Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

Similar documents
Chapter 5 Authentication and Basic Cryptography

Cryptographic Concepts

APNIC elearning: Cryptography Basics

Cryptography MIS

PASSWORDS & ENCRYPTION

Introduction to Cryptography. Vasil Slavov William Jewell College

Cryptography. Submitted to:- Ms Poonam Sharma Faculty, ABS,Manesar. Submitted by:- Hardeep Gaurav Jain

A New Symmetric Key Algorithm for Modern Cryptography Rupesh Kumar 1 Sanjay Patel 2 Purushottam Patel 3 Rakesh Patel 4

Ref:

Encryption. INST 346, Section 0201 April 3, 2018

Glenda Whitbeck Global Computing Security Architect Spirit AeroSystems

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

Cryptography and Network Security

Computer Security: Principles and Practice

Protecting Information Assets - Week 11 - Cryptography, Public Key Encryption and Digital Signatures. MIS 5206 Protecting Information Assets

Security. Communication security. System Security

06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security

Sankalchand Patel College of Engineering, Visnagar Department of Computer Engineering & Information Technology. Question Bank

Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls

Cryptography Introduction

Public Key Cryptography, OpenPGP, and Enigmail. 31/5/ Geek Girls Carrffots GVA

Introduction to Network Security Missouri S&T University CPE 5420 Data Integrity Algorithms

Outline. Data Encryption Standard. Symmetric-Key Algorithms. Lecture 4

Principles of Information Security, Fourth Edition. Chapter 8 Cryptography

Cryptography Symmetric Cryptography Asymmetric Cryptography Internet Communication. Telling Secrets. Secret Writing Through the Ages.

Uses of Cryptography

Lecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005

(2½ hours) Total Marks: 75

Delineation of Trivial PGP Security

Lecture 1 Applied Cryptography (Part 1)

Cryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL

EEC-682/782 Computer Networks I

Garantía y Seguridad en Sistemas y Redes

EEC-484/584 Computer Networks

Basic Concepts and Definitions. CSC/ECE 574 Computer and Network Security. Outline

Security: Cryptography

Public Key Algorithms

Kurose & Ross, Chapters (5 th ed.)

Chapter 8. Network Security. Need for Security. An Introduction to Cryptography. Transposition Ciphers One-Time Pads

CRYPTOLOGY KEY MANAGEMENT CRYPTOGRAPHY CRYPTANALYSIS. Cryptanalytic. Brute-Force. Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext

CCNA Security 1.1 Instructional Resource

Lecture 9a: Secure Sockets Layer (SSL) March, 2004

Cryptography (Overview)

CSC 474/574 Information Systems Security

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

CIS 4360 Secure Computer Systems Symmetric Cryptography

1.264 Lecture 28. Cryptography: Asymmetric keys

Network Security Essentials

Chapter 3 Traditional Symmetric-Key Ciphers 3.1

CSCI 454/554 Computer and Network Security. Topic 2. Introduction to Cryptography

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2

Computers and Security

Cryptographic Systems

Outline. Cryptography. Encryption/Decryption. Basic Concepts and Definitions. Cryptography vs. Steganography. Cryptography: the art of secret writing

Symmetric, Asymmetric, and One Way Technologies

Chapter 8. Network Security. Cryptography. Need for Security. An Introduction to Cryptography 10/7/2010

NETWORK SECURITY & CRYPTOGRAPHY

Basics of Cryptography

Cryptography=To protect transmitted info from being read and understood by anyone but the recipient.

Introduction to Symmetric Cryptography

Chapter 8 Security. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Introduction and Overview. Why CSCI 454/554?

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L

Introduction. CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell

CSE 127: Computer Security Cryptography. Kirill Levchenko

Cryptography Functions

LECTURE 4: Cryptography

Encryption I. An Introduction

Classical Cryptography. Thierry Sans

ROEVER ENGINEERING COLLEGE Elambalur,Perambalur DEPARTMENT OF CSE NP UNIT-I

KALASALINGAM UNIVERSITY

Topics. Number Theory Review. Public Key Cryptography

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

CSC 8560 Computer Networks: Network Security

ח'/סיון/תשע "א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms

BCA III Network security and Cryptography Examination-2016 Model Paper 1

Some Stuff About Crypto

Introduction to Cyber Security Week 2: Cryptography. Ming Chow

14. Internet Security (J. Kurose)

SSH PK Authentication and Auto login configuration for Chassis Management Controller

Acronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Other Uses of Cryptography. Cryptography Goals. Basic Problem and Terminology. Other Uses of Cryptography. What Can Go Wrong? Why Do We Need a Key?

Cryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng

Module 13 Network Security. Version 1 ECE, IIT Kharagpur

The question paper contains 40 multiple choice questions with four choices and students will have to pick the correct one (each carrying ½ marks.).

9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

Lecture 6: Overview of Public-Key Cryptography and RSA

File and Disk Encryption

Classical Encryption Techniques. CSS 322 Security and Cryptography

Computer Security 3/23/18

10EC832: NETWORK SECURITY

Cipher Suite Configuration Mode Commands

SECURITY IN NETWORKS 1

CompTIA Security+ (Exam SY0-401) Course 01 Security Fundamentals

Cryptographic Techniques. Information Technologies for IPR Protections 2003/11/12 R107, CSIE Building

Block Ciphers and Data Encryption Standard. CSS Security and Cryptography

S. Erfani, ECE Dept., University of Windsor Network Security

2.1 Basic Cryptography Concepts

CRYPTOGRAPHY. BY, Ayesha Farhin

Transcription:

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 11 Basic Cryptography

Objectives Define cryptography Describe hashing List the basic symmetric cryptographic algorithms 2

Objectives (continued) Describe how asymmetric cryptography works List types of file and file system cryptography Explain how whole disk encryption works 3

Defining Cryptography Defining cryptography involves understanding what it is and what it can do It also involves understanding how cryptography can be used as a security tool to protect data 4

What Is Cryptography? Cryptography The science of transforming information into an unintelligible form while it is being transmitted or stored so that unauthorized users cannot access it Steganography Hides the existence of the data What appears to be a harmless image can contain hidden data embedded within the image Can use image files, audio files, or even video files to contain hidden information 5

What Is Cryptography? (continued) 6

What Is Cryptography? (continued) One of the most famous ancient cryptographers was Julius Caesar Caesar shifted each letter of his messages to his generals three places down in the alphabet Encryption Changing the original text to a secret message using cryptography Decryption Change the secret message back to its original form 7

8

Cryptography and Security Cryptography can provide basic security protection for information: Cryptography can protect the confidentiality of information Cryptography can protect the integrity of the information Cryptography can help ensure the availability of the data Cryptography can verify the authenticity of the sender Cryptography can enforce non-repudiation 9

Cryptography and Security (continued) 10

Cryptographic Algorithms There are three categories of cryptographic algorithms: Hashing algorithms Symmetric encryption algorithms Asymmetric encryption algorithms 11

Hashing Algorithms Hashing Also called a one-way hash A process for creating a unique signature for a set of data This signature, called a hash or digest, represents the contents Hashing is used only for integrity to ensure that: Information is in its original form No unauthorized person or malicious software has altered the data Hash created from a set of data cannot be reversed 12

Hashing Algorithms (continued) 13

Hashing Algorithms (continued) A hashing algorithm is considered secure if it has these characteristics: The ciphertext hash is a fixed size Two different sets of data cannot produce the same hash, which is known as a collision It should be impossible to produce a data set that has a desired or predefined hash The resulting hash ciphertext cannot be reversed The hash serves as a check to verify the message contents 14

Hashing Algorithms (continued) 15

Hashing Algorithms (continued) Hash values are often posted on Internet sites In order to verify the file integrity of files that can be downloaded 16

Hashing Algorithms (continued) 17

Hashing Algorithms (continued) 18

Message Digest (MD) Message Digest (MD) algorithm One common hash algorithm Three versions Message Digest 2 (MD2) Message Digest 4 (MD2) Message Digest 5 (MD2) 19

Secure Hash Algorithm (SHA) Secure Hash Algorithm (SHA) A more secure hash than MD A family of hashes SHA-1 Patterned after MD4, but creates a hash that is 160 bits in length instead of 128 bits SHA-2 Comprised of four variations, known as SHA-224, SHA-256, SHA-384, and SHA-512 Considered to be a secure hash 20

Whirlpool Whirlpool A relatively recent cryptographic hash function Has received international recognition and adoption by standards organizations Creates a hash of 512 bits 21

Password Hashes Another use for hashes is in storing passwords When a password for an account is created, the password is hashed and stored The Microsoft NT family of Windows operating systems hashes passwords in two different forms LM (LAN Manager) hash NTLM (New Technology LAN Manager) hash Most Linux systems use password-hashing algorithms such as MD5 Apple Mac OS X uses SHA-1 hashes 22

Symmetric Cryptographic Algorithms Symmetric cryptographic algorithms Use the same single key to encrypt and decrypt a message Also called private key cryptography Stream cipher Takes one character and replaces it with one character Substitution cipher The simplest type of stream cipher Simply substitutes one letter or character for another 23

24

Symmetric Cryptographic Algorithms (continued) 25

Symmetric Cryptographic Algorithms Transposition cipher (continued) A more complicated stream cipher Rearranges letters without changing them With most symmetric ciphers, the final step is to combine the cipher stream with the plaintext to create the ciphertext The process is accomplished through the exclusive OR (XOR) binary logic operation One-time pad (OTP) Combines a truly random key with the plaintext Security+ Guide to Network Security Fundamentals 26

