Computer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University

Similar documents
Cryptographic Concepts

19.1. Security must consider external environment of the system, and protect it from:

Computers and Security

Network Security Issues and Cryptography

Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls

CSC 474/574 Information Systems Security

Lecture 19: cryptographic algorithms

Introduction. CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell

Lecture 15: Cryptographic algorithms

1.264 Lecture 28. Cryptography: Asymmetric keys

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

Assignment 9 / Cryptography

Introduction to Cryptography

2.1 Basic Cryptography Concepts

CRYPTOLOGY KEY MANAGEMENT CRYPTOGRAPHY CRYPTANALYSIS. Cryptanalytic. Brute-Force. Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext

Security. Communication security. System Security

Protecting Information Assets - Week 11 - Cryptography, Public Key Encryption and Digital Signatures. MIS 5206 Protecting Information Assets

Computer Security: Principles and Practice

Encryption and Forensics/Data Hiding

Network Security and Cryptography. 2 September Marking Scheme

Verteilte Systeme (Distributed Systems)

Key Exchange. References: Applied Cryptography, Bruce Schneier Cryptography and Network Securiy, Willian Stallings

Module 20: Security. The Security Problem Authentication Program Threats System Threats Threat Monitoring Encryption. Operating System Concepts 20.

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

CSC/ECE 774 Advanced Network Security

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L

Distributed Systems. Lecture 14: Security. Distributed Systems 1

Distributed Systems. Lecture 14: Security. 5 March,

COMP4109 : Applied Cryptography

9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

Most Common Security Threats (cont.)

Message authentication. Why message authentication. Authentication primitives. and secure hashing. To prevent against:

Cryptography III. Public-Key Cryptography Digital Signatures. 2/1/18 Cryptography III

Cryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng

Classical Cryptography. Thierry Sans

Garantía y Seguridad en Sistemas y Redes

Other Uses of Cryptography. Cryptography Goals. Basic Problem and Terminology. Other Uses of Cryptography. What Can Go Wrong? Why Do We Need a Key?

Chapter 9 Public Key Cryptography. WANG YANG

Security: Cryptography

Cryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL

SE420 Software Quality Assurance

Number Theory and RSA Public-Key Encryption

Protection and Security. Sarah Diesburg Operating Systems CS 3430

CS Computer Networks 1: Authentication

ASYMMETRIC CRYPTOGRAPHY

KALASALINGAM UNIVERSITY

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Sankalchand Patel College of Engineering, Visnagar Department of Computer Engineering & Information Technology. Question Bank

SSH PK Authentication and Auto login configuration for Chassis Management Controller

ICT 6541 Applied Cryptography Lecture 8 Entity Authentication/Identification

1-7 Attacks on Cryptosystems

Lecture IV : Cryptography, Fundamentals

Public-key Cryptography: Theory and Practice

BS801E-BSCS. Cryptography

CSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography

Network Security and Cryptography. December Sample Exam Marking Scheme

e-commerce Study Guide Test 2. Security Chapter 10

The Network Security Model. What can an adversary do? Who might Bob and Alice be? Computer Networks 12/2/2009. CSC 257/457 - Fall

Outline. CSCI 454/554 Computer and Network Security. Introduction. Topic 5.2 Public Key Cryptography. 1. Introduction 2. RSA

CUNY John Jay College of Criminal Justice MATH AND COMPUTER SCIENCE

Security in Distributed Systems. Network Security

Chapter 15: Security. Operating System Concepts 8 th Edition,

Encryption Details COMP620

18-642: Cryptography 11/15/ Philip Koopman

Crypto-systems all around us ATM machines Remote logins using SSH Web browsers (https invokes Secure Socket Layer (SSL))

Cristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.

CSCE 715: Network Systems Security

Amorphic Encryption. Egger Mielberg

Outline. Public Key Cryptography. Applications of Public Key Crypto. Applications (Cont d)

(2½ hours) Total Marks: 75

A New Symmetric Key Algorithm for Modern Cryptography Rupesh Kumar 1 Sanjay Patel 2 Purushottam Patel 3 Rakesh Patel 4

A Proposed Method for Cryptography using Random Key and Rotation of Text

Lecture 1 Applied Cryptography (Part 1)

PYTHIA SERVICE BY VIRGIL SECURITY WHITE PAPER

CRYPTOGRAPHY AND NETWORK SECURITY. K. Lakshmi Priya 1, P.Rubha 2,M.Niranjana 3 INTRODUCTION: ABSTRACT:

Analysis of Cryptography and Pseudorandom Numbers

NETWORK SECURITY & CRYPTOGRAPHY

ISACA CISA. ISACA CISA ( Certified Information Systems Auditor ) Download Full Version :

key distribution requirements for public key algorithms asymmetric (or public) key algorithms

Web Tap Payment Authentication and Encryption With Zero Customer Effort

What did we talk about last time? Public key cryptography A little number theory

Public Key Cryptography

The question paper contains 40 multiple choice questions with four choices and students will have to pick the correct one (each carrying ½ marks.).

Chapter 15: Security. Chapter 15: Security

David Wetherall, with some slides from Radia Perlman s security lectures.

HOST Authentication Overview ECE 525

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

CS408 Cryptography & Internet Security

CS408 Cryptography & Internet Security

Cryptography (Overview)

Authentication. Overview of Authentication systems. IT352 Network Security Najwa AlGhamdi

Public Key Algorithms

CRYPTOGRAPHY. BY, Ayesha Farhin

Security Digital Certificate Manager

Study on data encryption technology in network information security. Jianliang Meng, Tao Wu a

Sectigo Security Solution

Lecture 6: Overview of Public-Key Cryptography and RSA

RSA. Public Key CryptoSystem

Introduction to Cryptography. Vasil Slavov William Jewell College

The Security Problem

Transcription:

Computer Networks Network Security and Ethics Week 14 College of Information Science and Engineering Ritsumeikan University

Security Intro for Admins l Network administrators can break security into two parts: internal and external security l Internal security is acting to prevent and handle internal threats, that is threats from authorized users l External security is acting to prevent and handle threats from non-users

Internal Security Threats l Users may access data or services not intended for them and may take it out of protected areas or give it to unauthorized people, other users data or system or corporate data l Users may use services or systems for criminal or unauthorized activity l Users may impersonate other users l Users may compromise security by accident, such as by worm or virus

Internal Security Tasks l Managing user accounts l Managing access permissions by groups or by account type user, system (for access to specific functions), or root account (superuser) l Password policy management l File and directory permissions l Educating and handling user support for security understanding and compliance

External Security Threats l Front-door threats may occur when a non-user gains access to a password or cracks an access system (for example by brute force or by guessing) l Back-door threats occur from unpatched bugs in software and from intentional back doors in malicious software l Denial-of-service (DoS) attacks are typically used to eat up CPU time and network processes, thus making services unavailable

External Security Tasks l Examining access logs for suspicious access attempts or successes l Scanning incoming data from network or from other IO devices for known malicious software l Manage access from external sources and limit them to those that absolutely require outside access l Limit internal access to servers providing external services

Information Security Issues l Confidentiality sending data without letting others know any contents l Authentication establishing identity l Integrity and non-repudiation to be able to show that a message had a certain sender l Availability and Access keeping services available and accessible to the appropriate users 7

Confidentiality l Based on encryption and decryption l Secret algorithms or secret methods of transmission are not reliably secure l Instead, modern encryption depends on open (public) algorithms and secret (private) keys l Number theory offers a way to use both public keys and private keys together to allow open but confidential communication l Encryption and one-way functions are also the basis for other security issues, such as authentication, integrity, and non-repudiation 8

Basic Tools of Security l Modern security uses known algorithms l Extremely large pseudorandom numbers and prime numbers make finding passwords and keys by chance or by brute force very unlikely l Cryptographic hashing protects passwords and authenticates documents l Symmetric cryptography, such as block cryptography, is fast and strong l Asymmetric cryptography is slower but allows key exchange, public document signing, and authentication protocols 9

Symmetric Key Cryptography l Key is called symmetric-, secret-, private-, shared-, or single-key cryptography l The same key is used to encrypt and decrypt l A key in cryptography is generally a very large integer or set of integers and is used in a known (public) algorithm to encrypt and/or decrypt a message 38 72 3E BE 1E A2 5B 3A 66 D3 2C 39 6D 3A DB 6F A pseudo-randomly generated 128-bit key 10

Symmetric Key Cryptography Plaintext private key A Encrypted data private key A Plaintext Encryption algorithm Decryption algorithm l Sharing a key means more trust is needed and a system of key distribution is needed l Exchanging information with unknown agents would require a new key each time 11

Public-key Cryptography l In this method, a different key is used to encrypt and decrypt l The key for encryption can, therefore, be shared publically, even with untrusted agents l The numbers used are extremely large l The algorithms used are very well-known mathematically and thought to be secure, although this hasn t been shown conclusively l Brute force breaking even of 128 bit keys, for certain algorithms, is thought to be many decades away, if ever 12

Public Key Cryptography Plaintext public key A Encrypted data private key B Plaintext Encryption algorithm Decryption algorithm l The receiving agent shares the key with anyone who wants to transmit l The transmitting agent uses the public algorithm and public key to encrypt l Except by brute force, there is no known algorithm for using the public key to decrypt 13

Why Public Keys Work public key A (n, e) private (n, d) key B l The basic math is from over 200 years ago l Two prime numbers p and q are multiplied together to form p * q = n l Two other integers, d and e, are found such that d * e = 1, mod (p - 1) * ( q - 1) l Now we have M e d = M and M d e = M (all mod n) l The public key (n, e) is used to encrypt a plaintext char M to C by C = M e (mod n) l The private key (n, d) is used to decrypt C to plaintext char M by M = C d (mod n) 14

Is a Public Key Secure? l The algorithm relies on the fact that, other than brute force, there is no known way to find the two primes p and q from p * q l The number of possible prime numbers for most keys would take the fastest computers, even working in parallel, billions of years to find the factors l However, no one has proven mathematically that there is no possible way to factor p * q l If the implementation or handling of keys is poor, no system is secure 15

Known Plaintext Attack l One way the public-key system can be attacked is by taking some plaintext that might occur in the text and running it through the public key algorithm l This method will not find the private key but can find bits of plaintext that have been encrypted l For this and other reasons, encryption is usually combined with other security methods, plus compression to make such attacks more difficult 16

Public Keys for Other Purposes l Public key algorithms can be used for authentication and non-repudiation as well l These systems require more complex protocols involving trusted agents and careful exchange of signatures which include encrypted checksum results l All of these depend on one-way functions, which, like factoring, are easy to compute one-way but considered difficult (or even impossible) to reverse 17

Ethical Issues Tensions between government and governed: l Privacy the right to keep personal information and activities secret or closed l Openness the right to knowledge and unrestricted access to information l Intellectual Property the right to exercise control over original concepts and content l Neutrality and control networks should treat all communication the same, regardless of content l Literacy enabling access through education in computer science and networking Those who sacrifice liberty for security deserve neither [and will lose both] Benjamin Franklin 18

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback