Network Security

By
Farhan M.Shaikh
B.Sc. (CS),M.Sc. (IT), B.Ed.,M.Ed., M.A (Sociology)., UGC-NET (Education/ Sociology)

Visiting Faculty
L.S. Raheja College, SantaCruz
Tolani College, Andheri
Pioneer Education Center, Borivali, Andheri & Vasai
L.I.I.T., Dadar & Mulund
T.I.M.E., Andheri & Borivali
Unit 4
Security at the Application Layer (E-
MAIL, PGP and S/MIME)
Security at the Transport Layer (SSL
and TLS)
Security at the Network Layer (IPSec)

farhan.mohd@yahoo.co.in 2
Security at the Application Layer (E MAIL)

farhan.mohd@yahoo.co.in 3
Security at the Application Layer (E MAIL)

farhan.mohd@yahoo.co.in 4
Security at the Application Layer (E MAIL)

farhan.mohd@yahoo.co.in 5
Security at the Application Layer (E MAIL)

farhan.mohd@yahoo.co.in 6
 Pretty Good Privacy (PGP)

The first version of PGP was programmed

in 1991 by Phil R. Zimmerman, who later
founded PGP Security Consulting.
PGP is one of the most popular encryption
and authentication algorithm world-wide.
PGP is more widely used in electronic mail
Phil R. Zimmerman
security than any other areas.

farhan.mohd@yahoo.co.in 7
PGP

In PGP, the sender of the message

needs to include the identifiers of the
algorithms used in the message as well
as the values of the keys.

farhan.mohd@yahoo.co.in 8
Position of PGP in the TCP/IP protocol suite

farhan.mohd@yahoo.co.in 9
PGP

farhan.mohd@yahoo.co.in 10
PGP

farhan.mohd@yahoo.co.in 11
PGP

farhan.mohd@yahoo.co.in 12
PGP

farhan.mohd@yahoo.co.in 13
PGP

farhan.mohd@yahoo.co.in 14
PGP

farhan.mohd@yahoo.co.in 15
PGP

farhan.mohd@yahoo.co.in 16
PGP

farhan.mohd@yahoo.co.in 17
PGP

farhan.mohd@yahoo.co.in 18
PGP Algorithms

farhan.mohd@yahoo.co.in 19
S/MIME

farhan.mohd@yahoo.co.in 20
S/MIME

farhan.mohd@yahoo.co.in 21
S/MIME

farhan.mohd@yahoo.co.in 22
S/MIME

farhan.mohd@yahoo.co.in 23
S/MIME Certificate Processing

farhan.mohd@yahoo.co.in 24
farhan.mohd@yahoo.co.in 25
S/MIME User Agent Role

farhan.mohd@yahoo.co.in 26
S/MIME

farhan.mohd@yahoo.co.in 27
S/MIME

farhan.mohd@yahoo.co.in 28
Security at the Transport Layer:SSL

farhan.mohd@yahoo.co.in 29
Figure 32.14 Location of SSL and TLS in the Internet model

farhan.mohd@yahoo.co.in 30
SSL
Information sent over the Internet commonly
uses the set of rules called TCP/IP
(Transmission Control Protocol / Internet
Protocol).
The information is broken into packets,
numbered sequentially, and an error control
attached. Individual packets are sent by different
routes. TCP/IP reassembles them in order and
resubmits any packet showing errors.
SSL uses PKI and digital certificates to ensure
privacy and authentication.
farhan.mohd@yahoo.co.in 31
SSL
The procedure is something like this: the
client sends a message to the server,
which replies with a digital certificate. Using
PKI, server and client negotiate to create
session keys, which are symmetrical secret
keys specially created for that particular
transmission. Once the session keys are
agreed, communication continues with
these session keys and the digital
certificates.
farhan.mohd@yahoo.co.in 32
SSL
Negotiates and employs essential

functions for secure transactions

Mutual Authentication

Data Encryption

Data Integrity

As simple and transparent as possible

farhan.mohd@yahoo.co.in 33
SSL
The Secure Sockets Layer (SSL) protocol,
originally developed by Netscape, has become
the universal standard on the Web for
authenticating Web sites to Web browser users,
and for encrypting communications between
browser users and Web servers.
Because SSL is built into all major browsers and
Web servers, simply installing a digital
certificate, or Server ID, enables SSL
capabilities.

farhan.mohd@yahoo.co.in 34
SSL Services

farhan.mohd@yahoo.co.in 35
SSL Services

farhan.mohd@yahoo.co.in 36
SSL Security Parameters

farhan.mohd@yahoo.co.in 37
Table 32.3 SSL cipher suite list

farhan.mohd@yahoo.co.in 38
Table 32.3 SSL cipher suite list (continued)

farhan.mohd@yahoo.co.in 39
SSL Sessions and Connections

farhan.mohd@yahoo.co.in 40
Four Protocols of SSL

farhan.mohd@yahoo.co.in 41
Figure 32.16 Four SSL protocols

farhan.mohd@yahoo.co.in 42
Figure 32.17 Handshake Protocol

farhan.mohd@yahoo.co.in 43
Four Protocols of SSL

farhan.mohd@yahoo.co.in 44
Figure 32.18 Processing done by the Record Protocol

farhan.mohd@yahoo.co.in 45
Security at the Transport Layer:TLS

farhan.mohd@yahoo.co.in 46
Security at the Network Layer: IPSec

farhan.mohd@yahoo.co.in 47
IPSec
general IP Security mechanisms
provides
authentication
confidentiality
key management
applicable to use over LANs, across public
& private WANs, & for the Internet

farhan.mohd@yahoo.co.in 48
IPSec Architecture

farhan.mohd@yahoo.co.in 49
IPSec Architecture

farhan.mohd@yahoo.co.in 50
IPSec Document Overview

farhan.mohd@yahoo.co.in 51
IPSec

farhan.mohd@yahoo.co.in 52
IPSec

farhan.mohd@yahoo.co.in 53
IPSec

farhan.mohd@yahoo.co.in 54
IPSec

farhan.mohd@yahoo.co.in 55
Authentication Header

farhan.mohd@yahoo.co.in 56
Authentication Header

farhan.mohd@yahoo.co.in 57
Encapsulating Security Payload

farhan.mohd@yahoo.co.in 58
ESP Format

farhan.mohd@yahoo.co.in 59
Encryption and Authentication
Algorithms

farhan.mohd@yahoo.co.in 60
Key Management

farhan.mohd@yahoo.co.in 61
Features of Oakley

farhan.mohd@yahoo.co.in 62
ISAKMP

farhan.mohd@yahoo.co.in 63
ISAKMP

farhan.mohd@yahoo.co.in 64
Services provided by IPSec

farhan.mohd@yahoo.co.in 65
Services provided by IPSec

farhan.mohd@yahoo.co.in 66
References
Network Security Essentials- Applications
& Standards,
Stallings W (Pearson Education)

Cryptography and Network Security,

Forouzan B (TMH)

Cryptography and Network Security,

Kahate A (TMH)
farhan.mohd@yahoo.co.in 67
farhan.mohd@yahoo.co.in 68