Professional Documents
Culture Documents
Lecture 3
v0.0
CPSC415 Biometrics
Points of Vulnerability
Adversary can eavesdrop from a machine
on the same LAN
Adversary can eavesdrop by dialing into
communication server
Adversary can eavesdrop by gaining
physical control of part of external links
twisted pair, coaxial cable, or optical fiber
radio or satellite links
v0.0
CPSC415 Biometrics
v0.0
CPSC415 Biometrics
v0.0
CPSC415 Biometrics
v0.0
CPSC415 Biometrics
v0.0
CPSC415 Biometrics
Placement of Encryption
Can place encryption function at various
layers in OSI Reference Model
link encryption occurs at layers 1 or 2
end-to-end can occur at layers 3, 4, 6, 7
v0.0
CPSC415 Biometrics
Scope of Encryption
v0.0
CPSC415 Biometrics
Traffic Analysis
is monitoring of communications flows
between parties
v0.0
CPSC415 Biometrics
Traffic Analysis
when using end-to-end encryption must
leave headers in clear
v0.0
CPSC415 Biometrics
10
v0.0
CPSC415 Biometrics
11
encryption
Alice
decryption
Bob
K
key
Eve
M
K
Secure channel
Alice: sender
Bob: receiver
Eve: eavesdropper / Oscar : opponent
Alice and Bob are the celebrities in cryptography.
v0.0
CPSC415 Biometrics
12
K1
K5
K7
K2
K6
K3
K8
K9
K10
v0.0
CPSC415 Biometrics
13
K2
K1
session key
Alice
Bob
v0.0
CPSC415 Biometrics
14
Key Distribution
symmetric schemes require both
parties to share a common secret key
issue is how to securely distribute
this key
often secure system failure due to a
break in the key distribution scheme
v0.0
CPSC415 Biometrics
15
Key Distribution
v0.0
CPSC415 Biometrics
16
v0.0
CPSC415 Biometrics
17
v0.0
CPSC415 Biometrics
18
KA-KDC(A,B)
Alice
knows
R1
KA-KDC(R1, KB-KDC(A,R1) )
KB-KDC(A,R1)
Bob knows to
use R1 to
communicate
with Alice
CPSC415 Biometrics
19