Chapter 10 Http netwk hannam ac kr HANNAM
- Slides: 151
Chapter 10 네트워크 보안 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 1
Chapter 10 : 목차 10. 1 개요 10. 2 기밀성 10. 3 보안의 또 다른 중요한 것들 10. 4 인터넷 보안 10. 5 방화벽 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 2
[그림 10. 1] 보안 목표와 관련된 공격의 분류 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 7
[그림 10. 2] 모듈로 26에서 평문과 암호문의 표현 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 19
Example 10. 1 Use the additive cipher with key = 15 to encrypt the message “hello”. Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 20
Example 10. 2 Use the additive cipher with key = 15 to decrypt the message “WTAAD”. Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 21
Example 10. 3 We can use the key in Figure 10. 5 to encrypt the message Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 23
Example 10. 4 Assume that Alice and Bob agreed to use an autokey cipher with initial key value k 1 = 12. Now Alice wants to send Bob the message “Attack is today”. The three occurrences of “t” are encrypted differently. Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 25
[그림 10. 6] 전치 암호 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 26
[그림 10. 8] 현대 블록 암호의 구성 요소 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 30
[그림 10. 9] DES의 일반 구조 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 32
[그림 10. 10] DES 함수 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 33
[그림 10. 11] 키 생성 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 34
Example 10. 5 We choose a random plaintext block and a random key, and determine (using a program) what the ciphertext block would be (all in hexadecimal) as shown below. Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 35
Example 10. 6 To check the effectiveness of DES when a single bit is changed in the input, we use two different plaintexts with only a single bit difference (in a program). The two ciphertexts are completely different without even changing the key. Although the two plaintext blocks differ only in the rightmost bit, the ciphertext blocks differ in 29 bits. Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 36
[그림 10. 12] One-time pad Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 38
[그림 10. 13] 비대칭-키 암호시스템에서의 잠금과 잠금해제 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 41
10. 2. 2 비대칭-키 암호 q RSA 암호시스템 (cryptosystem) v 고안해낸 사람들 Rivest, Shamir, Adleman 이름을 땀 v 절차 [그림 10. 15] RSA에서의 암호화, 복호화, 키 생성 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 45
Example 10. 7 For the sake of demonstration, let Bob choose 7 and 11 as p and q and calculate n = 7 × 11 = 77, φ(n) = (7 − 1)(11 − 1), or 60. If he chooses e to be 13, then d is 37. Note that e × d mod 60 = 1. Now imagine that Alice wants to send the plaintext 5 to Bob. She uses the public exponent 13 to encrypt 5. This system is not safe because p and q are small. Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 46
Example 10. 8 Here is a more realistic example calculated using a computer program in Java. We choose a 512 -bit p and q, calculate n and φ(n). We then choose e and calculate d. Finally, we show the results of encryption and decryption. The integer p is a 159 -digit number. Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 47
Example 10. 8 (continued) Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 48
Example 10. 8 (continued) Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 49
Example 10. 8 (continued) Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 50
[그림 10. 16] 메시지와 다이제스트 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 55
[그림 10. 17] 메시지 인증 코드 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 58
[그림 10. 18] 디지털 서명 처리 과정 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 62
[그림 10. 19] 다이제스트에 서명하기 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 63
[그림 10. 20] 부인봉쇄를 위해 신뢰할 수 있는 센터 이용 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 65
[그림 10. 21] 메시지 다이제스트에서 RSA 서명 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 67
[그림 10. 25] 다중 KDC Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 76
[그림 10. 26] KDC를 이용한 세션 키 생성 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 78
