Lecture 16: Introduction to Encryption

Network Monitoring

In most multiaccess networks, it is trivially easy for a host to set its network interface into "promiscuous mode", and capture copies of all data frames which pass across the network.

This is called eavesdropping or (in some circles) packet sniffing (or snarfing.) Once an eavesdropper has copies of all the frames he desires, he can easily view the application data they contain.

We have already seen that most current application protocols send data across the Internet as "strings of printable ASCII" -- ie, the data is sent as plaintext. It is therefore simple to observe messages transmitted by others, if one has access to an appropriate point in the network. This is the origin of the (oft repeated, and generally true) assertion that "The Internet is insecure". The solution is encryption -- encoding the message so that it is unintelligible to the intruder, but can be easily "unscrambled" by the intended recipient. This is secure communication.

An area where this insecurity can present a Really Serious Problem is password authentication. Many application protocols (eg Telnet, FTP, POP3, etc) send usernames and passwords across the network as plain text, exactly the same as other data -- ie, unencrypted. You need to always be aware of this possibility!

Encryption is a vast technical, scientific and political topic, tightly intertwined with the history of computing itself. We will look briefly at a few aspects in this lecture and the next.

previous | start | next