Encryption I. An Introduction

Similar documents
Computer Security: Principles and Practice

1.264 Lecture 28. Cryptography: Asymmetric keys

Encryption. INST 346, Section 0201 April 3, 2018

Cryptography (Overview)

The question paper contains 40 multiple choice questions with four choices and students will have to pick the correct one (each carrying ½ marks.).

CSE 127: Computer Security Cryptography. Kirill Levchenko

Cryptography MIS

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

Ref:

CSC 474/574 Information Systems Security

CSCE 715: Network Systems Security

Message Authentication Codes and Cryptographic Hash Functions

9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

Cryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng

APNIC elearning: Cryptography Basics

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

Cryptography. some history. modern secret key cryptography. public key cryptography. cryptography in practice

Cryptographic Concepts

Authentication CHAPTER 17

Cryptographic Hash Functions. William R. Speirs

Chapter 8 Security. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Basics of Cryptography

Lecture 9a: Secure Sockets Layer (SSL) March, 2004

Cipher Suite Configuration Mode Commands

Kurose & Ross, Chapters (5 th ed.)

NIST Cryptographic Toolkit

Overview. SSL Cryptography Overview CHAPTER 1

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

CIS 4360 Introduction to Computer Security Fall WITH ANSWERS in bold. First Midterm

Computer Security 3/23/18

Message Authentication and Hash function

Public-key Cryptography: Theory and Practice

Lecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005

Symmetric, Asymmetric, and One Way Technologies

Outline. Data Encryption Standard. Symmetric-Key Algorithms. Lecture 4

Introduction to Network Security Missouri S&T University CPE 5420 Data Integrity Algorithms

Winter 2011 Josh Benaloh Brian LaMacchia

Cryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology

Secret Key Cryptography

A hash function is strongly collision-free if it is computationally infeasible to find different messages M and M such that H(M) = H(M ).

S. Erfani, ECE Dept., University of Windsor Network Security

Security. Communication security. System Security

Uses of Cryptography

Practical Aspects of Modern Cryptography

ח'/סיון/תשע "א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms

Computer Security. Two main issues are current regarding security for computer communication systems

Lecture 6: Symmetric Cryptography. CS 5430 February 21, 2018

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L

06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security

PROTECTING CONVERSATIONS

CIS 4360 Secure Computer Systems Symmetric Cryptography

Route1 FIPS Cryptographic Module

Elaine Barker and Allen Roginsky NIST June 29, 2010

SECURITY IN NETWORKS

Introduction to Cryptography

CSC 774 Network Security

Jaap van Ginkel Security of Systems and Networks

Introduction to Modern Symmetric-Key Ciphers

BCA III Network security and Cryptography Examination-2016 Model Paper 1

A hash function is strongly collision-free if it is computationally infeasible to find different messages M and M such that H(M) = H(M ).

How many DES keys, on the average, encrypt a particular plaintext block to a particular ciphertext block?

Security: Cryptography

Cryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL

Introduction to Cryptography. Vasil Slavov William Jewell College

FIPS Non-Proprietary Security Policy

PASSWORDS & ENCRYPTION

ASYMMETRIC CRYPTOGRAPHY

Data Encryption Standard (DES)

Encryption Details COMP620

Spring 2010: CS419 Computer Security

CSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography

SECURITY IN NETWORKS 1

Lecture 1 Applied Cryptography (Part 1)

Outline. CSCI 454/554 Computer and Network Security. Introduction. Topic 5.2 Public Key Cryptography. 1. Introduction 2. RSA

Distributed Systems. Lecture 14: Security. Distributed Systems 1

Internet and Intranet Protocols and Applications

Public Key Algorithms

Distributed Systems. Lecture 14: Security. 5 March,

A simple approach of Peer-to-Peer E-Cash system

Cryptographic Hash Functions. Rocky K. C. Chang, February 5, 2015

Outline. Public Key Cryptography. Applications of Public Key Crypto. Applications (Cont d)

Basic Concepts and Definitions. CSC/ECE 574 Computer and Network Security. Outline

Lecture 19: cryptographic algorithms

Acronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector

Cryptography Functions

Cryptography in Lotus Notes/Domino Pragmatic Introduction for Administrators

Introduction to Software Security Hash Functions (Chapter 5)

Lecture 15: Cryptographic algorithms

P2_L6 Symmetric Encryption Page 1

CSC/ECE 774 Advanced Network Security

Cryptography and Network Security. Sixth Edition by William Stallings

Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls

Chapter 6. New HASH Function. 6.1 Message Authentication. Message authentication is a mechanism or service used for verifying

Key Exchange. Secure Software Systems

Other Uses of Cryptography. Cryptography Goals. Basic Problem and Terminology. Other Uses of Cryptography. What Can Go Wrong? Why Do We Need a Key?

Cryptographic Hash Functions

Delineation of Trivial PGP Security

Public Key Cryptography

ISA 662 Internet Security Protocols. Outline. Prime Numbers (I) Beauty of Mathematics. Division (II) Division (I)

Network Security Chapter 8

Transcription:

Encryption I An Introduction

Reading List ADO and SQL Server Security A Simple Guide to Cryptography Protecting Private Data with the Cryptography Namespaces Using MD5 to Encrypt Passwords in a Database Building Secure ASP.NET Applications

Cryptography An science that was originally used for military communications and designed to should it fall into the hands of the enemy.

Cryptography Recent Implementations Authenticating network users Ensuring Preventing users from rejecting ownership of their transmitted messages Secure Communications

Encryption The name given to the process of, which scrambles the data in it making it very difficult and time consuming, if not practically impossible, to deduce the original given only the encoded data.

Encryption Keys Inputs to the encryption algorithm typically involve additional called keys. Prevents the message from being, even if the algorithm is publicly known.

Encryption Safekeeping of Keys Protect them,, of keys must be protected An encrypted message with a known Key is not encrypted at all

Encryption Strength of an encryption Dependent on two factors: Nature of the of the Keys involved

Encryption Hacking Brute Force Trying every possible key until the decrypted message has been found. 40-bit encryption standard (until recently) Easily broken by Brute Force 128-bit encryption Now required to ensure confidence

Types of cryptography Symmetric Cryptography à  Secret Keys Same Key is used for both encryption and decryption Problem: The receiver needs the key. How do you get the key to them, securely? Weakness of symmetric cryptography.

Symmetric Cryptography Plain Text Algorithm CipherText Plain Text Algorithm CipherText The decryption key on the bottom is identical to the encryption key on the top.

Types of cryptography Asymmetric Cryptography à  Public/Private Keys Uses 2 keys that are mathematically related Key Never revealed Key Freely given out

Asymmetric Cryptography Public / Private Keys If the keys are long enough, it is practically impossible to determine one from another Processing required is CPU intensive Potential performance problems

Asymmetric Cryptography RSA Public/Private Key algorithm Named for Rivest, Shamir, Adleman Patented by RSA Data Security in 77 Sender uses Receiver s public key to encrypt Only the receiver with the related private key can decrypt it

Asymmetric Cryptography Digital Signature A form of RSA Sender encrypts the message using their private key Anybody can decrypt the message using the sender s public key Meaning: The sender, who is the only person in possession of the private key, must have sent the message

Message Digest Digital fingerprint of a message Derived by applying a mathematical algorithm on a variable-length message Use a hash function

Hash functions A hash function H is a transformation that takes an input m and returns a fixed-size string, which is called the hash value h (that is, h = H(m)).

Hash functions Basic Requirements: The input can be of any length. The output has a fixed length. H(x) is relatively easy to compute for any given x. H(x) is one-way. H(x) is collision-free

Message Digest Use message digests to guarantee that no one has tampered with a message during its transit over a network. If the message has been tampered with, the message and the digest will not correlate.

Hash functions Well known message digest hash functions: MD2 MD4 Secure Hash Algorithm (SHA)

MD2 Developed by Rivest in 1989. The message is first padded so its length in bytes is divisible by 16. A 16- byte checksum is then appended to the message, and the hash value is computed on the resulting message.

MD4 Developed by Rivest in 1990. The message is padded to ensure that its length in bits plus 64 is divisible by 512. A 64-bit binary representation of the original length of the message is then concatenated to the message. The message is processed in 512-bit blocks in the Damgård/Merkle iterative structure and each block is processed in three distinct rounds.

MD5 Developed by Rivest in 1991. It is basically MD4 with "safety-belts" and while it is slightly slower than MD4, it is more secure The algorithm consists of four distinct rounds, which has a slightly different design from that of MD4. Messagedigest size, as well as padding requirements, remain the same.

SHA Developed by the National Institute of Standards and Technologies (NIST) The algorithm takes a message of less than 2 64 bits in length and produces a 160-bit message digest. The algorithm is slightly slower than MD5, but the larger message digest makes it more secure against bruteforce collision and inversion attacks

DES Symmetric Encryption Algorithm Data Encryption Standard Published in 1977 by the National Bureau of Standards. Became an ANSI standard. Single DES is permitted only for legacy systems.

Triple DES Symmetric Encryption Algorithm The latest Federal Information Processing Standard (FIPS) which describes the DES includes a definition for Triple-DES. TDEA is "the FIPS approved symmetric algorithm of choice." Within a few years, DES and triple- DES will be replaced with the AES

Triple DES The idea behind Triple DES is to improve the security of DES by applying DES encryption three times using three different keys. This way the effective key length becomes 56 x 3 = 168 bits which makes brute-force attacks virtually impossible.

DES & TDES Has DES been broken? No easy attack on DES has been discovered, despite the efforts of researchers over many years. The obvious method of attack is a brute-force exhaustive search of the key space; this process takes 255 steps on average.

AES Symmetric Encryption Algorithm Advanced Encryption Standard Successor to Published in November of 2002 Published by Intent: To have a cipher that will remain secure well into the next century.

AES AES supports key sizes of 128 bits, 192 bits, and 256 bits, in contrast to the 56-bit keys offered by DES. Over time, many implementations are expected to upgrade to AES, both because it offers a 128-bit key size, and because it is a federal standard.

AES Algorithm - Rijndael NIST selected Rijndael as the AES algorithm. The algorithm's developers have suggested the following pronunciation alternatives: "Reign Dahl", "Rain Doll", and "Rhine Dahl".

RSA SecurID RSA SecurID two-factor authentication is based on: something you (a password or PIN) and something you (an authenticator) providing a much more reliable level of user authentication than reusable passwords.

RSA SecurID Provides user authentications options for: VPNs Wireless Communications Email Intranets, Extranets Web Servers Other

SQL Server Encryption SQL Server has built-in encryption to protect various types of sensitive data. In some cases, this encryption is completely transparent to you; things are encrypted when they're stored and decrypted automatically when they're used.

SQL Server Encryption In other cases, you can choose whether data should be encrypted or not. SQL Server can encrypt the following components: Passwords Definitions of stored procedures, views, triggers, user-defined functions, defaults, and rules Data sent between the server and the client

SQL Server Encryption SQL Server automatically encrypts the passwords that you assign to logins and application roles. Even if you look directly into the system tables in the master database, you won't find actual passwords. You don't need to do anything to enable this feature; in fact, you can't disable it

SQL Server Encryption You may have noticed something obviously missing from this list of things that can be encrypted: the data in your tables. SQL Server doesn't offer any built-in support for encrypting your own data before you store it.

Further Research http://www.rsasecurity.com http://msdn.microsoft.com/library/defa ult.asp?url=/library/enus/dnnetsec/html/secnetlpmsdn.asp

Moral of the Story Some encryption is better than no encryption at all. When possible, encrypt sensitive data

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback