Using the SA4 Command Line Interface (PRELIMINARY DRAFT)
|
|
- Martha Simon
- 6 years ago
- Views:
Transcription
1 Using the SA4 Command Line Interface (PRELIMINARY DRAFT) This chapter describes the SecretAgent 4 command line interface. The options and usage are identical for Windows/MS-DOS and UNIX versions of SecretAgent. You should read the README file, if one is provided, for last minute information on SecretAgent 4 that might not be covered in this document. WARNINGS: At this point SA4 is nearly five years old and the default 512-bit public key size it used for DSA and RSA key generation is no longer considered safe. We recommend that you always explicitly specify a key size of at least 1024 bits when generating new key pairs. As will become apparent, much of the current document has been copied from the SA3 README file and is significantly out of date. For current command line usage information, consult the accompanying sample shell scripts. Command Line Syntax The following output is produced by the command line sa4 h on a Solaris 2.x platform. It describes the application s basic command line syntax. SecretAgent(r) Version 4.16 for SunOS 5.x/SPARC Copyright(c) Information Security Corp. All rights reserved. Copyright(c) Digital Signature. All rights reserved. Basic functions: (order of options is irrelevant) help: sa4 -h -? keygen: sa4 -g [-Z#] [-T#] [-kpkf] [-Kprv] -uid -ppwd encrypt: sa4 [-e] [-T#] [-C#] [-E#] [-F#] [-kpkf] [-uid -ppwd] -rids file(s) decrypt: sa4 [-d] [-T#] [-kpkf] [-Kprv] -uid -ppwd file zap: sa4 -z file(s) (WARNING: this is non-interactive!) Common options: (replace # with integer; * indicates default value) -k<pkf> public key file -K<prv> private key file -o<path> output directory (decryption) or path\filename (encryption) -p<pwd> password phrase -q overwrite without warning -r<ids> recip. list (':' delimited) -u<id> user id -v verbose -f silent -R delete RAND file -V report version number -C# compression algorithm -F# format (printable encoding) 1 none 8 *LZSS 1 none (binary) 3 hex 3 RLE 2 *base64 (PEM/MIME/SDNS) -E# encryption algorithm -Z# key type 3 *DES-CBC 2 *DSA RSA DES3-CBC 8 EA2-CBC 3 DSA RSA T2 use encrypted private key file (default for RSA keys) -T4 use Fortezza (implies Skipjack encryption) NOTE: Some ciphers and key size options are not available on all platforms. Run the sa4 h command to see what is available in the particular build you have or contact ISC for specific details.
2 Chapter 5 SecretAgent User s Guide A more complete synopsis is provided below: /****************************************************************************\ Command line processing Principal Options -a ascii files (for cross-platform use; not yet implemented) -d decrypt -e encrypt -f quiet; no copyright message -g generate code -h help -i integrity check -k<pkfile> specify public key file [otherwise it's DEFAULT.PKF] -o<path> specify path/filename -p<pwd> specify password -q quiet (overwrite without prompt) -r<ids> specify recipient list (semi-colon delimited; encrypt only) -s sign-only --reserved -t test (does nothing at all at the moment!) -u<id> specify user ID (for key generation, signing and decrypting) -v verbose -w wipe (zap) --reserved -x extract a specified public key (requires -o option for output) -z zap -? help Certificate handling (rss): -A add cert -c certificate file -G generate certificate request -S generate certificate -H verify cert -K<prvfile> private key file -N X.500 common name -Q# cert request type (1=Certco,2=Verisign) -U X.500 uid + load config file Key Recovery (mjm): -Dx extract KRF (used by requestor) -Dp process KRF (used by key recovery agent) Encryption Options -C# compression algorithm 1 none 3 run-length encoding (RLE) 8 LZSS for general binary files [default] -E# encryption algorithm 1 none 3 *DES-CBC // single DES in software 6 DES3-CBC // triple DES (EDE-CBC) 7 Skipjack // requires Fortezza card 8 EA2-CBC // AT&T proprietary exportable algorithm 9 Assure DES-CBC // single DES on Cordant hardware 10 Assure DES3-CBC // triple DES on Cordant hardware 11 Armor DES-CBC // single DES on Fischer Armor hardware 12 Armor DES3-CBC // triple DES on Fischer Armor hardware -F# format (printable encoding) 1 none // ciphertext left in binary form 2 *base64 // PEM-MIME/SDNS/MSP encoding 3 hexadecimal (2 hex digits/byte) Key Generation/Encryption/Decryption Options -T# token 2 Issue 5 June 1998
3 SecretAgent User s Guide Chapter 5 1 *none (use SHA-1 hashed password phrase) 2 private key on disk 4 Fortezza Key Generation Options -Z# math (ring/field; for key generation only) 1 SA2-compatible 512-bit DSA p/q/g 2 *DSA 512-bit 3 DSA 1024-bit 4 RSA 512-bit (e = F3) 5 RSA 768-bit (e = F3) (unused?) 6 RSA 1024-bit (e = F3) 7 Fortezza Miscellaneous Options/Commands -I import public keys -L list keys -P pause before exit -R unlink existing RAND file before running (if combined with encryption; otherwise reseed rand file and exit) -V report internal version number -X export public keys (does not yet support Fortezza certificates) \****************************************************************************/ Issue 5 June
4 Chapter 5 SecretAgent User s Guide Command Line Processing When SecretAgent starts up, it first reads and processes the options provided in its configuration file, if one exists in the installation directory. It then processes the option string in the SA4 environment variable (if one is set in your environment) and finally the current command line string (including a response file, if one is specified). The SA4 configuration file containing a set of options and/or a recipient list is normally named sa.cfg but may be renamed and explicitly specified by using the '+' command line switch. The response file ('@') switch allows you to supply prewritten file lists as well. These options are described in the following two sections; they are especially useful when SecretAgent is to be invoked from a batch file or from within another executable program. Setting a SecretAgent Environment Variable In addition to editing your AUTOEXEC.BAT,.profile,.login,.cshrc or other user settings file to add the SecretAgent directory to your PATH, you may want to create an SA4 environment variable. The SA4 environment variable may be used to configure SecretAgent with commonly used options and/or to override the various default options. For example, the environment variable setting: SA4=-kalt.pkf -E6 causes SecretAgent to default to searching the file ALT.PKF for public keys ( -kalt.pkf ) and to use triple DES ( -E6 ) when encrypting. These environment variable settings remain in effect unless overridden by options placed on the current command line. Under Windows, rebooting your computer (or logging off and then back on) may be necessary for changes to your system environment to take effect. Configuration Files A single configuration file containing multiple option strings may be used during a SecretAgent session. Just precede the name of the file with a '+' and list it after all other options on the sa4 command line (but before any filenames). For example, suppose the file sa4.cfg contains the following lines of text: -C1 -E6 -F2 Then the (Windows shell) command line: C>sa -rbclinton +SA4.cfg c:\wp\*.doc will encrypt all.doc files in the directory C:\WP for user BClinton using no compression (-C1), triple DES (-E6) and base64 printable encoding (-F2). (Of course, the -F2 option is redundant since that is the default value.) White space is ignored in configuration files, so the file sa4.cfg in the above example could just as well have contained the single line: -C1 -E6 -F2 Similarly if you have a file of recipient IDs, say recips.lst, containing the lines: -r BClinton -r AGore -r G. Washington 4 Issue 5 June 1998
5 SecretAgent User s Guide Chapter 5 The (Windows shell) command: C>sa -C1 -E6 -F2 +recips.lst c:\wp\*.doc will encrypt all matching.doc files for the three users. (Note that the double quotes around the third -r argument is required as the user ID G. Washington contains an embedded space.) Of course, the encryption options and recipients can be stored together in a configuration file. For example, if we have a file, say usual.cfg, containing the lines: -C1 -E6 -F2 -r BClinton;AGore;G. Washington The command: C>sa +usual.cfg c:\wp\*.doc would have the same effect as the preceding command. The upshot of all this is that the configuration file is read and processed just as if the options it contained were all listed on the command line. Do not try to specify a configuration file by using the '+' switch in your SA4 environment variable; it will not work. Configuration files may only be used on the actual sa4 command line. Response Files Response files, or file specification lists, allow you to do the same thing with DOS filespecs that configuration files allow you to do with command line options. A single response file may be used by preceding its name with '@' character and listing it *last* on the SA command line in place of the normal list of input filenames. For example, if we have a file, say FILES.LST, containing the lines: C:\wp\*.doc C:\excel\*.xls The command: C>sa will encrypt for user BClinton all files matching the two filespecs using the default processing options. Configuration and response files may both be used on the same command line: C>sa NOTE: Command line options may not be included in response files. All SA options must either be placed in the SA4 environment variable, on the command line, or in a configuration file. At present, only a single configuration file and/or a single response file may be used for a given session.! WARNING: Do not try to specify a response file by using switch in your SA4 environment variable; it will not work. The response file, if any, must appear at the end of the actual command line. Issue 5 June
6 Chapter 5 SecretAgent User s Guide Testing the Encryption Modules The presence of the -t switch in the environment variable or on the command line triggers SecretAgent s built-in NBS Maintenance No.4 for the DES module and a similar test of the EA2 encryption module. The command line: Sa4 -t instructs SecretAgent to test its encryption modules, report the results, and exit to DOS. Testing Program Integrity (Windows only) Key Generation The presence of the -i switch in the SA environment variable or on the command line triggers SecretAgent's built-in integrity test. This test may be used to detect alterations to the executable program file SA.EXE due to tampering or virus infection. The integrity test works by calculating a message digest for the file SA.EXE using the Secure Hash Algorithm specified in FIPS This calculated hash is compared with an embedded message digest generated during software development. If the two message digests agree, the program probably has not been modified and SecretAgent issues the message: Program integrity OK If the messages differ, the following error message is displayed: Program is altered In this case, you should suspect a disk read error, tampering by another user, or a virus infection. To generate a new public/private key pair, you use the -g command line switch and provide the following information: 1. The type and size of key pair you wish to create (DSA or RSA) 2. Your user ID 3. Your password. This information is specified on the command line by using the -Z, -u and -p command line switches respectively. The possible type/size pairs and their corresponding -Z arguments are given in the following table: type Size -Z argument DSA [default] DSA RSA RSA For example, the command line: C>sa -g -Z2 -ubclinton -phillary would generate a new 512-bit DSA key pair (-Z2) for user BClinton with a password of Hillary. The public key would be placed in the default public key file DEFAULT.PKF. 6 Issue 5 June 1998
7 SecretAgent User s Guide Chapter 5 Encryption Signing NOTE: That user IDs or password phrases containing one or more spaces must be surrounded by double quotes and should be separated from the preceding switch by at least one space. Thus the command line: C>sa -g -u BClinton -p Hillary has the same effect as the preceding one (since -Z2 is the default). Use the -k option to designate an alternate public key file. The command line: C>sa -g -Z6 -knew.pkf -ubclinton -phillary would generate a new 1024-bit RSA key (-Z6) and place the public key in the file NEW.PKF. NOTE: Password phrases (and usually token PINs) are case sensitive. If you do not supply a password, SecretAgent will prompt you for the password of your choice. To encrypt one or more files, you must specify the recipients (as a semicolon delimited list of user IDs) and supply the filespecs. For example: C>sa -rbclinton;agore *.doc would encrypt all.doc files in the current directory in such a way that only users BClinton and AGore could decrypt them. NOTE: The public keys for all recipients must be present in the active public key file--in this example the default DEFAULT.PKF. You may use the -k option to designate an alternate public key file. If you type the command line: C>sa -kwhthouse.pkf -rbclinton;agore *.doc SecretAgent will search the public key file WHTHOUSE.PKF for the specified recipients public keys. To override the default encryption processing options, see the section entitled Command Line Syntax on page 5-6. If you wish to include your digital signature on each of the input files in the ciphertext archive, you must specify your user id and password phrase (or PIN) using the -u and -p options respectively when encrypting. For example, BClinton could use the following command to send an encrypted and signed memo to AGore : C>sa -kwhthouse.pkf -ragore -ubclinton -phillary memo.doc You will be prompted for your password if you do not supply it. Issue 5 June
8 Chapter 5 SecretAgent User s Guide Decryption To decrypt a SecretAgent.SA ciphertext archive, you must supply your user ID and your password phrase or PIN. Be sure to enter your password phrase in exactly the same manner as you did when you generated your public key. For example, Al might decrypt a MEMO.SA file he receives using the command line: C>sa -uagore -p I m the VP memo.sa This assumes the public key of AGore (and, if the archive contains digital signatures, that of the sender) are in the file DEFAULT.PKF. An alternate public key file may be specified using the -k option as illustrated above. 8 Issue 5 June 1998
User s Guide. PolicyAgent and Key Recovery for SecretAgent 5.8 and SpyProof! 1.2
User s Guide PolicyAgent and Key Recovery for SecretAgent 5.8 and SpyProof! 1.2 Information in this document is subject to change without notice and does not represent a commitment on the part of Information
More informationUser s Guide. PolicyAgent and Key Recovery for SecretAgent 5.9 and SpyProof! 1.3
User s Guide PolicyAgent and Key Recovery for SecretAgent 5.9 and SpyProof! 1.3 Information in this document is subject to change without notice and does not represent a commitment on the part of Information
More informationIBM Systems and Technology Group
IBM Systems and Technology Group Encryption Facility for z/os Update Steven R. Hart srhart@us.ibm.com 2013 IBM Corporation Topics Encryption Facility for z/os EF OpenPGP Support X.509 vs. OpenPGP Certificates
More informationSecretAgent Migration Tool for PGP Preliminary User s Guide
SecretAgent Migration Tool for PGP Preliminary User s Guide Author: Michael Markowitz, VP R&D Date: March 20, 2003 Version: 1.0.0 Information in this document is subject to change without notice and does
More informationSummary of PGP Services
Table 15.1 Summary of PGP Services Function Algorithms Used Description Digital signature Message encryption Compression Email compatibility DSS/SHA or RSA/SHA CAST or IDEA or Three-key Triple DES with
More informationPrincess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536)
Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536) Prepared by Dr. Samia Chelloug E-mail: samia_chelloug@yahoo.fr Content
More informationImplementing Secure Shell
Implementing Secure Shell Secure Shell (SSH) is an application and a protocol that provides a secure replacement to the Berkeley r-tools. The protocol secures sessions using standard cryptographic mechanisms,
More informationSharing Secrets using Encryption Facility - Handson
Sharing Secrets using Encryption Facility - Handson Lab Steven R. Hart IBM March 12, 2014 Session Number 14963 Encryption Facility for z/os Encryption Facility for z/os is a host based software solution
More informationLab Overview In this lab, you will learn how to perform the following tasks with Encryption Facility for z/os:
Lab Overview In this lab, you will learn how to perform the following tasks with Encryption Facility for z/os: Creating an OpenPGP Keyring Creating new RSA key pairs Creating OpenPGP certificates Exporting
More information1.264 Lecture 28. Cryptography: Asymmetric keys
1.264 Lecture 28 Cryptography: Asymmetric keys Next class: Anderson chapters 20. Exercise due before class (Reading doesn t cover same topics as lecture) 1 Asymmetric or public key encryption Receiver
More informationObjectives of this Lab
Objectives of this Lab In this Lab you will learn how to perform the following tasks with Encryption Facility for z/os: Creating a Java Keystore Creating an OpenPGP Keyring Creating new RSA key pairs Creating
More informationUser s Guide. Version 5.7 Java
User s Guide Version 5.7 Java Information in this document is subject to change without notice and does not represent a commitment on the part of Information Security Corporation. The software described
More informationCryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL
Cryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL Transpositional Ciphers-A Review Decryption 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 Encryption 1 2 3 4 5 6 7 8 A G O O D F R I E N D I S A T R E
More informationSecurity Policy. FORTEZZA Crypto Card
Security Policy for January 16, 1997 Prepared by ipower Business Unit 2900 Semiconductor Drive P.O. Box 58090, M/S 16-225, Santa Clara, CA 95052-8090 Telephone (408) 721-5000 T his page intentionally blank
More informationSample excerpt. Virtual Private Networks. Contents
Contents Overview...................................................... 7-3.................................................... 7-5 Overview of...................................... 7-5 IPsec Headers...........................................
More informationLecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005
Lecture 30 Security April 11, 2005 Cryptography K A ciphertext Figure 7.3 goes here K B symmetric-key crypto: sender, receiver keys identical public-key crypto: encrypt key public, decrypt key secret Symmetric
More informationPretty Good Privacy (PGP
PGP - S/MIME - Internet Firewalls for Trusted System: Roles of Firewalls Firewall related terminology- Types of Firewalls - Firewall designs - SET for E-Commerce Transactions. Pretty Good Privacy (PGP
More informationEncryption. INST 346, Section 0201 April 3, 2018
Encryption INST 346, Section 0201 April 3, 2018 Goals for Today Symmetric Key Encryption Public Key Encryption Certificate Authorities Secure Sockets Layer Simple encryption scheme substitution cipher:
More informationContents. Configuring SSH 1
Contents Configuring SSH 1 Overview 1 How SSH works 1 SSH authentication methods 2 SSH support for Suite B 3 FIPS compliance 3 Configuring the device as an SSH server 4 SSH server configuration task list
More informationSSH Algorithms for Common Criteria Certification
The feature provides the list and order of the algorithms that are allowed for Common Criteria Certification. This module describes how to configure the encryption, Message Authentication Code (MAC), and
More informationTable of Contents 1 SSH Configuration 1-1
Table of Contents 1 SSH Configuration 1-1 SSH Overview 1-1 Introduction to SSH 1-1 Algorithm and Key 1-1 Asymmetric Key Algorithm 1-2 SSH Operating Process 1-2 Configuring the SSH Server 1-4 SSH Server
More informationWHITE PAPER. Authentication and Encryption Design
WHITE PAPER Authentication and Encryption Design Table of Contents Introduction Applications and Services Account Creation Two-step Verification Authentication Passphrase Management Email Message Encryption
More informationCryptographic Concepts
Outline Identify the different types of cryptography Learn about current cryptographic methods Chapter #23: Cryptography Understand how cryptography is applied for security Given a scenario, utilize general
More informationConfiguring File Server Resource Manager (FSRM)
Configuring File Server Resource Manager (FSRM) LESSON 5 70-411 EXAM OBJECTIVE Objective 2.2 Configure File Server Resource Manager (FSRM). This objective may include but is not limited to: install the
More informationIT Services Security. The Dark Arts Of SSH. Author: John Curran Version: 0.1
IT Services Security The Dark Arts Of SSH Author: John Curran Version: 0.1 STATUS\ REVISION HISTORY Date Version Description 0.1-0.9 Review preparation 1.0 Presented to business & retained by Information
More informationS/MIME Security Services
This chapter contains the following sections: Overview of, page 1 in Email Security Appliance, page 1 Signing, Encrypting, or Signing and Encrypting Outgoing Messages using S/MIME, page 5 Verifying, Decrypting,
More informationS/MIME Security Services
This chapter contains the following sections: Overview of, on page 1 in Email Security Appliance, on page 1 Signing, Encrypting, or Signing and Encrypting Outgoing Messages using S/MIME, on page 4 Verifying,
More informationDisplaying SSL Configuration Information and Statistics
CHAPTER 7 Displaying SSL Configuration Information and Statistics This chapter describes the show commands available for displaying CSS SSL configuration information and statistics and an explanation of
More informationConfiguring SSL. SSL Overview CHAPTER
7 CHAPTER This topic describes the steps required to configure your ACE appliance as a virtual Secure Sockets Layer (SSL) server for SSL initiation or termination. The topics included in this section are:
More informationConfiguring SSL. SSL Overview CHAPTER
CHAPTER 8 Date: 4/23/09 This topic describes the steps required to configure your ACE (both the ACE module and the ACE appliance) as a virtual Secure Sockets Layer (SSL) server for SSL initiation or termination.
More informationNetwork Working Group. A. Keromytis U. of Pennsylvania March DSA and RSA Key and Signature Encoding for the KeyNote Trust Management System
Network Working Group Request for Comments: 2792 Category: Informational M. Blaze J. Ioannidis AT&T Labs - Research A. Keromytis U. of Pennsylvania March 2000 Status of this Memo DSA and RSA Key and Signature
More informationAuto-Provisioning Mediatrix units May 31, 2011
Auto-Provisioning Mediatrix units May 31, 2011 Proprietary 2011 Media5 Corporation Table of Contents Introduction... 3 Application Scenario... 3 Overview of the Server Configuration... 4 Preparing Windows
More informationSecureDoc Disk Encryption Cryptographic Engine
SecureDoc Disk Encryption Cryptographic Engine Security Policy Abstract: This document specifies Security Policy enforced by the SecureDoc Cryptographic Engine compliant with the requirements of FIPS 140-2
More informationborzoi Manual Dragongate Technologies Ltd.
borzoi Manual Dragongate Technologies Ltd. September 21, 2003 Contents 1 Introduction 1 2 Preliminaries 2 2.1 Header Files............................ 2 2.2 Type Definitions......................... 2
More informationKurose & Ross, Chapters (5 th ed.)
Kurose & Ross, Chapters 8.2-8.3 (5 th ed.) Slides adapted from: J. Kurose & K. Ross \ Computer Networking: A Top Down Approach (5 th ed.) Addison-Wesley, April 2009. Copyright 1996-2010, J.F Kurose and
More informationIBM i Version 7.2. Security Digital Certificate Manager IBM
IBM i Version 7.2 Security Digital Certificate Manager IBM IBM i Version 7.2 Security Digital Certificate Manager IBM Note Before using this information and the product it supports, read the information
More informationGSKCapiCmd User s Guide GSKit Version 7
IBM Global Security Kit GSKCapiCmd User s Guide GSKit Version 7 Edition 12 March 2007 (C) Copyright International Business Machines Corporation 2005-2007. All rights reserved. U.S. Government Users Restricted
More informationAdditional Management Tools and Interfaces
This chapter provides details on additional management tools and interfaces available in Cisco Service Control. The Cisco SCA BB Service Configuration Utility, page 1 The Cisco SCA BB Real-Time Monitoring
More informationConfiguring SSL CHAPTER
7 CHAPTER This chapter describes the steps required to configure your ACE appliance as a virtual Secure Sockets Layer (SSL) server for SSL initiation or termination. The topics included in this section
More informationUsing keys with SSH Rob Judd
Using keys with SSH Rob Judd (rjudd@mlug.missouri.edu) Introduction SSH is a drop-in replacement for telnet that allows encrypted network connections. There are two main versions, 1.5 SSH-1 and 2.0 SSH-2
More informationHTTPS--HTTP Server and Client with SSL 3.0
The feature provides Secure Socket Layer (SSL) version 3.0 support for the HTTP 1.1 server and HTTP 1.1 client within Cisco IOS software. SSL provides server authentication, encryption, and message integrity
More informationCryptography (Overview)
Cryptography (Overview) Some history Caesar cipher, rot13 substitution ciphers, etc. Enigma (Turing) Modern secret key cryptography DES, AES Public key cryptography RSA, digital signatures Cryptography
More informationDue: October 8, 2013: 7.30 PM
Jackson State University Department of Computer Science CSC 437-01/539-01 Computer Security Fall 2013 Instructor: Dr. Natarajan Meghanathan Lab Project # 1: Lab Project on using PGP GNU Privacy Guard (GPG)
More informationGenesys Security Deployment Guide. What You Need
Genesys Security Deployment Guide What You Need 12/27/2017 Contents 1 What You Need 1.1 TLS Certificates 1.2 Generating Certificates using OpenSSL and Genesys Security Pack 1.3 Generating Certificates
More informationCryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology
Cryptography & Key Exchange Protocols Faculty of Computer Science & Engineering HCMC University of Technology Outline 1 Cryptography-related concepts 2 3 4 5 6 7 Key channel for symmetric cryptosystems
More informationXFTP 6 User Guide. A Powerful SFTP/FTP File Transfer Program. NetSarang Computer Inc.
XFTP 6 User Guide A Powerful SFTP/FTP File Transfer Program NetSarang Computer Inc. Copyright 2018 NetSarang Computer, Inc. All rights reserved. Xftp Manual This software and various documents have been
More informationZENworks 2017 Update1 Full Disk Encryption Emergency Recovery Reference. July 2017
ZENworks 2017 Update1 Full Disk Encryption Emergency Recovery Reference July 2017 Legal Notice For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions,
More informationAdditional Management Tools and Interfaces
CHAPTER 13 The SCA BB Service Configuration Utility, page 13-1 The SCA BB Real-Time Monitoring Configuration Utility, page 13-5 The SCA BB Signature Configuration Utility, page 13-8 Overview of SNMP, MIB,
More informationProductCenter Database Merge Utility Release Notes
ProductCenter Database Merge Utility Release Notes Release 8.4.0 January, 2006 NorthRidge Software, LLC www.nridge.com (603) 434-2525 CONTENTS Introduction... 3 Database Roles... 3 How it Works... 4 Importance
More informationח'/סיון/תשע "א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms
Public Key Cryptography Kurose & Ross, Chapters 8.28.3 (5 th ed.) Slides adapted from: J. Kurose & K. Ross \ Computer Networking: A Top Down Approach (5 th ed.) AddisonWesley, April 2009. Copyright 19962010,
More informationEncryption I. An Introduction
Encryption I An Introduction Reading List ADO and SQL Server Security A Simple Guide to Cryptography Protecting Private Data with the Cryptography Namespaces Using MD5 to Encrypt Passwords in a Database
More informationCore Security Services and Bootstrapping in the Cherubim Security System
Core Security Services and Bootstrapping in the Cherubim Security System Charles Willis cfwillis@uiuc.edu Technical Report 2 July 1998 University of Illinois at Urbana-Champaign Department of Computer
More informationHTTPS File Transfer. Specification
HTTPS File Transfer Specification Version 1.4 5-Apr-2017 Date Version Description 30-Aug-2010 1.0 Original Version 30-Jun-2011 1.1 Added FAQ 29-Jun-2015 1.2 ilink administration added 1-Sep-2015 1.3 Updated
More informationIBM Client Security Solutions. Client Security Software Version 1.0 Administrator's Guide
IBM Client Security Solutions Client Security Software Version 1.0 Administrator's Guide December 1999 1 Before using this information and the product it supports, be sure to read Appendix A - U.S. export
More informationQuick Reference Guide. Online Courier: File Transfer Protocol (FTP) Signing On. Using FTP Pickup
Quick Reference Guide Online Courier: File Transfer Protocol (FTP) With SunTrust Online Courier, you can have reports and files delivered to you using a File Transfer Protocol (FTP) connection. There are
More informationFile transfer clients manual File Delivery Services
File transfer clients manual File Delivery Services Publisher Post CH Ltd Information Technology Webergutstrasse 12 CH-3030 Berne (Zollikofen) Contact Post CH Ltd Information Technology Webergutstrasse
More informationIBM Client Security Software Deployment Guide Version Updated: January 7, 2005
IBM Client Security Software Deployment Guide Version 5.41 Updated: January 7, 2005 Fifth Edition (January 2005) Copyright International Business Machines Corporation 2005. All rights reserved. US Government
More informationVISUDO(8) System Manager s Manual VISUDO(8)
NAME visudo - edit the sudoers file SYNOPSIS visudo [-chqsv] [-f sudoers] [-x output_file] DESCRIPTION visudo edits the sudoers file in a safe fashion, analogous to vipw(8). visudo locks the sudoers file
More informationThis Security Policy describes how this module complies with the eleven sections of the Standard:
Vormetric, Inc Vormetric Data Security Server Module Firmware Version 4.4.1 Hardware Version 1.0 FIPS 140-2 Non-Proprietary Security Policy Level 2 Validation May 24 th, 2012 2011 Vormetric Inc. All rights
More informationEncryption and Forensics/Data Hiding
Encryption and Forensics/Data Hiding 1 Cryptography Background See: http://www.cacr.math.uwaterloo.ca/hac/ For more information 2 Security Objectives Confidentiality (Secrecy): Prevent/Detect/Deter improper
More informationPretty Good Privacy (PGP)
Pretty Good Privacy (PGP) -- PGP services -- PGP key management (c) Levente Buttyán (buttyan@crysys.hu) What is PGP? general purpose application to protect (encrypt and/or sign) files can be used to protect
More informationZENworks 2017 Update 2 Endpoint Security Utilities Reference. February 2018
ZENworks 2017 Update 2 Endpoint Security Utilities Reference February 2018 Legal Notice For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S.
More informationTable of contents 2 / 12
OraRSA 1 / 12 Table of contents Introduction... 3 Install... 4 Setup... 4 Load the JAR files... 4 Register ORA_RSA package... 4 Permissions... 4 Upgrade... 4 Uninstall... 5 Switch from Trial to Production
More informationChapter 6: Digital Certificates Introduction Authentication Methods PKI Digital Certificate Passing
Chapter 6: Digital Certificates Introduction Methods PKI Digital Certificate Passing Prof Bill Buchanan OBE http://asecuritysite.com/crypto06 http://asecuritysite.com/encryption Identity on the Internet
More informationPKI Trustpool Management
PKI Trustpool Management Last Updated: October 9, 2012 The PKI Trustpool Management feature is used to authenticate sessions, such as HTTPS, that occur between devices by using commonly recognized trusted
More informationRalph Durkee Independent Consultant Security Consulting, Security Training, Systems Administration, and Software Development
Ralph Durkee Independent Consultant www.rd1.net Security Consulting, Security Training, Systems Administration, and Software Development PGP and GnuPG Rochester OWASP Agenda: Generic Public Key Encryption
More informationFIPS SECURITY POLICY FOR
FIPS 140-2 SECURITY POLICY FOR SPECTRAGUARD ENTERPRISE SENSOR August 26, 2011 FIPS 140-2 LEVEL-2 SECURITY POLICY FOR AIRTIGHT NETWORKS SPECTRAGUARD ENTERPRISE SENSOR 1. Introduction This document describes
More informationCSC/ECE 774 Advanced Network Security
Computer Science CSC/ECE 774 Advanced Network Security Topic 2. Network Security Primitives CSC/ECE 774 Dr. Peng Ning 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange;
More informationHow many DES keys, on the average, encrypt a particular plaintext block to a particular ciphertext block?
Homework 1. Come up with as efficient an encoding as you can to specify a completely general one-to-one mapping between 64-bit input values and 64-bit output values. 2. Token cards display a number that
More informationCisco Desktop Collaboration Experience DX650 Security Overview
White Paper Cisco Desktop Collaboration Experience DX650 Security Overview Cisco Desktop Collaboration Experience DX650 Security Overview The Cisco Desktop Collaboration Experience DX650 (Cisco DX650)
More informationUsing the Scripting Interface
CHAPTER 5 This chapter describes the scripting interface that ACS 5.3 provides to perform bulk operations on ACS objects using the Import and Export features. ACS provides the import and export functionalities
More informationMQME-GUI User Guide Page ii
MQME-GUI User Guide Capitalware Inc. Unit 11, 1673 Richmond Street, PMB524 London, Ontario N6G2N3 Canada sales@capitalware.com http://www.capitalware.com MQME-GUI User Guide Page ii Table of Contents 1
More informationFIPS Non-Proprietary Security Policy
Quantum Corporation Scalar Key Manager Software Version 2.0.1 FIPS 140-2 Non-Proprietary Security Policy Document Version 1.4 Last Update: 2010-11-03 8:43:00 AM 2010 Quantum Corporation. May be freely
More informationElectronic Mail. Prof. Indranil Sen Gupta. Professor, Dept. of Computer Science & Engineering Indian Institute of Technology Kharagpur
Electronic Mail Prof. Indranil Sen Gupta Professor, Dept. of Computer Science & Engineering Indian Institute of Technology Kharagpur 1 Introduction Most heavily used application on the Internet. Simple
More informationvfire Server Console Guide Version 1.5
vfire Server Console Guide Table of Contents Version Details 4 Copyright 4 About this guide 6 Intended Audience 6 Standards and Conventions 6 Introduction 7 Accessing the Server Console 8 Creating a System
More informationCryptography and Network Security
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown Chapter 15 Electronic Mail Security Despite the refusal of VADM Poindexter and LtCol North to appear,
More informationUser Guide Online Backup
User Guide Online Backup Table of contents Table of contents... 1 Introduction... 2 Getting Started with the Online Backup Software... 2 Installing the Online Backup Software... 2 Configuring a Device...
More informationVERITAS NetBackup Encryption 3.4
VERITAS NetBackup Encryption 3.4 System Administrator s Guide June 2000 100-001508 Disclaimer The information contained in this publication is subject to change without notice. VERITAS Software Corporation
More information/****************************************************************************\ DAS Release for Solaris, Linux, and Windows
/****************************************************************************\ DAS Release 3.0.0 for Solaris, Linux, and Windows Copyright 1991-2012 Information Security Corp. All rights reserved. This
More informationUsing the Web-Browser and CLI Interfaces
CHAPTER 2 This chapter describes the web-browser and CLI interfaces that you use to configure the controller. It contains these sections: Using the Web-Browser Interface, page 2-2 Using the CLI, page 2-7
More informationDigital Certificates Demystified
Digital Certificates Demystified Ross Cooper, CISSP IBM Corporation RACF/PKI Development Poughkeepsie, NY Email: rdc@us.ibm.com August 9 th, 2012 Session 11622 Agenda Cryptography What are Digital Certificates
More informationCiphermail Webmail Messenger Administration Guide
CIPHERMAIL EMAIL ENCRYPTION Ciphermail Webmail Messenger Administration Guide October 27, 2017, Rev: 8630 Copyright 2013-2017, ciphermail.com. CONTENTS CONTENTS Contents 1 Introduction 4 2 Admin login
More informationDigital it Signatures. Message Authentication Codes. Message Hash. Security. COMP755 Advanced OS 1
Digital Signatures Digital it Signatures Offer similar protections as handwritten signatures in the real world. 1. Difficult to forge. 2. Easily verifiable. 3. Not deniable. 4. Easy to implement. 5. Differs
More informationFigure 13.1 ASN.1: abstract and transfer/concrete syntax relationship.
Figure 3. ASN.: abstract and transfer/concrete syntax relationship. Host AP Data in an agreed abstract syntax (e.g. type character, integer etc.) Data in an agreed transfer/concrete syntax (e.g. type,
More informationManaging User Accounts
Configuring Guest User Accounts, page 1 Configuring Administrator Usernames and Passwords, page 4 Changing the Default Values for SNMP v3 Users, page 6 Generating a Certificate Signing Request, page 7
More informationCS 161 Computer Security
Popa & Wagner Spring 2016 CS 161 Computer Security Midterm 2 Print your name:, (last) (first) I am aware of the Berkeley Campus Code of Student Conduct and acknowledge that academic misconduct will be
More informationDCLI User's Guide. Data Center Command-Line Interface 2.7.0
Data Center Command-Line Interface 2.7.0 You can find the most up-to-date technical documentation on the VMware Web site at: https://docs.vmware.com/ The VMware Web site also provides the latest product
More informationVeritas System Recovery Disk Help
Veritas System Recovery Disk Help About recovering a computer If Windows fails to start or does not run normally, you can still recover your computer. You can use the Veritas System Recovery Disk and an
More informationCryptography. Cryptography is much more than. What is Cryptography, exactly? Why Cryptography? (cont d) Straight encoding and decoding
Copyright 2000-2001, University of Washington Cryptography is much more than Cryptography Cryptography systems allow 2 parties to communicate securely. The intent is to give privacy, integrity and security
More informationUsing the Command-Line Interface
This chapter describes how to use the CLI on the Cisco ASA. The CLI uses similar syntax and other conventions to the Cisco IOS CLI, but the ASA operating system is not a version of Cisco IOS software.
More informationJuniper Networks Pulse Cryptographic Module. FIPS Level 1 Security Policy Version: 1.0 Last Updated: July 19, 2013
Juniper Networks Pulse Cryptographic Module FIPS 140-2 Level 1 Security Policy Version: 1.0 Last Updated: July 19, 2013 Juniper Networks, Inc. 1194 N. Mathilda Ave Sunnyvale, CA 94089 Copyright 2013 Juniper
More informationJune PGP Command Line User s Guide
June 2004 PGP Command Line User s Guide Version Information PGP Command Line User s Guide, version 8.5. Released June 1, 2004. Copyright Information Copyright 1991 2004 by PGP Corporation. All Rights Reserved.
More informationCryptography Application : SSH. Cyber Security & Network Security March, 2017 Dhaka, Bangladesh
Cryptography Application : SSH Cyber Security & Network Security 20-22 March, 2017 Dhaka, Bangladesh Issue Date: [31-12-2015] Revision: [v.1] What is Safely Authentication I am Assured of Which Host I
More informationConfiguring SSL Security
CHAPTER9 This chapter describes how to configure SSL on the Cisco 4700 Series Application Control Engine (ACE) appliance. This chapter contains the following sections: Overview Configuring SSL Termination
More informationPackage PKI. September 16, 2017
Version 0.1-5.1 Package PKI September 16, 2017 Title Public Key Infrastucture for R Based on the X.509 Standard Author Maintainer Depends R (>=
More information3 Connection, Shell Serial Connection over Console Port SSH Connection Internet Connection... 5
Contents 1 Description 2 2 Supported Devices 3 3 Connection, Shell 4 3.1 Serial Connection over Console Port...................... 4 3.2 SSH Connection................................. 4 3.3 Internet Connection...............................
More informationOverview. Cryptographic key infrastructure Certificates. May 13, 2004 ECS 235 Slide #1. Notation
Overview Key exchange Session vs. interchange keys Classical, public key methods Key generation Cryptographic key infrastructure Certificates Key storage Key escrow Key revocation Digital signatures May
More informationChapter 9. Public Key Cryptography, RSA And Key Management
Chapter 9 Public Key Cryptography, RSA And Key Management RSA by Rivest, Shamir & Adleman of MIT in 1977 The most widely used public-key cryptosystem is RSA. The difficulty of attacking RSA is based on
More informationDistributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015
Distributed Systems 26. Cryptographic Systems: An Introduction Paul Krzyzanowski Rutgers University Fall 2015 1 Cryptography Security Cryptography may be a component of a secure system Adding cryptography
More informationTrend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice. Before installing and using the software, please review the readme files,
More information