Security and Encryption
|
|
- Vivien Powell
- 5 years ago
- Views:
Transcription
1 Security and Encryption Jane Hsu Copyright (C) 2004 Jane Hsu 1 The Internet Is An Insecure Place Many protocols do not provide any security. Viruses, worms, Trojan horses etc. Client/server applications often require transmission of user identity/passwords. Crackers may sniff passwords and other sensitive information off the network. Need to restrict control access privileges Crackers also actively exploit many system vulnerability or security holes to inflict damages or to gain access to valuable information. No system is totally immune to security problems. Copyright (C) 2004 Jane Hsu 2
2 Copyright (C) 2004 Jane Hsu 3 Solution? There is nothing more secure then a computer which is not connected to the network and powered off! But These restrictions are simply unrealistic and unacceptable. Copyright (C) 2004 Jane Hsu 4
3 Firewalls Problems Firewalls assume that the bad guys are on the outside a bad assumption! Firewalls restrict how your users can use the Internet. Copyright (C) 2004 Jane Hsu 5 Web Security Content security Digital rights management (DRM) Encryption Digital watermark Network security Encryption Symmetric encryption: DES Asymmetric encryption: RSA IP security Digital signature/envelope Digital Certificates and certification authorities Copyright (C) 2004 Jane Hsu 6
4 German Enigma Cipher Machine In 1918, Arthur Scherbius filed for a patent for Enigma Cipher Machine and offered it to the German Navy. In 1926, German navy begins using Enigma Machine, lightly modified from a commercial model. In 1930, German armed forces introduced a significantly modified military model. In1932, Marian Rejewski, a 27-year-old Cryptanalyst (Cipher Bureau of the Polish Intelligence Service in Warsaw, Poland) mathematically determined the wiring of the Enigma's first rotor. Since 1933 Poland was able to read thousands of German messages encrypted by the Enigma Machine. The National Security Agency Museum in Fort George Meade, Maryland has a real WW2 Enigma Cipher Machine on display. Copyright (C) 2004 Jane Hsu 7 Enigma Mechanics Three rotors (chosen from 5), scrambled letters Each new letter, first rotor advances Other rotors advance when ring is hit Reflector Plugboard Copyright (C) 2004 Jane Hsu 8
5 Simple Cryptography Ciphertext τηε ροµανσ αρε χοµινγ τοδαψ Plaintext Key The following slides are adapted from presentations by Lincoln Stein, MIT & KL Lin, NTU Copyright (C) 2004 Jane Hsu 9 Two basic principles Substitution THIS IS A SECRET (key n=3) WKLV LV D VHFUHW Transposition THIS IS A SECRET (key 4213) IHSTSI S EAERTC Copyright (C) 2004 Jane Hsu 10
6 Caesar Cipher ABCDEFGHIJKLMNOPQRSTUVWXYZ rotate 13 positions NOPQRSTUVWXYZABCDEFGHIJKLM THE GOTHS COMETH 13 FUR TAFUE PAYRFU Plaintext Key Ciphertext Copyright (C) 2004 Jane Hsu 11 Rotating Key Cipher ABCDEFGHIJKLMNOPQRSTUVWXYZ BCDEFGHIJKLMNOPQRSTUVWXYZA CDEFGHIJKLMNOPQRSTUVWXYZAB DEFGHIJKLMNOPQRSTUVWXYZABC EFGHIJKLMNOPQRSTUVWXYZABCD FGHIJKLMNOPQRSTUVWXYZABCDE GHIJKLMNOPQRSTUVWXYZABCDEF HIJKLMNOPQRSTUVWXYZABCD... SOUND THE RETREAT DEADFED VSUPC XKG UEWWEX plaintext key ciphertext Copyright (C) 2004 Jane Hsu 12
7 Goals of Cipher: Diffusion and Confusion Claude Shannon [1945] Diffussion: Small change in plaintext, changes lots of ciphertext Statistical properties of plaintext hidden in ciphertext Confusion: Statistical relationship between key and ciphertext as complex as possible So, need to design functions that produce output that is diffuse and confused Copyright (C) 2004 Jane Hsu 13 General Principles Longer keys make better ciphers Random keys make better ciphers Good ciphers produce random ciphertext Best keys are used once and thrown away Copyright (C) 2004 Jane Hsu 14
8 Symmetric (Private Key) Cryptography Examples: DES (Data Encryption Standard) 56-bit key IDEA (International Data Encryption Algorithm) 128-bit key AES (Advanced Encryption Standard) RC4, RC5, Skipjack Advantages: fast, ciphertext secure Disadvantages: must distribute key in advance, key must not be divulged Copyright (C) 2004 Jane Hsu 15 DES: Data Encryption Standard DES is the most popular symmetric key encryption method. It is based on research by IBM. Standardized by the USA government in Complex series of bit substitutions, permutations and re-combinations Basic DES: 56-bit keys Crackable in hours using specialized hardware Triple DES: effective 112-bit key Three stages of encryption with two keys Uncrackable by known techniques Copyright (C) 2004 Jane Hsu 16
9 Brute Force Attacks RSA DES challenges: 1997: 96 days (using 70,000 machines) Feb 1998: 41 days (distributed.net) July 1998: 56 hours (custom hardware) January 1999: 22 hours (EFF + distributed.net) 245 Billion keys per second NSA can probably crack DES routinely (but they won t admit it) Copyright (C) 2004 Jane Hsu 17 Asymmetric (Public Key) Cryptography Examples: RSA, Diffie-Hellman, ElGamal Advantages: public key widely distributable, does digital signatures Disadvantages: slow, key distribution Copyright (C) 2004 Jane Hsu 18
10 RSA RSA (Rivest, Shamir Adleman) is a popular asymmetric key encryption standard. It is based on number theory (more specifically the difficulty in factorizing a large number). The key size ranges between 512 and 2048 bits. It is used in many e-commerce applications such as the Secure Electronic Transaction (SET) protocol for credit card payment. Copyright (C) 2004 Jane Hsu 19 RSA Encryption Copyright (C) 2004 Jane Hsu 20
11 RSA Example Copyright (C) 2004 Jane Hsu 21 Public Key Encryption: The Frills Frills Fast encryption/decryption Authentication of sender Verification of message integrity Safe distribution of public keys Technique Digital envelopes Digital signature Message digests Certifying authorities Copyright (C) 2004 Jane Hsu 22
12 Digital Envelopes Copyright (C) 2004 Jane Hsu 23 Hybrid encryption RSA encryption is slower than DES encryption. It is more effective to combine them. How? Suppose that A wants to send messages to B. B generates a random session (DES) key. This session key is encrypted with A s public key. The encrypted session key is sent to A. A can obtain the session key by means of decryption with his/her private key. The session key can then be used for encrypting subsequent messages (using DES encryption). Copyright (C) 2004 Jane Hsu 24
13 Message digest In some cases, we may only concern with data integrity. As it is slow to perform encryption, it may not be necessary to encrypt all messages. A message digest algorithm can generate an almost unique message digest (looks like a fingerprint ) for a message. A popular message digest algorithm is MD5. Message 1 Message digest 1 : Message : Digest : : Algorithm Message N (different size) Message digest N (same size) Copyright (C) 2004 Jane Hsu 25 Message Digests Copyright (C) 2004 Jane Hsu 26
14 Message authentication code (MAC) Basic idea (using symmetric key encryption): Suppose that the sender and receiver share a large random number (i.e. a secret). The secret is attached to the message for finding the message digest. The message (without the secret) together with the message digest is sent. Copyright (C) 2004 Jane Hsu 27 Digital Signature Copyright (C) 2004 Jane Hsu 28
15 Steps in digital signature generation Step 1 : Compute the message digest of the file File Message Digest Step 2 : Encrypt the message digest with sender s private key Digital Signature Step 3 : Send the file and digital signature (signed file) File + Digital Signature (signed file) Copyright (C) 2004 Jane Hsu 29 Steps in digital signature verification Sender Signed file File Step 1a : Find the message digest of the file Digital Signature Step 1b : Decrypt the digital signature with sender s public key Receiver Message Digest Step 2 : Compare the two message digests Message Digest Same Accept Different Reject Copyright (C) 2004 Jane Hsu 30
16 Format of Digital Certificate X.509 Digital Certificate Version Serial number Signature algorithm identifier Issuer Validity period Subject Subject public key information Issuer unique identifier Subject unique identifier Extension fields Digital signature Copyright (C) 2004 Jane Hsu 31 Revocation of certificates Each certificate is assigned a validity period like a credit card. However, a certificate may still be revoked before the expiry date (e.g., the user is no longer certified by the CA). Each CA uses a certificate revocation list (CRL) to provide information on the revoked certificates. The CRL is usually kept in a public directory. A user should check if a certificate has been revoked from the public directory. Copyright (C) 2004 Jane Hsu 32
17 Certifying Authorities Copyright (C) 2004 Jane Hsu 33 Hierarchy of Trust Copyright (C) 2004 Jane Hsu 34
