3 seguridad kurosedocencia.ac.upc.edu/fib/pxc/manel/teoria/3_security_kurose.pdf · 8: network...

8: Network Security 8-1

��

A note on the use of these ppt slides:We’re making these slides freely available to all (faculty, students, readers). They’re in PowerPoint form so you can add, modify, and delete slides (including this one) and slide content to suit your needs. They obviously represent a lot of work on our part. In return for use, we only ask the following:� If you use these slides (e.g., in a class) in substantially unaltered form, that you mention their source (after all, we’d like people to use our book!)� If you post any slides in substantially unaltered form on a www site, that you note that they are adapted from (or perhaps identical to) our slides, and note our copyright of this material.

Thanks and enjoy! JFK/KWR

All material copyright 1996-2004J.F Kurose and K.W. Ross, All Rights Reserved

�� !��"��!��#�""��"��$% �"&�� &��'(()��


��

��&"�

r ��"��&�"��*�� "��m ��"�� "�"�+��,��*��&��-

m ��

m ��""��

m ��"��+��

r "��m *�� &&"

m "��&��"�� &�� &��"


��

�.�% ��"�� "��/

�' 0��&�"��*��

��

�) ��

�1 !�� "��+��*��

�2 ��""��&��*�� &&"

�3 �� "��"��"

� ��&��"


% ��"�� "��/

��*��&�� &��"��4��"��&��,��"��-��""��"

m "��"��""��

m ��4��"��""��

�� "��4�� *��*��

5 �""�� "��4�� "��""��&��6��"��*�� "7��

��""��4��&�+�&�� "��4��"��"��+��""�+&��4��&�+&��"��"


��"��"��&��8�+��

r � �&&$ �� "�� &�

r 8�+��&��6&�4��"97�� ,"��&�-

r ��6��7��&��""��"

"��"��

"��4��

��& ��&��""��"

��

�&�� 8�+

��


% ��8�+��&��+�/

r : � �&&��&$&�*� 8�+"��&��"9r % �+�+�� "��;"��4��*��&��"��"�6��$&��"�"7

r ��$&��+�� &��;"��4��r � ��"��4��"r ��"��<��+&��"r ��<��&�"/


��+��"�6��&"7��9

= � % ��,+��-��/�� &��9

m ��4�"�� ""��"m ��4�&��"�� ""��"��m ��"�� *� ��6"��*7�"��""�� 6��*��&�� 7

m ��>�� ,�� 4��-��+��4��"��4��"��"�&*��&��

m ��&��*�"��4��4��"��4��*��+��"��+��"�6��+��4��&��"��"7

��"�&��::


��

�.�% ��"�� "��/

�'�0��&�"��*��

��

�) ��

�1 !�� "��+��*��

�2 ��""��&��*�� &&"

�3 �� "��"��"

� ��&��"


��&��*��

"�� "��4�� "��&��+&��$ �� +&��

"��6��4��7

�&��<� �&��<��<�

!�

��&��

��&��

�&��?"��

8�+?"��

!8


��

"�+"�� "�+"��*��m ��&��+�� "�+"��&��*��

plaintext: abcdefghijklmnopqrstuvwxyz

ciphertext: mnbvcxzasdfghjklpoiuytrewq

Plaintext: bob. i love you. aliceciphertext: nkn. s gktc wky. mgsbc

@ ��

= � A �� +�� "�"��&��/�� +��*��6�� /7� ��/


��

"�� 8�+��&��"�� "��6"��7� ��!

r �� "� �� "�+"��&��+��"�+"��

r = � �� 8�+��&�� 4�&��/

�&��<��<�

!�$8

��&��

��&��

�$8

!�$8

�&��<��""��

!��6�7�$8

!��6�7�$8

��B�!��6 7�$8


�� @�

� @�� @��r C ��"��D ��.EE�F

r 12$+��"�� 2)$+��&��<��

r A �� "��"�� @�/

m � @��&&��12$+��$ ��$��"��6,�� "�� &��"�*��&��-7��6+��*��7��)��"

m �� ,+�� -��

r �� @��"��

m �"�� "�"�G��&&��6�$� @�7��

m �"��$+&��


�� @�

��&��

.2��&�,��"-��*�*��&��"��**��)�+��"��*� ��

*��&��

� @��


�@��4��@��

r �� 6 �4��'((.7�"��$ �� "��&�� @�

r ��""�"��.'�+��+&�� "

r .'��.E'��'12�+�� "

r +��*��6�� 7�� .�"�� @�� "�.)E��&&��"�*��@�


0�+&��!��

"��

r ��G��"�"��4�� "��"��

r = �� *��"��&��6��&��&��*��4��,��-7/

��+&��

r ��&&��**��D� �**��$A �&&��32��#��3F

r "��4�� "��"��

r ��+&�� &&

r ��4�� &��4��


0�+&��

�&��<��""��

��<��&��

��&��

8�+?"��+&��

�&��<��""��!��6�7

8

H

!�8

H

8�+?"��4��

!�8

$

��B�!��6!��6�778

H8

$


0�+&�� &��"

��!��6�7��!��6�7�"��8 8

. .

��4��+&�� !��"��&��+��""�+&��4�� !��8

8

#�G��"�

1

2

#�� #�4�"��&"�� &��

H $

!��6!��6�77��B��88

$ H

H

$


#��"�� "

.� ��"�� &��+��"��G�6��.(')�+��"��7

'� �� B��G��I�B�6�$.76G$.7

�� "�� 6� �� J�7 ��"��*��"� ��I��6��I ��,��&��4�&��-7�

)� ��"�� "��$. �"��<��&��4�"�+&��+��I�6�� "�� I��B�.�7�

1 � 0�+&�� "�6��7� 0��4�� "�6��7�

!8H !

8$


#��@��

(� K �4��6��7��6��7��"��+�4�

.� ��+��

��B�� 6�� "��4��+��7�

'� ��4��+��

��B�� 6�� "��4��+��7�

��B��6�� 7� �� 5 ��"9

�


#��<��&��

8�+��"�"��B1��GB3 ��B�1��IB')��B1 6"��I ��&��4�&��7��B'E 6"��$. �<��&��4�"�+&��+��I�

&�� B��

l 12 1524832 17

� ��B��

17 481968572106750915091411825223071697 12�� &��

l

��

��


#��% ��"�� B��6�� 7� ��

6�� 7�� B��

C "�*�&��+��"�&�� *��G ��B��G��

< ��B�< �� 6�$.76G$.7

B�� 6�$.76G$.7

B�� .

B��

6�"��+��"�&��+�4�7

6"�� "� �� +��4�"�+&��+�6�$.76G$.7 � ��.�7


#��

��*�&&�� &&�+��4�� "�*�&�&��

!��6!��6�77 B��88

$ H!��6!��6�77

88H $

B

�"��+&�� *��"��*�&&�� +��4��

�"��4�� *��"��*�&&�� +��+&��

#�"�&��"��"��9


��

�.�% ��"�� "��/

�' 0��&�"��*��

��

�) ��

�1 !�� "��+��*��

�2 ��""��&��*�� &&"

�3 �� "��"��"

� ��&��"


��

K ��&� 8�+�� "��&��,��4�-��

0��&��.�(� �&��"��"�,��&��-

��&��"��//,��&��-


��

K ��&� 8�+�� "��&��,��4�-��

0��&��.�(� �&��"��"�,��&��-

�� 8�+��,"��-�

�&��"��"��&��&��"

��"�&*��+��&��,��&��-


��

0��&��'�(� �&��"��"�,��&��-��0�� "��0��""�

��&��"��//

,��&��-�&��?"�

�0��""


��

0��&��'�(� �&��"��"�,��&��-��0�� "��0��""�

�� ,"��*��-

�&��?"��"",��&��-�&��?"�

�0��""


��

0��&��(� �&��"��"�,��&��-��"��"��"��""� ��,��4�-��

��&��"��//

,�?��&��-�&��?"��0��

�&��?"��""� ��

L !�&��?"��0��


��

0��&��(� �&��"��"�,��&��-��"��"��"��""� ��,��4�-��

�&��+�� "��&��?"��

��&��&��"��+�� 8�+�

,�?��&��-�&��?"��0��

�&��?"��""� ��

L !�&��?"��0��

,�?��&��-�&��?"��0��

�&��?"��""� ��


��

0��&��.� �&��"��"�,��&��-��"��"�� "��""� ��,��4�-��

��&��"��//

,�?��&��-�&��?"��0��

��""� ��

L !�&��?"��0��


��

0��&��.� �&��"��"�,��&��-��"��"�� "��""� ��,��4�-��

��

�&��+�� "��&&�� "9

,�?��&��-�&��?"��0��

��""� ��

L !�&��?"��0��

,�?��&��-�&��?"��0��

��""� ��


��

K ��&� �4��&��+��

��&��"�� +�� "/

�� +��6#7��"��&��M��$�$&�*��

��)�(� ��4��&��,&�4�-��8�+�"��"��&��#��&��"��#�� "��"��

,��&��-

#

!��6#7�$8

�&��"�&�4��&��&�� "� ��

��"��"��+��&��9


��1�(

��)�(��G��"�"��"��

r �� "��+&�� G��"/

��1�(� �"��+&��

,��&��-

#8�+��"

!��6#7�$

,"��+&�� -

!��

H

6!��6#77�B�#�

$!��

H

�� "��&��&��&��4��4�� #�

"��

6!��6#77�B�#�

$!��H


��1�(��"��&�5 ��6� ��7��&�� "�"��"�

�&��6��8�+7��"�8�+�6��&��7

��&�� &��

#

�!��6#7$

��+&��

�!��H

�!��6#7$

��+&��

�!��H

�!��6�7H

��B�!��6!��6�77

H

�

$��"

"��"��&�� &��?"��+&��

�!��6�7H

��B�!��6!��6�77

H

�

$

#


��1�(��"��&�5 ��6� ��7��&�� "�"��"�

�&��6��8�+7��"�8�+�6��&��7

� �**��&�� 8�+��4�"��4��&��"��"��4��4��"��6��"��8�+��&�� &��&&��4��"��7� ��+&��"��4�"��&&��""��"��"�� &&9


��

�.�% ��"�� "��/

�' 0��&�"��*��

��

�)�5 �""��

�1 !�� "��+��*��

�2 ��""��&��*�� &&"

�3 �� "��"��"

� ��&��"


� ��&��"

��G��&��"��$� ��"��"�

r "��68�+7��&&��"��"��"��+&�"��"�� ;��

r 4��*��+&��*��+&�� 6�&��7��4��"��8�+��&"��6��&��&��7��"��4��"��


� ��&��"

��&��&�"��*��""��r 8�+�"��"��+�� "��4��

!8��,"��-��""��!86�7$$

��

8�+?"��""��

0�+&�� &��

8�+?"��4��

!�8$

� � � ��

� ��

!�8$6�7


� ��&��"�6��7

r ��"��&��4�"��"��&�"��!86�7

r �&��4��*��"��"��+��8�+�+��&��8�+?"��+&�� !8 ��!86�7�� "�!86!86�7�7�B��

r �*�!86!86�7�7�B�� 4��"��"��4��"��8�+?"��4��

� ��

�

� ��

�&��"�4��*��"��ü 8�+�"��ü ��&"��"��ü 8�+�"��?�

��$�� &�� "��!86�7��

��4��8�+�"��

�


5 �""�� "�"

��&&��<��"�4��+&��$ ��$��&��""��"�

K ��&� *�<��$&��"�$��$��&�,*��-

r ��&��"��*��A ��*�<��"�I��""��"��A 6�7�

A �"��*��"�

r ��$��$.

r ��"�*�<��$"�I��"��"��6*��7

r ��4��""��"��<��&&��*��"�+&��*��"��<�B�A 6�7

&��""��

�

A ��A �"��

A 6�7


�� "��"��*��

�� "��"�"��"��*��"��*��

ü ��"�*�<��&��"��6.2$+��"��7��*��""��

ü �"��$��$��

8��4��""�� 4��"��4�&��"��"��*��""�� "��"��4�&��

I O U 10 0 . 99 B O B

49 4F 55 3130 30 2E 3939 42 D2 42

��""�� *��

B2 C1 D2 AC

I O U 90 0 . 19 B O B

49 4F 55 3930 30 2E 3139 42 D2 42

��""�� *��

B2 C1 D2 AC��**��""��"+��&�� "��"9


&��""��

�A ��A �"�*�� A 6�7

��&"��6��7

8�+?"��4��

�� !�8$

H

8�+�"��"��&&��"��""��

�&��4��*��"�"��*��&&��"��""��

!86A 6�77$

��"��"�

!86A 6�77$

��"��"�

&��""��

�

A ��A �"�*��

A 6�7

��&"��6��7

A 6�7

8�+?"��+&��

�� !�8H

�G��&/

� ��&�"��B�"��""��"�


A �"��&��"

r 5 � 1��"��*�� &��"��6#��.�'.7

m ��"�.'$+��""��"��)$"��""��

m ��+��.'$+��"��<��"��**��&��"��"�� "��5 � 1��"��"��G��&��<�

r �A �$.��"��&"��"��

m C ��"��D ��0��0C 8�.($.F

m .2($+��""��"�


��

�.�% ��"�� "��/

�' 0��&�"��*��

��

�) ��

�1�!��"��+��*��

�2 ��""��&��*�� &&"

�3 �� "��"��"

� ��&��"


��"��"

�� +&��r A �� "�

�"��+&�"��"��"�� 4�� /

��&��r ��"�� "��+��

��6!� �7��"��+�� "

0�+&�� +&��r % ��&��+��"�

8�+?"��+&�� 6*�� +�"��$��&��" ��7�� "�"�� "�8�+?"��+&�� ?"/

��&��r ��"��*��

��6��7


!�� "��+��6!� �7

r �&��8�+��"��"��

r !� �� "��4��"��"��**��"�� "��"��6��"��"7

r �&��8�+� �� "�� "��!�$!� � !8$!� ��*�� !� ��

!8$!� �

!N$!� �

!O$!� �

!P$!� �

!0$!� �

!8$!� �

!�$!� �

!�$!� �

!0$!� �

!� �


!�� "��+��6!� �7

�&�� "�#.

8�+� �� "��"��#.��

�� &��

�&��8�+��"��#.��"�"�""�� *��"��"��

= � A �� "�!� ��&&�� 8�+��&��"��"��"�� /�

!� ��"��

#.

��

��

��


��*��"

r ��*��6��7��+��"��+&�� &��@ �

r @ �6��"��7��"��"��"��+&�� m @ ��4��"�,��*��*��-��

m ��"��*��+��@ ��"��+&��

m ��*��@?"��+&�� &&��"��+��M ��"��"�,��"��"�@?"��+&�� -

8�+?"��+&��

�� !�8H

8�+?"��*��*��

��&"��6��7

��4��

��!��$

!�8H

��*��*��8�+?"��+&��

"��+��


��*��"

r % ��&�� "�8�+?"��+&��

m ��"�8�+?"��*��68�+��&"�� 7�

m ��&��?"��+&�� 8�+?"��*��8�+?"��+&��

8�+?"��+&��

��!�8H

��&"��6��7

��+&��

��!��H

!�8H


��*��"�

r ��&��+��6��G��""��7

r ��*��+��*�� &��&�� 4�&��"�&*�6��"�� 7

r ��*��+��*��""��

r 4�&��"

r ��&�"��+��""��


��

�.�% ��"�� "��/

�' 0��&�"��*��

��

�) ��

�1 !�� "��+��*��

�2��""��&��*�� &&"

�3 �� "��"��"

� ��&��"


�� &&"

�"�&��"��I��?"��&��*��&��&&�� "�� "��""��+&�� "�

*�� &&

��"��

��+&��

*�� &&


�� &&"��% ��

��4��&��*�"��4�� "�

m �O �*&�� "��+&�"��"��+��"��0��"��"��"�&�*��*��,��&-��"��

��4��&&��&��*��;��""��*��&��

m �� &��"��?"�� "��&"�

�&&�� &��I��""��"�� 6"��*��"��";��"�"7

�� "��*�*�� &&"�

m ��&��$&�4�&

m �� $*�&��


0�� &��

r ��&�� 4��*�� &&

r ��*�&��"�� $+�$�� "��*�� ;�� +�"��

m "��0��""��"��0��""m ��0;C � 0�"��"��+��"m ��5 0��""��m ��0��O ��!�+��"

��&��4�� +��&&��

��/�� &��/


0�� &��

r @<��&��.��+&�� "�� 0��&�*��&��B�.3�� "��"��B�'��

m �&&��C � 0�*&�� "��&��"��+&��

r @<��&��'��8&�� +��0�"��"�� !B(�

m 0��4��"��<��&��&��"�*�� 0��"�� &��&��"��+��&&�� "��&��&��"��"��


��&�� "

r ��&��"�� "��&��"�� &&��"��0;��0;C � 0�*��&�"�

r @<��&�� &&�� "�&��&��"��"��&��"��

��"�$��$�� &��"�""��

�� $��$��"��&��"�""��

��&��

��*�&��

.� #�G��&&��&��"��"��&��

'� ��I��"��"�� "��"��&��"��"��K �� &��"��+�� '��"

�� #��*�&��+&�� "��&&��&��"��*��


Q��"��*�*�� &&"�� "

r �0�"��*�� ?�� *��,��&&�-��"�*��&��"��

r �*��&��&��?"��"��&��"��

r �&��"�*�� "��

m ��"��"��0��""��*��<��% �+�+�� "��

r *�&��"��*��"��&&��&��*��C � 0�

r ��**��*�� "�� &��&�4�&��*�"��

r ��&��"��"�"��&&�"�**��*�� "�


��

�.�% ��"�� "��/

�' 0��&�"��*��

��

�) ��

�1 !�� "��+��*��

�2 ��""��&��*�� &&"

�3�� "��"��"

� ��&��"


��"��"

5 ��m +�*�� ,��"��>��-�M *�� "��4��"��&��

m C "��ping �� "�"��4��""�"��

m 0��$"��"��+&�"��0��"�G��6"�� "7

m �� 6��;;� � � ��"��;��;7��,�� <�&��"��-

��"��"/


��"��"

5 �� "��"m ��**��

m &�� *��"�"��"��4��6�0��""�"��"�+��"��"�G��&&�7


��"��"

0�� "��**��m +��"��

m ��"��"� ��"��&&�� "��""��+�

m ��&&��6��""� ��"7

m ��"��**"�8?"�� "

�

8

�

src:B dest:A payload

��"��"/


��"��"

0�� "��**��"��"m �&&��"�"��I��"�*�� "��&&��*��"��*��"��"��

m ��"��"��*�+��"��6"� ��@��+7

�

8

�



��"��"

�0��*��m ��,�� -��0�� "��&��*��&��4�&��0�"��""�*��&�

m ��4��?��&&��*�"��"�"��*��

m ��"��+��8

�

8

�


��"��"/


��"��"

�0��*��""�*�&��m ��"�"��&��*�� "�� 4�&��"��""�"�6��"��""��?"�� 7�

m ��+��""�*�&��+��*��&&�� "�

�

8

�



��"��"

� ��&��*�"��4��6� L �7�m *&��*��&��"&�� "�,"� ��-��4��

m � �"��+�� L ��6� � L �7��&��&��"��"�"� ��4��

m ��"��O $��

�

8

�

SYN

SYNSYNSYN

SYN

SYN

SYN

��"��"/


��"��"

� ��&��*�"��4��6� L �7��"��"m *�&�� *&�� "�6��O 7�+�*��"�� +��

m ��+�� "��*�*&��"�6��"��&� �&��"��7

�

8

�

SYN

SYNSYNSYN

SYN

SYN

SYN


��

�.�% ��"�� "��/�' 0��&�"��*��) ��1 !�� "��+��*��2 ��""��&��*�� &&"�3 �� "��"��"

��&��"��.��&��'��"�� "��0"��)��('�..


