ECE646 Fall Lab 1: Pretty Good Privacy. Instruction
|
|
- Nickolas Gaines
- 6 years ago
- Views:
Transcription
1 ECE646 Fall 2012 Lab 1: Pretty Good Privacy Instruction PLEASE READ THE FOLLOWING INSTRUCTIONS CAREFULLY: 1. You are expected to address all questions listed in this document in your final report. 2. All s exchanged with other students as a part of this lab should be sent with CC: to gmuece646@gmail.com. 3. A LAB REPORT must be submitted using MyMason by Tuesday, October 9 th, 11:59 PM. In order to perform this lab, you are expected to have an understanding of LECTURES 1-4, Stallings, 5th ed., Chapter 18.1 Pretty Good Privacy (PGP), and Appendix 18 A Radix-64 Conversion. You can also use: The Gpg4win Compendium, English version, Version beta1 from 31. August 2010, which should have been copied to your computer during the GPG installation. (You can also find it at ).
2 1. KEY DISTRIBUTION: DIRECT TRUST GROUP Export your public key to an ASCII file. Send your own public key to all members of your DIRECT TRUST GROUP by . Please remember to CC: your communication to Import public keys of your DIRECT TRUST GROUP members to your public key ring. Verify the public keys fingerprints of imported keys against the fingerprints listed on the cards, you received from your classmates. If this verification is successful, sign the keys of your DIRECT TRUST GROUP. Hint: You can use GPA: Keys => Sign Keys, or Kleopatra: Certificates => Certify Certificates (Certify for everyone to see). Set the trust you have in the owner of each public key you received, when this owner serves as an introducer of other users Hint: You can use GPA: Keys => Set Owner Trust, or Kleopatra: Certificates => Change Owner Trust If you are impatient and do not want to wait for responses from other students, you can start from exchanging public keys with your virtual friend Adele Adele will respond to your messages automatically, and she will send you her public key. You may afterwards exchange also signed and encrypted messages with her. Please be aware that Adele is German, so if you do not speak German, you may need to use Google Translate to understand some messages sent by her. 1. Which keys are protected by a passphrase and why? 2. How can you transfer your public keys to another user (list multiple ways, beyond those used in this lab) 3. How does the receiver know that a public key you sent really belongs to you? 4. Draw a hierarchal diagram showing your public key ring web of trust (including Adele if you exchanged public keys between each other) 2. KEY DISTRIBUTION: INTRODUCING NEW USERS Introduce two new users to each member of your DIRECT TRUST GROUP. For each pair of the new users, one of them should be a true member of your DIRECT TRUST GROUP, and the other should be a fake user, you created during the LAB SETUP (i.e., a user with a different name than yours, but with an account you fully control). Your introductions should include a short cover letter and a public key of the introduced user signed by you. Import all received public keys to your public key ring, unless you know for sure that they are fake (e.g., because a user introduced to you is already a member of your DIRECT TRUST GROUP). In this case, inform the sender immediately that you rejected his/her introduction. 5. List all fake ( ID, key ID) pairs you created. 6. List two users introduced to each member of your DIRECT TRUST GROUP, and mark which one is true, and which one is fake.
3 7. Draw a hierarchical diagram showing your entire public-key-ring web-of-trust (keep updating this diagram as you are introduced to the new users). 3. SIGNATURE GENERATION Using an ASCII text editor, prepare a relatively small text file with a message revealing some information about you, which other students may not be aware of. Prepare similar files with messages pretended to be written by 2-3 students you are trying to impersonate. Sign all messages using respective private keys, and send them to the users who are in possession of the corresponding public keys. Please note that one of such users is your virtual friend Adele. Please note that you can use at least the following two methods to sign a file: Kleopatra: File => Sign/Encrypt Files (Sign, Sign with Open PGP), or Windows Explorer: choose a file, right click with your mouse, and choose More GpgEX Options (Sign). In each case, you can also choose whether your output will be stored in a binary file, or in an ASCII file composed of only visible characters (Option: Text Output (ASCII Armor)). Please try both values of this option to see the difference. Investigate all output files, looking at their contents and the length. Send the obtained files (all and only files which are required to verify the signature) to the intended recipients. 8. What transformations are performed during signing (with and without ASCII Armor set)? 9. Which algorithms are used during each of these transformations? 10. What keys are required to perform these transformations? 11. Where are these keys stored? Which of these keys are protected using a passphrase? What are the pros and cons of using passphrases. 12. Determine, compare, and explain the sizes of signatures for each message. 4. SIGNATURE VERIFICATION Verify all signatures generated by yourself, using your public key. Change a single character in each message, and do the verification again. Verify the signatures associated with messages you have received from other students. Decide whether these messages are authentic based on the factors such as: a) your trust in the public key of the sender b) your trust in a person who introduced a public key of the sender to you c) text of the message. 13. Describe and explain the behavior of the program during verification of correct and modified messages. 14. What transformations, algorithms, and keys are used during the signature verification?
