Skip to main content
SpringerLink
Log in

Security Protocols for Networks and Internet: A Global Vision

  • Chapter
  • First Online:
Computer and Network Security Essentials

Abstract

The use of communication networks and the Internet has rocketed in the last years. From the traditional, wired settings to the wireless ones, connectivity is becoming almost ubiquitous in modern societies. Security concerns are critical, such as data forgery or tampering. In order to address these needs, security protocols have been proposed for each setting over the years. This chapter introduces the essential aspects of several representative protocols concerning authentication, remote connection, secure data exchange, and wireless protection for networks and Internet. Remarkably, basic notions on well-known protocols such as Kerberos are presented without entering into low-level details.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 109.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 139.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 199.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://support.microsoft.com/en-us/kb/3178465, (access Dec. 2016).

  2. 2.

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566 (access December, 2016).

  3. 3.

    https://blogs.microsoft.com/firehose/2015/04/15/april-update-for-internet-explorer-11-disables-ssl-3-0/#sm.0000x3es4m403dcm10bvx8k9qs1do (access December, 2016).

  4. 4.

    https://tlswg.github.io/tls13-spec/ (access December, 2016).

  5. 5.

    https://github.com/google/wycheproof (access Dec. 2016).

  6. 6.

    https://www.chromium.org/Home/chromium-security/education/tls (access Dec. 2016).

  7. 7.

    https://www.ssh.com/ssh/ (access December, 2016).

  8. 8.

    https://www.sans.org/reading-room/whitepapers/protocols/understanding-security-osi-model-377.

  9. 9.

    https://help.ubuntu.com/community/SSH/OpenSSH/Configuring.

  10. 10.

    http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=SSH (access Dec. 2016).

  11. 11.

    https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6474 (access Dec. 2016).

References

  1. Adnan, A. H., Abdirazak, M., Sadi, A. S., Anam, T., Khan, S. Z., Rahman, M. M., et al. (2015). A comparative study of WLAN security protocols: WPA, WPA2. In 2015 International Conference on Advances in Electrical Engineering (ICAEE) (pp. 165–169). Piscataway, NJ: IEEE.

    Chapter  Google Scholar 

  2. Barrett, D., Silverman, R., & Byrnes, R. (2005). SSH, the secure shell: The definitive guide (2nd ed.). Sebastopol: O’Reilly.

    Google Scholar 

  3. Dierks, T., & Allen, C. (1999). The TLS Protocol Version 1.0. RFC 2246 (Proposed Standard). http://www.ietf.org/rfc/rfc2246.txt. Obsoleted by RFC 4346, updated by RFCs 3546, 5746, 6176, 7465, 7507, 7919.

  4. Dierks, T., & Rescorla, E. (2008). The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246 (Proposed Standard). http://www.ietf.org/rfc/rfc5246.txt. Updated by RFCs 5746, 5878, 6176, 7465, 7507, 7568, 7627, 7685, 7905, 7919.

  5. Diffie, W., & Hellman, M. (2006). New directions in cryptography. IEEE Transactions on Information Theory, 22(6), 644–654.

    Article  MathSciNet  MATH  Google Scholar 

  6. Freier, A., Karlton, P., & Kocher, P. (2011). The Secure Sockets Layer (SSL) Protocol Version 3.0. RFC 6101 (Historic). http://www.ietf.org/rfc/rfc6101.txt.

  7. Group, W. W. L. W. (2012). 802.11-2012 – IEEE Standard for Information technology–Telecommunications and information exchange between systems Local and metropolitan area networks–Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications.

    Google Scholar 

  8. Kaufman, C., Hoffman, P., Nir, Y., Eronen, P., & Kivinen, T. (2014). Internet Key Exchange Protocol Version 2 (IKEv2). RFC 7296 (Internet Standard). http://www.ietf.org/rfc/rfc7296.txt. Updated by RFCs 7427, 7670.

  9. Kent, S. (2005). IP Encapsulating Security Payload (ESP). RFC 4303 (Proposed Standard). http://www.ietf.org/rfc/rfc4303.txt.

  10. Kent, S., & Seo, K. (2005). Security Architecture for the Internet Protocol. RFC 4301 (Proposed Standard). http://www.ietf.org/rfc/rfc4301.txt. Updated by RFCs 6040, 7619.

  11. Koopman, P. (2002). 32-bit cyclic redundancy codes for internet applications. In Proceedings International Conference on Dependable Systems and Networks (pp. 459–468).

    Google Scholar 

  12. Lloyd, B., & Simpson, W. (1992). PPP Authentication Protocols. RFC 1334 (Proposed Standard). http://www.ietf.org/rfc/rfc1334.txt. Obsoleted by RFC 1994.

  13. Mattern, F., & Floerkemeier, C. (2010). Chap. From the internet of computers to the internet of things. From active data management to event-based systems and more (pp. 242–259). Berlin/Heidelberg: Springer. http://dl.acm.org/citation.cfm?id=1985625.1985645.

    Google Scholar 

  14. Neuman, B.C., & Ts’o, T. (1994). Kerberos: An authentication service for computer networks. IEEE Communications Magazine, 32(9), 33–38. doi:10.1109/35.312841.

    Article  Google Scholar 

  15. Neuman, C., Yu, T., Hartman, S., & Raeburn, K. (2005). The Kerberos Network Authentication Service (V5). RFC 4120 (Proposed Standard). http://www.ietf.org/rfc/rfc4120.txt. Updated by RFCs 4537, 5021, 5896, 6111, 6112, 6113, 6649, 6806, 7751.

  16. ISO, I. (1994). IEC 7498-1: 1994 information technology-open systems interconnection-basic reference model: The basic model. ISO standard ISO/IEC, 7498-1.

    Google Scholar 

  17. Potlapally, N. R., Ravi, S., Raghunathan, A., & Jha, N. K. (2006). A study of the energy consumption characteristics of cryptographic algorithms and security protocols. IEEE Transactions on Mobile Computing, 5(2), 128–143.

    Article  Google Scholar 

  18. Potter, B. (2003). Wireless security’s future. IEEE Security and Privacy, 1(4), 68–72.

    Article  Google Scholar 

  19. Rivest, R. L., & Schuldt, J. C. (2014). Spritz-a spongy rc4-like stream cipher and hash function. In Proceedings of the Charles River Crypto Day, Palo Alto, CA, USA (Vol. 24).

    Google Scholar 

  20. Simpson, W. (1996). PPP Challenge Handshake Authentication Protocol (CHAP). RFC 1994 (Draft Standard). http://www.ietf.org/rfc/rfc1994.txt. Updated by RFC 2484.

  21. Sorce, S., & Yu, T. (2016). Kerberos Authorization Data Container Authenticated by Multiple Message Authentication Codes (MACs). RFC 7751 (Proposed Standard).

    Google Scholar 

  22. Stallings, W. (2002). Cryptography and network security: Principles and practice. Edinburgh: Pearson Education.

    Google Scholar 

  23. Tews, E., & Beck, M. (2009). Practical attacks against WEP and WPA. In Proceedings of the Second ACM Conference on Wireless Network Security (pp. 79–86). New York: ACM.

    Chapter  Google Scholar 

  24. Ylonen, T., & Lonvick, C. (2006). The Secure Shell (SSH) Authentication Protocol. RFC 4252 (Proposed Standard). http://www.ietf.org/rfc/rfc4252.txt.

  25. Ylonen, T., & Lonvick, C. (2006). The Secure Shell (SSH) Protocol Architecture. RFC 4251 (Proposed Standard). http://www.ietf.org/rfc/rfc4251.txt.

Download references

Acknowledgements

This work was supported by the MINECO grant TIN2013-46469-R (SPINY: Security and Privacy in the Internet of You), by the CAM grant S2013/ICE-3095 (CIBERDINE: Cybersecurity, Data, and Risks), which is co-funded by European Funds (FEDER), and by the MINECO grant TIN2016-79095-C2-2-R (SMOG-DEV—Security mechanisms for fog computing: advanced security for devices). Authors would like to thank the anonymous reviewers for their useful comments.

Author information

Authors and Affiliations

  1. Computer Security Lab (COSEC), Carlos III University of Madrid, Avda. Universidad 30, 28911, Leganés, Spain

    José María de Fuentes & Arturo Ribagorda

  2. Institute of Physical and Information Technologies, Spanish National Research Council (CSIC), Serrano 144, 28006, Madrid, Spain

    Luis Hernandez-Encinas

Authors
  1. José María de Fuentes
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Luis Hernandez-Encinas
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Arturo Ribagorda
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to José María de Fuentes .

Editor information

Editors and Affiliations

  1. University of Detroit Mercy, Detroit, Michigan, USA

    Kevin Daimi

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG

About this chapter

Cite this chapter

María de Fuentes, J., Hernandez-Encinas, L., Ribagorda, A. (2018). Security Protocols for Networks and Internet: A Global Vision. In: Daimi, K. (eds) Computer and Network Security Essentials. Springer, Cham. https://doi.org/10.1007/978-3-319-58424-9_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-58424-9_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-58423-2

  • Online ISBN: 978-3-319-58424-9

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation