communication systems
play

Communication Systems SSL University of Freiburg Computer Science - PowerPoint PPT Presentation

Aug 24, 2022 •308 likes •557 views

Communication Systems SSL University of Freiburg Computer Science Computer Networks and Telematics Prof. Christian Schindelhauer Organization I. Data and voice communication in IP networks II. Security issues in networking

  1. Communication Systems SSL University of Freiburg Computer Science Computer Networks and Telematics Prof. Christian Schindelhauer

  2. Organization ‣ I. Data and voice communication in IP networks ‣ II. Security issues in networking ‣ III. Digital telephony networks and voice over IP Communication Systems Computer Networks and Telematics 2 Prof. Christian Schindelhauer University of Freiburg

  3. Network Security Goals ‣ Confidentiality : only sender, intended receiver should “understand” message contents • sender encrypts message • receiver decrypts message • Privacy: hide `who is doing what with whom` ‣ Authentication : sender, receiver want to confirm identity of each other ‣ Integrity : sender, receiver want to ensure messages are not altered (in transit, or afterwards) without detection ‣ Access and Availability : services must be accessible and available to users Communication Systems Computer Networks and Telematics 3 Prof. Christian Schindelhauer University of Freiburg

  4. Network Security on Different Layers ‣ Security measures could be hooked to different layers of the stack • Link layer: one `hop` (e.g. wireless link) • IP Layer (IP-Sec): transparent to application (next Friday) • Transport Layer (SSL/TLS): easy, widely used • Application Layer (PGP, S/MIME) Communication Systems Computer Networks and Telematics 4 Prof. Christian Schindelhauer University of Freiburg

  5. SSL (Secure Socket Layer) ‣ Transport layer security service, yields secure channel • Secure byte stream • Optional public-key server authentication • Optional client authentication ‣ Development started by Netscape to offer secure Internet business • Used/Implemented with HTTP first (HTTPS, port 443) • Hash: combined MD5 & SHA • Encryption: Diffie Helman, RSA & DES, RC4 ‣ Version 3 designed with public input; subsequently became Internet standard TLS (Transport Layer Security) Communication Systems Computer Networks and Telematics 5 Prof. Christian Schindelhauer University of Freiburg

  6. SSL (Secure Socket Layer) ‣ Uses TCP to provide a reliable end-to-end service • Not restricted for secure web (HTTP) transactions • Useful for any TCP based service to be secured: HTTP, IMAP, POP, NNTP, telnet, telephony signaling ‣ SSL implements two layers of protocols ‣ SSL session • Association between client & server • Created by the Handshake Protocol • Define a set of cryptographic parameters • May be shared by multiple SSL connections Communication Systems Computer Networks and Telematics 6 Prof. Christian Schindelhauer University of Freiburg

  7. SSL (Secure Socket Layer) ‣ SSL connection • A transient, peer-to-peer, communications link • Associated with one SSL session Communication Systems Computer Networks and Telematics 7 Prof. Christian Schindelhauer University of Freiburg

  8. SSL record protocol ‣ Confidentiality – the handshake protocol defines a shared key for encryptions of SSL payloads • Using symmetric encryption with a shared secret key defined by Handshake Protocol • stateful protocol ‣ IDEA, RC2-40, DES-40, DES, 3DES, Fortezza, RC4-40, RC4-128 ‣ Message is compressed before encryption Communication Systems Computer Networks and Telematics 8 Prof. Christian Schindelhauer University of Freiburg

  9. SSL record protocol and format ‣ The record format leads to ‣ Message Integrity – the handshake protocol defines a shared key used to form message authentication code (MAC) • Similar to HMAC but with different padding Communication Systems Computer Networks and Telematics 9 Prof. Christian Schindelhauer University of Freiburg

