Introduction to information Security

Transcription

1 First lecture Introduction to information Security Why Computer and information Security Cryptography Secret key algorithms: DES/AES Public key algorithms: RSA One-way hash functions & message digests: MD5, SHA2

2 The Definition of information Security The Basic Components Security Threats and Attacks Security Policy and Mechanism

3 References Cryptography and Network Security, by William Stallings, 5rd Edition, Prentice Hall, 2010

4 Second lecture Classical and modern cryptography Overview of Cryptography Classical Symmetric Cipher Modern Symmetric Ciphers (DES)

5 Classification of Cryptography Secret Key vs. Secret Algorithm Cryptanalysis Scheme Unconditional vs. Computational Security Brute Force Search

6 Symmetric Cipher Model Requirements Caesar Cipher One-Time Pad Transposition Ciphers Rail Fence cipher Product Ciphers

7 Modern Symmetric Ciphers (DES) Block vs Stream Ciphers Block Cipher Principles Substitution-Permutation Ciphers Confusion and Diffusion Feistel Cipher Structure DES (Data Encryption Standard)

8 Third lecture Introduction to Practical Cryptography Stream Ciphers Properties Building Blocks Competitions Examples Uses Encryption of streaming data Random bit generation

9 Stream cipher Speed Initialization Keystream generation Resources memory, power, cpu Hardware, software suitability Stream Ciphers Approaches Feedback Shift Register

10 Stream Cipher Examples RC4 A5/1 A5/3 LILI Sober Trivium Lex

11 Lecture five Data Encryption Standard(DES) DES Background The Algorithm Keylength Weakness S-box Construction Future of DES Modes of Operation Message Authentication

12 Lecture six Advanced Encryption Standard Rijndael GF(256) ByteSub ShiftRow MixColumn Key Schedule Decrypting Rijndael AES

13 Lecture seven RSA Cryptography RSA Cryptography: Motivation RSA Cryptography: Mathematical Principles RSA Cryptography: The Basic System RSA Cryptography: Square and Multiply RSA Cryptography: General Security RSA Cryptography: The Factoring Problem RSA Cryptography: Key Length and Complexity RSA Cryptography: Digital Signatures

14 RSA Cryptography: Attacks RSA Cryptography: Weak Message Attacks RSA Cryptography: Short Exponent Attack RSA Cryptography: Side Channel Attacks

15 Lecture Eight Key management Key Establishment Symmeric key approaches Key distribution problem Key distribution center protocols Authenticated and key agreement protocols

16 Lecture nine Digital Signatures & Authentication Protocols Digital Signature Properties Direct Digital Signatures Arbitrated Digital Signatures Authentication Protocols Replay Attacks Using Symmetric Encryption Using Public-Key Encryption One-Way AuthenticationUsing Public-Key Encryption Digital Signature Algorithm (DSA)

17 Lecture Ten IT System Services Life cycle Communication encryption encrypting communications channels Link by- Link Encryption End-by End Encryption encrypting data for storage

18 Lecture 11 IP Security Benefits of IPSec IP Security architecture IPSec Services Key Management Oakley Protocol ISAKMP Protocol

19 Lecture 12 Electronic Mail Security Pretty Good Privacy (PGP) PGP Operation:Confidentiality & Authentication PGP Operation Compression PGP Operation Compatibility PGP Message Format PGP Key Management S/MIME (Secure/Multipurpose Internet Mail Extensions)

20 Lecture 13 Secure Electronic Transaction Credit Cards on the Internet Credit Card Protocols SET Business Requirements SET Transactions Key Technologies of SET Dual Signature for SET SET Supported Transactions

21 Lecture 14 The secure socket layer(ssl) Layer. Location of SSL in the TCP/IP protocol stack. SSL Phases Handshake protocol Record protocol

22 Lecture 15 Firewalls What is a Firewall? Classification of Firewall Firewalls Packet Filters Firewall Gateways Application-Level Filtering Firewalls - Circuit Level Gateway Dynamic Packet Filters Distributed Firewalls