Page 207 - Handout Computer Network.
P. 207

Computer Network                                                             2026


                    (possibly  stealing  passwords  and  data),  impersonating  another  entity,  hijacking  an
                    ongoing  session,  denying  service  to  legitimate  network  users  by  overloading  system
                    resources,  and  so  on.  A  summary  of  reported  attacks  is  maintained  at  the  CERT
                    Coordination Center [CERT 2020].

                    Having established that there are indeed real threats loose in the Internet, what are the
                    Internet equivalents of Alice and Bob, our friends who need to communicate securely?
                    Certainly, Bob and Alice might be human users at two end systems, for example, a real
                    Alice and a real Bob who really do want to exchange secure e-mail.

                    They might also be participants in an electronic commerce transaction. For example, a
                    real  Bob  might  want  to transfer  his credit  card number  securely  to  a  Web  server  to
                    purchase an item online.

                    Similarly, a real Alice might want to interact with her bank online.


                    The parties needing secure communication might themselves also be part of the network
                    infrastructure.

                    Recall  that  the  domain  name  system  or  routing  daemons  that  exchange  routing
                    information require secure communication between two parties. The same is true for
                    network management applications, a topic we examined.

                    An  intruder  that  could  actively  interfere  with DNS  lookups, routing computations,  or
                    network management functions could wreak havoc in the Internet.


                    Having now established the framework, a few of the most important definitions, and the
                    need for network security, let us next delve into cryptography.


                    While the use of cryptography in providing confidentiality is self-evident, we’ll see shortly
                    that  it  is  also  central  to  providing  end-point  authentication  and  message  integrity—
                    making cryptography a cornerstone of network security.


            7.2 Principles of Cryptography
                    Although cryptography has a long history dating back at least as far as Julius Caesar,
                    modern  cryptographic  techniques,  including  many  of  those  used  in  the  Internet,  are
                    based on advances made in the past 3️0 years. Kahn’s book, The Codebreakers [Kahn
                    1967], and Singh’s book, The Code Book: The Science of Secrecy from Ancient Egypt to
                    Quantum Cryptography [Singh 1999], provide a fascinating look at the

















                                                         247
   202   203   204   205   206   207   208   209   210   211   212