Lec01 Intro

01
Network Security
Theory and Practice
Thank You
wish you health & safety
01
Network Security
Theory and Practice
Network Security?
Theory and Practice
Network Security?
Theory and Practice
Network of computers
Theory and Practice
Theory and Practice
share resources
Theory and Practice
share resources via
communication
Theory and Practice
share resources via
communication
(data transmission)
Theory and Practice
share resources via
communication:
wired
wireless
what channel?
Theory and Practice
share resources via
communication:
single-hop
multi-hop
how far?
Theory and Practice
share resources via
communication:
single-path
multi-path
how many routes?

Theory and Practice
share resources via
communication:
unicast
multicast
broadcast
who to reach?
Theory and Practice
share resources via
communication:
data transmission
what data?
Theory and Practice
share resources via
communication:
services
what data?
Theory and Practice
share resources via
communication:
services
search
Theory and Practice
share resources via
communication:
services
streaming
Theory and Practice
share resources via
communication:
services
messaging
Theory and Practice
share resources via
communication:
services
email
Theory and Practice
share resources via
communication:
services
storage
Theory and Practice
share resources via
communication:
services
payment
Theory and Practice
share resources via
communication:
services
messaging
what if overheard?
Theory and Practice
share resources via
communication:
services
storage
what if leaked?
Theory and Practice
share resources via
communication:
services
payment
what if stolen?
Network Security
Theory and Practice
protect
communication
Network Security
Theory and Practice
protect
communication:
confidentiality
integrity
availability
The CIA Triad

Network Security
Theory and Practice?
Network Security
Theory
Reference
• Courses
Course Instructor University
Computer and Network Security R. Rivest Y. Kalai MIT
Network Security V. Sekar CMU
Computer Systems Security N. Zeldovich MIT
Computer Security R. A. Popa UC Berkeley
• Book
Security Engineering, Ross Anderson
Agenda
• Cryptography
• Cryptanalysis
• Blockchain
• Secure Connection
• Secure Routing and Forwarding
• Anonymous Communication
• Wi-Fi Security
• Zero-Knowledge Proof
Agenda
• Cryptography security
• Cryptanalysis fundamental:
• Blockchain Is a protocol
secure?
• Wi-Fi Security
Agenda
• Cryptography
Is a security
• Cryptanalysis protocol secure
• Blockchain enough?
• Wi-Fi Security
Agenda
• Cryptography a super hot
• Cryptanalysis application of
• Blockchain network
security
• Wi-Fi Security
Agenda
• Cryptography upon which can
• Cryptanalysis a secure
• Blockchain application be
built
• Wi-Fi Security
Agenda
• Cryptography upon which can
• Cryptanalysis a private
• Blockchain application be
built
• Wi-Fi Security
Agenda
evolve from
• Cryptography
wired to
• Cryptanalysis wireless comm,
• Blockchain so does
• Secure Connection security
• Wi-Fi Security
Agenda
• Cryptography
trust security
• Cryptanalysis even when it is
• Blockchain trustless
• Wi-Fi Security
Cryptography
secure communication against adversaries
zzs
zjs txy
hello, txh
Cryptography
shared secret key
zzs
zjs txy
hello, txh
Cryptography
zzs ???
zjs txy
hello, txh hello, txh
asdfghjkl
enc dec
Cryptography
=enc(plaintext, key) dec(ciphertext, key)=
=ciphertext plaintext=
zzs ???
zjs txy
plaintext plaintext
asdfghjkl
enc ciphertext dec
Cryptography
=enc(plaintext, key) dec(ciphertext, key)=
=ciphertext plaintext=
zzs ???
zjs txy
plaintext plaintext
asdfghjkl
enc ciphertext dec
Cryptography
symmetric cryptography
zzs ???
zjs txy
plaintext plaintext
asdfghjkl
enc ciphertext dec
Cryptography
symmetric cryptography
txa
txx
zzs
zjs txb txy
txc
too many keys!
Cryptography
asymmetric cryptography
txa
txx
zzs
zjs txb txy
txc
public key + private key
Cryptography
=dec(ciphertext, priv) txx

=plaintext zzs
zjs enc(plaintext, pub)= txy
ciphertext=
many-to-one secure comm
public key + private
key
Cryptography
=enc(zjs, priv) txx

=ciphertext zzs
zjs dec(ciphertext, pub)= txy
zjs=
one-to-many proof
key
Cryptography
DO NOT require
secure channels
for key exchange!
txx
zzs
zjs txy

key
Cryptography
reluctant to give out sensitive data?
Cryptography
reluctant to give out sensitive data?
process data without revealing it
Cryptography
• Homomorphic Encryption
allow computation on encrypted data;
generate an encrypted result that,
after decrypted, matches the result of the
operations as if they had been performed
on the plaintext
Cryptography
• Homomorphic Encryption
encrypted-data analysis
on cloud
Cryptography
how secure?
Cryptanalysis
hack to secure
zzs ???
zjs txy
meet at lab meet at lab
asdfghjkl
Cryptanalysis
hack to secure
zzs:see both in lab

zjs :each time a-l txy
meet at lab meet at lab
asdfghjkl
Cryptanalysis
hack to secure
zzs:Replay Attack
as
zjs df txy
g hj
kl
meet at lab
Cryptanalysis
how to secure?
zzs:Replay Attack
as
zjs df txy
g hj
kl
meet at lab
Blockchain
centralized decentralized
trust: trust:
Authority Blockchain
Blockchain
each user maintains a giant ledger decentralized

that tracks all transactions so far! trust:
Blockchain
Blockchain
1 BTC
a user broadcasts a new transaction decentralized

for others to update the ledger; trust:
Blockchain
Blockchain
1 BTC
How to authenticate a user? decentralized

How to prevent double-spending? trust:
How to order transactions? Blockchain
Blockchain
decentralized
trust:
Blockchain
Secure Connection
How to establish a secure channel that
uses crypto to secure communication?
Secure Connection
How to establish a secure channel for
key exchange
secure communication
Secure Connection
key exchange
secure communication
Secure Connection
key exchange
SSL:
Secure Sockets Layer
Secure Connection
key exchange
SSL:
TLS:
Transport Layer Security
Secure Connection
key exchange
SSL:
TLS:
Transport Layer Security
Applications:
HTTPS, FTPS, SMTPS, etc.
Secure Connection
Secure Connection ?
Secure Connection
Routing
find a path/route for traffic
Forwarding
transit traffic along a certain path
Secure Connection
Attack Routing
BGP Hijacking
Secure Connection
Attack Routing
lead to unreasonable paths
Attack Forwarding
reroute traffic from specified paths
e.g., downgrade service quality for source
bypass security check for destination
Secure Routing & Forwarding
Secure Routing
find paths satisfying routing policy
A routing-advertisement authentication
Secure Forwarding
transit traffic via specified paths
packet-carried proofs
Routing
find paths satisfying routing policy
A routing-advertisement authentication
Forwarding
You are your IP address!

Anonymous Communication
encrypt and decrypt message

at each hop with respective key
Anonymous Communication
B
A C
nested encryption
Wi-Fi Security
Wi-Fi Security
one more
Zero-Knowledge Proof
• Trivial
prove that one possesses knowledge
of certain information by simply
revealing it
• Challenging
prove information possession without
revealing the information itself and
any additional information
Same amount of candy?

without disclosing their numbers
assume both with one of these numbers

Bob has four lockable boxes

each corresponds to one number
Assume Bob’s candy amount is 20

he throws away all keys except for box-20’s
Assume Alice’s candy amount is 30

she puts a ‘+’-marked paper into box-30
and ‘-’-marked papers into others
Bob opens box-20

he gets a ‘-’-marked paper
Bob knows that Alice has a different amount

of candy, without revealing both numbers
hope you’ll enjoy
Website
http://list.zju.edu.cn/kaibu/netsec2020/
exciting
network
security!
security!
network
exciting yet challenging
security!
network
exciting yet challenging
for me as well…
for me?
Instructor
Kai Bu 卜凯
Associate Professor, College of CS, ZJU
Ph.D. from Hong Kong PolyU, 2013
Research Interests: networking, security

(e.g., SDN, Computer Architecture)
research interns wanted
http://list.zju.edu.cn/kaibu
Teaching Components
• Lecture
• Group Project
• Assignment & Exam
Schedule
Week Dates Topics
Week 01 2020.02.24/2020.02.25 Lecture 01: Course Introduction
Lecture 02: Cryptography
Week 02 2020.03.02/2020.03.03 Lecture 03: Cryptanalysis
Week 03 2020.03.09/2020.03.10 Lecture 04: Blockchain
Week 04 2020.03.16/2020.03.17 Lecture 05: Secure Connection
Week 05 2020.03.23/2020.03.24 Lecture 06: Secure Routing & Forwarding
Week 06 2020.03.30/2020.03.31 Lecture 07: Anonymous Communication
Week 07 2020.04.06/2020.04.07 Lecture 08: Wi-Fi Security
Week 08 2020.04.13/2020.04.14 Lecture 09: Zero-Knowledge Proof
Lecture 10: Course Overview
Final Exam: 10:30 – 12:30, April 24, 2020

Network Security
Practice
Group Project
• One semester-long group project
• Research oriented
Practice & Goal
• Proposal
reading, thinking, creating
• Prototype
coding, design, development
• Presentation
speaking, communication skills
• Report
academic writing, communication skills
Requirement
WOW THE CLASS!

Why do you care?
40% of Grade
More than that?
Learn to
learn things differently
Know not only how
but also why
Read this book and you’ll see
Operating Systems: Three Easy Pieces
http://pages.cs.wisc.edu/~remzi/OSTEP/
What’s more?
cultivate research experience
aim at publication
gain leverage for
graduate/job application
Grade?
Grading (tentative)
10% Assignment/Quiz
40% Project
05%: Proposal Presentation
05%: Mid-term Presentation
05%: Wrapup Presentation
10%: Demo
15%: Report
50% Final Exam
closed-book + memo
10:30 – 12:30, April 24, 2020
How will I teach?
What Students Expect from
Teachers
• Fun
• Humor
• Expertise
• Easy exam
• High grades
•…
I wish I knew someone
like this, too…
Teaching Plan
• Keep it simple
• Focus on the core concepts
• Try to help you more easily understand
How will you contribute?
Thanks In Advance
• Be initiative
• Be active
• Be devoted
•…
• AT LEAST
submit assignments & lab reports
show up to final exam
Interest
Interest
Interest
Interaction
Interaction
Interaction
English
English
English
Study Group
Ding Talk QQ
network security, computer architecture
job and graduate application, and more

Office Hour
• Wednesday 19:00 – 20:00
Room 503, Zetong Building
via QQ or Ding Talk during online study
• Others: by appointment
?
Reading
• The Security Mindset by Bruce Schneier
[video] [text1] [text2]
• The Internet: Cybersecurity & Crime
by Parisa Tabriz and Jenny Martin
Who’s Who
Ready?
#The 3 Secrets of Highly Successful Graduates

Lec01 Intro

Uploaded by

Copyright:

Available Formats

You might also like

Lec01 Intro

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Lec01 Intro

Uploaded by

Copyright:

Available Formats

01

how many routes?

The CIA Triad

hello, txh hello, txh

=dec(ciphertext, priv) txx

=enc(zjs, priv) txx

public key + private

meet at lab meet at lab

zzs:see both in lab

meet at lab meet at lab

each user maintains a giant ledger decentralized

a user broadcasts a new transaction decentralized

How to authenticate a user? decentralized

You are your IP address!

encrypt and decrypt message

Same amount of candy?

assume both with one of these numbers

Bob has four lockable boxes

Assume Bob’s candy amount is 20

Assume Alice’s candy amount is 30

Bob opens box-20

Bob knows that Alice has a different amount

Research Interests: networking, security

Final Exam: 10:30 – 12:30, April 24, 2020

WOW THE CLASS!

job and graduate application, and more

You might also like