Glenda Whitbeck Global Computing Security Architect Spirit AeroSystems

Similar documents
Cryptography MIS

Principles of Information Security, Fourth Edition. Chapter 8 Cryptography

APNIC elearning: Cryptography Basics

Cryptographic Concepts

Cryptography and Network Security

Protecting Information Assets - Week 11 - Cryptography, Public Key Encryption and Digital Signatures. MIS 5206 Protecting Information Assets

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

Sankalchand Patel College of Engineering, Visnagar Department of Computer Engineering & Information Technology. Question Bank

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2

(2½ hours) Total Marks: 75

Cryptography=To protect transmitted info from being read and understood by anyone but the recipient.

Classical Cryptography. Thierry Sans

Acronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector

Security. Communication security. System Security

David Wetherall, with some slides from Radia Perlman s security lectures.

Introduction to Cryptography. Vasil Slavov William Jewell College

Cryptography and Network Security

Cryptography. Cryptography is everywhere. German Lorenz cipher machine

UNIT - IV Cryptographic Hash Function 31.1

CONTENTS. vii. Chapter 1 TCP/IP Overview 1. Chapter 2 Symmetric-Key Cryptography 33. Acknowledgements

Cryptology Part 1. Terminology. Basic Approaches to Cryptography. Basic Approaches to Cryptography: (1) Transposition (continued)

Cryptography and Network Security Chapter 16. Fourth Edition by William Stallings

Cryptography and secure channel. May 17, Networks and Security. Thibault Debatty. Outline. Cryptography. Public-key encryption

Symmetric, Asymmetric, and One Way Technologies

CRYPTOLOGY KEY MANAGEMENT CRYPTOGRAPHY CRYPTANALYSIS. Cryptanalytic. Brute-Force. Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext

06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security

BCA III Network security and Cryptography Examination-2016 Model Paper 1

Overview. SSL Cryptography Overview CHAPTER 1

14. Internet Security (J. Kurose)

CRYPTOGRAPHY AND NETWROK SECURITY-QUESTION BANK

CCNA Security 1.1 Instructional Resource

CSC 474/574 Information Systems Security

Introduction to information Security

10EC832: NETWORK SECURITY

Chapter 8 Web Security

Computer Networking. What is network security? Chapter 7: Network security. Symmetric key cryptography. The language of cryptography

IPSec. Slides by Vitaly Shmatikov UT Austin. slide 1

L13. Reviews. Rocky K. C. Chang, April 10, 2015

Lecture 9a: Secure Sockets Layer (SSL) March, 2004

Outline. Data Encryption Standard. Symmetric-Key Algorithms. Lecture 4

Foreword Preface About the Author Aperitifs The Lexicon of Cryptography Cryptographic Systems Cryptanalysis Side Information Thomas Jefferson and the

Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP,

Public Key Cryptography, OpenPGP, and Enigmail. 31/5/ Geek Girls Carrffots GVA

CIS 6930/4930 Computer and Network Security. Final exam review

Network Security Chapter 8

CSCE 715: Network Systems Security

Module 13 Network Security. Version 1 ECE, IIT Kharagpur

KALASALINGAM UNIVERSITY

Introduction and Overview. Why CSCI 454/554?

9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

Cryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng

Chapter 3 Traditional Symmetric-Key Ciphers 3.1

Int ernet w orking. Internet Security. Literature: Forouzan: TCP/IP Protocol Suite : Ch 28

Chapter 8. Network Security. Cryptography. Need for Security. An Introduction to Cryptography 10/7/2010

EEC-682/782 Computer Networks I

Cryptography and Network Security. Sixth Edition by William Stallings

Transport Level Security

Cryptography (Overview)

Study Guide to Mideterm Exam

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L

Cristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.

Lecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005

Cryptography. Submitted to:- Ms Poonam Sharma Faculty, ABS,Manesar. Submitted by:- Hardeep Gaurav Jain

CSC 774 Network Security

CSC 8560 Computer Networks: Network Security

Computer Security. 10r. Recitation assignment & concept review. Paul Krzyzanowski. Rutgers University. Spring 2018

CIS 4360 Secure Computer Systems Symmetric Cryptography

Cryptography and Network Security

CSCI 454/554 Computer and Network Security. Topic 2. Introduction to Cryptography

Chapter 6: Security of higher layers. (network security)

A New Symmetric Key Algorithm for Modern Cryptography Rupesh Kumar 1 Sanjay Patel 2 Purushottam Patel 3 Rakesh Patel 4

Cryptography Introduction

Chapter 8. Network Security. Need for Security. An Introduction to Cryptography. Transposition Ciphers One-Time Pads

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

SRI VENKATESWARA COLLEGE OF ENGINEERING

EEC-484/584 Computer Networks

ELECTRONICS DEPARTMENT

Chapter 8 Network Security

EEC-682/782 Computer Networks I

2/7/2013. CS 472 Network and System Security. Mohammad Almalag Lecture 2 January 22, Introduction To Cryptography

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005

ECE 646 Fall 2008 Multiple-choice test

Configuration of an IPSec VPN Server on RV130 and RV130W

JNTU World JNTU World. JNTU World. Cryptography and Network Security. Downloaded From JNTU World ( )( )JNTU World

Encryption. INST 346, Section 0201 April 3, 2018

Garantía y Seguridad en Sistemas y Redes

Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security. Chapter 2 Basics of Cryptography

CS 393 Network Security. Nasir Memon Polytechnic University Module 12 SSL

2.1 Basic Cryptography Concepts

CIS 4360 Introduction to Computer Security Fall WITH ANSWERS in bold. First Midterm

Junos Security. Chapter 8: IPsec VPNs Juniper Networks, Inc. All rights reserved. Worldwide Education Services