Symmetric Cryptographic Algorithms (continued) 27

Symmetric Cryptographic Algorithms (continued) 28

Symmetric Cryptographic Algorithms Block cipher (continued) Manipulates an entire block of plaintext at one time Plaintext message is divided into separate blocks of 8 to 16 bytes And then each block is encrypted independently Stream cipher advantages and disadvantages Fast when the plaintext is short More prone to attack because the engine that generates the stream does not vary 29

Symmetric Cryptographic Algorithms (continued) Block cipher advantages and disadvantages Considered more secure because the output is more random Cipher is reset to its original state after each block is processed Results in the ciphertext being more difficult to break 30

Symmetric Cryptographic Algorithms (continued) 31

Symmetric Cryptographic Algorithms (continued) Data Encryption Standard (DES) One of the first widely popular symmetric cryptography algorithms DES is a block cipher and encrypts data in 64-bit blocks However, the 8-bit parity bit is ignored so the effective key length is only 56 bits Triple Data Encryption Standard (3DES) Designed to replace DES Uses three rounds of encryption instead of just one 32

Symmetric Cryptographic Algorithms (continued) 33

34

Symmetric Cryptographic Algorithms (continued) Advanced Encryption Standard (AES) Approved by the NIST in late 2000 as a replacement for DES AES performs three steps on every block (128 bits) of plaintext Within Step 2, multiple rounds are performed depending upon the key size Within each round, bytes are substituted and rearranged, and then special multiplication is performed based on the new arrangement 35

Other Algorithms Several other symmetric cryptographic algorithms are also used: Rivest Cipher (RC) family from RC1 to RC6 International Data Encryption Algorithm (IDEA) Blowfish Twofish 36

Asymmetric Cryptographic Algorithms Asymmetric cryptographic algorithms Also known as public key cryptography Uses two keys instead of one The public key is known to everyone and can be freely distributed The private key is known only to the recipient of the message Asymmetric cryptography can also be used to create a digital signature 37

38

Asymmetric Cryptographic Algorithms (continued) A digital signature can: Verify the sender Prove the integrity of the message Prevent the sender from disowning the message 39

40

41

Asymmetric Cryptographic Algorithms (continued) 42

RSA The most common asymmetric cryptography algorithm RSA multiplies two large prime numbers p and q To compute their product (n=pq) A number e is chosen that is less than n and a prime factor to (p-1)(q-1) Another number d is determined, so that (ed-1) is divisible by (p-1)(q-1) The public key is the pair (n,e) while the private key is (n,d) 43

Diffie-Hellman Diffie-Hellman Allows two users to share a secret key securely over a public network Once the key has been shared Then both parties can use it to encrypt and decrypt messages using symmetric cryptography 44

Elliptic Curve Cryptography Elliptic curve cryptography Uses elliptic curves An elliptic curve is a function drawn on an X-Y axis as a gently curved line By adding the values of two points on the curve, you can arrive at a third point on the curve The public aspect of an elliptic curve cryptosystem is that users share an elliptic curve and one point on the curve 45

Using Cryptography on Files and Disks Cryptography can also be used to protect large numbers of files on a system or an entire disk 46

File and File System Cryptography File system A method used by operating systems to store, retrieve, and organize files Pretty Good Privacy (PGP) One of the most widely used asymmetric cryptography system for files and e-mail messages on Windows systems GNU Privacy Guard (GPG) A similar open-source program PGP and GPG use both asymmetric and symmetric cryptography 47

File and File System Cryptography (continued) Microsoft Windows Encrypting File System (EFS) A cryptography system for Windows operating systems that use the Windows NTFS file system Because EFS is tightly integrated with the file system, file encryption and decryption are transparent to the user EFS encrypts the data as it is written to disk 48

Disk Cryptography Whole disk encryption Cryptography applied to entire disks Windows BitLocker A hardware-enabled data encryption feature Can encrypt the entire Windows volume Includes Windows system files as well as all user files Encrypts the entire system volume, including the Windows Registry and any temporary files that might hold confidential information 49

Disk Cryptography (continued) Trusted Platform Module (TPM) A chip on the motherboard of the computer that provides cryptographic services Includes a true random number generator Can measure and test key components as the computer is starting up If the computer does not support hardware-based TPM then the encryption keys for securing the data on the hard drive can be stored by BitLocker on a USB flash drive 50

Summary Cryptography is the science of transforming information into a secure form while it is being transmitted or stored so that unauthorized users cannot access it Hashing creates a unique signature, called a hash or digest, which represents the contents of the original text Symmetric cryptography, also called private key cryptography, uses a single key to encrypt and decrypt a message 51

Summary (continued) Asymmetric cryptography, also known as public key cryptography, uses two keys instead of one Cryptography can also be used to protect large numbers of files on a system or an entire disk 52

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback