1/37
Few foils based on Kurose & Ross , see:
http://www.aw.com/kurose-ross/
My site: http://amir.herzberg.name
Course site: http://hl2.biu.ac.il
-
8/3/2019 Intro to Net Security
2/37
! "#
$%&
' #' #!$($$$$(
$! "#$$
! "#)"*$
#! ##
-
8/3/2019 Intro to Net Security
3/37
$+),* $!'$'
+-)-*
..$""/-"0
1!' $++!
.!#'')*2 '#3 1''$'!'
)'*!'2 #Ring Bus Star (Hub)
-
8/3/2019 Intro to Net Security
4/37
4!","5 ,")#6*%&
.#)7#''*'""
#
$ "
,
.#
-
8/3/2019 Intro to Net Security
5/37
5$)*$68! /$%&9! 6
#'!' # '!)'*
')'* $:!%#&
##"$'
#!'##$)"#*
$00
-
8/3/2019 Intro to Net Security
6/37
! $+!.#'')*"$$
+'!''$
3 )'*3 +$3
5$";
-
8/3/2019 Intro to Net Security
7/37
.'
'!$ )=.",>=;",*' '!,$''=.",
$'#'=;",
'? '?'$?
=.",
'$
'$
=',
=,'
=;",
-
8/3/2019 Intro to Net Security
8/37
'
)$* '!,$ .?'!@5)A@B*!.)*>";)*>
C$)$'7* ,!$
5 @$$$('( 1)5*!
DEFGGG!;.)HI* FGGD9999!.)DFJ*
'?'$?
'$
'$
,
'?" >.)* >;)*>;).)**
-
8/3/2019 Intro to Net Security
9/37
''$
'?
"
'$?'
$
'
$
,C'
?
,
,C'#
,#
>.,)* >;,#)*>>;,'#).,)**
"=')=*!,C',",'#,#
+=!B! KB#"$""DEJL $)$*'
-)DGFM*#)DFJ.*
'"''
1B'$".'
-
8/3/2019 Intro to Net Security
10/37
.' .'$$.#
8!.#$79@!'9
/$=.'!
.#'.,)*$!.,)C*/$)$*=.'!
5$$
,#>
"
"#')*
.' 6
-
8/3/2019 Intro to Net Security
11/37
Alice Bob
Eve
m m
Key k Key k
MACk(m) Tag ??++
k = ??
MACk(m) = ??
+$)+* $$)* +$$Tag=MACk(m) B#"#Tag=MACk(m)
.)#$$'* ,!$#,)$9*
-
8/3/2019 Intro to Net Security
12/37
BobAlice
Secret signature
key SA
m
Sign(m)
+
Alices public signature
validation keyPA
Verify using PA that
is Alices signature on m
m
+
=;!''#"
.#$'#
.## #' 2
-
8/3/2019 Intro to Net Security
13/37
+'$=!
)*
#! !'
;!'
!$'
'$
$)$'*
''
)7'*
B$
-
8/3/2019 Intro to Net Security
14/37
=;'!
$$#9
!
)=;*
=;$$$"
'! /$
,C')""*"$$,C'
"5C9!
$)* /"
'
-
8/3/2019 Intro to Net Security
15/37
$ $)*!')
,*)!(,(*
,)'"#*, $ ,#$$$,",
%,&,C'
2 %, (,C'&
,C'
,
,C
'#
#
,C'"
,,
-
8/3/2019 Intro to Net Security
16/37
1= /$,C')'
,#,C*!
,C),$* ''C',C"
,C')#*
,C
'
#
'
,
,
,
,
-
8/3/2019 Intro to Net Security
17/37
''#C
,'7$$";
')7$* '),"*#"
)"*
Issuer(DNS) Name
Attributes
Public Key
Issuers Signature:SignLib(Info)
BIU Library
Name: Alice
ID 3783597
Issued by:
Signature:
Info
-
8/3/2019 Intro to Net Security
18/37
! $+!.#'')*"$$
+'!''$
3 )'*3 +$3
5$";
-
8/3/2019 Intro to Net Security
19/37
'
3 #$NDFN3 '$>NDHM
3 '''$
3 ! D '
3 +"
R
O
U
TE
R
A
R
O
U
T
E
R
BNet 1.2.3 Net 3.1.5 Net 2.2.7
3
6 4
payloadsrc:9.8.7.6 dest:
-
8/3/2019 Intro to Net Security
20/37
+ .!:"' )'*
')"*
'")"*
!')#'7* .?'-
:!'03 B$:!#-7
3 $:!C
3 .?!$$$'6
'$! .!'#)#''*
!#)":*
+#!
-
8/3/2019 Intro to Net Security
21/37
B
-
8/3/2019 Intro to Net Security
22/37
-
8/3/2019 Intro to Net Security
23/37
! $+!.#'')*"$$
+'!''$
3 )'*3 +$3
5$";
-
8/3/2019 Intro to Net Security
24/37
)5*!
..#'' ''#7
-!($'()*
-)*!''' 5'-)-75-*!"
''-)"7++.*
'
-
8/3/2019 Intro to Net Security
25/37
5! ''#7 '')*..)$$* !.
'')*
-75-)'
*
)*
-
8/3/2019 Intro to Net Security
26/37
-75-$ (5#(!
+
$#"'
@!
'"#
+'""@'-
-!- -)O5-*''((
5-!5'- 5-)O-*5)$'*
.54#-
/:-$
-
8/3/2019 Intro to Net Security
27/37
- #$ $)*$#
5'#$)'"P"0*
5#$#
-$# ;'#
-$$$#$$'#
$)*
,)$''*#C
-'9 @#DDHC.#I"#;$'
1C#;)'?"'* 1-#$)0*
!')-*
-
8/3/2019 Intro to Net Security
28/37
-C 5O# O$ ;-C ((
#)*$! "$" +-066
$ 1$'"2 -
''-
Q""$ ')
-
8/3/2019 Intro to Net Security
29/37
! $+!.#'')*"$$
+'!''$
3 )'*3 +$3
5$";
-
8/3/2019 Intro to Net Security
30/37
;@#)*?$ $7#77
B! ')1*
)
-
8/3/2019 Intro to Net Security
31/37
R;@)* B5''0 R
-
8/3/2019 Intro to Net Security
32/37
Bob
(victim)
Zombie2
Zombie1
Zombie3
Zombie4
Zombie5
Super-
ZombieA
Super-
ZombieB
Attacker
;;@ !('(# (($?
$)?"
-
8/3/2019 Intro to Net Security
33/37
/$'9+@
+($(
@$''' 47''' 7#7''$66
"#"#+)"$"0* -O)$* -'
-
8/3/2019 Intro to Net Security
34/37
4
4
)$* '
-
8/3/2019 Intro to Net Security
35/37
4
#)'* ''"
7''! " 571;' 5R=)##*
$#
'9;''9
-
8/3/2019 Intro to Net Security
36/37
46
''!
@#''
4#'#
+2 ""0 7
-
8/3/2019 Intro to Net Security
37/37
!,!''$
' "+$+0('''(?
5$
:;@$.#''!""+
+$"!
(( "5-7-"0 4""#+0(O(?
