CS Computer Security Eleventh topic: Hashes and sign
|
|
- Harvey Christian Richard
- 7 years ago
- Views:
Transcription
1 Hash functions CS Computer Security Eleventh topic: Hashes and signatures National University of Singapore School of Computing March, 2016
2 Life...
3 Outline Hash functions 1 Hash functions
4 Outline Hash functions 1 Hash functions
5 Hash functions What is a hash function? Protecting data (I and A)... A hash function maps a long message, or a large amount of data, to a (shorter) check message of some sort. We attach the hashed value to the original message, as a check. Cryptographic functions may be used to construct hash functions. Hash functions can indicate if data has been corrupted (perhaps through noisy message transmission) - i.e. integrity. They can also be used as part of a scheme to check/confirm who sent a message (a digital signature) - i.e. authenticity.
6 Error detection Hash functions Checking for errors... Transmit data: Transmit data+checksum:
7 Hash functions One-way parity for message A0DBBC Use XOR to find the parity of each bit... A D B B C Check:
8 Hash functions Two way parity for message A0DBBC Both vertical and horizontal... A D B B C Check: X
9 Simple check codes Hash functions Simple systems are OK, but... The simple sum of values is easy to calculate, but has problems with repetitive errors. The parity of bits scheme is easy to calculate, and detects all 1 bit errors, but it ignores all 2 bit errors. Horizontal and vertical parity is better, but has problems with repetitive errors.... we want a better level of error check codes
10 Cyclic redundancy check codes A scheme using remainder-after-polynomial-division... Treat the stream of transmitted bits as a polynomial with coefficients of 1: = x 4 + x 2 + x 1 = F(x) Sender data cksum Receiver data cksum F(x) T(x) T(x) g(x) = Z r0 E(x) T (x) T(x) = T (x) + E(x) Can a stream with errors have no remainder? Single bits? - No a single bit error means that E(x) will have only one term (x 1285 say). If the generator polynomial has x n it will never divide evenly. Multiple bits? - Various generator polynomials are used with different properties. Must have one factor of the polynomial being x 1 + 1, because this gets all odd numbers of bit errors.
11 Hash functions Some common generators: Used in systems all around us... CRC-12 - x 12 + x 11 + x 3 + x 2 + x CRC-16 - x 16 + x 15 + x CRC-32 - x 32 + x 26 + x 23 + x 22 + x 16 + x 12 + x 11 + x 10 + x 8 + x 7 + x 5 + x 4 + x CRC-CCITT - x 16 + x 12 + x 5 + 1
12 Polynomial long division is easy! Easy is, of course, a relative term... Generator g(x): x 5 + x (100101) and F (x): Divide F (x) by g(x), append remainder to F (x) to get T (x): ) T (x) =
13 Hash functions Polynomial long division is easy! The division can be done with very simple hardware When this stream arrives at a decoder for checking, if the stream has no errors, the division will have no remainder Clock D0 D1 D2 D3 D4 Data D C S/R Q D C S/R Q D C S/R Q D C S/R Q D C S/R Q XOR XOR
14 Hash functions Polynomial long division is easy! Step by step... Input D4 D3 D2 D1 D (At end, feed in zeroes...)
15 Hash functions Case study: ethernet Case study - use of CRC in ethernet Ethernet is used for networking computers, principally because of its speed and low cost. The maximum size of an ethernet frame: 1514 bytes a ; A 32-bit FCS (Frame Check Sequence) is calculated over the full length of the frame. The FCS used is: CRC-32 - x 32 + x 26 + x 23 + x 22 + x 16 + x 12 + x 11 + x 10 + x 8 + x 7 + x 5 + x 4 + x a 1500 bytes of data, a source and destination address each of six bytes, and a two byte type identifier. The frame also has a synchronizing header and trailer which is not checked by a CRC.
16 Outline Hash functions 1 Hash functions
17 MD5 - a 128-bit hash function Implementation of MD5 is called md5sum or md5 hugh@sf0:~[508]$ md5sum ss.c bc3cc3359e55ba33abe8983a85 ss.c hugh@sf0:~[509]$ cp ss.c XXX.c hugh@sf0:~[510]$ md5sum XXX.c bc3cc3359e55ba33abe8983a85 XXX.c hugh@sf0:~[511]$ md5sum TXT/cybercom.txt 9ec4c12949a4f31474f299058ce2b22a TXT/cybercom.txt hugh@sf0:~[512]$ The terms message digest, checksum, hash and digital fingerprint are all used for hash functions. At best they will be a one-way function, with the hope being that the only way to reverse a hash is to generate a huge number of candidate hashes.
18 MD5 Hash functions US Cyber defence!
19 MD5 weaknesses Hash functions But how secure is it? There is some suspicion that MD5 may have cryptographic weaknesses. In Crypto2004, approaches for generating an MD5 collision were demonstrated: Note that this does not reduce the effectiveness of MD5 (yet). No-one has shown how to generate a collision for an existing hash.
20 SHA Hash functions SHA-1, SHA-224, SHA-256, SHA-384, SHA-512 Originally designed by NIST in 1993 (SHA-0) but revised in 1995 as SHA-1. Revisions in 2002 led to SHA-256/384/512: higher security levels. SHA-1 SHA-224 SHA-256 SHA-384 SHA-512 Digest (hash) size (bits) Message size < 2 64 < 2 64 < 2 64 < < Block size (bits) Number of steps
21 Hash functions Properties of cryptographic hash functions Four desirable properties... 1 The function should efficiently identify an arbitrary message using a fixed size check value h = H(m) 2 The function should be public 3 It should be computationally infeasible to find data m mapping to a specific hash h = H(m) (one-way property) 4 It should be computationally infeasible to find two data m 1,m 2 which both map to some hash h = H(m 1 ) = H(m 2 ) (collision-free property)
22 Collisions of cryptographic hash functions When two messages map to same hash... It is a collision if m 1 m 2 but H(m 1 ) = H(m 2 ). Consider the following two points: 1 Can there be no collisions at all? If the number of messages #m is greater than the number of hashes #H(...), then consider the pigeonhole principle - if there are n roosts for n + 1 pigeons, then at least one roost has two pigeons on it... 2 How likely are collisions? Consider the birthday paradox a - What is the probability that at least two of N randomly selected people have the same birthday (month and day-of-month)? It turns out it is much more likely than you would suspect. a BTW - It is not really a paradox, just an unexpected, counter-intuitive phenomenon.
23 The Birthday Paradox Likelihood versus number N of "randoms" :)
24 The Birthday Paradox explained It is NOT the likelihood that someone in a room full of people shares a specific person s birthday... It is the likelihood that amongst every pair of candidates in a room there will be (at least) one matching pair. It is easiest to calculate the likelihood that the people will not share birthdays a : If N = 2, then the likelihood the two do not share a birthday is , because the first person can have any of the 365 days, leaving 364 days available for the second person. If N = 3, then the likelihood all three do not share a birthday is For N, the likelihood none of them share a birthday is (N 1) For N = 23, this likelihood is about 0.5. a Note that the likelihood that the people will share birthdays is 1- the likelihood that the people will not share birthdays.
25 Hash functions The Birthday attack Digital signatures use hash functions... They provide an ability to verify an author, the date and time of a signature, authenticate message contents, and can be verified by third parties to resolve disputes. The 3 main security requirements are: 1 Integrity: Any modification can be detected. 2 Authenticity: Only the authentic entity can sign. 3 Non-repudiation: Signer cannot deny signature (not addressed today). We can attack some digital signatures using an attack based on the birthday paradox.
26 Reminder of digital signatures A model for signing messages
27 Reminder of digital signatures Efficiency dictates the use of a hash function...
28 The Birthday Attack Based on the previous phenomenon... Lets say someone digitally signs messages saying that they are correct, by calculating the hash function value and then signing that hash value. Assume that the hash function generates an m-bit hash, then the attacker... generates the hashes for 2 m 2 generates the hashes for 2 m 2 variations of a desired valid message variations of a desired fraudulent message The likelihood that there will be a collision is greater than 0.5 Now, the attacker gets the matched valid message signed, and later substitutes the matched fraudulent message. It will have the same hash, and that hash has been signed...
29 Reversing a hash... Hash functions Precomputed tables for helping find collisions? A precomputed table for 8 character passwords, might have (say) 72 8 = 722,204,136,308,736 entries, each containing a 16 byte value. Thats a big disk (about 11,000 TB). Indexing by hash is even worse. We do not really have names for disks that big. Password (MD5) Hash aaaaaaaa 3dbe00a aaaaaaab 2125ea8b81b... aaaaaaac ea67f32d4e6... aaaaaaad 746a8ab05d6... aaaaaaae c554d695eb0... aaaaaaaf 09eb61fd25b... aaaaaaag 68b5af
30 Reversing a hash: rainbow tables Precompute long chains, but only keep two values Precompute chains of values starting from a password guess, and using alternate hash functions h(p), and a reversing function r(h), which generates a predictable plausible guess from the hash. Compute: Chain #1 aaaaaaaaa h(p) 0a224fad.. r(h) xyuivlzrs h(p) 2399afb0.. r(h) mlacziryt Chain #2 srxx21try h(p) 4fad r(h) asbdhdf13 h(p) d001afde.. r(h) cracyl13d h(p) h(p) Only store the first and last entries from the chain. It is space efficient, and you can re-compute the intermediate values (a spacetime tradeoff). Store: f0e377b6.. f0e377b6.. aaaaaaaaa fedc fedc srxx21try
31 Reversing a hash: rainbow tables Precompute long chains, but only keep two values 1. Compute chain from hash d001afde.. 3. Recompute chain to reverse hash srxx21try h(p) 4fad r(h) cracyl13d h(p) fedc Compare candidates with chain ends f0e377b6.. aaaaaaaaa r(h) asbdhdf13 4. Password h(p) d001afde.. fedc srxx21try
Authentication requirement Authentication function MAC Hash function Security of
UNIT 3 AUTHENTICATION Authentication requirement Authentication function MAC Hash function Security of hash function and MAC SHA HMAC CMAC Digital signature and authentication protocols DSS Slides Courtesy
More informationCryptography and Network Security Chapter 11. Fourth Edition by William Stallings
Cryptography and Network Security Chapter 11 Fourth Edition by William Stallings Chapter 11 Message Authentication and Hash Functions At cats' green on the Sunday he took the message from the inside of
More informationHow encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and
How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and non-repudiation. How to obtain a digital certificate. Installing
More informationData Link Layer(1) Principal service: Transferring data from the network layer of the source machine to the one of the destination machine
Data Link Layer(1) Principal service: Transferring data from the network layer of the source machine to the one of the destination machine Virtual communication versus actual communication: Specific functions
More informationMessage Authentication
Message Authentication message authentication is concerned with: protecting the integrity of a message validating identity of originator non-repudiation of origin (dispute resolution) will consider the
More informationCryptography and Network Security Digital Signature
Cryptography and Network Security Digital Signature Xiang-Yang Li Message Authentication Digital Signature Authentication Authentication requirements Authentication functions Mechanisms MAC: message authentication
More informationNetwork Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering
Network Security Gaurav Naik Gus Anderson, Philadelphia, PA Lectures on Network Security Feb 12 (Today!): Public Key Crypto, Hash Functions, Digital Signatures, and the Public Key Infrastructure Feb 14:
More informationNetwork Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室
Network Security 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Security Attacks Normal flow: sender receiver Interruption: Information source Information destination
More informationError detection using CRC
Error detection using CRC The goal of this task is to become familiar with functional principles of CRC (Cyclic Redundancy Check): - math background - error detection features - practical implementation
More informationSECURITY IN NETWORKS
SECURITY IN NETWORKS GOALS Understand principles of network security: Cryptography and its many uses beyond confidentiality Authentication Message integrity Security in practice: Security in application,
More informationData Link Layer Overview
Data Link Layer Overview Date link layer deals with two basic issues: Part I How data frames can be reliably transmitted, and Part II How a shared communication medium can be accessed In many networks,
More informationIntroduction to Computer Security
Introduction to Computer Security Hash Functions and Digital Signatures Pavel Laskov Wilhelm Schickard Institute for Computer Science Integrity objective in a wide sense Reliability Transmission errors
More informationComputer Networks. Data Link Layer
Computer Networks The Data Link Layer 1 Data Link Layer Application Transport Network DLL PHY 2 What does it do? What functions it performs? Typically: Handling transmission errors, a.k.a., error control.
More informationNetwork Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1
Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Public Key Cryptography symmetric key crypto v requires sender, receiver know shared secret
More informationCryptography and Network Security Chapter 12
Cryptography and Network Security Chapter 12 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 12 Message Authentication Codes At cats' green on the Sunday he
More informationFixity Checks: Checksums, Message Digests and Digital Signatures Audrey Novak, ILTS Digital Preservation Committee November 2006
Fixity Checks: Checksums, Message Digests and Digital Signatures Audrey Novak, ILTS Digital Preservation Committee November 2006 Introduction: Fixity, in preservation terms, means that the digital object
More informationCryptography and Network Security Chapter 11
Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 11 Cryptographic Hash Functions Each of the messages, like each
More informationChapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography
Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:
More informationNetwork Security Technology Network Management
COMPUTER NETWORKS Network Security Technology Network Management Source Encryption E(K,P) Decryption D(K,C) Destination The author of these slides is Dr. Mark Pullen of George Mason University. Permission
More informationEncryption, Data Integrity, Digital Certificates, and SSL. Developed by. Jerry Scott. SSL Primer-1-1
Encryption, Data Integrity, Digital Certificates, and SSL Developed by Jerry Scott 2002 SSL Primer-1-1 Ideas Behind Encryption When information is transmitted across intranets or the Internet, others can
More informationMessage authentication and. digital signatures
Message authentication and " Message authentication digital signatures verify that the message is from the right sender, and not modified (incl message sequence) " Digital signatures in addition, non!repudiation
More informationOverview of Cryptographic Tools for Data Security. Murat Kantarcioglu
UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Cryptographic Tools for Data Security Murat Kantarcioglu Pag. 1 Purdue University Cryptographic Primitives We will discuss the
More informationChecksums, your best friends, for security
Published in Linux for You, August 2008 issue. - - - - - - - - - - - - - - - - Checksums, your best friends, for security S. Parthasarathy drpartha@gmail.com Imagine that you write an electronic cheque
More informationSignature Amortization Technique for Authenticating Delay Sensitive Stream
Signature Amortization Technique for Authenticating Delay Sensitive Stream M Bruntha 1, Dr J. Premalatha Ph.D. 2 1 M.E., 2 Professor, Department of Information Technology, Kongu Engineering College, Perundurai,
More informationSheet 7 (Chapter 10)
King Saud University College of Computer and Information Sciences Department of Information Technology CAP240 First semester 1430/1431 Multiple-choice Questions Sheet 7 (Chapter 10) 1. Which error detection
More informationImplementation and Comparison of Various Digital Signature Algorithms. -Nazia Sarang Boise State University
Implementation and Comparison of Various Digital Signature Algorithms -Nazia Sarang Boise State University What is a Digital Signature? A digital signature is used as a tool to authenticate the information
More information12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust
Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or
More informationCIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives
CIS 6930 Emerging Topics in Network Security Topic 2. Network Security Primitives 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange; Hash functions; Application of hash
More informationHash Functions. Integrity checks
Hash Functions EJ Jung slide 1 Integrity checks Integrity vs. Confidentiality! Integrity: attacker cannot tamper with message! Encryption may not guarantee integrity! Intuition: attacker may able to modify
More informationChapter 8 Security. IC322 Fall 2014. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012
Chapter 8 Security IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross, All
More informationNetwork Security (2) CPSC 441 Department of Computer Science University of Calgary
Network Security (2) CPSC 441 Department of Computer Science University of Calgary 1 Friends and enemies: Alice, Bob, Trudy well-known in network security world Bob, Alice (lovers!) want to communicate
More informationNetwork Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015
Network Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015 Chapter 2: Introduction to Cryptography What is cryptography? It is a process/art of mangling information in such a way so as to make it
More informationReview of Error Detection of Data Link Layer in Computer Network
Middle-East Journal of Scientific Research 18 (8): 1105-1110, 2013 ISSN 1990-9233 IDOSI Publications, 2013 DOI: 10.5829/idosi.mejsr.2013.18.8.11835 Review of Error Detection of Data Link Layer in Computer
More informationIT Networks & Security CERT Luncheon Series: Cryptography
IT Networks & Security CERT Luncheon Series: Cryptography Presented by Addam Schroll, IT Security & Privacy Analyst 1 Outline History Terms & Definitions Symmetric and Asymmetric Algorithms Hashing PKI
More informationIntroduction to Public Key Technology and the Federal PKI Infrastructure 26 February 2001
Introduction to Public Key Technology and the Federal PKI Infrastructure 26 February 2001 D. Richard Kuhn Vincent C. Hu W. Timothy Polk Shu-Jen Chang National Institute of Standards and Technology, 2001.
More informationAuthentication, digital signatures, PRNG
Multimedia Security Authentication, digital signatures, PRNG Mauro Barni University of Siena Beyond confidentiality Up to now, we have been concerned with protecting message content (i.e. confidentiality)
More informationCryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs
Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs Enes Pasalic University of Primorska Koper, 2014 Contents 1 Preface 3 2 Problems 4 2 1 Preface This is a
More informationwww.studymafia.org Seminar report Digital Signature Submitted in partial fulfillment of the requirement for the award of degree Of Computer Science
A Seminar report on Digital Signature Submitted in partial fulfillment of the requirement for the award of degree Of Computer Science SUBMITTED TO: www.studymafia.org SUBMITTED BY: www.studymafia.org Preface
More informationCYCLIC REDUNDANCY CHECKS IN USB. Introduction. Two-minute mathematical background
CYCLIC REDUNDANCY CHECKS IN USB Introduction The USB specification calls for the use of Cyclic Redundancy Checksums (CRC) to protect all non-pid fields in token and data packets from errors during transmission.
More informationOutline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures
Outline Computer Science 418 Digital Signatures Mike Jacobson Department of Computer Science University of Calgary Week 12 1 Digital Signatures 2 Signatures via Public Key Cryptosystems 3 Provable 4 Mike
More informationCryptographic Key Infrastructure
Cryptographic Key Infrastructure Goal: bind identity to key Classical: not possible as all keys are shared Use protocols to agree on a shared key (see earlier) Public key: bind identity to public key Crucial
More informationThe finite field with 2 elements The simplest finite field is
The finite field with 2 elements The simplest finite field is GF (2) = F 2 = {0, 1} = Z/2 It has addition and multiplication + and defined to be 0 + 0 = 0 0 + 1 = 1 1 + 0 = 1 1 + 1 = 0 0 0 = 0 0 1 = 0
More informationChapter 37. Secure Networks
Chapter 37 Network Security (Access Control, Encryption, Firewalls) Secure Networks Secure network is not an absolute term Need to define security policy for organization Network security policy cannot
More informationLecture 9 - Message Authentication Codes
Lecture 9 - Message Authentication Codes Boaz Barak March 1, 2010 Reading: Boneh-Shoup chapter 6, Sections 9.1 9.3. Data integrity Until now we ve only been interested in protecting secrecy of data. However,
More informationAn Introduction to Cryptography as Applied to the Smart Grid
An Introduction to Cryptography as Applied to the Smart Grid Jacques Benoit, Cooper Power Systems Western Power Delivery Automation Conference Spokane, Washington March 2011 Agenda > Introduction > Symmetric
More informationLecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References
Lecture Objectives Wireless Networks and Mobile Systems Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks Introduce security vulnerabilities and defenses Describe security functions
More information2. Cryptography 2.4 Digital Signatures
DI-FCT-UNL Computer and Network Systems Security Segurança de Sistemas e Redes de Computadores 2010-2011 2. Cryptography 2.4 Digital Signatures 2010, Henrique J. Domingos, DI/FCT/UNL 2.4 Digital Signatures
More informationCMPE 150 Winter 2009
CMPE 150 Winter 2009 Lecture 6 January 22, 2009 P.E. Mantey CMPE 150 -- Introduction to Computer Networks Instructor: Patrick Mantey mantey@soe.ucsc.edu http://www.soe.ucsc.edu/~mantey/ / t / Office: Engr.
More informationRandomized Hashing for Digital Signatures
NIST Special Publication 800-106 Randomized Hashing for Digital Signatures Quynh Dang Computer Security Division Information Technology Laboratory C O M P U T E R S E C U R I T Y February 2009 U.S. Department
More informationYou are in the Configuration Management Business
You are in the Configuration Management Business By: John Washburn April 12, 2006 Abstract This paper is directed to any person involved in the testing, certification, qualification, approval or purchase
More informationLecture 9: Application of Cryptography
Lecture topics Cryptography basics Using SSL to secure communication links in J2EE programs Programmatic use of cryptography in Java Cryptography basics Encryption Transformation of data into a form that
More informationChapter 6 Electronic Mail Security
Cryptography and Network Security Chapter 6 Electronic Mail Security Lectured by Nguyễn Đức Thái Outline Pretty Good Privacy S/MIME 2 Electronic Mail Security In virtually all distributed environments,
More informationCryptosystems. Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K.
Cryptosystems Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K. C= E(M, K), Bob sends C Alice receives C, M=D(C,K) Use the same key to decrypt. Public
More informationCSE/EE 461 Lecture 23
CSE/EE 461 Lecture 23 Network Security David Wetherall djw@cs.washington.edu Last Time Naming Application Presentation How do we name hosts etc.? Session Transport Network Domain Name System (DNS) Data
More informationChapter 3: Sample Questions, Problems and Solutions Bölüm 3: Örnek Sorular, Problemler ve Çözümleri
Chapter 3: Sample Questions, Problems and Solutions Bölüm 3: Örnek Sorular, Problemler ve Çözümleri Örnek Sorular (Sample Questions): What is an unacknowledged connectionless service? What is an acknowledged
More informationFundamentals of Computer Security
Fundamentals of Computer Security Spring 2015 Radu Sion Intro Encryption Hash Functions A Message From Our Sponsors Fundamentals System/Network Security, crypto How do things work Why How to design secure
More informationOverview of CSS SSL. SSL Cryptography Overview CHAPTER
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers
More informationCS5490/6490: Network Security- Lecture Notes - November 9 th 2015
CS5490/6490: Network Security- Lecture Notes - November 9 th 2015 Wireless LAN security (Reference - Security & Cooperation in Wireless Networks by Buttyan & Hubaux, Cambridge Univ. Press, 2007, Chapter
More informationMessage Authentication Codes
2 MAC Message Authentication Codes : and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l08, Steve/Courses/2013/s2/css322/lectures/mac.tex,
More informationWireless Networks. Welcome to Wireless
Wireless Networks 11/1/2010 Wireless Networks 1 Welcome to Wireless Radio waves No need to be physically plugged into the network Remote access Coverage Personal Area Network (PAN) Local Area Network (LAN)
More informationPractice Questions. CS161 Computer Security, Fall 2008
Practice Questions CS161 Computer Security, Fall 2008 Name Email address Score % / 100 % Please do not forget to fill up your name, email in the box in the midterm exam you can skip this here. These practice
More informationAvailability Digest. www.availabilitydigest.com. Data Deduplication February 2011
the Availability Digest Data Deduplication February 2011 What is Data Deduplication? Data deduplication is a technology that can reduce disk storage-capacity requirements and replication bandwidth requirements
More informationNetwork Security. HIT Shimrit Tzur-David
Network Security HIT Shimrit Tzur-David 1 Goals: 2 Network Security Understand principles of network security: cryptography and its many uses beyond confidentiality authentication message integrity key
More informationCryptographic Hashes
Transcript of Episode #35 Cryptographic Hashes Description: Having covered stream and block symmetric ciphers and asymmetric ciphers, this week Leo and Steve describe and discuss cryptographic hashes,
More informationNetwork Security. Security of Wireless Local Area Networks. Chapter 15. Network Security (WS 2002): 15 Wireless LAN Security 1 Dr.-Ing G.
Network Security Chapter 15 Security of Wireless Local Area Networks Network Security WS 2002: 15 Wireless LAN Security 1 IEEE 802.11 IEEE 802.11 standardizes medium access control MAC and physical characteristics
More informationChapter 7: Network security
Chapter 7: Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer: secure e-mail transport
More informationOutline. CSc 466/566. Computer Security. 8 : Cryptography Digital Signatures. Digital Signatures. Digital Signatures... Christian Collberg
Outline CSc 466/566 Computer Security 8 : Cryptography Digital Signatures Version: 2012/02/27 16:07:05 Department of Computer Science University of Arizona collberg@gmail.com Copyright c 2012 Christian
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure
More informationSecurity (II) ISO 7498-2: Security Architecture of OSI Reference Model. Outline. Course Outline: Fundamental Topics. EE5723/EE4723 Spring 2012
Course Outline: Fundamental Topics System View of Network Security Network Security Model Security Threat Model & Security Services Model Overview of Network Security Security Basis: Cryptography Secret
More informationElectronic Mail Security. Email Security. email is one of the most widely used and regarded network services currently message contents are not secure
Electronic Mail Security CSCI 454/554 Email Security email is one of the most widely used and regarded network services currently message contents are not secure may be inspected either in transit or by
More informationFighting product clones through digital signatures
Paul Curtis, Katrin Berkenkopf Embedded Experts Team, SEGGER Microcontroller Fighting product clones through digital signatures Product piracy and forgery are growing problems that not only decrease turnover
More informationHASH CODE BASED SECURITY IN CLOUD COMPUTING
ABSTRACT HASH CODE BASED SECURITY IN CLOUD COMPUTING Kaleem Ur Rehman M.Tech student (CSE), College of Engineering, TMU Moradabad (India) The Hash functions describe as a phenomenon of information security
More informationDr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010
CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Introduction to Cryptography What is cryptography?
More informationCryptographic Hash Functions Message Authentication Digital Signatures
Cryptographic Hash Functions Message Authentication Digital Signatures Abstract We will discuss Cryptographic hash functions Message authentication codes HMAC and CBC-MAC Digital signatures 2 Encryption/Decryption
More informationRS-485 Protocol Manual
RS-485 Protocol Manual Revision: 1.0 January 11, 2000 RS-485 Protocol Guidelines and Description Page i Table of Contents 1.0 COMMUNICATIONS BUS OVERVIEW... 1 2.0 DESIGN GUIDELINES... 1 2.1 Hardware Design
More informationCryptography Lecture 8. Digital signatures, hash functions
Cryptography Lecture 8 Digital signatures, hash functions A Message Authentication Code is what you get from symmetric cryptography A MAC is used to prevent Eve from creating a new message and inserting
More informationSecurity in IPv6. Basic Security Requirements and Techniques. Confidentiality. Integrity
Basic Security Requirements and Techniques Confidentiality The property that stored or transmitted information cannot be read or altered by an unauthorized party Integrity The property that any alteration
More informationCryptography and Security
Cunsheng DING Version 3 Lecture 17: Electronic Mail Security Outline of this Lecture 1. Email security issues. 2. Detailed introduction of PGP. Page 1 Version 3 About Electronic Mail 1. In virtually all
More informationDigital Signatures. Murat Kantarcioglu. Based on Prof. Li s Slides. Digital Signatures: The Problem
Digital Signatures Murat Kantarcioglu Based on Prof. Li s Slides Digital Signatures: The Problem Consider the real-life example where a person pays by credit card and signs a bill; the seller verifies
