Transcript powerpoint

Lecture Topics: 12/06
•
•
•
•
•
•
SSL
Final Exam
HW 7 & 8
Important concepts in 410
Other references
Evaluations
SSL Question
• Why is the nonce sent as clear text?
– doesn’t having the plaintext and the
ciphertext make finding the symmetric key
easier?
• For modern encryption algorithms,
having the plaintext and the ciphertext
doesn’t help you much
• Avoid doing public key cryptography
when you can because it’s so expensive
Simplified SSL
Establishing a secure
connection with SSL
• Some additional information is transferred
with each message, but this simplified
version contains all of the necessary details
1
2
You
Nonce
[Amazon.com, AmazonPubKey]VerisignPubKey
3
[SecretSessionKey]AmazonPubKey
4
[Nonce]SecretSessionKey
5
[Credit Card Number]SecretSessionKey
Explanation of Simplified SSL
1.
2.
3.
4.
5.
•
The client sends the server a nonce to prevent a replay attack, and
the server stores this nonce
The server sends the client a certificate, which contains it’s name
and public key. This certificate has been digitally signed by Verisign
(a trusted third party)
The client chooses a secret (symmetric) session key to use for this
connection. It encrypts this key with the server’s public key and
sends it to the server.
The server decrypts the session key using it’s private key. It sends
the original nonce back to the client encrypted with the session key.
The client now has verified that it is actually talking with the correct
server, because only the correct server can decrypt the session key
sent in step 3.
Any remaining secret communication between the client and server
can use the session key.
There is much more to SSL than what is presented here. There are
a vast number of options and features.
Final Exam
• Wednesday Dec 13th at 8:30-10:20 in Thomson 125
• Mostly over OS topics (85%)
– see the review sheet for what you need to know
– at least twice as long as the midterm
– more difficult than the midterm
• Exam based on topics covered in lecture
• Review sessions (based on your questions)
– Sunday Dec 10th 5:00-7:30 in Johnson 223
• no Seahawks game
– Monday Dec 11th 5:00-7:30 in Johnson 119
• Office hours:
– Monday no office hours
– Tuesday Dec 12th 12:30-4:30
– send me mail if you have questions
Johnson
HW 7 & HW 8
• HW 7 graded out of 95
– mean = 81
– median = 90
• HW 8 graded out of 70
– mean = 60
– median = 61
Grading
• Each homework counts 5%, drop one
• Programming assignments took more time
– best grade out of HW #6, #7, or #9 will count 8%
– worst grade of any other homework (after drop)
will count 2%
– (only if your grade is better under this scheme)
• Will email a grade report to everyone by
Friday (including everything but HW 9)
• HW 9 will be available in my office hours next
Tuesday
Key Concepts
• Make the common case fast and
the uncommon case correct
• Caches (common case has locality)
– L1 & L2 caches
– TLB
– File cache
– Memory a cache for virtual memory
– DNS caches common translations
Key Concepts
• Any computer science problem can be
solved by adding a layer of indirection
• Virtual addresses
• Handles (OS must control access)
– file handles
– process handles
• Network file servers (e.g. NFS)
– looks like a local disk but it’s across a network
• DNS: you want to type www.cnn.com, but IP
needs 207.25.71.20
Additional Resources
• Architecture
– P&H “Computer Organization & Design” is the
standard undergrad book
– H&P “Computer Architecture: A Quantitative
Approach, Second Edition” is the standard
graduate book
• more advanced topics
• Operating Systems
– “Inside Windows NT” or “Inside Windows 2000”
– “The Design of the UNIX Operating System”
– “Design and Implementation of the 4.4 BSD
Operating System”
Additional Resources
• Networks
– “TCP/IP Illustrated Volume 1” Richard Stevens
– “Computer Networks: A Systems Approach 2nd Edition”
Peterson and Davie
• don’t get the first edition
• Cryptography
– “Applied Cryptography” Bruce Schneier
– “Cryptography : Theory and Practice (Discrete Mathematics
and Its Applications)” Douglas R. Stinson
• Miscellaneous
– “Mythical Man-Month” Fred Brooks
– “Programming Pearls” Jon Bentley
• Perl
– “Learning Perl” Schwartz and Christiansen
– “Programming Perl” Larry Wall
Thank You
• I’ve had a tremendous amount of time
teaching this class
– a lot of work but worth it
• We’ve covered a lot of topics in a short
amount of time
– we’ve covered most of what is important
– hopefully, you’ve learned something
• Continue to email me questions about
operating systems