��$��&

�&�� "��"�� 4�� !�� "��""�� !��6*��**��7� �&"��"�!� � ��8�+?"��+&�� "��"�+��!�6�7��!86!�7��8�+�

� �&�� "��"��*��&��$��&��8�+�

!�6�7.

!86�7.H

H $

!�6��7

!86!� 7H

�

!�

!�

!8H

��

!�6�7.

!86�7.$

!8$

!�

�!�6��7

!86!� 7H


��$��&

8�+�� "�"��"��4�� 4��!�� "�"�!� ��!�6�7��4��

� �&�� "��"��*��&��$��&��8�+�

!�6�7.

!86�7.H

H $

!�6��7

!86!� 7H

�

!�

!�

!8H

��

!�6�7.

!86�7.$

!8$

!�

�!�6��7

!86!� 7H


��$��&�6��7

• �&�� "��4��"��""��

• �&��&&��"��"��""��R "��"�+��""��6��&��7��&�"��

A 6�7. !�6�7.$

H $

A 6��7!�6A 6�77$

�

!�$

��

�

!�6�7.H

!�H

!�6A 6�77$

�A 6�7. A 6��7

��


��$��&�6��7

• �&�� "��4��"��"��""��

�&��"�"�� "� ��4�� 8�+?"��+&�� &��"��

A 6�7. !�6�7.$

H

!�6A 6�77$

�

!�$

�

!�6�7.

!86�7.H

H

!86!� 7H

!�

!8H

��

!�


0��4��60K 07

r ��$��&��"��$*��"��

r �"�"�"�� +&�� "��*��&�"��"��"��+��

r ��4��"�"��"��

r ��4��0��&�P�� "��*��$��*��&��4�"��

---BEGIN PGP SIGNED MESSAGE---Hash: SHA1

Bob:My husband is out of town tonight.Passionately yours, Alice

---BEGIN PGP SIGNATURE---Version: PGP 5.0Charset: noconvyhHJRHhGJGhgg/12EpJ+lo8gE4vB3mqJ

hFEvZP9t6n7G6m5Gw2---END PGP SIGNATURE---

��0K 0�"��""��


��"�� "�&��6��Q7

r ��"��&��"��0$+�"��"��Q�"��4��"��

r �"��+�� % �+�+�� "��"��"��4��"�*��$��6"��7�

r "��"��4��"�m "��4��

m ��

m �&��6��&7

r "��4��m ��Q$��+&��+�� "��

��&��"��+&�� "�*��"��"�

m 8�� "��G��"�"�"��4��*��""��+��"��

m 8�� "��"�"��?"��+&�� <��"��4��?"��+&�� *��*��

r �� +�� "��?"�"��"��"��"��"�


��Q�6��7

@��Q�"�""��

r 8�� "��"�"��"�""�� "�� "��4��?"��+&�� "��"�� "��4��

r C "��4�� "��4��"�"�""��

r 8�� "��"��4�� "�""��

m �&&��"��0�"�� 6+��&��"��4��7�� "�""��

r ��Q��+�"�"��*��@��"��Q��6�Q�7�

r ��Q��+��"��*��$% �+��&��"��5 �0�

r �&��+�� &��*��"�


�0"�� Q��

r �� $&��"��

m "��"��"��0��

m ��0��C � 0�"��"S��5 0�� 5 0��""��"�

r �� $&��

m ��"��"��"��0��""

r �� &��&"�

m ��6�A 7��&

m ��"�&��"��&��6@�07��&

r ��+��A ��@�0��"��"��"��

m �� $&��&��&��&��&&��"��""��6��7

r @��&�

r C ��G��&��+��

m "��&�6�A ��@�07

m "��0��""

m �'$+��


��A ��6�A 7�0��&

r ��4��"�"��*��&��

r �A ��"��+�� 0��*��&��

r ��&�*��&��1.