18 Public Key Cryptography on the Web Secure Socket Layer (SSL) Netscape Communications Corporation Secure HTTP (SHTTP) Commerce Net SET (Secure Electronic Transaction) Copyright (C) 2004 Jane Hsu 35 Secure Sockets Layer ClientHello Supported options ServerHello Options to be used ServerCertificate (ServerKeyExchange) ServerHelloDone ClientKeyExchange Finished (sent by client) Application (HTTP) SSL TCP IP Copyright (C) 2004 Jane Hsu 36
19 SSL and SHTTP, similarities RSA public key cryptography MD5 message digests Variety of private key systems Strong cryptography for use in U.S. Weakened cryptography for export. Copyright (C) 2004 Jane Hsu 37 SSL and SHTTP, differences HTTP FTP TELNET SHTTP Application SSL Transport Internet Network interface NNTP Physical Layer Copyright (C) 2004 Jane Hsu 38
20 SSL Failures Two well-publicized incidents in bit secret key used in export versions vulnerable to brute force attack Single encrypted message vulnerable to cracking in a few weeks on a network of workstations Specialized hardware (probably) can crack in a matter of hours Implementation problem Navigator 2.0 used predictable random number generator to generate secret keys Messages crackable in a few minutes on conventional workstation Copyright (C) 2004 Jane Hsu 39 Web Encryption Isn t Panacea Protect data at browser side & server side Server certificates vouch safe name of server but not honesty of merchant! Protect integrity of browser & server software Copyright (C) 2004 Jane Hsu 40
21 Kerberos KERBEROS was the fierce watchdog of Hades. It was depicted as a three-headed dog with a serpent's tail, a mane of snakes, and a lion's claws. To provide strong authentication for client/server applications by using secret key cryptography. A client can prove its identity to a server (and vice versa) across an insecure network connection. Client/server can also encrypt all of their communications to assure privacy and data integrity as they go about their business. Free implementation available from MIT Copyright (C) 2004 Jane Hsu 41 Reference URLs Separate Layer Protocol Over TCP: SSL Over IP: IPSec Application-Specific Protocol S-HTTP Verisign RSA Data Security Copyright (C) 2004 Jane Hsu 42
Cryptography (Overview)
Cryptography (Overview) Some history Caesar cipher, rot13 substitution ciphers, etc. Enigma (Turing) Modern secret key cryptography DES, AES Public key cryptography RSA, digital signatures Cryptography
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet. SSL ensures the secure transmission of data between a client and a server through
More informationAPNIC elearning: Cryptography Basics
APNIC elearning: Cryptography Basics 27 MAY 2015 03:00 PM AEST Brisbane (UTC+10) Issue Date: Revision: Introduction Presenter Sheryl Hermoso Training Officer sheryl@apnic.net Specialties: Network Security
More informationCryptography MIS
Cryptography MIS-5903 http://community.mis.temple.edu/mis5903sec011s17/ Cryptography History Substitution Monoalphabetic Polyalphabetic (uses multiple alphabets) uses Vigenere Table Scytale cipher (message
More informationIntroduction and Overview. Why CSCI 454/554?
Introduction and Overview CSCI 454/554 Why CSCI 454/554? Get Credits and Graduate Security is important More job opportunities More research funds 1 Workload Five homework assignments Two exams (open book
More informationProtecting Information Assets - Week 11 - Cryptography, Public Key Encryption and Digital Signatures. MIS 5206 Protecting Information Assets
Protecting Information Assets - Week 11 - Cryptography, Public Key Encryption and Digital Signatures MIS5206 Week 11 Identity and Access Control Week 10 continued Cryptography, Public Key Encryption and
More informationGlenda Whitbeck Global Computing Security Architect Spirit AeroSystems
Glenda Whitbeck Global Computing Security Architect Spirit AeroSystems History 2000 B.C. Egyptian Hieroglyphics Atbash - Hebrew Original alphabet mapped to different letter Type of Substitution Cipher
More informationComputers and Security
The contents of this Supporting Material document have been prepared from the Eight units of study texts for the course M150: Date, Computing and Information, produced by The Open University, UK. Copyright
More informationLecture 9a: Secure Sockets Layer (SSL) March, 2004
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York University artg@cs.nyu.edu Security Achieved by
More informationE-commerce security: SSL/TLS, SET and others. 4.1
E-commerce security: SSL/TLS, SET and others. 4.1 1 Electronic payment systems Purpose: facilitate the safe and secure transfer of monetary value electronically between multiple parties Participating parties:
More informationCryptography and Network Security
Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 14: Folklore, Course summary, Exam requirements Ion Petre Department of IT, Åbo Akademi University 1 Folklore on
More informationCryptographic Concepts
Outline Identify the different types of cryptography Learn about current cryptographic methods Chapter #23: Cryptography Understand how cryptography is applied for security Given a scenario, utilize general
More information06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security
1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security Dr. L. Christofi 1 0. Overview As the knowledge of computer networking and protocols has become more widespread, so the threat of
More information1.264 Lecture 28. Cryptography: Asymmetric keys
1.264 Lecture 28 Cryptography: Asymmetric keys Next class: Anderson chapters 20. Exercise due before class (Reading doesn t cover same topics as lecture) 1 Asymmetric or public key encryption Receiver
More informationkey distribution requirements for public key algorithms asymmetric (or public) key algorithms
topics: cis3.2 electronic commerce 24 april 2006 lecture # 22 internet security (part 2) finish from last time: symmetric (single key) and asymmetric (public key) methods different cryptographic systems
More informationCSC 474/574 Information Systems Security
CSC 474/574 Information Systems Security Topic 2.1 Introduction to Cryptography CSC 474/574 By Dr. Peng Ning 1 Cryptography Cryptography Original meaning: The art of secret writing Becoming a science that
More informationCryptology. An introduction. by Ulf Lindqvist translated and processed by Erland Jonsson
Cryptology An introduction by Ulf Lindqvist translated and processed by Erland Jonsson Contents Introduction Terminology History Symmetrical systems (secret-key) Asymmetrical systems (public-key) Key management
More informationIntroduction to Cryptography. Vasil Slavov William Jewell College
Introduction to Cryptography Vasil Slavov William Jewell College Crypto definitions Cryptography studies how to keep messages secure Cryptanalysis studies how to break ciphertext Cryptology branch of mathematics,
More informationPublic Key Cryptography
graphy CSS322: Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 29 December 2011 CSS322Y11S2L07, Steve/Courses/2011/S2/CSS322/Lectures/rsa.tex,
More informationChapter 4: Securing TCP connections
Managing and Securing Computer Networks Guy Leduc Chapter 5: Securing TCP connections Computer Networking: A Top Down Approach, 6 th edition. Jim Kurose, Keith Ross Addison-Wesley, March 2012. (section
More informationEncryption. INST 346, Section 0201 April 3, 2018
Encryption INST 346, Section 0201 April 3, 2018 Goals for Today Symmetric Key Encryption Public Key Encryption Certificate Authorities Secure Sockets Layer Simple encryption scheme substitution cipher:
More informationSankalchand Patel College of Engineering, Visnagar Department of Computer Engineering & Information Technology. Question Bank
Sankalchand Patel College of Engineering, Visnagar Department of Computer Engineering & Information Technology Question Bank Subject: Information Security (160702) Class: BE Sem. VI (CE/IT) Unit-1: Conventional
More informationComputer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08r. Pre-exam 2 Last-minute Review Cryptography Paul Krzyzanowski Rutgers University Spring 2018 March 26, 2018 CS 419 2018 Paul Krzyzanowski 1 Cryptographic Systems March 26, 2018 CS
More informationFIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 9 Encryption and Firewalls By Whitman, Mattord & Austin 2008 Course Technology Learning Objectives Describe the role encryption
More informationCryptography and secure channel. May 17, Networks and Security. Thibault Debatty. Outline. Cryptography. Public-key encryption
and secure channel May 17, 2018 1 / 45 1 2 3 4 5 2 / 45 Introduction Simplified model for and decryption key decryption key plain text X KE algorithm KD Y = E(KE, X ) decryption ciphertext algorithm X
More information(2½ hours) Total Marks: 75
(2½ hours) Total Marks: 75 N. B.: (1) All questions are compulsory. (2) Makesuitable assumptions wherever necessary and state the assumptions made. (3) Answers to the same question must be written together.
More informationCryptography. Submitted to:- Ms Poonam Sharma Faculty, ABS,Manesar. Submitted by:- Hardeep Gaurav Jain
Cryptography Submitted to:- Ms Poonam Sharma Faculty, ABS,Manesar Submitted by:- Hardeep Gaurav Jain Cryptography Cryptography, a word with Greek origins, means "secret writing." However, we use the term
More informationComputer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08. Cryptography Part II Paul Krzyzanowski Rutgers University Spring 2018 March 23, 2018 CS 419 2018 Paul Krzyzanowski 1 Block ciphers Block ciphers encrypt a block of plaintext at a
More information14. Internet Security (J. Kurose)
14. Internet Security (J. Kurose) 1 Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer:
More informationComputer Security 3/23/18
s s encrypt a block of plaintext at a time and produce ciphertext Computer Security 08. Cryptography Part II Paul Krzyzanowski DES & AES are two popular block ciphers DES: 64 bit blocks AES: 128 bit blocks
More informationLorenz Cipher. Menu. Class 4: Modern Cryptography. British Cipher Machine. German Code-Breaking Efforts. Some loose ends on WWII Maurice Burnett
Cryptography in World War II Jefferson Institute for Lifelong Learning at UVa Spring 2006 David Evans Class 4: Modern Cryptography Menu Some loose ends on WWII Maurice Burnett Modern Cryptography Modern
More informationCryptography. some history. modern secret key cryptography. public key cryptography. cryptography in practice
Cryptography some history Caesar cipher, rot13 substitution ciphers, etc. Enigma (Turing) modern secret key cryptography DES, AES public key cryptography RSA, digital signatures cryptography in practice
More informationPROTECTING CONVERSATIONS
PROTECTING CONVERSATIONS Basics of Encrypted Network Communications Naïve Conversations Captured messages could be read by anyone Cannot be sure who sent the message you are reading Basic Definitions Authentication
More informationLecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005
Lecture 30 Security April 11, 2005 Cryptography K A ciphertext Figure 7.3 goes here K B symmetric-key crypto: sender, receiver keys identical public-key crypto: encrypt key public, decrypt key secret Symmetric
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 2 Cryptographic Tools First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Cryptographic Tools cryptographic algorithms
More informationThe question paper contains 40 multiple choice questions with four choices and students will have to pick the correct one (each carrying ½ marks.).
Time: 3hrs BCA III Network security and Cryptography Examination-2016 Model Paper 2 M.M:50 The question paper contains 40 multiple choice questions with four choices and students will have to pick the
More informationDavid Wetherall, with some slides from Radia Perlman s security lectures.
David Wetherall, with some slides from Radia Perlman s security lectures. djw@cs.washington.edu Networks are shared: Want to secure communication between legitimate participants from others with (passive
More informationCrypto meets Web Security: Certificates and SSL/TLS
CSE 484 / CSE M 584: Computer Security and Privacy Crypto meets Web Security: Certificates and SSL/TLS Spring 2016 Franziska (Franzi) Roesner franzi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann,
More informationDistributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015
Distributed Systems 26. Cryptographic Systems: An Introduction Paul Krzyzanowski Rutgers University Fall 2015 1 Cryptography Security Cryptography may be a component of a secure system Adding cryptography
More informationInformation Security CS 526
Information Security CS 526 Topic 14: Key Distribution & Agreement, Secure Communication Topic 14: Secure Communication 1 Readings for This Lecture On Wikipedia Needham-Schroeder protocol (only the symmetric
More informationCSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L
CS 3461/5461: Introduction to Computer Networking and Internet Technologies Network Security Study: 21.1 21.5 Kannan Srinivasan 11-27-2012 Security Attacks, Services and Mechanisms Security Attack: Any
More informationData Security and Privacy. Topic 14: Authentication and Key Establishment
Data Security and Privacy Topic 14: Authentication and Key Establishment 1 Announcements Mid-term Exam Tuesday March 6, during class 2 Need for Key Establishment Encrypt K (M) C = Encrypt K (M) M = Decrypt
More informationCristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.
CS355: Cryptography Lecture 17: X509. PGP. Authentication protocols. Key establishment. Public Keys and Trust Public Key:P A Secret key: S A Public Key:P B Secret key: S B How are public keys stored How
More informationCS 332 Computer Networks Security
CS 332 Computer Networks Security Professor Szajda Last Time We talked about mobility as a matter of context: How is mobility handled as you move around a room? Between rooms in the same building? As your
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 11 Basic Cryptography Objectives Define cryptography Describe hashing List the basic symmetric cryptographic algorithms 2 Objectives
More informationCSC 8560 Computer Networks: Network Security
CSC 8560 Computer Networks: Network Security Professor Henry Carter Fall 2017 Last Time We talked about mobility as a matter of context: How is mobility handled as you move around a room? Between rooms
More informationComputer Networking. What is network security? Chapter 7: Network security. Symmetric key cryptography. The language of cryptography
Chapter 7: Network security 15-441 Computer Networking Network Security: Cryptography, Authentication, Integrity Foundations: what is security? cryptography authentication message integrity key distribution
More informationCryptography Symmetric Cryptography Asymmetric Cryptography Internet Communication. Telling Secrets. Secret Writing Through the Ages.
Telling Secrets Secret Writing Through the Ages William Turner Department of Mathematics & Computer Science Wabash College Crawfordsville, IN 47933 Tuesday 4 February 2014 W. J. Turner Telling Secrets
More informationPublic Key Cryptography, OpenPGP, and Enigmail. 31/5/ Geek Girls Carrffots GVA
Public Key Cryptography, OpenPGP, and Enigmail Cryptography is the art and science of transforming (encrypting) a message so only the intended recipient can read it Symmetric Cryptography shared secret
More informationAuthentication CHAPTER 17
Authentication CHAPTER 17 Authentication Authentication is the process by which you decide that someone is who they say they are and therefore permitted to access the requested resources. getting entrance
More informationIBM i Version 7.2. Security Digital Certificate Manager IBM
IBM i Version 7.2 Security Digital Certificate Manager IBM IBM i Version 7.2 Security Digital Certificate Manager IBM Note Before using this information and the product it supports, read the information
More informationComputer Security. Two main issues are current regarding security for computer communication systems
Computer Security Two main issues are current regarding security for computer communication systems Data encryption User authentication Encryption and authentication between single users can be performed
More informationMaking and Breaking Ciphers
Making and Breaking Ciphers Ralph Morelli Trinity College, Hartford (ralph.morelli@trincoll.edu) Smithsonian Institute October 31, 2009 2009 Ralph Morelli You are free to reuse and remix this presentation
More informationComputer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ
Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ Chapter 8 Network Security Computer Networking: A Top Down Approach, 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2009.
More informationBut where'd that extra "s" come from, and what does it mean?
SSL/TLS While browsing Internet, some URLs start with "http://" while others start with "https://"? Perhaps the extra "s" when browsing websites that require giving over sensitive information, like paying
More informationCryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng
Cryptography Basics IT443 Network Security Administration Slides courtesy of Bo Sheng 1 Outline Basic concepts in cryptography systems Secret key cryptography Public key cryptography Hash functions 2 Encryption/Decryption
More information9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers
Cryptography Basics IT443 Network Security Administration Slides courtesy of Bo Sheng Basic concepts in cryptography systems Secret cryptography Public cryptography 1 2 Encryption/Decryption Cryptanalysis
More informationCSCE 715: Network Systems Security
CSCE 715: Network Systems Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina Web Security Web is now widely used by business, government, and individuals But Internet and Web are
More informationConfiguring SSL. SSL Overview CHAPTER
7 CHAPTER This topic describes the steps required to configure your ACE appliance as a virtual Secure Sockets Layer (SSL) server for SSL initiation or termination. The topics included in this section are:
More information10EC832: NETWORK SECURITY
10EC832: NETWORK SECURITY Objective: In this electronic age, security and privacy are two of the issues whose importance cannot be stressed enough. How do we ensure the systems we use are resistant to
More informationCryptography in Lotus Notes/Domino Pragmatic Introduction for Administrators
Cryptography in Lotus Notes/Domino Pragmatic Introduction for Administrators Belfast, 11-Nov-2010 Innovative Software Solutions. Thomas Bahn - graduated in mathematics, University of Hannover - developing
More information6 Cryptographic Techniques A Brief Introduction
6 Cryptographic Techniques A Brief Introduction 6.1 Introduction to Cryptography 6.2 Symmetric Encryption 6.3 Asymmetric (Public-Key) Encryption 6.4 Digital Signatures 6.5 Public Key Infrastructures Literature:
More informationAcronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector
Acronyms 3DES AES AH ANSI CBC CESG CFB CMAC CRT DoS DEA DES DoS DSA DSS ECB ECC ECDSA ESP FIPS IAB IETF IP IPsec ISO ITU ITU-T Triple DES Advanced Encryption Standard Authentication Header American National
More informationChapter 8 Web Security
Chapter 8 Web Security Web security includes three parts: security of server, security of client, and network traffic security between a browser and a server. Security of server and security of client
More informationMost Common Security Threats (cont.)
Most Common Security Threats (cont.) Denial of service (DoS) attack Distributed denial of service (DDoS) attack Insider attacks. Any examples? Poorly designed software What is a zero-day vulnerability?
More informationSEEM4540 Open Systems for E-Commerce Lecture 03 Internet Security
SEEM4540 Open Systems for E-Commerce Lecture 03 Internet Security Consider 2. Based on DNS, identified the IP address of www.cuhk.edu.hk is 137.189.11.73. 1. Go to http://www.cuhk.edu.hk 3. Forward the
More informationInt ernet w orking. Internet Security. Literature: Forouzan: TCP/IP Protocol Suite : Ch 28
Int ernet w orking Internet Security Literature: Forouzan: TCP/IP Protocol Suite : Ch 28 Internet Security Internet security is difficult Internet protocols were not originally designed for security The
More informationCSE 127: Computer Security Cryptography. Kirill Levchenko
CSE 127: Computer Security Cryptography Kirill Levchenko October 24, 2017 Motivation Two parties want to communicate securely Secrecy: No one else can read messages Integrity: messages cannot be modified
More informationBCA III Network security and Cryptography Examination-2016 Model Paper 1
Time: 3hrs BCA III Network security and Cryptography Examination-2016 Model Paper 1 M.M:50 The question paper contains 40 multiple choice questions with four choices and student will have to pick the correct
More informationBasic Concepts and Definitions. CSC/ECE 574 Computer and Network Security. Outline
CSC/ECE 574 Computer and Network Security Topic 2. Introduction to Cryptography 1 Outline Basic Crypto Concepts and Definitions Some Early (Breakable) Cryptosystems Key Issues 2 Basic Concepts and Definitions
More informationSecurity issues: Encryption algorithms. Threats Methods of attack. Secret-key Public-key Hybrid protocols. CS550: Distributed OS.
Security issues: Threats Methods of attack Encryption algorithms Secret-key Public-key Hybrid protocols Lecture 15 Page 2 1965-75 1975-89 1990-99 Current Platforms Multi-user timesharing computers Distributed
More informationInternet security and privacy
Internet security and privacy SSL/TLS 1 Application layer App. TCP/UDP IP L2 L1 2 Application layer App. SSL/TLS TCP/UDP IP L2 L1 3 History of SSL/TLS Originally, SSL Secure Socket Layer, was developed
More informationThe World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to
1 The World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to compromises of various sorts, with a range of threats
More informationCS 393 Network Security. Nasir Memon Polytechnic University Module 12 SSL
CS 393 Network Security Nasir Memon Polytechnic University Module 12 SSL Course Logistics HW 4 due today. HW 5 will be posted later today. Due in a week. Group homework. DoD Scholarships? NSF Scholarships?
More informationCSCE 813 Internet Security Symmetric Cryptography
CSCE 813 Internet Security Symmetric Cryptography Professor Lisa Luo Fall 2017 Previous Class Essential Internet Security Requirements Confidentiality Integrity Authenticity Availability Accountability
More informationCOMPLEXITY ACROSS DISCIPLINES
COMPLEXITY ACROSS DISCIPLINES REU 2015 INTRODUCTION TO CRYPTOGRAPHY Liljana Babinkostova Cybersecurity Defined Information Assurance. IA consists of measures that protect and defend information and information
More informationHTTPS--HTTP Server and Client with SSL 3.0
The feature provides Secure Socket Layer (SSL) version 3.0 support for the HTTP 1.1 server and HTTP 1.1 client within Cisco IOS software. SSL provides server authentication, encryption, and message integrity
More informationConfiguring SSL CHAPTER
7 CHAPTER This chapter describes the steps required to configure your ACE appliance as a virtual Secure Sockets Layer (SSL) server for SSL initiation or termination. The topics included in this section
More informationPublic-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7
Public-Key Cryptography Professor Yanmin Gong Week 3: Sep. 7 Outline Key exchange and Diffie-Hellman protocol Mathematical backgrounds for modular arithmetic RSA Digital Signatures Key management Problem:
More informationGarantía y Seguridad en Sistemas y Redes
Garantía y Seguridad en Sistemas y Redes Tema 2. Cryptographic Tools Esteban Stafford Departamento de Ingeniería Informá2ca y Electrónica Este tema se publica bajo Licencia: Crea2ve Commons BY- NC- SA
More informationMTAT Applied Cryptography
MTAT.07.017 Applied Cryptography Transport Layer Security (TLS) Advanced Features University of Tartu Spring 2016 1 / 16 Client Server Authenticated TLS ClientHello ServerHello, Certificate, ServerHelloDone
More informationThe Tension. Security vs. ease of use: the more security measures added, the more difficult a site is to use, and the slower it becomes
s10 Security 1 The Tension Security vs. ease of use: the more security measures added, the more difficult a site is to use, and the slower it becomes Security vs. desire of individuals to act anonymously
More informationConfiguring SSL. SSL Overview CHAPTER
CHAPTER 8 Date: 4/23/09 This topic describes the steps required to configure your ACE (both the ACE module and the ACE appliance) as a virtual Secure Sockets Layer (SSL) server for SSL initiation or termination.
More informationSecurity. Communication security. System Security
Security Communication security security of data channel typical assumption: adversary has access to the physical link over which data is transmitted cryptographic separation is necessary System Security
More informationEncryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls Overview Cryptography functions Secret key (e.g., DES) Public key (e.g., RSA) Message
More informationVerification of security protocols introduction
Verification of security protocols introduction Stéphanie Delaune CNRS & IRISA, Rennes, France Tuesday, November 14th, 2017 Cryptographic protocols everywhere! they aim at securing communications over
More informationNetwork Security Essentials
Network Security Essentials Applications and Standards Third Edition William Stallings Chapter 2 Symmetric Encryption and Message Confidentiality Dr. BHARGAVI H. GOSWAMI Department of Computer Science
More informationHands-On Ethical Hacking and Network Defense 3 rd Edition
Hands-On Ethical Hacking and Network Defense 3 rd Edition Chapter 12 Cryptography Last modified 11-22-17 12:15 pm Overview Mathematical Basis Symmetric encryption Asymmetric encryption Hashing Implementation
More informationCryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology
Cryptography & Key Exchange Protocols Faculty of Computer Science & Engineering HCMC University of Technology Outline 1 Cryptography-related concepts 2 3 4 5 6 7 Key channel for symmetric cryptosystems
More informationChapter 8. Network Security. Cryptography. Need for Security. An Introduction to Cryptography 10/7/2010
Cryptography Chapter 8 Network Security Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Need for Security An Introduction
More informationSymmetric, Asymmetric, and One Way Technologies
Symmetric, Asymmetric, and One Way Technologies Crypto Basics Ed Crowley Fall 2010 1 Topics: Symmetric & Asymmetric Technologies Kerckhoff s Principle Symmetric Crypto Overview Key management problem Attributes
More informationCRYPTOLOGY KEY MANAGEMENT CRYPTOGRAPHY CRYPTANALYSIS. Cryptanalytic. Brute-Force. Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext
CRYPTOLOGY CRYPTOGRAPHY KEY MANAGEMENT CRYPTANALYSIS Cryptanalytic Brute-Force Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext 58 Types of Cryptographic Private key (Symmetric) Public
More informationPrinciples of Information Security, Fourth Edition. Chapter 8 Cryptography
Principles of Information Security, Fourth Edition Chapter 8 Cryptography Learning Objectives Upon completion of this material, you should be able to: Chronicle the most significant events and discoveries
More informationMore on Cryptography CS 136 Computer Security Peter Reiher January 19, 2017
More on Cryptography CS 136 Computer Security Peter Reiher January 19, 2017 Page 1 Outline Desirable characteristics of ciphers Stream and block ciphers Cryptographic modes Uses of cryptography Symmetric
More informationTransport Layer Security
CEN585 Computer and Network Security Transport Layer Security Dr. Mostafa Dahshan Department of Computer Engineering College of Computer and Information Sciences King Saud University mdahshan@ksu.edu.sa
More informationOther Uses of Cryptography. Cryptography Goals. Basic Problem and Terminology. Other Uses of Cryptography. What Can Go Wrong? Why Do We Need a Key?
ryptography Goals Protect private communication in the public world and are shouting messages over a crowded room no one can understand what they are saying 1 Other Uses of ryptography Authentication should
More informationSecurity Digital Certificate Manager
System i Security Digital Certificate Manager Version 6 Release 1 System i Security Digital Certificate Manager Version 6 Release 1 Note Before using this information and the product it supports, be sure
More informationCipher Suite Configuration Mode Commands
The Cipher Suite Configuration Mode is used to configure the building blocks for SSL cipher suites, including the encryption algorithm, hash function, and key exchange. Important The commands or keywords/variables
More informationPublic Key Algorithms
CSE597B: Special Topics in Network and Systems Security Public Key Cryptography Instructor: Sencun Zhu The Pennsylvania State University Public Key Algorithms Public key algorithms RSA: encryption and
More informationCSCI 454/554 Computer and Network Security. Topic 2. Introduction to Cryptography
CSCI 454/554 Computer and Network Security Topic 2. Introduction to Cryptography Outline Basic Crypto Concepts and Definitions Some Early (Breakable) Cryptosystems Key Issues 2 Basic Concepts and Definitions
More information