10. 3. 5 키 관리 q 대칭-키 합의 v Diffie-Hellman 키의 합의 Ø Diffie-Hellman 프로토콜 방법에서는 양쪽 통신주체가 KDC 없이 대칭 세션 키를 생성 [그림 10. 27] Diffie-Hellman 방법 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 79
Example 10. 9 Let us give a trivial example to make the procedure clear. Our example uses small numbers, but note that in a real situation, the numbers are very large. Assume that g = 7 and p = 23. The steps are as follows: 1. Alice chooses x = 3 and calculates R 1 = 73 mod 23 = 21. Bob chooses y = 6 and calculates R 2= 76 mod 23 = 4. 2. Alice sends the number 21 to Bob. Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 80
Example 10. 9 (continued) 3. Bob sends the number 4 to Alice. 4. Alice calculates the symmetric key K = 43 mod 23 = 18. Bob calculates the symmetric key K = 216 mod 23 = 18. Conclusion: The value of K is the same for both Alice and Bob; gxymod p = 718 mod 23 = 18. Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 81
[그림 10. 28] 인증 관리 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 83
10. 4. 1 응용 계층 보안 • 이 절은 전자우편에서 보안을 제공하는 두 가지 프로토콜 을 설명 • PGP (Pretty Good Privacy) • S/MIME(Secure/Multiputpose Internet Mail Extension) Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 85
[그림 10. 2] 평문 메시지 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 88
[그림 10. 30] 인증된 메시지 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 89
[그림 10. 31] 압축된 메시지 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 90
[그림 10. 32] 기밀성을 갖는 메시지 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 92
[그림 10. 33] PGP에서 키 킹 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 93
[그림 10. 34] 신뢰 모델 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 96
[그림 10. 35] 서명된 데이터 콘텐츠 유형 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 98
[그림 10. 36] 봉합된 데이터 콘텐츠 유형 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 99
[그림 10. 37] 다이제스트된 데이터 콘텐츠 유형 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 100
[그림 10. 38] 인증된 데이터 콘텐츠 유형 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 101
Example 10. 10 The following shows an example of an enveloped-data in which a small message is encrypted using triple DES. . Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 103
[그림 10. 39] 인터넷 모델에서 SSL과 TLS의 위치 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 105
10. 4. 1 응용 계층 보안 q SSL 구조 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 106
[그림 10. 40] 사전-마스터 비밀로부터 마스터 비밀의 계산 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 109
[그림 10. 41] 마스터 비밀로부터 키 재료의 인증 관리 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 110
[그림 10. 42] 키 재료로부터 암호학적 비밀의 추출 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 111
[그림 10. 43] 4개의 SSL 프로토콜 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 113
[그림 10. 44] 핸드셰이크 프로토콜 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 114
[그림 10. 45] 레코드 프로토콜에 의해 행해지는 처리 과정 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 116
[그림 10. 46] IPSec 전송 모드 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 119
[그림 10. 47] 전송 모드 동작 과정 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 120
[그림 10. 48] IPSec 터널 모드 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 122
[그림 10. 49] 터널 모드 실제 동작 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 123
[그림 10. 51] 인증 헤더 프로토콜 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 126
[그림 10. 52] ESP Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 128
[표 10. 1] IPSec 서비스 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 131
[그림 10. 53] 간단한 SA Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 133
[그림 10. 54] SAD Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 134
[그림 10. 55] SPD Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 135
[그림 10. 56] 외부적 처리 절차 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 137
[그림 10. 57] 내부적 처리 절차 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 138
[그림 10. 58] IKE 구성 요소 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 140
[그림 10. 59] 가상 사설 네트워크 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 142
[그림 10. 60] 방화벽 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 144
[그림 10. 61] 패킷 필터 방화벽 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 146
[그림 10. 62] 프록시 방화벽 Http: //netwk. hannam. ac. kr HANNAM UNIVERSITY 148