r ��"��""��"��"��"��&

�A ��&��"�

r ��*��

r ��"��$ "��""��"��&��&��4��&��0��

r ��<��*��&��"��*��"��*��6��0��C � 0��5 07

�0�� 6��0��C � 0�"��7�A ��


@�0�0��&

r ��4��"�"��"��

r ��@�0��&��

r ��<��*��&��"��@�0��&��

r @�0��*��&��"�"��&��A ��*��&��

r 0��&�B�1( ��

�0�� 0;C � 0�"��@�0

��@�0

��&��@�0

��

��


�@@@ �('�..�"��

r % ��$��4�� 4��8��"�� ('�..�� "��4��&�+&�/

m 5 ��E(((��""�+&��*��+&�� "

m 1T ��"��;��

m �� $"��**��4��"�� "��"�9

r ��('�..

m ��

m *��"��('�..�"��% ��@G��4�&��0��4��6% @07��*��&��

m ��('�..�


% ��@G��4�&��0��4��6% @07��

r ��"��&��)�(m ��"��G��"�"��*��""��

m ��""��"��"�.'�+��

m ��"��"��"��"��"��

m ��""��"��"��"�

r �� "��+��"�

r �� "�� "��


% @0��

r A �"�;�0�"��)(�+��"�� 6"��$��7

r A �"��"�')$+��&�I��4��6�U 7��2)$+��

r 2)�+�� "��"��*� ��"��

r �� "�� +��*��

�� B�� NL # ��

r �U ��+��"��"��*��


('�..�% @0��

IV (per frame)

KS: 40-bit secret

symmetric key k1

IV k2IV k3

IV … kNIV kN+1

IV… kN+1IV

d1 d2 d3 … dN

CRC1 … CRC4

c1 c2 c3 … cN

cN+1 … cN+4

plaintext frame data

plus CRC

key sequence generator ( for given KS, IV)

802.11 header IV

WEP-encrypted data plus CRC

Figure 7.8-new1: 802.11 WEP protocol ��$"��% @0��


8�� ('�..�% @0��

��&��r ')$+��U ��U ��*��$V��U ?"��4��&&��"��

r �U ��"��&��<��$V��U ��"��

r � ��

m ��"�"��&�� &��<��. �'�� ) :�

m ��"��"�� B�� NL # ��

m �� "�� "��

m �� "�� "�G�� .�� '

�� :

m �<��U ��"��"��9


('�..��4��"��

r ��"�6"��7�*��"��*��""�+&�

r ��4��"� ��"��+��

r �"�"��"��4��"��*��""��


AP: access point AS:Authentication

server

wirednetwork

STA:client station

1 Discovery ofsecurity capabilities

3

STA and AS mutually authenticate, togethergenerate Master Key (MK). AP servers as “pass through”

2

3 STA derivesPairwise Master

Key (PMK)

AS derivessame PMK, sends to AP

4 STA, AP use PMK to derive Temporal Key (TK) used for message

encryption, integrity

('�..��*��"�"��*��


wirednetwork

EAP TLSEAP

EAP over LAN (EAPoL) IEEE 802.11

RADIUSUDP/IP

@�0��<��"�+&��&

r @�0��$��&��6��+�&�7��"��4��&

r @�0�"��4��"��,&�� "-m ��+�&�$��$�0�6@�0��4��Q� 7

m �0��"��4��6#�� C ��4��C � 07


�� 6"��7

8�"��G��":��m ��6"��+&��7

m ��

m ��""��

m ��"��+��

:��"��**��"��"��"m "��&

m "��"��6��Q7

m �0�"��

m ('�..

3 seguridad kurosedocencia.ac.upc.edu/fib/pxc/manel/teoria/3_security_kurose.pdf · 8: network...

Documents