4 15. Document your conclusions regarding the authenticity of the signed messages you received. 5. ENCRYPTION Using an ASCII text editor please prepare a few secret messages to be sent to users whose public keys are located in your public key ring. You can also encrypt larger binary files such as photos and PDF files. Encrypt these files, using the respective receiver s public keys, and then separately, for testing purposes only, using your public key. Send the obtained files to the intended recipients, using your true account, as well as fake accounts of other students, which you control. Investigate the encrypted files, looking at their contents and length. 16. How would you explain the relations between the length of the file before and after the encryption for each set of options? 17. What transformations are performed during encryption (with and without ASCII Armor set)? 18. What keys are required to perform these transformations? Where are these keys stored? Which of these keys are protected using a passphrase? 19. Can you change the order of these transformations without affecting the program functionality or security? 20. Which algorithms are used during each of these transformations? What are the key sizes used in each of these algorithms? Can you change these key sizes? If so, how? 21. When you send an encrypted file to a recipient what kind of security service(s) are you using? 6. DECRYPTION Try to decrypt all files you have either encrypted by yourself or received from other students. 22. How can the receiver decrypt the file without having to agree with the sender in advance on using the same set of options and algorithms? 23. Can you be sure of the authenticity of the message sender? If not, how could you possibly change the encryption options to guarantee message authentication? 24. Can you be sure of the integrity of the message? If not, how could you possibly change the encryption options to guarantee message integrity? 25. What happens if you change a single byte in the encrypted file before the decryption? How reliable is the message integrity protection you observe?
5 7. REVEALING FAKE USERS (this step should be performed only on Monday or Tuesday, October 8-9) Make an educated guess regarding the authenticity of all messages you have received as a part of this lab so far. Communicate this guess to all users you have received messages from. Respond to these guesses, revealing your true identity. 26. Were any of your attempts to cheat successful? If no, why? If yes, what was the major weakness of the key distribution procedure used in this exercise that has made your attack successful? 27. Were you able to identify any fake messages by yourself? If yes, how? If no, why? 28. On the hierarchical diagram showing your web-of-trust, label each key as either legitimate or fake. If a key is fake, write the name of a real owner next to it. 8. OpenPGP CERTIFICATE SERVER Investigate the use of Kleopatra options Export Certificate to Server, and Lookup Certificate on Server. 29. Would the use of OpenPGP Certificate Server prevent any weaknesses of the key distribution scheme used in this lab. If yes, how? If no, why? 9. PGP & PROGRAMS (BONUS) GnuPG can be integrated into some popular programs, such as Outlook. 30. Describe all steps necessary to plug-in GnuPG into a selected program. 31. Using this integrated environment, send a signed message to gmuece646@gmail.com, the message should contain at least, your name, address and public key fingerprint in HEX. Include your in the final report.
ECE646 Fall Lab 1: Pretty Good Privacy. Instruction
ECE646 Fall 2015 Lab 1: Pretty Good Privacy Instruction PLEASE READ THE FOLLOWING INSTRUCTIONS CAREFULLY: 1. You are expected to address all questions listed in this document in your final report. 2. All
More informationECE 646 Fall Lab 1: Pretty Good Privacy Setup
ECE 646 Fall 2017 Lab 1: Pretty Good Privacy Setup This setup should be completed before the lecture on Tuesday, October 3. Please read the general information about GNU Privacy Guard from Wikipedia available
More informationLAB :: PGP (Pretty Good Privacy)
LAB :: PGP (Pretty Good Privacy) GnuPG : GnuPG forms the heart of Gpg4win the actual encryption software. Kleopatra : The central certificate administration of Gpg4win, which ensures uniform user navigation
More informationSecurity PGP / Pretty Good Privacy. SANOGXXX July, 2017 Gurgaon, Haryana, India
Email Security PGP / Pretty Good Privacy SANOGXXX 10-18 July, 2017 Gurgaon, Haryana, India Issue Date: [31-12-2015] Revision: [V.1] Security issues for E-mail Confidentiality Network admin can read your
More informationCryptography: Practice JMU Cyber Defense Boot Camp
Cryptography: Practice 2013 JMU Cyber Defense Boot Camp Prerequisites This unit assumes that you have already known Symmetric-key encryption Public-key encryption Digital signature Digital certificates
More informationDue: October 8, 2013: 7.30 PM
Jackson State University Department of Computer Science CSC 437-01/539-01 Computer Security Fall 2013 Instructor: Dr. Natarajan Meghanathan Lab Project # 1: Lab Project on using PGP GNU Privacy Guard (GPG)
More informationFRCC Secure Data Transfer. Users Guide V1.5
FRCC Secure Data Transfer Users Guide V1.5 Table of Contents I. Introduction... 2 II. Part 1 - Software Installation... 3 III. Part 2 - Creating Your PKI Certificate... 7 IV. Part 3 - Importing FRCC Public
More informationFRCC Secure Transfer & Storage Infrastructure. Training for new data transfer process
FRCC Secure Transfer & Storage Infrastructure Training for new data transfer process Training Objects Understand the changes in regards to the data transfer process using PKI Installation Key management
More informationPrincess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536)
Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536) Prepared by Dr. Samia Chelloug E-mail: samia_chelloug@yahoo.fr Content
More informationPretty Good Privacy (PGP)
Pretty Good Privacy (PGP) -- PGP services -- PGP key management (c) Levente Buttyán (buttyan@crysys.hu) What is PGP? general purpose application to protect (encrypt and/or sign) files can be used to protect
More informationLecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005
Lecture 30 Security April 11, 2005 Cryptography K A ciphertext Figure 7.3 goes here K B symmetric-key crypto: sender, receiver keys identical public-key crypto: encrypt key public, decrypt key secret Symmetric
More informationLab: Securing with PGP
Objectives Understand the concept of public keys, signing, and encrypting email with PGP. Background GNUPG (or GNU Privacy guard) is a free implementation of the OpenPGP standard (RFC 4880) as a tool for
More informationRalph Durkee Independent Consultant Security Consulting, Security Training, Systems Administration, and Software Development
Ralph Durkee Independent Consultant www.rd1.net Security Consulting, Security Training, Systems Administration, and Software Development PGP and GnuPG Rochester OWASP Agenda: Generic Public Key Encryption
More informationLearn PGP. SIPB Cluedump, 19 October Anish Athalye (aathalye), Merry Mou (mmou), Adam Suhl (asuhl) 1 / 22
Learn PGP SIPB Cluedump, 19 October 2016 Anish Athalye (aathalye), Merry Mou (mmou), Adam Suhl (asuhl) 1 / 22 2 / 22 Overview 1. Theore cal PGP / Intro to Security 2. Prac cal PGP Installa on, Usage, Demo
More informationMailvelope for Encryption
Mailvelope for Email Encryption Steve Revilak https://masspirates.org/blog/category/cryptoparty/ Cryptoparty @ Somerville Public Library July 15, 2016 1 / 15 What is Mailvelope Mailvelope is a browser
More informationgpg4o Manual Version 5.0
gpg4o Manual Version 5.0 Table of Contents Table of Contents 1 General 4 2 System Requirements 5 3 Functional Range 6 3.1 Versions Functional Range Comparison..................... 6 3.2 PGP/Inline and
More informationPublic Key Cryptography, OpenPGP, and Enigmail. 31/5/ Geek Girls Carrffots GVA
Public Key Cryptography, OpenPGP, and Enigmail Cryptography is the art and science of transforming (encrypting) a message so only the intended recipient can read it Symmetric Cryptography shared secret
More informationNetwork Encryption Methods
Network Encryption Network Encryption Methods CSC362, Information Security Objectives understanding the impact of employing encryption at different protocol layers application layer encryption transport
More informationPGP Key Verification. Version 1.1, 08/26/2002. Stephen Gill Published: 08/26/2002
PGP Key Verification Version 1.1, 08/26/2002 Stephen Gill E-mail: gillsr@cymru.com Published: 08/26/2002 Contents Credits Introduction... 2 Instructions... 2 Step 1: Retrieve... 3 Step 2: Fingerprint...
More informationECE 646 Fall 2008 Multiple-choice test
ECE 646 Fall 2008 Multiple-choice test 1. (1 pt) Arrange the following ciphers in the order of the increasing measure of roughness for the ciphertext obtained by encrypting 1000-letter message with a given
More informationPretty Good Privacy (PGP
PGP - S/MIME - Internet Firewalls for Trusted System: Roles of Firewalls Firewall related terminology- Types of Firewalls - Firewall designs - SET for E-Commerce Transactions. Pretty Good Privacy (PGP
More informationECE 646 Lecture 4A. Pretty Good Privacy PGP. Short History of PGP based on the book Crypto by Steven Levy. Required Reading
ECE 646 Lecture 4A Pretty Good Privacy PGP Required Reading Stallings, Cryptography and Network Security: Principles and Practice, 5/E or 6/E Chapter 18.1 or 19.1 Pretty Good Privacy (PGP) On-line Chapters
More informationPretty Good Privacy PGP. Required Reading. Stallings, Cryptography and Network Security: Principles and Practice, 5/E or 6/E
ECE 646 Lecture 4 Pretty Good Privacy PGP Required Reading Stallings, Cryptography and Network Security: Principles and Practice, 5/E or 6/E Chapter 18.1 or 19.1 Pretty Good Privacy (PGP) On-line Chapters
More informationECE 646 Lecture 4. Pretty Good Privacy PGP
ECE 646 Lecture 4 Pretty Good Privacy PGP Required Reading Stallings, Cryptography and Network Security: Principles and Practice, 6/E or 7/E Chapter 19.1 Pretty Good Privacy (PGP) On-line Chapters (available
More informationINFORMATION SECURITY - PRACTICAL ASSESSMENT - TP3 - CRYPTOGRAPHY AND APPLICATIONS. GRENOBLE INP ENSIMAG
INFORMATION SECURITY - PRACTICAL ASSESSMENT - TP3 - CRYPTOGRAPHY AND APPLICATIONS GRENOBLE INP ENSIMAG http://www.ensimag.fr COMPUTER SCIENCE 3RD YEAR SIF-LOAD - 1ST SEMESTER, 2011 Lecturers: Fabien Duchene
More informationand File Encryption on ios with S/MIME and PGP
Email and File Encryption on ios with S/MIME and PGP Peter Tondl Email and file encryption are no longer an issue in the desktop world. Either you do it or not. In any case, technology rarely fails. All
More informationADP Secure Client User Guide
March 2018 ADP Secure Email Client User Guide A guide to exchanging secure emails using the HPE Voltage SecureMail TM System Version 2.2 The ADP logo and ADP are registered trademarks of ADP, LLC. ADP
More informationThe Research on PGP Private Key Ring Cracking and Its Application
The Research on PGP Private Key Ring Cracking and Its Application Xiaoyan Deng 1 *, Qingbing Ji 2, Lijun Zhang 3 1. College of Applied Mathematics,Chengdu University of Information Technology,Chengdu,
More informationAuthentication KAMI VANIEA 1
Authentication KAMI VANIEA FEBRUARY 1ST KAMI VANIEA 1 First, the news KAMI VANIEA 2 Today Basics of authentication Something you know passwords Something you have Something you are KAMI VANIEA 3 Most recommended
More informationDigital Signatures. KG November 3, Introduction 1. 2 Digital Signatures 2
Digital Signatures KG November 3, 2017 Contents 1 Introduction 1 2 Digital Signatures 2 3 Hash Functions 3 3.1 Attacks.................................... 4 3.2 Compression Functions............................
More informationSecurity Using Digital Signatures & Encryption
Email Security Using Digital Signatures & Encryption CONTENTS. Introduction The Need for Email Security Digital Signatures & Encryption 101 Digital Signatures & Encryption in Action Selecting the Right
More informationPublic-Key Infrastructure NETS E2008
Public-Key Infrastructure NETS E2008 Many slides from Vitaly Shmatikov, UT Austin slide 1 Authenticity of Public Keys? private key Alice Bob public key Problem: How does Alice know that the public key
More informationPublic-key Cryptography: Theory and Practice
Public-key Cryptography Theory and Practice Department of Computer Science and Engineering Indian Institute of Technology Kharagpur Chapter 1: Overview What is Cryptography? Cryptography is the study of
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 11: Public Key Infrastructure Department of Computer Science and Engineering University at Buffalo 1 Lecture Outline Public key infrastructure Certificates Trust
More informationHOST Authentication Overview ECE 525
Authentication Overview Authentication refers to the process of verifying the identity of the communicating principals to one another Usually sub-divided into Entity authentication Authentication in real-time
More informationCS 425 / ECE 428 Distributed Systems Fall 2017
CS 425 / ECE 428 Distributed Systems Fall 2017 Indranil Gupta (Indy) Dec 5, 2017 Lecture 27: Security All slides IG Security Threats Leakage Unauthorized access to service or data E.g., Someone knows your
More informationKey Management and Distribution
Key Management and Distribution Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-14/
More informationSecure Sockets Layer (SSL) / Transport Layer Security (TLS)
Secure Sockets Layer (SSL) / Transport Layer Security (TLS) Brad Karp UCL Computer Science CS GZ03 / M030 20 th November 2017 What Problems Do SSL/TLS Solve? Two parties, client and server, not previously
More informationSecurity and Privacy
E-mail Security and Privacy Department of Computer Science Montclair State University Course : CMPT 320 Internet/Intranet Security Semester : Fall 2008 Student Instructor : Alex Chen : Dr. Stefan Robila
More informationA New Symmetric Key Algorithm for Modern Cryptography Rupesh Kumar 1 Sanjay Patel 2 Purushottam Patel 3 Rakesh Patel 4
IJSRD - International Journal for Scientific Research & Development Vol. 2, Issue 08, 2014 ISSN (online): 2321-0613 A New Symmetric Key Algorithm for Modern Cryptography Rupesh Kumar 1 Sanjay Patel 2 Purushottam
More informationPGP(R) Desktop Version 10.1 for Mac OS X Release Notes
Page 1 of 8 PGP(R) Desktop Version 10.1 for Mac OS X Release Notes Thank you for using this PGP Corporation product. These Release Notes contain important information regarding this release of PGP Desktop
More informationUsing Cryptography CMSC 414. October 16, 2017
Using Cryptography CMSC 414 October 16, 2017 Digital Certificates Recall: K pub = (n, e) This is an RSA public key How do we know who this is for? Need to bind identity to a public key We can do this using
More informationKey management. Pretty Good Privacy
ECE 646 - Lecture 4 Key management Pretty Good Privacy Using the same key for multiple messages M 1 M 2 M 3 M 4 M 5 time E K time C 1 C 2 C 3 C 4 C 5 1 Using Session Keys & Key Encryption Keys K 1 K 2
More informationNetPGP BSD-licensed Privacy. Alistair Crooks c
NetPGP BSD-licensed Privacy Alistair Crooks agc@netbsd.org c059 6823 Privacy? Encryption and decryption Signing and verification Web of trust PKI Certifying Authority Today? pgp gnupg gpgme proprietary
More informationSecurity in ECE Systems
Lecture 11 Information Security ECE 197SA Systems Appreciation Security in ECE Systems Information security Information can be very valuable Secure communication important to protect information Today
More informationWPA-GPG: Wireless authentication using GPG Key
Università degli Studi di Bologna DEIS WPA-GPG: Wireless authentication using GPG Key Gabriele Monti December 9, 2009 DEIS Technical Report no. DEIS-LIA-007-09 LIA Series no. 97 WPA-GPG: Wireless authentication
More informationCryptographic proof of custody for incentivized file-sharing
Cryptographic proof of custody for incentivized file-sharing Pavel Kravchenko 1, Vlad Zamfir 2 1 Distributed Lab, pavel@distributedlab.com 2 Coinculture, vlad@coinculture.info Abstract. A cryptographic
More informationOverview. Cryptographic key infrastructure Certificates. May 13, 2004 ECS 235 Slide #1. Notation
Overview Key exchange Session vs. interchange keys Classical, public key methods Key generation Cryptographic key infrastructure Certificates Key storage Key escrow Key revocation Digital signatures May
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 11 Basic Cryptography Objectives Define cryptography Describe hashing List the basic symmetric cryptographic algorithms 2 Objectives
More information4:40pm - 6:10pm (90 min)
CMPT-401 Operating Systems II (Fall 2005) Midterm School of Computing Science Simon Fraser University October 18, 2005 4:40pm - 6:10pm (90 min) Last name: First name: Student number: Signature: Note: 1.
More informationCYBER SECURITY MADE SIMPLE
CYBER SECURITY MADE SIMPLE Author: Christopher Gorog www.logiccentral.org www.newcyberfrontier.com Christopher Gorog, MBA, PMP, CISSP Lead Faculty for Cybersecurity at Colorado Technical University; Published
More informationOracle Communications Network Charging and Control. Voucher Print Shop Operations Guide Release 6.0.1
Oracle Communications Network Charging and Control Voucher Print Shop Operations Guide Release 6.0.1 April 2017 Copyright Copyright 2017, Oracle and/or its affiliates. All rights reserved. This software
More informationAuthentication Part IV NOTE: Part IV includes all of Part III!
Authentication Part IV NOTE: Part IV includes all of Part III! ECE 3894 Hardware-Oriented Security and Trust Spring 2018 Assoc. Prof. Vincent John Mooney III Georgia Institute of Technology NOTE: THE FOLLOWING
More informationPublic Key Infrastructures
Public Key Infrastructures Trust Models Cryptography and Computer Algebra Prof. Johannes Buchmann Dr. Johannes Braun We trust certificates because we trust the system(s). Direct trust Web of trust Hierarchical
More informationICT 6541 Applied Cryptography Lecture 8 Entity Authentication/Identification
ICT 6541 Applied Cryptography Lecture 8 Entity Authentication/Identification Hossen Asiful Mustafa Introduction Entity Authentication is a technique designed to let one party prove the identity of another
More informationYou ve Got. Advanced . Location: Technology Room, Central Library Visit Schenectady County Public Library at
You ve Got Advanced E-mail Location: Technology Room, Central Library Visit Schenectady County Public Library at http://www.scpl.org (The following document adapted from information found on http://www.google.com
More information0/41. Alice Who? Authentication Protocols. Andreas Zeller/Stephan Neuhaus. Lehrstuhl Softwaretechnik Universität des Saarlandes, Saarbrücken
0/41 Alice Who? Authentication Protocols Andreas Zeller/Stephan Neuhaus Lehrstuhl Softwaretechnik Universität des Saarlandes, Saarbrücken The Menu 1/41 Simple Authentication Protocols The Menu 1/41 Simple
More informationCertificate-based authentication for data security
Technical white paper Certificate-based authentication for data security Table of Contents Introduction... 2 Analogy: A simple checking account... 2 Verifying a digital certificate... 2 Summary... 8 Important
More informationECEN 5022 Cryptography
Introduction University of Colorado Spring 2008 Historically, cryptography is the science and study of secret writing (Greek: kryptos = hidden, graphein = to write). Modern cryptography also includes such
More informationAn Introduction to How PGP Works
An Introduction to How PGP Works Revision: 0.01 Author: Kenneth Robert Ballou Date 2005-07-21 Document Change History Change Description/Reason Changed By Date Revision Initial Creation of Document Kenneth
More informationLab: PGP Encryption First download the PGP software from: http://www.dcs.napier.ac.uk/~bill/zips/pgpcmdln_6.5.8_win32_fw.zip Unzip it, and install it to the system. Objectives Activity 1. Generate public
More informationComputer Security Spring 2010 Paxson/Wagner HW 4. Due Thursday April 15, 5:00pm
CS 161 Computer Security Spring 2010 Paxson/Wagner HW 4 Due Thursday April 15, 5:00pm Instructions: Submit your solution by Thursday, April 15, 5:00pm electronically. Write up your answers in either PDF
More informationInternet Architecture
Internet Architecture Lecture 10: How Email Work Assistant Teacher Samraa Adnan Al-Asadi 1 How Email Works Electronic mail, or email, might be the most heavily used feature of the Internet. You can use
More informationBut where'd that extra "s" come from, and what does it mean?
SSL/TLS While browsing Internet, some URLs start with "http://" while others start with "https://"? Perhaps the extra "s" when browsing websites that require giving over sensitive information, like paying
More informationRegulatory Reporting Hub SFTP Connection How to connect via SFTP & upload Files
SFTP Connection How to connect via SFTP & upload Files Version 1.2 October 2017 Table of Content 1. Introduction... 2 2. Technical Pre-Conditions... 2 2.1. Hardware requirements... 2 2.2. Software requirements...
More informationSecurity and Anonymity
Security and Anonymity Distributed Systems need a network to send messages. Any message you send in a network can be looked at by any router or machine it goes through. Further if your machine is on the
More informationAuthentication & Authorization
Authentication & Authorization Anuj Gupta 1, 1 M.Tech Scholar, Department of C.F.I.S, G.I.T.A.M, Kablana, Jhajjar Ashish Kumar Sharma 2 2 Assistant Professor, Department of C.F.I.S & C.S.E, G.I.T.A.M,
More informationLesson 13 Securing Web Services (WS-Security, SAML)
Lesson 13 Securing Web Services (WS-Security, SAML) Service Oriented Architectures Module 2 - WS Security Unit 1 Auxiliary Protocols Ernesto Damiani Università di Milano element This element
More informationPKI Contacts PKI for Fraunhofer Contacts
Fraunhofer Competence Center PKI PKI Contacts PKI for Fraunhofer Contacts User manual for communication partners of the Fraunhofer-Gesellschaft Author[s]: Uwe Bendisch, Maximilian Gottwald As at: 03.02.2017
More informationPassword. authentication through passwords
Password authentication through passwords Human beings Short keys; possibly used to generate longer keys Dictionary attack: adversary tries more common keys (easy with a large set of users) Trojan horse
More informationCS61A Lecture #39: Cryptography
Announcements: CS61A Lecture #39: Cryptography Homework 13 is up: due Monday. Homework 14 will be judging the contest. HKN surveys on Friday: 7.5 bonus points for filling out their survey on Friday (yes,
More informationAPPLICATION LAYER APPLICATION LAYER : DNS, HTTP, , SMTP, Telnet, FTP, Security-PGP-SSH.
APPLICATION LAYER : DNS, HTTP, E-mail, SMTP, Telnet, FTP, Security-PGP-SSH. To identify an entity, the Internet used the IP address, which uniquely identifies the connection of a host to the Internet.
More informationSend documentation comments to
CHAPTER 6 Configuring Certificate Authorities and Digital Certificates This chapter includes the following topics: Information About Certificate Authorities and Digital Certificates, page 6-1 Default Settings,
More informationECE596C: Handout #9. Authentication Using Shared Secrets. Electrical and Computer Engineering, University of Arizona, Loukas Lazos
ECE596C: Handout #9 Authentication Using Shared Secrets Electrical and Computer Engineering, University of Arizona, Loukas Lazos Abstract. In this lecture we introduce the concept of authentication and
More informationHY-457 Information Systems Security
HY-457 Information Systems Security Recitation 1 Panagiotis Papadopoulos(panpap@csd.uoc.gr) Kostas Solomos (solomos@csd.uoc.gr) 1 Question 1 List and briefly define categories of passive and active network
More informationConfiguring Certificate Authorities and Digital Certificates
CHAPTER 43 Configuring Certificate Authorities and Digital Certificates Public Key Infrastructure (PKI) support provides the means for the Cisco MDS 9000 Family switches to obtain and use digital certificates
More informationBEST PRACTICES FOR PERSONAL Security
BEST PRACTICES FOR PERSONAL Email Security Sometimes it feels that the world of email and internet communication is fraught with dangers: malware, viruses, cyber attacks and so on. There are some simple
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 24 April 16, 2012 CPSC 467b, Lecture 24 1/33 Kerberos Secure Shell (SSH) Transport Layer Security (TLS) Digital Rights Management
More information14. Internet Security (J. Kurose)
14. Internet Security (J. Kurose) 1 Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer:
More informationComputer Security module
Computer Security module Revision notes Mark D. Ryan June 2010 There won't be a revision lecture for the Computer Security module. Instead, these notes are provided to help you prepare for the exam. Revision
More informationThe Network Security Model. What can an adversary do? Who might Bob and Alice be? Computer Networks 12/2/2009. CSC 257/457 - Fall
The Network Security Model Bob and lice want to communicate securely. Trudy (the adversary) has access to the channel. Kai Shen lice data channel secure sender data, control s secure receiver Bob data
More informationOverview of Authentication Systems
Overview of Authentication Systems Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-07/
More informationCristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.
CS355: Cryptography Lecture 17: X509. PGP. Authentication protocols. Key establishment. Public Keys and Trust Public Key:P A Secret key: S A Public Key:P B Secret key: S B How are public keys stored How
More informationHow to Configure S/MIME for WorxMail
How to Configure S/MIME for WorxMail Windows Phone 8.1 This article describes how to configure S/MIME (Secure/Multipurpose Internet Mail Extensions) for WorxMail Windows Phone 8.1. Note: This feature works
More informationSecurity Handshake Pitfalls
Security Handshake Pitfalls 1 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: Authenticate each other Establish sessions keys This process may
More informationCT30A8800 Secured communications
CT30A8800 Secured communications Pekka Jäppinen October 31, 2007 Pekka Jäppinen, Lappeenranta University of Technology: October 31, 2007 Secured Communications: Key exchange Schneier, Applied Cryptography:
More informationModern cryptography 2. CSCI 470: Web Science Keith Vertanen
Modern cryptography 2 CSCI 470: Web Science Keith Vertanen Modern cryptography Overview Asymmetric cryptography Diffie-Hellman key exchange (last time) Pubic key: RSA Pretty Good Privacy (PGP) Digital
More informationChapter 9: Key Management
Chapter 9: Key Management Session and Interchange Keys Key Exchange Cryptographic Key Infrastructure Storing and Revoking Keys Digital Signatures Slide #9-1 Overview Key exchange Session vs. interchange
More informationCS 161 Computer Security
Popa & Wagner Spring 2016 CS 161 Computer Security Midterm 2 Print your name:, (last) (first) I am aware of the Berkeley Campus Code of Student Conduct and acknowledge that academic misconduct will be
More informationCryptography and Network Security
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown Chapter 15 Electronic Mail Security Despite the refusal of VADM Poindexter and LtCol North to appear,
More information2. GETTING STARTED SECURE FILE TRANSFER PROTOCOL (SFTP) PROCEDURES A. Secure File Transfer Protocol (SFTP) Procedures
A. Secure File Transfer Protocol (SFTP) Procedures Overview A. IEHP utilizes the Secure File Transfer Protocol (SFTP) server to conduct all electronic data file transactions. Some of the benefits to using
More information(Photos and Instructions Based on Microsoft Outlook 2007, Gmail, Yahoo! Mail, and Hotmail)
Specific instructions on how to compose a professional e-mail using send and reply options, basic e-mail components, appropriate wording, content, tone, and examples of what not to do. (Photos and Instructions
More informationComputer Networking. What is network security? Chapter 7: Network security. Symmetric key cryptography. The language of cryptography
Chapter 7: Network security 15-441 Computer Networking Network Security: Cryptography, Authentication, Integrity Foundations: what is security? cryptography authentication message integrity key distribution
More informationS/MIME Security Services
This chapter contains the following sections: Overview of, page 1 in Email Security Appliance, page 1 Signing, Encrypting, or Signing and Encrypting Outgoing Messages using S/MIME, page 5 Verifying, Decrypting,
More informationS/MIME Security Services
This chapter contains the following sections: Overview of, on page 1 in Email Security Appliance, on page 1 Signing, Encrypting, or Signing and Encrypting Outgoing Messages using S/MIME, on page 4 Verifying,
More informationAdobe Acrobat DC Forms
Adobe Acrobat DC Forms Course objectives: Create interactive forms Manage form fields and properties Use forms in Adobe Reader Use PDF Actions Digital Signatures This course does not cover LiveCycle. Staff
More informationCSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L
CS 3461/5461: Introduction to Computer Networking and Internet Technologies Network Security Study: 21.1 21.5 Kannan Srinivasan 11-27-2012 Security Attacks, Services and Mechanisms Security Attack: Any
More informationPoulsen, Kevin Wednesday, November 07, :54 PM Singel, Ryan FW: [hush.com # ] Journalist's query
Singel, Ryan From: Sent: To: Subject: Poulsen, Kevin Wednesday, November 07, 2007 1:54 PM Singel, Ryan FW: [hush.com #2012168] Journalist's query -----Original Message----- From: Brian Smith [mailto:sbs@hushmail.com]
More informationSharing your own BGSU Exchange calendar in Outlook 2007
Sharing a calendar Outlook gives you a variety of ways to share calendars with colleagues and friends. It also enables you to download public calendars from the internet, such as the schedule of your favorite
More informationIntroduction to Cryptography. Ramki Thurimella
Introduction to Cryptography Ramki Thurimella Encryption & Decryption 2 Generic Setting 3 Kerckhoff s Principle Security of the encryption scheme must depend only on The secret key NOT on the secrecy of
More information