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

Prof. Shervin Shirmohammadi SITE, University of Ottawa. Security Architecture. Lecture 13: Prof. Shervin Shirmohammadi CEG

Conventional Encryption Principles Conventional Encryption Algorithms Cipher Block Modes of Operation Location of Encryption Devices Key Distribution

Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security

WAP Security. Helsinki University of Technology S Security of Communication Protocols

Outline. Cryptography. Encryption/Decryption. Basic Concepts and Definitions. Cryptography vs. Steganography. Cryptography: the art of secret writing

Authentication CHAPTER 17

The Rectangle Attack

Transcription:

Glenda Whitbeck Global Computing Security Architect Spirit AeroSystems

History 2000 B.C. Egyptian Hieroglyphics Atbash - Hebrew Original alphabet mapped to different letter Type of Substitution Cipher monoalphabetic (multiple alphabets would be polyalphabetic) 400 B.C. Spartans scytale cipher Papyrus wrapped around a staff 100-44 B.C. Caesar cipher Shifted alphabet by 3 letters Alphabet is the algorithm, key is the # shifted 16 th Century Vigenere Cipher Polalphabetic that used table where intersection between plaintext and key word repeated as necessary produced ciphertext World War II Germany s Enigma machine

Confidentiality Read by Authorized Entities Only Integrity Data hasn t been altered Authentication Verifies identity of user Authorization Provides key or password to allow access Nonrepudiation Ensures sender can t deny sending the message

Algorithm Confusion (substitution) Diffusion (transposition) Known or Secret More Secure? Kerckhoff s Principle Algorithm should be Publicly Known Key Management Protect Keys and Keep Secret Length of the Key Initialization Vectors Random values used with algorithms to prevent patterns Implementation

Running Key Cipher Use of things around you Example Book #, Page #, Line #, 5 th Word Concealment Cipher Hidden in a message (like every 4 th word) Block Cipher Message divided into blocks Each block is encrypted separately Steam Cipher Encrypts individual bits of the message One bit is XORed to message bits

Symmetric Asymmetric Characteristics Confidentiality only Not Scalable n users need n(n-1)/2 keys Key Management Difficult Used to encrypt Bulk Data Block Ciphers S-boxes for substitution & transposition Modes (ECB, CBC, CFB, OFB, CTR) Examples - DES, 3DES, Blowfish, Twofish, IDEA RC5,RC6, AES, SAFER, Serpent Steam Ciphers More difficult to get right Key stream generators XOR bits Example RC4 Characteristics Used by Public Key Cryptography Used to Encrypt Keys (except Diffie-Hellman) Provides Authentication and Non-Repudiation Based on one-way function which is easier to compute one direction and hard the opposite direction Private key knows how to get through the trapdoor Examples El Gamal Slowest Eliiptic Curve Cryptosystems most efficient LUC Knapsack Insecure

Provide Authentication Nonrepudiation Integrity Uses Hash For Integrity Sender uses hash to create message digest Receiver also uses hash and compares Uses Asymmetric Algorithm To encrypt hash with senders Private Key for Nonrepudiation and authentication Unencrypted with senders Public Key and compared

Run Message Through Hash to get Message Digest Send Decrypt Message Digest Provides Integrity, Authentication and Nonrepudiation Encrypt with Private Key Append to Message Runs Message through Hash Compare Message Digests

128 bit MD MD2 MD4 MD5 Ripe MD-128 160 bit MD SHA-1 Ripe MD-160 Others SHA- 256,384,512 HAVAL Variable Tiger 192- bit digest

Encryption provides confidentiality Running through a hash provides integrity Digital Signatures provide Authentication, Nonrepudiation and Integrity Encryption with Digital Signature provides Confidentiality, Authentication, Nonrepudiation and Integrity

RA Certification Registration Verifies Identification of Requestor Acts as Broker Between User and CA CA Trusted Organization or Server Creates, Signs and Hands out Certificates Vouches for Person s Identity Certificate Revocation List (CRL) Certificate Serial # Version # Identity Info Algorithm Lifetime Dates Signature of Issuing Authority

Multipurpose Internet Mail Extension (MIME) Secure MIME (SMIME) Encryption Digital Signing Extends MIME Standard Encryption and Hashing Algorithms Can be Specified Follows Public Key Cryptography Standards (PKCS) Provides Confidentiality (encryption), Integrity (Hashing), Authentication (through X.509 Certs) and Nonrepudiation (Signed Message Digests) Pretty Good Privacy

HTTP Secure (HTTPS) HTTP running over SSL (Secure Sockets Layer) Client Generates Session Key and Encrypts with Server Public Key Protects Channel Secure HTTP (S-HTTP) Protects Each Message Secure Electronic Transfer (SET) Proposed by Visa and MasterCard For More Secure Credit Card Transactions Involves Issuer, Cardholder, Merchant, Acquirer, Payment Gateway All Would Have to Upgrade Software So Not Fully Implemented Yet Secure Shell (SSH) Tunneling Mechanism

Internet Protocol Security (IPSEC) Method of setting up a secure channel Open modular framework Uses two basic protocols Authentication Header Provides authentication and integrity Encapsulating Security Payload Provides both those and confidentiality Each Device has Security Association s (SA) Configurations it Can Support Used to Negotiate Needs 1 Inbound and 1 Outbound for All Connections Security Parameter Index (SPI) Keeps track of all the SA s Key Management De Facto Standard is Internet Key Exchange (IKE)

Cipher-Only Known-Plaintext Chosen-Plaintext Chosen-Ciphertext Adaptive. Differential Cryptanalysis Linear Cryptanalysis Side-Channel Attacks Replay Attacks Algebraic Attacks Analytic Attacks Statistical Attacks

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback