Abstract
The use of communication networks and the Internet has rocketed in the last years. From the traditional, wired settings to the wireless ones, connectivity is becoming almost ubiquitous in modern societies. Security concerns are critical, such as data forgery or tampering. In order to address these needs, security protocols have been proposed for each setting over the years. This chapter introduces the essential aspects of several representative protocols concerning authentication, remote connection, secure data exchange, and wireless protection for networks and Internet. Remarkably, basic notions on well-known protocols such as Kerberos are presented without entering into low-level details.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
https://support.microsoft.com/en-us/kb/3178465, (access Dec. 2016).
- 2.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566 (access December, 2016).
- 3.
- 4.
https://tlswg.github.io/tls13-spec/ (access December, 2016).
- 5.
https://github.com/google/wycheproof (access Dec. 2016).
- 6.
https://www.chromium.org/Home/chromium-security/education/tls (access Dec. 2016).
- 7.
https://www.ssh.com/ssh/ (access December, 2016).
- 8.
- 9.
- 10.
http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=SSH (access Dec. 2016).
- 11.
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6474 (access Dec. 2016).
References
Adnan, A. H., Abdirazak, M., Sadi, A. S., Anam, T., Khan, S. Z., Rahman, M. M., et al. (2015). A comparative study of WLAN security protocols: WPA, WPA2. In 2015 International Conference on Advances in Electrical Engineering (ICAEE) (pp. 165–169). Piscataway, NJ: IEEE.
Barrett, D., Silverman, R., & Byrnes, R. (2005). SSH, the secure shell: The definitive guide (2nd ed.). Sebastopol: O’Reilly.
Dierks, T., & Allen, C. (1999). The TLS Protocol Version 1.0. RFC 2246 (Proposed Standard). http://www.ietf.org/rfc/rfc2246.txt. Obsoleted by RFC 4346, updated by RFCs 3546, 5746, 6176, 7465, 7507, 7919.
Dierks, T., & Rescorla, E. (2008). The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246 (Proposed Standard). http://www.ietf.org/rfc/rfc5246.txt. Updated by RFCs 5746, 5878, 6176, 7465, 7507, 7568, 7627, 7685, 7905, 7919.
Diffie, W., & Hellman, M. (2006). New directions in cryptography. IEEE Transactions on Information Theory, 22(6), 644–654.
Freier, A., Karlton, P., & Kocher, P. (2011). The Secure Sockets Layer (SSL) Protocol Version 3.0. RFC 6101 (Historic). http://www.ietf.org/rfc/rfc6101.txt.
Group, W. W. L. W. (2012). 802.11-2012 – IEEE Standard for Information technology–Telecommunications and information exchange between systems Local and metropolitan area networks–Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications.
Kaufman, C., Hoffman, P., Nir, Y., Eronen, P., & Kivinen, T. (2014). Internet Key Exchange Protocol Version 2 (IKEv2). RFC 7296 (Internet Standard). http://www.ietf.org/rfc/rfc7296.txt. Updated by RFCs 7427, 7670.
Kent, S. (2005). IP Encapsulating Security Payload (ESP). RFC 4303 (Proposed Standard). http://www.ietf.org/rfc/rfc4303.txt.
Kent, S., & Seo, K. (2005). Security Architecture for the Internet Protocol. RFC 4301 (Proposed Standard). http://www.ietf.org/rfc/rfc4301.txt. Updated by RFCs 6040, 7619.
Koopman, P. (2002). 32-bit cyclic redundancy codes for internet applications. In Proceedings International Conference on Dependable Systems and Networks (pp. 459–468).
Lloyd, B., & Simpson, W. (1992). PPP Authentication Protocols. RFC 1334 (Proposed Standard). http://www.ietf.org/rfc/rfc1334.txt. Obsoleted by RFC 1994.
Mattern, F., & Floerkemeier, C. (2010). Chap. From the internet of computers to the internet of things. From active data management to event-based systems and more (pp. 242–259). Berlin/Heidelberg: Springer. http://dl.acm.org/citation.cfm?id=1985625.1985645.
Neuman, B.C., & Ts’o, T. (1994). Kerberos: An authentication service for computer networks. IEEE Communications Magazine, 32(9), 33–38. doi:10.1109/35.312841.
Neuman, C., Yu, T., Hartman, S., & Raeburn, K. (2005). The Kerberos Network Authentication Service (V5). RFC 4120 (Proposed Standard). http://www.ietf.org/rfc/rfc4120.txt. Updated by RFCs 4537, 5021, 5896, 6111, 6112, 6113, 6649, 6806, 7751.
ISO, I. (1994). IEC 7498-1: 1994 information technology-open systems interconnection-basic reference model: The basic model. ISO standard ISO/IEC, 7498-1.
Potlapally, N. R., Ravi, S., Raghunathan, A., & Jha, N. K. (2006). A study of the energy consumption characteristics of cryptographic algorithms and security protocols. IEEE Transactions on Mobile Computing, 5(2), 128–143.
Potter, B. (2003). Wireless security’s future. IEEE Security and Privacy, 1(4), 68–72.
Rivest, R. L., & Schuldt, J. C. (2014). Spritz-a spongy rc4-like stream cipher and hash function. In Proceedings of the Charles River Crypto Day, Palo Alto, CA, USA (Vol. 24).
Simpson, W. (1996). PPP Challenge Handshake Authentication Protocol (CHAP). RFC 1994 (Draft Standard). http://www.ietf.org/rfc/rfc1994.txt. Updated by RFC 2484.
Sorce, S., & Yu, T. (2016). Kerberos Authorization Data Container Authenticated by Multiple Message Authentication Codes (MACs). RFC 7751 (Proposed Standard).
Stallings, W. (2002). Cryptography and network security: Principles and practice. Edinburgh: Pearson Education.
Tews, E., & Beck, M. (2009). Practical attacks against WEP and WPA. In Proceedings of the Second ACM Conference on Wireless Network Security (pp. 79–86). New York: ACM.
Ylonen, T., & Lonvick, C. (2006). The Secure Shell (SSH) Authentication Protocol. RFC 4252 (Proposed Standard). http://www.ietf.org/rfc/rfc4252.txt.
Ylonen, T., & Lonvick, C. (2006). The Secure Shell (SSH) Protocol Architecture. RFC 4251 (Proposed Standard). http://www.ietf.org/rfc/rfc4251.txt.
Acknowledgements
This work was supported by the MINECO grant TIN2013-46469-R (SPINY: Security and Privacy in the Internet of You), by the CAM grant S2013/ICE-3095 (CIBERDINE: Cybersecurity, Data, and Risks), which is co-funded by European Funds (FEDER), and by the MINECO grant TIN2016-79095-C2-2-R (SMOG-DEV—Security mechanisms for fog computing: advanced security for devices). Authors would like to thank the anonymous reviewers for their useful comments.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this chapter
Cite this chapter
María de Fuentes, J., Hernandez-Encinas, L., Ribagorda, A. (2018). Security Protocols for Networks and Internet: A Global Vision. In: Daimi, K. (eds) Computer and Network Security Essentials. Springer, Cham. https://doi.org/10.1007/978-3-319-58424-9_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-58424-9_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-58423-2
Online ISBN: 978-3-319-58424-9
eBook Packages: EngineeringEngineering (R0)