Cryptographic Key Management Concepts Ralph Spencer Poore Payoff
|
|
- Monica Blankenship
- 8 years ago
- Views:
Transcription
1 Cryptographic Key Management Concepts Ralph Spencer Poore Payoff Cryptology, which embraces both the creation of cipher systems (i.e., cryptography)and the breaking of those systems (i.e., cryptanalysis), has a long history. However, until the last two decades, it held little practical interest for business. Today's proliferation of computers and networks has brought cryptography and cryptanalysis to center stage, because open network environments present security problems that only cryptography can solve. This article provides a broad overview of cryptography and key management principles that will aid IS security professionals to manage and protect information assets. Introduction Cryptography, the art of secret writing, has existed for almost as long as writing itself. Originally, the use of symbols to represent letters or words in phrases was a skill reserved to the scribes or learned clerics. However, for a scribe's work to be truly useful, others needed the ability to read the scribe's work. As standardized writing and reading skills became more widespread, the risk of unauthorized reading increased. Primarily for purposes of political intrigue and military secrecy, practical applications of secret writing evolved. Examples of simple alphabetic substitution ciphers date back to the time of Julius Caesar. Caesar is honored today by the naming of an entire class of monoalphabetic substitution ciphers after him. Exhibit 1, translated into the modern alphabet, is a representation of a cipher Julius Caesar is believed to have used. Caesar Alphabet ABCDEFGHIJKLMNOPQRSTUVWXYZ DEFGHIJKLMNOPQRSTUVWXYZABC ABCDEFGHIJKLMNOPQRSTUVWXYZ DEFGHIJKLMNOPQRSTUVWXYZABC The rotation of the alphabet by three places is enough to transform a simple plaintext message from we attack to the north at dawn into ZH DWWDFN WR WKH QRUWK DW GDZQ. By finding each letter of plaintext in the first alphabet and substituting the letter from the second alphabet, a ciphertext is generated. By finding each letter of the ciphertext in the lower alphabet and substituting the letter directly above it, the ciphertext is translated back into its plaintext. In general, any rotation of an alphabet is referred to as a Caesar alphabet. An improvement on the Caesar alphabet is the keyed monoalphabetic substitution cipher. Exhibit 2 illustrates the use of a key word or phrase. In this example, SHAZAM is the key word from which any duplicate letters (in this case the second A ) are removed, yielding SHAZM. The key word is then used for the first letters of the cipher alphabet with the unused letters following in order. The recipient of a coded message only needs to know the word SHAZAM to create the keyed cipher alphabet. Monoalphabetic Substitution Cipher
2 ABCDEFGHIJKLMNOPQRSTUVWXYZ SHAZMBCDEFGIJKLNOPQRTUVWXY ABCDEFGHIJKLMNOPQRSTUVWXYZ SHAZMBCDEFGIJKLNOPQRTUVWXY A further improvement, but one that requires the entire cipher alphabet to act as the key, is the use of a randomly generated cipher alphabet. All such monoalphabetic substitutions, however, are easily solved if enough ciphertext is available for frequency analysis and trialand-error substitutions. Monoalphabetic ciphers today are relegated to the entertainment section of the newspaper and no longer serve as protectors of secrecy. Polyalphabetic systems, however, still pose a challenge. In these systems, each letter comes from a cipher alphabet different from the previously enciphered letter. For example, a system rotating among four cipher alphabets would mean that each possible plaintext letter could be represented by any of four different ciphertext letters. Exhibit 3 provides an illustration. The cipher alphabets are labeled 1, 2, 3, and 4 respectively. The plaintext letter A could be represented by H, B, J, or K. The use of multiple alphabets complicates frequency analysis. On short messages, for example LAUNCH MISSILE NOW, the resulting ciphertext, DBCNZC LEYHDHL VXN, contains no matching letters that have the same plaintext meaning. The letter D, for example, is in the ciphertext twice, but the first time it decodes to the letter L, and the second time it decodes to the letter I. Similarly, the letter C decodes first to the letter U and then to the letter H. Very difficult ciphers used in World War II (e.g., ENIGMA) relied on more complex variations of this class of ciphers. They used multiple wheels where each wheel was a cipher alphabet. The wheels would advance some distance after each use. To decode, the wheels were needed, as well as their respective order and starting positions and the algorithm by which they were advanced. Polyalphabetic Cipher A H B J K B T I E A C Z D V T D X M O G E L X N O F P Q R S G V U T W H A C Z Y I B G D E J F E A U K W Y B C L D F G H M J K L R N S V Q M O N R X Z P R P M F Q K I Y X R C A W D S Y H U L T O Q S I U E L C B
3 V T N F J W M O I N X I S H P Y G J K Q Z Q T P V A H B J K B T I E A C Z D V T D X M O G E L X N O F P Q R S G V U T W H A C Z Y I B G D E J F E A U K W Y B C L D F G H M J K L R N S V Q M O N R X Z P R P M F Q K I Y X R C A W D S Y H U L T O Q S I U E L C B V T N F J W M O I N X I S H P Y G J K Q Z Q T P V Cryptography and Computers With the advent of computers, cryptography came of age. Computers could quickly execute complex algorithms and convert plaintext to ciphertext(i.e., encrypt) and ciphertext back to plaintext (i.e., decrypt) rapidly. Until the 1960s, however, cryptography was almost exclusively the property of governments. A prototype for commercial applications, IBM's Lucifer system was a hardware implementation of a 128-bit key system. This system became the basis for the Data Encryption Standard(DES), a 64-bit key system (8-bits of which were for parity leaving an effective key length of 56 bits), also known as the Data encryption algorithm (DEA) as codified in American National Standard X3.92. An Encryption Standard For dependable commercial use, secret or proprietary cryptographic algorithms are problematic. Secret or proprietary algorithms are, by definition, not interoperable. Each requires its own implementation, forcing companies into multiple, bilateral relationships that prevent vendors from obtaining economies of scale. As a practical matter, cryptographic security was cost-prohibitive for business use until DEA. With a standard algorithm, interoperability became feasible. High-quality cryptographic security became commercially viable. Auditors and security professionals should also understand two other important problems with secret algorithms. First, who vets the algorithm, or proves that it has no
4 weaknesses or trapdoors that permit solving of the encrypted text without the cryptographic key? This is both an issue of trust and an issue of competence. If the cryptographic section of the KGB certified to a US firm that a secret algorithm was very strong and should be used to protect all of the firm's trade secrets, would the US firm be wise in trusting the algorithm? The KGB certainly has the expertise, but could anyone trust an organization with a vested interest in intelligence-gathering to tell if a security weakness existed in the algorithm? Vetting cryptographic algorithms is not an exact science. Cryptographers design and cryptanalysts (first coined by W. F. Friedman in 1920 in his book Elements of Cryptanalysis) attempt to break new algorithms. When an algorithm is available to a large population of cryptographic experts (e.g., when it is made public), weaknesses, if any, are more likely to be found and published. With secret algorithms, weaknesses that are found are more likely to remain secret and secretly exploited. However, a secret algorithm is not without merit. If the algorithm is known, analysis of the algorithm and brute force attacks that use the algorithm are easier. In addition, a standard algorithm in widespread use will attract cryptanalysis. In issues of national security, secret algorithms remain appropriate. A publicly available algorithm is not the same as an algorithm codified in a standard. The source code or mathematical description of an algorithm may be found in a published book or on the Internet. Some algorithms, such as IDEA (International Data Encryption Algorithm)which is used in Pretty Good Privacy (PGP)to package a public key cryptographic algorithm, may prove to be quite strong, and others thought to be strong, such as Fast encryption algorithm (FEAL), may prove breakable. When an algorithm is publicly available, security rests solely with the secrecy of the cryptographic keys. This is true both in symmetric and asymmetric algorithms. Algorithms using the same key to decrypt as was used to encrypt are known as symmetric algorithms. The Data Encryption Algorithm (DEA) is a symmetric algorithm. If the key used to decrypt is not the same as the key used to encrypt, the algorithm is asymmetric. Public key algorithms, such as the Rivest_Shamir-Adleman Data Security algorithm, are asymmetric. Symmetric algorithms are sometimes called secret key algorithms, because the one key used for both encryption and decryption must remain secret. Asymmetric algorithms may have one or more public keys, but always have at least one private key. The private key must remain secret. Key Management Myths Cryptographic security that uses a standard, publicly available algorithm, such as the ANS X3.92 Data encryption algorithm (DEA), depends on the secrecy of the cryptographic key. Even with secret algorithms that use keys, the secrecy of at least one key (e.g., the private key used in public key cryptography) remains critical to the security of the cryptographic process. There are many common misunderstandings about managing cryptographic keys. These misunderstandings may be thought of as myths, and the following sections explain why they are wrong and describe correct procedures. The examples used discuss automated teller machine (ATM) and point-of-sale (POS) implementations that depend on DEA for personal identification number (PIN) privacy. The concepts, however, apply to most implementations of cryptography in which the objective is either message privacy or integrity. Some implementations may rely on fully automated key management processes. Even these may not be immune to key management fallacies.
5 Myth 1: A Key Qualifies as Randomly Generated if One or More Persons Create the Key Components from Their Imagination To meet the statistical test for randomly generated, each possible key in the key space must be equally likely. No matter how hard a person tries, he or she cannot make up numbers that will meet this requirement. Concatenating the nonrandom number choices of several persons does not result in a random number either. When people are asked to select a number at random, they automatically attempt to avoid a number that contains a pattern that they recognize. This is only one simple example of how people bias their selections. If a person wishes to create a random hexadecimal number, the person could number identical balls from 0 through 9 and A through F; place them in a large bowl; mix them; and select and remove a ball without looking. The person then records its value and places the ball back into the bowl. The process is repeated 16 times for each key component. Another alternative is the use of 64 coins of equal size (e.g., all pennies) and to toss them on to a flat surface. Then, by using a large straightedge (e.g., a yardstick), they are swept into a straight line. Starting from the left, the person records a 1 for each head and a 0 for each tail. The 64 bits can then be translated in blocks of four to form a 16, hexadecimal-character key. Most organizations, however, will simply have their cryptographic device generate an ersatz random number. It is common to see documentation refer to pseudo random numbers. These are numbers generated by a repeatable, algorithmic process but that exhibit properties ascribed to randomly generated numbers. These are referred to as ersatz random numbers here because pseudo means false, so that even a sequence that did not meet statistical requirements for randomness would meet the definition for pseudo. Ersatz means imitation : or artificial, and it more accurately describes the nature of these numbers. However, the term, pseudo random is well established, any linguistic concerns notwithstanding. Myth 2: An Authorized Person Can Create or Enter Cryptographic Keys Without Compromising a Key When a cryptographic key becomes known to anyone, it is compromised. For this reason, split knowledge controls are required. No individual should ever know an active key. To allow a person to know an active key places that person at risk (e.g., of extortion), places the organization at risk (e.g., for potential misuse or disclosure by that person), and creates the potential for accidental disclosure of the key through human error. Myth 3: Requiring a Second Person to Supervise or Observe the Key Entry Process Is Dual Control To qualify as a dual control process, it must be infeasible for any one person to perform the entire process alone. If one person can cause all of the essential steps to happen without the need for at least one additional person, dual control is not achieved. Because observation and supervision are passive activities, the absence of these would not prevent the process. If party A has the combination to the vault within an Asynchronous Transfer Mode and party B has the key to the ATM's locked door such that both parties must participate to gain access to the cryptographic device within the ATM, dual control exists. However, if party B learns the combination or party A gains access to the ATM's door key, dual control does not exist.
6 Myth 4: Split Knowledge and Dual Control Are Synonymous The concept of split knowledge means that two or more parties, each with independent knowledge of a cryptographic key component, are required jointly to create a cryptographic key of which each has no knowledge. Split knowledge meets the requirements for dual control, but not vice versa. The usual way of doing this is to create two teams of key entry persons. Team A will generate a full-length key component and record it. Team B will do the same. No member of Team A may ever see the Team B key components and vice versa. One member of each team is then needed to load a key. The use of key halves, which is common in the ATM/POS industry, does not qualify as split knowledge, because each person has knowledge of at least half of the actual key. True split knowledge requires that no one have any knowledge of the resulting key. The split knowledge requirement might be called the Sergeant Schultz principle from the Hogan's Heroes television program, in which Sergeant Schultz would say I know nothing, nothing!. Properly implemented, each key component holder should always be able to affirm that they know nothing about the resulting live key. An equally short name for dual control is the cannot principle. If one person cannot perform a function because the function can only be accomplished with the collective efforts of two or more persons, dual control exists. If any one person can accomplish all of the steps without anyone else, dual control does not exist. These two principles are essential to effective key management. An Overview of Key Management Whether an algorithm is kept secret or not, the cryptographic key or keys needed to decipher a message must remain secret to keep the communication private. Knowledge of the keys and any plaintext encrypted under those keys makes discernment of even a secret algorithm likely. Further, knowledge of the keys and the algorithm makes decryption of messages encrypted under those keys straightforward. The objective of key management is to prevent unauthorized disclosure of keying materials. When key management fails, cryptographic security fails. Three Rules of Key Management Three rules of key management must be followed if cryptographic keys are to remain secret. First, no human being should ever have access to active, cleartext keys. The old saw that two can keep a secret if one of them is dead could be recast for cryptography as two can keep a secret if both of them are dead. Second, whenever keys must be distributed and entered manually, only full-length key components should be used to facilitate split knowledge. Requiring that two (or more) full-length key components be entered, each by a separate individual who never sees any other component, can keep any one person from knowing the resulting key. The technique, known as split knowledge, is actually a zero knowledge process for each individual. Each key component (CnK, where n=1,2,...) conveys by itself no knowledge of the ultimate key. This is accomplished by implementing a function, such that C1K C2K results in a key dependent on every bit in both components. modulo 2 arithmetic without carry (or logical exclusive OR) is one example of such a function. Using the DEA itself with C1K as the data and C2K as the key is another example. Third, keys should be used only for a single purpose. If a key was intended to protect other keys, it should never be used to protect nonkey data. If the key was intended to authenticate messages, it should not be used to encrypt a message. Using the same key for more than one purpose may give a cryptanalyst a better opportunity to solve for the key. More significantly, it makes a key compromise more painful and less easily investigated when the key was used for multiple purposes.
7 Automated Key Management Systems of key generation do exist that require no human intervention or initial manual key distribution. Because such systems use proprietary approaches to key management, the buyer should exercise care. For example, a vendor may deliver each device with a fixed private key of a public key/private key pair. Each device would transmit its public key, resulting in an exchange of public keys. Each device could then encrypt a random value under the other party's public key and transmit this cryptogram of the random value. The receiving device could then decrypt the cryptogram using its private key and add (i.e., Modulo 2 addition without carry) the result to the cleartext, a randomly chosen value it had encrypted and sent, thereby creating a unique session key between the two devices. However, an interloper could intercept both public keys and spoof both sides by substituting public keys for which the interloper knew the private keys. Many different automated schemes for key exchange exist: some are known to be secure, some are probably secure, some are probably not secure, and some are not secure. Because many of the techniques are proprietary (i.e., trade secrets), evaluating them is difficult. Even when a vendor has patented a technique and is willing to fully disclose it, proving its security may require a cryptanalyst's expertise. Therefore, if a vendor describes what appears to be magic, remember that even David Copperfield relies on illusion. Cryptographic Security Issues In Open Networks The underlying assumption to open networks is the ability to establish arbitrary connections without previously having established a relationship. This poses a challenge for cryptographic key management, because arbitrary parties will not have preexisting keying relationships. Two different approaches have evolved to answer the challenge: the use of a hierarchy of trusted agents, and the use of key-exchange protocols. In one implementation of an hierarchy of trusted agents, an agent is referred to as a certificate authority (CA). This agent issues a cryptographic certificate that binds a key that represents one party to a chain of certificates from other CAs until a CA common to the parties that wish to communicate securely is reached. For example, Edward of Pan Omni Mega Corp. (POMC) wishes to send a secure message to Darwin of Central Middle Obcordate Partners (CMOP);however, Edward and Darwin have never before communicated. POMC subscribes to AT&T's Certificate Authority (ATT CA). CMOP subscribes to General Services Certificate Authority (GS CA) that, in turn, subscribes to MCI's Certificate Authority (MCI CA). AT&T and MCI have mutual keying relationships with the US Postal Service Certificate Authority (USPS CA). POMC's CA chain becomes POMC/ATT/USPS and CMOP's becomes CMOP/GS/MCI/USPS. By exchanging authenticated certificates of authority, POMC can establish a trusted keying relationship with CMOP without worrying about key substitution. If the chains are long, if transmission speed is slow, or if access to CA locations is limited, Edward may have a long wait. However, it will not be as long of a wait as a manual key distribution would force. If both Edward and Darwin have cryptographic facilities that support a common key exchange protocol, they may be able to establish, directly and securely, a cryptographic session key. As described in the previous section, however, a potential user may be unable to vet the vendor's techniques. (The term vet as used in cryptography means to investigate, examine, evaluate, or prove in a thorough or expert way. An enterprise should rely only on properly vetted algorithms or protocols; otherwise caveat emptor.) Issues Beyond Key Exchange Properly implemented, cryptographic security measures work. As a consequence of their effectiveness, governments have chosen to regulate their use and to attempt to control their availability. The US has taken a two-pronged approach: restricted export and key
8 escrow. The government treats cryptographic security implementations as if they were war munitions. Proliferation of strong cryptography may interfere with a government's intelligence operations. As long as the US can acquire and analyze the plans of other governments, the US can avoid(at least in theory) being caught unaware of hostile intentions. Although export controls over cryptography remain controversial, they are likely to remain in one form or another. Import controls reflect a nation's concern for its own exercise of sovereignty. Do secret messages contain government secrets? Do secret messages hide unlawful transactions? Are people evading taxes by electronic smuggling of software?import controls will remain an issue for many nations. For both import and export, governments generally base their restrictions on how effective the cryptography (including key management) is. Cryptographic effectiveness has at least three major components: The size of the cryptographic key space (i.e., how many possible keys there are). Whether the algorithm permits shortcuts in solving for the key. Whether the key management functions introduce weaknesses. (e.g., an early release of Netscape relied on a key generation process that was weaker than the resulting key space, making it possible to attack the key generation process to gain the key much faster than by attacking the key space.) Exporting cryptographic systems based on key spaces of 40-bits (i.e., those having 240 possible keys) or less no longer seems to be a problem for the US. However, to export more robust systems, the United States wants the parties to use key escrow. Key escrow is a process through which the cryptographic keys are entrusted to a third party who holds them securely until and unless forced to disclose them by a court order. This process is most controversial when that escrow agent is one or more elements of the government. Key escrow has two serious types of errors. The Type I error is if the key is disclosed without authorization. The Type II error is if the key becomes unavailable (i.e., corrupted, destroyed, or inaccessible) and cannot be disclosed when lawfully demanded. A Type I compromise places the information assets at risk. A Type II compromise places law enforcement at risk. Because zeroization of keys is a countermeasure used to prevent Type I failures (i.e., any attempt to tamper with the cryptographic equipment causes the keys to be set to zeroes), and because having backup copies of keying materials is a countermeasure for Type II failures, preventing both Type I and II failures is a difficult balancing act. It is not permitted to prevent a Type I failure by causing a Type II failure. Nor is it permitted to protect against a Type II failure by increasing the risk of a Type I failure. The National Institute of Standards and Technology (NIST),in a project directed by Dr. Miles Smid, developed protocols for handling key escrow within the constraints of this delicate balance. For additional information see Federal Information Processing Standard (FIPS)185, Escrowed Encryption Standard. Conclusion As cryptography becomes universal, so will cryptanalysis. The information security professional who knows little of cryptography knows little of security, because user authentication and access control; privacy protection and message integrity; audit trail assurance and nonrepudiation; and automatic records retention all depend on elements of cryptography. Understanding cryptographic key management and cryptographic implementations permits the secure management of the information assets of enterprises.
9 Author Biographies Ralph Spencer Poore Ralph Spencer Poore is Director of Information Security Services for the Dallas office of Coopers & Lybrand. As a member of the board of directors for the International Information Systems Security Certification Consortium and Chairperson of its Test Development Committee, he actively promotes information security as a profession.
Cryptographic Key Management Concepts
83 Cryptographic Key Management Concepts Ralph Spencer Poore 83.1 Cryptographic Security... 1067 ABrief History Cryptography and Computers An Encryption Standard 83.2 Key Management Myths... 1070 Myth
More informationHow To Encrypt With A 64 Bit Block Cipher
The Data Encryption Standard (DES) As mentioned earlier there are two main types of cryptography in use today - symmetric or secret key cryptography and asymmetric or public key cryptography. Symmetric
More informationPart I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai 2001. Siemens AG 2001, ICN M NT
Part I Contents Part I Introduction to Information Security Definition of Crypto Cryptographic Objectives Security Threats and Attacks The process Security Security Services Cryptography Cryptography (code
More informationIntroduction to Encryption
Computers and Society Introduction to Encryption Chris Brooks Department of Computer Science University of San Francisco Department of Computer Science University of San Francisco p.1/35 3-0: Terminology
More informationCryptography: Motivation. Data Structures and Algorithms Cryptography. Secret Writing Methods. Many areas have sensitive information, e.g.
Cryptography: Motivation Many areas have sensitive information, e.g. Data Structures and Algorithms Cryptography Goodrich & Tamassia Sections 3.1.3 & 3.1.4 Introduction Simple Methods Asymmetric methods:
More informationInsight Guide. Encryption: A Guide
Encryption: A Guide for Beginners If you read anything about information security, you re likely to have come across the word encryption. It s a fundamental building block when it comes to securing your
More informationNetwork Security. HIT Shimrit Tzur-David
Network Security HIT Shimrit Tzur-David 1 Goals: 2 Network Security Understand principles of network security: cryptography and its many uses beyond confidentiality authentication message integrity key
More informationContent Teaching Academy at James Madison University
Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect
More informationOverview/Questions. What is Cryptography? The Caesar Shift Cipher. CS101 Lecture 21: Overview of Cryptography
CS101 Lecture 21: Overview of Cryptography Codes and Ciphers Overview/Questions What is cryptography? What are the challenges of data encryption? What factors make an encryption strategy successful? What
More informationNetwork Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015
Network Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015 Chapter 2: Introduction to Cryptography What is cryptography? It is a process/art of mangling information in such a way so as to make it
More informationGuide to Data Field Encryption
Guide to Data Field Encryption Contents Introduction 2 Common Concepts and Glossary 3 Encryption 3 Data Field Encryption 3 Cryptography 3 Keys and Key Management 5 Secure Cryptographic Device 7 Considerations
More informationDr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010
CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Introduction to Cryptography What is cryptography?
More informationCSE331: Introduction to Networks and Security. Lecture 20 Fall 2006
CSE331: Introduction to Networks and Security Lecture 20 Fall 2006 Announcements Homework 2 has been assigned: **NEW DUE DATE** It's now due on Friday, November 3rd. Midterm 2 is Friday, November 10th
More informationNetwork Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23
Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest
More information1 Data Encryption Algorithm
Date: Monday, September 23, 2002 Prof.: Dr Jean-Yves Chouinard Design of Secure Computer Systems CSI4138/CEG4394 Notes on the Data Encryption Standard (DES) The Data Encryption Standard (DES) has been
More informationSecurity for Computer Networks
Security for Computer Networks An Introduction to Data Security in Teleprocessing and Electronic Funds Transfer D. W. Davies Consultant for Data Security and W. L. Price National Physical Laboratory, Teddington,
More informationSECURITY IN NETWORKS
SECURITY IN NETWORKS GOALS Understand principles of network security: Cryptography and its many uses beyond confidentiality Authentication Message integrity Security in practice: Security in application,
More informationIT Networks & Security CERT Luncheon Series: Cryptography
IT Networks & Security CERT Luncheon Series: Cryptography Presented by Addam Schroll, IT Security & Privacy Analyst 1 Outline History Terms & Definitions Symmetric and Asymmetric Algorithms Hashing PKI
More informationAn Introduction to Cryptography and Digital Signatures
An Introduction to Cryptography and Digital Signatures Author: Ian Curry March 2001 Version 2.0 Copyright 2001-2003 Entrust. All rights reserved. Cryptography The concept of securing messages through
More information159.334 Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology
Network Security 1 Professor Richard Harris School of Engineering and Advanced Technology Presentation Outline Overview of Identification and Authentication The importance of identification and Authentication
More informationNetwork Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室
Network Security 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Security Attacks Normal flow: sender receiver Interruption: Information source Information destination
More informationApplication Layer (1)
Application Layer (1) Functionality: providing applications (e-mail, Web service, USENET, ftp etc) providing support protocols to allow the real applications to function properly (e.g. HTTP for Web appl.)
More informationCryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur
Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Lecture No. # 11 Block Cipher Standards (DES) (Refer Slide
More informationData Encryption WHITE PAPER ON. Prepared by Mohammed Samiuddin. www.itmr.ac.in
01 0110 0001 01101 WHITE PAPER ON Data Encryption Prepared by Mohammed Samiuddin www.itmr.ac.in Contents INTRODUCTION... 2 NEED FOR DATA ENCRYPTION... 3 DUE CARE... 3 REPUTATIONAL RISK... 3 REGULATORY
More informationCryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Karagpur
Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Karagpur Lecture No. #06 Cryptanalysis of Classical Ciphers (Refer
More informationChapter 7: Network security
Chapter 7: Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer: secure e-mail transport
More informationCommon Pitfalls in Cryptography for Software Developers. OWASP AppSec Israel July 2006. The OWASP Foundation http://www.owasp.org/
Common Pitfalls in Cryptography for Software Developers OWASP AppSec Israel July 2006 Shay Zalalichin, CISSP AppSec Division Manager, Comsec Consulting shayz@comsecglobal.com Copyright 2006 - The OWASP
More informationHill s Cipher: Linear Algebra in Cryptography
Ryan Doyle Hill s Cipher: Linear Algebra in Cryptography Introduction: Since the beginning of written language, humans have wanted to share information secretly. The information could be orders from a
More informationSY0-201. system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users.
system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users. From a high-level standpoint, attacks on computer systems and networks can be grouped
More informationSecurity. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key
Friends and Enemies Security Outline Encryption lgorithms Protocols Message Integrity Protocols Key Distribution Firewalls Figure 7.1 goes here ob, lice want to communicate securely Trudy, the intruder
More informationINTRODUCTION to CRYPTOGRAPHY & CRYPTOGRAPHIC SERVICES on Z/OS BOSTON UNIVERSITY SECURITY CAMP MARCH 14, 2003
INTRODUCTION to CRYPTOGRAPHY & CRYPTOGRAPHIC SERVICES on Z/OS BOSTON UNIVERSITY SECURITY CAMP MARCH 14, 2003 History of Cryptography The concept of securing messages through cryptography has a long history.
More informationLecture 9 - Network Security TDTS41-2006 (ht1)
Lecture 9 - Network Security TDTS41-2006 (ht1) Prof. Dr. Christoph Schuba Linköpings University/IDA Schuba@IDA.LiU.SE Reading: Office hours: [Hal05] 10.1-10.2.3; 10.2.5-10.7.1; 10.8.1 9-10am on Oct. 4+5,
More informationKey Management Interoperability Protocol (KMIP)
(KMIP) Addressing the Need for Standardization in Enterprise Key Management Version 1.0, May 20, 2009 Copyright 2009 by the Organization for the Advancement of Structured Information Standards (OASIS).
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security Objectives Overview of IEEE 802.11 wireless security Define vulnerabilities of Open System Authentication,
More informationAdvanced Authentication
White Paper Advanced Authentication Introduction In this paper: Introduction 1 User Authentication 2 Device Authentication 3 Message Authentication 4 Advanced Authentication 5 Advanced Authentication is
More informationCIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives
CIS 6930 Emerging Topics in Network Security Topic 2. Network Security Primitives 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange; Hash functions; Application of hash
More informationWhat is network security?
Network security Network Security Srinidhi Varadarajan Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application
More informationCryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur
Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Module No. # 01 Lecture No. # 02 Overview on Modern Cryptography
More informationCryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur
Cryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur Module No. # 01 Lecture No. # 05 Classic Cryptosystems (Refer Slide Time: 00:42)
More informationFAREY FRACTION BASED VECTOR PROCESSING FOR SECURE DATA TRANSMISSION
FAREY FRACTION BASED VECTOR PROCESSING FOR SECURE DATA TRANSMISSION INTRODUCTION GANESH ESWAR KUMAR. P Dr. M.G.R University, Maduravoyal, Chennai. Email: geswarkumar@gmail.com Every day, millions of people
More informationChapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography
Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:
More informationTechniques of Asymmetric File Encryption. Alvin Li Thomas Jefferson High School For Science and Technology Computer Systems Lab
Techniques of Asymmetric File Encryption Alvin Li Thomas Jefferson High School For Science and Technology Computer Systems Lab Abstract As more and more people are linking to the Internet, threats to the
More informationSymmetric Key cryptosystem
SFWR C03: Computer Networks and Computer Security Mar 8-11 200 Lecturer: Kartik Krishnan Lectures 22-2 Symmetric Key cryptosystem Symmetric encryption, also referred to as conventional encryption or single
More informationApplication Layer (1)
Application Layer (1) Functionality: providing applications (e-mail, www, USENET etc) providing support protocols to allow the real applications to function properly security comprising a large number
More informationPRINCIPLES AND APPLICATIONS OF KEY MANAGEMENT
83-10-50 DATA SECURITY MANAGEMENT PRINCIPLES AND APPLICATIONS OF KEY MANAGEMENT William H. Murray INSIDE Key Management Defined, Modern Key Management, Principles of Key Management, Asymmetric Key Cryptography,
More informationProperties of Secure Network Communication
Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able to understand the contents of the transmitted message. Because eavesdroppers may intercept the message,
More informationThe Misuse of RC4 in Microsoft Word and Excel
The Misuse of RC4 in Microsoft Word and Excel Hongjun Wu Institute for Infocomm Research, Singapore hongjun@i2r.a-star.edu.sg Abstract. In this report, we point out a serious security flaw in Microsoft
More informationCRYPTOGRAPHY IN NETWORK SECURITY
ELE548 Research Essays CRYPTOGRAPHY IN NETWORK SECURITY AUTHOR: SHENGLI LI INSTRUCTOR: DR. JIEN-CHUNG LO Date: March 5, 1999 Computer network brings lots of great benefits and convenience to us. We can
More informationCounter Expertise Review on the TNO Security Analysis of the Dutch OV-Chipkaart. OV-Chipkaart Security Issues Tutorial for Non-Expert Readers
Counter Expertise Review on the TNO Security Analysis of the Dutch OV-Chipkaart OV-Chipkaart Security Issues Tutorial for Non-Expert Readers The current debate concerning the OV-Chipkaart security was
More information83-10-31 User Authentication: A Secure Networking Environment Ellen Bonsall Payoff
83-10-31 User Authentication: A Secure Networking Environment Ellen Bonsall Payoff After identifying network security requirements, defining the security process, setting policies and procedures, and defining
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 1 January 9, 2012 CPSC 467b, Lecture 1 1/22 Course Overview Symmetric Cryptography CPSC 467b, Lecture 1 2/22 Course Overview CPSC
More informationCyber Security Workshop Encryption Reference Manual
Cyber Security Workshop Encryption Reference Manual May 2015 Basic Concepts in Encoding and Encryption Binary Encoding Examples Encryption Cipher Examples 1 P a g e Encoding Concepts Binary Encoding Basics
More informationYALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE
YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE CPSC 467a: Cryptography and Computer Security Notes 1 (rev. 1) Professor M. J. Fischer September 3, 2008 1 Course Overview Lecture Notes 1 This course is
More informationCSE/EE 461 Lecture 23
CSE/EE 461 Lecture 23 Network Security David Wetherall djw@cs.washington.edu Last Time Naming Application Presentation How do we name hosts etc.? Session Transport Network Domain Name System (DNS) Data
More informationCryptography & Digital Signatures
Cryptography & Digital Signatures CS 594 Special Topics/Kent Law School: Computer and Network Privacy and Security: Ethical, Legal, and Technical Consideration Prof. Sloan s Slides, 2007, 2008 Robert H.
More informationEffective Secure Encryption Scheme [One Time Pad] Using Complement Approach Sharad Patil 1 Ajay Kumar 2
Effective Secure Encryption Scheme [One Time Pad] Using Complement Approach Sharad Patil 1 Ajay Kumar 2 Research Student, Bharti Vidyapeeth, Pune, India sd_patil057@rediffmail.com Modern College of Engineering,
More informationOverview of CSS SSL. SSL Cryptography Overview CHAPTER
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers
More informationCryptographic Modules, Security Level Enhanced. Endorsed by the Bundesamt für Sicherheit in der Informationstechnik
Common Criteria Protection Profile Cryptographic Modules, Security Level Enhanced BSI-CC-PP-0045 Endorsed by the Foreword This Protection Profile - Cryptographic Modules, Security Level Enhanced - is issued
More informationNetwork Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1
Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Goals v understand principles of network security: cryptography and its many uses beyond
More informationNetwork Security: Cryptography CS/SS G513 S.K. Sahay
Network Security: Cryptography CS/SS G513 S.K. Sahay BITS-Pilani, K.K. Birla Goa Campus, Goa S.K. Sahay Network Security: Cryptography 1 Introduction Network security: measure to protect data/information
More informationSecurity Digital Certificate Manager
System i Security Digital Certificate Manager Version 5 Release 4 System i Security Digital Certificate Manager Version 5 Release 4 Note Before using this information and the product it supports, be sure
More informationKey Management. CSC 490 Special Topics Computer and Network Security. Dr. Xiao Qin. Auburn University http://www.eng.auburn.edu/~xqin xqin@auburn.
CSC 490 Special Topics Computer and Network Security Key Management Dr. Xiao Qin Auburn University http://www.eng.auburn.edu/~xqin xqin@auburn.edu Slide 09-1 Overview Key exchange Session vs. interchange
More informationChapter 23. Database Security. Security Issues. Database Security
Chapter 23 Database Security Security Issues Legal and ethical issues Policy issues System-related issues The need to identify multiple security levels 2 Database Security A DBMS typically includes a database
More informationThe Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems
The Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems Becky Cutler Rebecca.cutler@tufts.edu Mentor: Professor Chris Gregg Abstract Modern day authentication systems
More informationCryptography: Authentication, Blind Signatures, and Digital Cash
Cryptography: Authentication, Blind Signatures, and Digital Cash Rebecca Bellovin 1 Introduction One of the most exciting ideas in cryptography in the past few decades, with the widest array of applications,
More informationCSCE 465 Computer & Network Security
CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Public Key Cryptogrophy 1 Roadmap Introduction RSA Diffie-Hellman Key Exchange Public key and
More informationSP 800-130 A Framework for Designing Cryptographic Key Management Systems. 5/25/2012 Lunch and Learn Scott Shorter
SP 800-130 A Framework for Designing Cryptographic Key Management Systems 5/25/2012 Lunch and Learn Scott Shorter Topics Follows the Sections of SP 800-130 draft 2: Introduction Framework Basics Goals
More informationCenter for Internet Security. INTEGRATED INTELLIGENCE CENTER Technical White Paper William F. Pelgrin, CIS President and CEO
INTEGRATED INTELLIGENCE CENTER Technical White Paper William F. Pelgrin, CIS President and CEO Private and Public Key Cryptography and Ransomware December 2014 Authored by:ted Fischer (CIS) Security Operations
More informationCSCE 465 Computer & Network Security
CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Secret Key Cryptography (I) 1 Introductory Remarks Roadmap Feistel Cipher DES AES Introduction
More informationMeeting the FDA s Requirements for Electronic Records and Electronic Signatures (21 CFR Part 11)
Meeting the FDA s Requirements for Electronic Records and Electronic Signatures (21 CFR Part 11) Executive Summary...3 Background...4 Internet Growth in the Pharmaceutical Industries...4 The Need for Security...4
More informationPayment Card Industry (PCI) PIN Security Requirements. Version 1.0
Payment Card Industry (PCI) PIN Security Requirements Version 1.0 September 2011 PCI Security Standards Council LLC 2011 This document and its contents may not be used, copied, disclosed, or distributed
More informationInformation Security
Information Security Dr. Vedat Coşkun Malardalen September 15th, 2009 08:00 10:00 vedatcoskun@isikun.edu.tr www.isikun.edu.tr/~vedatcoskun What needs to be secured? With the rapid advances in networked
More informationAn Introduction to digital signatures
An Introduction to digital signatures This document is an extract from the book Ecommerce - Legal Issues authored by Rohas Nagpal. This book is available as courseware for the Diploma in Cyber Law and
More information7! Cryptographic Techniques! A Brief Introduction
7! Cryptographic Techniques! A Brief Introduction 7.1! Introduction to Cryptography! 7.2! Symmetric Encryption! 7.3! Asymmetric (Public-Key) Encryption! 7.4! Digital Signatures! 7.5! Public Key Infrastructures
More informationSecureCom Mobile s mission is to help people keep their private communication private.
About SecureCom Mobile SecureCom Mobile s mission is to help people keep their private communication private. We believe people have a right to share ideas with each other, confident that only the intended
More informationMessage Authentication Codes
2 MAC Message Authentication Codes : and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l08, Steve/Courses/2013/s2/css322/lectures/mac.tex,
More informationNetwork Security. Chapter 3 Symmetric Cryptography. Symmetric Encryption. Modes of Encryption. Symmetric Block Ciphers - Modes of Encryption ECB (1)
Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Network Security Chapter 3 Symmetric Cryptography General Description Modes of ion Data ion Standard (DES)
More informationArchived NIST Technical Series Publication
Archived NIST Technical Series Publication The attached publication has been archived (withdrawn), and is provided solely for historical purposes. It may have been superseded by another publication (indicated
More informationSecuring your Online Data Transfer with SSL
Securing your Online Data Transfer with SSL A GUIDE TO UNDERSTANDING SSL CERTIFICATES, how they operate and their application 1. Overview 2. What is SSL? 3. How to tell if a Website is Secure 4. What does
More informationAn Introduction to Key Management for Secure Storage. Walt Hubis, LSI Corporation
Walt Hubis, LSI Corporation SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA. Member companies and individuals may use this material in presentations and literature
More informationStudents will operate in pairs and teams of four to decipher and encipher information.
Title: SHHHHHH! It s a Secret Link to Outcomes: Patterns and Relationships Cooperation Connections Technology Problem Solving Algebra Writing Students will discover the need for a common understanding
More informationContents. Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008
Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008 Contents Authentication and Identity Assurance The Identity Assurance continuum Plain Password Authentication
More informationThe Mathematics of the RSA Public-Key Cryptosystem
The Mathematics of the RSA Public-Key Cryptosystem Burt Kaliski RSA Laboratories ABOUT THE AUTHOR: Dr Burt Kaliski is a computer scientist whose involvement with the security industry has been through
More informationNetwork Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1
Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Public Key Cryptography symmetric key crypto v requires sender, receiver know shared secret
More informationELECTRONIC COMMERCE OBJECTIVE QUESTIONS
MODULE 13 ELECTRONIC COMMERCE OBJECTIVE QUESTIONS There are 4 alternative answers to each question. One of them is correct. Pick the correct answer. Do not guess. A key is given at the end of the module
More informationSandeep Mahapatra Department of Computer Science and Engineering PEC, University of Technology s.mahapatra15101987@gmail.com
Computing For Nation Development, March 10 11, 2011 Bharati Vidyapeeth s Institute of Computer Applications and Management, New Delhi A Comparative Evaluation of Various Encryptions Techniques Committing
More informationBRIEF INTRODUCTION TO CRYPTOGRAPHY. By PAGVAC. February 8, 2004
BRIEF INTRODUCTION TO CRYPTOGRAPHY By PAGVAC February 8, 2004 What will I learn from this file? What cryptography is How encryption and decryption works Cryptography terms Symmetric cryptography Asymmetric
More informationCompter Networks Chapter 9: Network Security
Goals of this chapter Compter Networks Chapter 9: Network Security Give a brief glimpse of security in communication networks Basic goals and mechanisms Holger Karl Slide set: Günter Schäfer, TU Ilmenau
More informationSecuring your Online Data Transfer with SSL A GUIDE TO UNDERSTANDING SSL CERTIFICATES, how they operate and their application INDEX 1. Overview 2. What is SSL? 3. How to tell if a Website is Secure 4.
More informationVICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui
VICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui School of Engineering and Computer Science Te Kura Mātai Pūkaha, Pūrorohiko PO Box 600 Wellington New Zealand Tel: +64 4 463
More informationPayment Card Industry (PCI) Hardware Security Module (HSM) Security Requirements Version 1.0
Payment Card Industry (PCI) Hardware Security Module (HSM) Security Requirements Version 1.0 April 2009 Document Changes Date Version Author Description September 2003 0.5 InfoGard Initial Draft October
More information12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust
Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or
More informationThe science of encryption: prime numbers and mod n arithmetic
The science of encryption: prime numbers and mod n arithmetic Go check your e-mail. You ll notice that the webpage address starts with https://. The s at the end stands for secure meaning that a process
More informationA Noval Approach for S/MIME
Volume 1, Issue 7, December 2013 International Journal of Advance Research in Computer Science and Management Studies Research Paper Available online at: www.ijarcsms.com A Noval Approach for S/MIME K.Suganya
More informationChap 2. Basic Encryption and Decryption
Chap 2. Basic Encryption and Decryption H. Lee Kwang Department of Electrical Engineering & Computer Science, KAIST Objectives Concepts of encryption Cryptanalysis: how encryption systems are broken 2.1
More informationVisa PIN Security Requirements Key Injection Facility Auditor s Guide
Visa PIN Security Requirements Key Injection Facility Auditor s Guide To be used in conjunction with Payment Card Industry (PCI) PIN Security Requirements, V1.0 September 2011 Visa PIN Security Requirements
More information7 Key Management and PKIs
CA4005: CRYPTOGRAPHY AND SECURITY PROTOCOLS 1 7 Key Management and PKIs 7.1 Key Management Key Management For any use of cryptography, keys must be handled correctly. Symmetric keys must be kept secret.
More informationCryptography and Network Security
Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 3: Block ciphers and DES Ion Petre Department of IT, Åbo Akademi University January 17, 2012 1 Data Encryption Standard
More information