  10. SSL MAC calculation ‣ Hash(MAC_secret_key || pad2 || hash(MAC_secret_key || pad1 || seqNum || SSLcompressed.type || SSLcompressed.length || SSLcompressed.fragment)) ‣ Where: • Mac_secret_key – • pad1 = 0x36 repeated 48 times for MD5 40 times for SHA-1 • pad2 = 0x5C repeated … • SSLcompressed.type = the higher level protocol used to process this fragment Communication Systems Computer Networks and Telematics 10 Prof. Christian Schindelhauer University of Freiburg

  11. SSL encryption ‣ Fragment size 2 14 = 16384 bytes • Compression must be lossless and must not increase length more than 1024 • No compression algorithm specified in SSLv3 – default no compression • Block Cipher Encryption Methods - IDEA (128) RC2-40, DES-40, DES (56), 3DES (168) • Stream Cipher Encryption choices - RC4-40, RC4-128 Communication Systems Computer Networks and Telematics 11 Prof. Christian Schindelhauer University of Freiburg

  12. SSL payload / Change Cipher Specification Protocol ‣ Change Cipher Spec Protocol • consists of a single message of a single byte with value 1 • it means copy pending state to current state Communication Systems Computer Networks and Telematics 12 Prof. Christian Schindelhauer University of Freiburg

  13. SSL Alert Protocol ‣ Conveys SSL-related alerts to peer entity ‣ Severity • Warning or fatal: 1=warning, 2=fatal ‣ Specific alert • Unexpected message, bad record mac, decompression failure, handshake failure, illegal parameter • Close notify, no certificate, bad certificate, unsupported certificate, certificate revoked, certificate expired, certificate unknown ‣ Compressed and encrypted like all SSL data Communication Systems Computer Networks and Telematics 13 Prof. Christian Schindelhauer University of Freiburg

  14. SSL Handshake Protocol ‣ Most complex part of SSL • Allows the server and client to authenticate each other • Negotiate encryption, MAC algorithm and cryptographic keys • Used before any application data are transmitted ‣ Message Fields • Type (8) • Length (24) • Content ( ≥ 1 byte) parameters ‣ Several Message types Communication Systems Computer Networks and Telematics 14 Prof. Christian Schindelhauer University of Freiburg

  15. SSL Handshake Protocol – message types ‣ Message types (name (value)): • Hello-request (null) • Client-hello (version,random(32B), sessionID, cipher suite, compression method) • Server_hello (same as Client-hello) • Certificate (chain of X.509v3 certificates) • Server_key_exchange (parameters, signature) • Certificate_request (type, authorities) • Server_done (null) • Certificate_verify (signature) • Client_key_exchange (parameters, signature) • Finished (hash value) Communication Systems Computer Networks and Telematics 15 Prof. Christian Schindelhauer University of Freiburg

  16. SSL Handshake Protocol ‣ Colored messages are optional ‣ Phase 1-3 messages are plaintext Communication Systems Computer Networks and Telematics 16 Prof. Christian Schindelhauer University of Freiburg

  17. SSL Handshake Protocol – Phase 1 ‣ Establish security capabilities • Client_hello - Version = highest SSL understood by client - Random 32 bit time stamp + 28 random bytes (secure random number generator) - sessionID: 0 to establish new connection, non-zero means update parameters of an existing session - Ciphersuite: sequence of cryptographic algorithms in decreasing order of preference (key exchange + CipherSpec) - Compression methods: sequence of compression methods Communication Systems Computer Networks and Telematics 17 Prof. Christian Schindelhauer University of Freiburg

  18. SSL Handshake Protocol – Phase 1 ‣ Establish security capabilities • Server_hello is sent back - same as from client but confirmation to suggested values: - Highest common version, new random field, same sessionID if nonzero, new sessionID otherwise, the selected ciphersuite and the selected compression technique ‣ Key Exchange methods • RSA – secret key is encrypted with receiver’s RSA public key • Fixed Diffie-Hellman • Ephemeral Diffie Hellman • Anonymous Diffie-Hellman • Fortezza Communication Systems Computer Networks and Telematics 18 Prof. Christian Schindelhauer University of Freiburg