- Snr 공식
- Piggybacking arq
- Netwk
- Hannam mobile
- Hannam.ac.kr
- Http //mbs.meb.gov.tr/ http //www.alantercihleri.com
- Http //pelatihan tik.ung.ac.id
- Http://mbgnet.mobot.org/
- Primaryhomeworkhelp.co.uk
- Http//oh.portal.airast.org
- Noodle tools.com
- Http://getkahoot.com
- Http msdn
- Etscriterion
- Http://www.caaspp.org
- Http//apps.tujuhbukit.com/covid19
- Ch rahmoune
- [ie8s]http://www.microsoft.com/*
- Http://hdr.undp.org/en/data
- Http://www.ducksters.com/science/electricity_uses.php
- Www.mystericycle.com http //www.mystericycle.com
- Www.google.com.t
- [http://earthobservatory.nasa.gov/experiments/biome/]
- School bus
- Http://zapatopi.net/treeoctopus/
- Http://www.pbs.org/ktca/liberty/
- Http://solarsystem.nasa.gov/planets
- Http://belarustoday.info/?sid=4
- “http://www.meb.gov.tr
- Http://geosevillano.blogspot.com/p/blog-page_6.html
- Htttps://scratch.mit.edu/
- Http://mbgnet.mobot.org/
- Http //sciencespot.net
- T.trimpe 2003 http //sciencespot.net/ answers
- T. trimpe 2006 http //sciencespot.net/
- T. trimpe 2006 http //sciencespot.net/
- T. trimpe 2004 http //sciencespot.net/
- Http://www.safesearchkids.com/
- Ssp.postmatric.karnataka.gov.in
- Http://history.nasa.gov/sputnik/
- Http //tubel.bppsdmk.kemkes.go.id login
- Http://www.caaspp.org
- Dgest.dyndns
- E-kinerja lombokbaratkab go id
- Http://teachertech.rice.edu/participants/louviere/newton/
- Https://siap.jabarprov.go.id
- Httpscratch
- Http://scratch.mit.edu
- Htps://scratch.mit.edu
- Http//scratch.mit.edu
- Science classwork
- Http://wordle
- Http://pisa.ets.org/school
- Erkki muuga
- Numericalmethods.eng.usf.edu
- Https www.python.org
- /servsoc/inicio.aspx
- Solid to liquid is called
- Sisrute kemenkes.go.id
- Ozoblockly
- Http://sdmx.store:8080
- Http://pds.jpl.nasa.gov/planets/
- Http://fac book
- Slidetodoc.com
- Http://login.microsoftonline.com
- Food group
- Http://www.meb.gov.tr
- Davidmlane
- Node red http
- Http://phaen-alv.com/
- Http://learn.genetics.utah.edu/content/addiction/
- Epinephrine in the brain
- Autobiography poem examples
- Assessform edu au
- Http://teachertech.rice.edu/participants/louviere/newton/
- Http://www.finaid.org/calculators/loanpayments.phtml
- Metrocosm global migration map
- Http 601
- Http://www.mazegenerator.net/
- Famous matematicians
- Http://trialcourtweb/
- Http largebusinessinternet com
- Book publishers in louisiana
- Logisticare itp claim form
- Http://fes book
- Http://worksheetplace.com
- T. trimpe 2008 http://sciencespot.net/
- Bogollo
- Educationplanner learning style
- Vkkf.kulturas karte
- Berikut ini merupakan definisi pajak kecuali
- Http authorization manager jmeter
- Www python org
- Dash dynamic adaptive streaming over http
- Http://scratch.mit.edu
- Http://www.instagram.com/wickedlocalpix"
- Ku loket toledo
- Lkcfes industrial training
- Http://teacher.scholastic.com/activities/immigration/tour/
- Http://learn.genetics.utah.edu
- Ibm http server performance
- Http computer networks
- Imdb.com
- Http/ //aka.ms/remoteconnect
- Http://nachalo.win
- Http sciencespot net
- Http//sciencespot.net
- (http //ritkanlathatotortenelem.blog.hu
- Http response body
- Http protocol tutorial
- Bi.moh
- Http://www.slideshare.net
- Photojournal
- Http:n
- Yandex.com images
- Owasp http request smuggling
- Http:aka
- Http://122
- Fact check
- How to find protons
- Plagium checker gratis
- Issac newton virgin
- Sir isaac newton
- Kcvs.ca
- Mdm. mp. gov. in
- Ghr.nlm.nih
- Genetics home reference
- Nevada gaming registration
- Http://hdr.undp.org/en/countries
- T. trimpe 2007 http://sciencespot.net/
- T. trimpe 2006 http://sciencespot.net/
- T trimpe 2006 http //sciencespot.net/ answer key
- Http://fsassessments.org
- Http transactions
- Ruston-elementary 2 typingclub
- Http://www.dinah.com
- Http //www.harcourtschool.com/activity/food/food menu.html
- " title="" />
- Http://library.thinkquest.org
- Photojournal nasa
- Basreports.attendance.gov.in/downloads
- E learning wot
- Http and dns
- Http dns
- Single slit envelope
- Which layer in the osi model covers http, ftp, and rdc?
- Http://anatomy and physiology
- Rtp
- Http://fac book
- Http:// vidoe
- Http stateless protocol
- Numericalmethods.eng.usf.edu