  19. SSL Handshake Protocol – Phase 1 ‣ CipherSpec follows containing the fields • Cipher algorithm • MAC algorithm • CipherType: block or stream • Hash size: 0, 16 for MD5 or 20 for SHA-1 bytes • Key material – sequence of bytes used to generate keys • IV size of Initial Value for Cipher Block Chaining (CBC) Communication Systems Computer Networks and Telematics 19 Prof. Christian Schindelhauer University of Freiburg

  20. SSL Handshake Protocol – Phase 2 ‣ Server Authentication and Key Exchange ‣ Server sends • Certificate: X.509 certificate chain (not required for anonymous Diffie-Hellman) • Server_key_exchange (not always need e.g. fixed Diffie-Hellman) - Hash(Client_hello.random|| ServerHello.random||ServerParms) • Certificate_request: certificate type and certificate authorities • Server_hello_done: I’m done and I’ll wait on response Communication Systems Computer Networks and Telematics 20 Prof. Christian Schindelhauer University of Freiburg

Recommend

SK Telecom 1 U U U U U U U- U - - communication - - - - - communication

SK Telecom 1 U U U U U U U- U - - communication - - - - - communication

U U U U U U U- U - - communication - - - - - communication communication communication communication communication communication communication Korea Mobile Market Trend for Convergence & Ubiquitous Communication 2004.

400 views • 16 slides
Secret Communication via Secret Communication via Multi- -antenna Systems antenna Systems

Secret Communication via Secret Communication via Multi- -antenna Systems antenna Systems

Secret Communication via Secret Communication via Multi- -antenna Systems antenna Systems Multi Zang Li Wade Trappe Roy Yates WINLAB, Rutgers University 1 Outline Information theory background on information security Problem

511 views • 22 slides
Communication in Distributed Systems Issues in communication (today) Message-oriented

Communication in Distributed Systems Issues in communication (today) Message-oriented

Communication in Distributed Systems Issues in communication (today) Message-oriented Communication Remote Procedure Calls Transparency but poor for passing references Remote Method Invocation RMIs are essentially RPCs

246 views • 9 slides
Optimizing MPI Communication on Multi-GPU Systems using CUDA Inter-Process Communication Sreeram

Optimizing MPI Communication on Multi-GPU Systems using CUDA Inter-Process Communication Sreeram

Optimizing MPI Communication on Multi-GPU Systems using CUDA Inter-Process Communication Sreeram Potluri* Hao Wang* Devendar Bureddy* Ashish Kumar Singh* Carlos Rosales + Dhabaleswar K. Panda* *Network-Based Computing Laboratory

779 views • 22 slides
Digital Communication Syst Digital Communication Systems ems ECS 452 ECS 452 Asst. Prof. Dr.

Digital Communication Syst Digital Communication Systems ems ECS 452 ECS 452 Asst. Prof. Dr.

Digital Communication Syst Digital Communication Systems ems ECS 452 ECS 452 Asst. Prof. Dr. Prapun Suksompong prapun@siit.tu.ac.th Fading Channels Office Hours: Rangsit Library: Tuesday 16:20-17:20 BKD3601-7: Thursday 16:00-17:00 1

470 views • 22 slides
= + 2 cos (2 ) 0.5 (1 cos(2 2 )) 0.5( ) ft dt ft dt b

= + 2 cos (2 ) 0.5 (1 cos(2 2 )) 0.5( ) ft dt ft dt b

Backgorund: Digital Communication Systems In this note, we will review the basic transmitter and receiver principles in digital communication systems. The discussions will provide useful background for this course. Binary phase shift keying

537 views • 10 slides
Lecture 01 Introduction to Communication Systems I-Hsiang Wang ihwang@ntu.edu.tw National

Lecture 01 Introduction to Communication Systems I-Hsiang Wang ihwang@ntu.edu.tw National

Principle of Communications, Fall 2017 Lecture 01 Introduction to Communication Systems I-Hsiang Wang ihwang@ntu.edu.tw National Taiwan University 2017/9/13 Outline The basic architecture of communication systems Source-channel

214 views • 9 slides
Operating Systems Inter-Process Communication ENCE 360 Outline Introduction Examples

Operating Systems Inter-Process Communication ENCE 360 Outline Introduction Examples

Operating Systems Inter-Process Communication ENCE 360 Outline Introduction Examples Shared Memory Files Pipes Signals Pages 43-45, 733-734 MODERN OPERATING SYSTEMS (MOS) By Andrew Tanenbaum Interprocess Communication

741 views • 29 slides
CHAPTER 8: AGENT COMMUNICATION An Introduction to Multiagent Systems

CHAPTER 8: AGENT COMMUNICATION An Introduction to Multiagent Systems

CHAPTER 8: AGENT COMMUNICATION An Introduction to Multiagent Systems http://www.csc.liv.ac.uk/mjw/pubs/imas/ Chapter 8 An Introduction to Multiagent Systems 1 Agent Communication In this lecture, we cover macro-aspects of intelligent

485 views • 21 slides
A Privacy-preserving Pseudonym Acquisition Scheme for Vehicular Communication Systems Andreas

A Privacy-preserving Pseudonym Acquisition Scheme for Vehicular Communication Systems Andreas

A Privacy-preserving Pseudonym Acquisition Scheme for Vehicular Communication Systems Andreas Messing amessing@kth.se 1 Vehicular Communication Systems Smart Cities Self-driving Transportation Systems Vehicle-to-Vehicle

198 views • 19 slides
Information, Computation, and Communication Networks 1 ICC Module Systems Networks

Information, Computation, and Communication Networks 1 ICC Module Systems Networks

ICC Module Systems Networks Information, Computation, and Communication Networks 1 ICC Module Systems Networks Computer Networks 2 ICC Module Systems Networks Outline Communication protocols Packet switching Protocol

1.17k views • 82 slides
Distributed Systems Group Communication Paul Krzyzanowski pxk@cs.rutgers.edu Except as

Distributed Systems Group Communication Paul Krzyzanowski pxk@cs.rutgers.edu Except as

Distributed Systems Group Communication Paul Krzyzanowski pxk@cs.rutgers.edu Except as otherwise noted, the content of this presentation is licensed under the Creative Commons Attribution 2.5 License. Page 1 Page 1 Modes of communication

961 views • 46 slides
Rowing Together - Communication Tactics in Ambulatory Systems and Collaboration Groups Tracking

Rowing Together - Communication Tactics in Ambulatory Systems and Collaboration Groups Tracking

Rowing Together - Communication Tactics in Ambulatory Systems and Collaboration Groups Tracking Quality, Finance, and Daily Improvement (MDI) Metrics Dina Aper, BSMLS (ASCP), CIC November 1, 2018 2 Objectives Define Communication Tactics

416 views • 19 slides
# Comm. ! Params * ! Optimizing Communication Spark 1.0.1 6 ! Performance: Hadoop 1.0.4 10 !

# Comm. ! Params * ! Optimizing Communication Spark 1.0.1 6 ! Performance: Hadoop 1.0.4 10 !

Varys Efficient Coflow Scheduling ! Mosharaf Chowdhury, ! Yuan Zhong, Ion Stoica ! UC#Berkeley# Communication is Crucial ! Performance Facebook analytics jobs spend 33% of their runtime in communication 1 ! As in-memory systems proliferate, ! the

781 views • 25 slides
Communication systems for vehicle electronics Presentation overview Background automotive

Communication systems for vehicle electronics Presentation overview Background automotive

Communication systems for vehicle electronics Communication systems for vehicle electronics Presentation overview Background automotive electronics as an application area for real-time communication Real time protocols LIN Local

724 views • 38 slides
Communication systems for vehicle electronics Presentation overview Background automotive

Communication systems for vehicle electronics Presentation overview Background automotive

2014-05-05 Communication systems for vehicle electronics Communication systems for vehicle electronics Presentation overview Background automotive electronics as an application area for real-time communication Real time protocols LIN

582 views • 19 slides
Shannons Theory of Secrecy Systems See: C. E. Shannon, Communication Theory of Secrecy Systems

Shannons Theory of Secrecy Systems See: C. E. Shannon, Communication Theory of Secrecy Systems

Shannons Theory of Secrecy Systems See: C. E. Shannon, Communication Theory of Secrecy Systems , Bell Systems Technical Journal, Vol. 28, pp. 656715, 1948. Eli Biham - May 3, 2005 c 54 Shannons Theory of Secrecy Systems (2)

584 views • 14 slides
Fault Tolerant Communication in 3D Integrated Systems Vladimir Pasca , Lorena Anghel, Mounir

Fault Tolerant Communication in 3D Integrated Systems Vladimir Pasca , Lorena Anghel, Mounir

Fault Tolerant Communication in 3D Integrated Systems Vladimir Pasca , Lorena Anghel, Mounir Benabdenbi TIMA Laboratory Outline 3D Integration Opportunities Challenges and Solutions Fault Tolerant Communication in 3D Systems

516 views • 24 slides
Communication Systems GSM University of Freiburg Computer Science Computer Networks and

Communication Systems GSM University of Freiburg Computer Science Computer Networks and

Communication Systems GSM University of Freiburg Computer Science Computer Networks and Telematics Prof. Christian Schindelhauer Organization I. Data and voice communication in IP networks II. Security issues in networking

742 views • 35 slides
Communication Systems SIP University of Freiburg Computer Science Computer Networks and

Communication Systems SIP University of Freiburg Computer Science Computer Networks and

Communication Systems SIP University of Freiburg Computer Science Computer Networks and Telematics Prof. Christian Schindelhauer Organization I. Data and voice communication in IP networks II. Security issues in networking

533 views • 28 slides
Communication Systems RTP-QoS University of Freiburg Computer Science Computer Networks and

Communication Systems RTP-QoS University of Freiburg Computer Science Computer Networks and

Communication Systems RTP-QoS University of Freiburg Computer Science Computer Networks and Telematics Prof. Christian Schindelhauer Organization I. Data and voice communication in IP networks II. Security issues in networking

883 views • 41 slides
Limit on Coding and Modulation Gains in Fiber-Optic Communication Systems Yi Cai Tyco

Limit on Coding and Modulation Gains in Fiber-Optic Communication Systems Yi Cai Tyco

Limit on Coding and Modulation Gains in Fiber-Optic Communication Systems Yi Cai Tyco Telecommunications Laboratories, 250 Industrial Way West, Eatontown NJ, 07724, USA Introduction A fundamental question for fiberoptic communication

269 views • 12 slides
Cyber-Physical Systems Communication IECE 553/453 Fall 2019 Prof. Dola Saha 1 Why do we

Cyber-Physical Systems Communication IECE 553/453 Fall 2019 Prof. Dola Saha 1 Why do we

Cyber-Physical Systems Communication IECE 553/453 Fall 2019 Prof. Dola Saha 1 Why do we need Communication? Connect different systems together o Two embedded systems o A desktop and an embedded system Connect different chips together

1.22k views • 63 slides
Cyber-Physical Systems Communication ICEN 553/453 Fall 2018 Prof. Dola Saha 1 Why do we

Cyber-Physical Systems Communication ICEN 553/453 Fall 2018 Prof. Dola Saha 1 Why do we

Cyber-Physical Systems Communication ICEN 553/453 Fall 2018 Prof. Dola Saha 1 Why do we need Communication? Connect different systems together o Two embedded systems o A desktop and an embedded system Connect different chips together

547 views • 40 slides

More recommend