More informationLIN (Local Interconnect Network):
LIN (Local Interconnect Network): History: LIN (Local Interconnect Network) was developed as cost-effective alternate to CAN protocol. In 1998 a group of companies including Volvo, Motorola, Audi, BMW,
More informationIntroduction to Cryptography CS 355
Introduction to Cryptography CS 355 Lecture 30 Digital Signatures CS 355 Fall 2005 / Lecture 30 1 Announcements Wednesday s lecture cancelled Friday will be guest lecture by Prof. Cristina Nita- Rotaru
More informationApplication Note AN-00160
Considerations for Sending Data Over a Wireless Link Introduction Linx modules are designed to create a robust wireless link for the transfer of data. Since they are wireless devices, they are subject
More informationCSC 474 -- Network Security. User Authentication Basics. Authentication and Identity. What is identity? Authentication: verify a user s identity
CSC 474 -- Network Security Topic 6.2 User Authentication CSC 474 Dr. Peng Ning 1 User Authentication Basics CSC 474 Dr. Peng Ning 2 Authentication and Identity What is identity? which characteristics
More informationRing Local Area Network. Ring LANs
Ring Local Area Network Ring interface (1-bit buffer) Ring interface To station From station Ring LANs The ring is a series of bit repeaters, each connected by a unidirectional transmission link All arriving
More informationProcess Control and Automation using Modbus Protocol
Process Control and Automation using Modbus Protocol Modbus is the fundamental network protocol used in most industrial applications today. It is universal, open and an easy to use protocol. Modbus has
More informationNote! The problem set consists of two parts: Part I: The problem specifications pages Part II: The answer pages
Part I: The problem specifications NTNU The Norwegian University of Science and Technology Department of Telematics Note! The problem set consists of two parts: Part I: The problem specifications pages
More informationNon-Obvious Bugs by Example
Gregor Kopf CONFidence 2011 What and why? Non-obvious (crypto) bugs As an example: two well-known CMS Easy to make, hard to spot Interesting to exploit Fun ;) How? The process from discovery to exploitation
More information1 Signatures vs. MACs
CS 120/ E-177: Introduction to Cryptography Salil Vadhan and Alon Rosen Nov. 22, 2006 Lecture Notes 17: Digital Signatures Recommended Reading. Katz-Lindell 10 1 Signatures vs. MACs Digital signatures
More informationNote! The problem set consists of two parts: Part I: The problem specifications pages Part II: The answer pages
Part I: The problem specifications NTNU The Norwegian University of Science and Technology Department of Telematics Note! The problem set consists of two parts: Part I: The problem specifications pages
More informationDigital Signatures. (Note that authentication of sender is also achieved by MACs.) Scan your handwritten signature and append it to the document?
Cryptography Digital Signatures Professor: Marius Zimand Digital signatures are meant to realize authentication of the sender nonrepudiation (Note that authentication of sender is also achieved by MACs.)
More informationDigital Signature. Raj Jain. Washington University in St. Louis
Digital Signature Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-11/
More informationOverview/Questions. What is Cryptography? The Caesar Shift Cipher. CS101 Lecture 21: Overview of Cryptography
CS101 Lecture 21: Overview of Cryptography Codes and Ciphers Overview/Questions What is cryptography? What are the challenges of data encryption? What factors make an encryption strategy successful? What
More informationPRODUCT MANUAL SKX OPEN SKX ADVANCE ZN1RX-SKXOPEN. Edition 2 Version 1.1
PRODUCT MANUAL SKX OPEN SKX ADVANCE ZN1RX-SKXOPEN Edition 2 Version 1.1 INDEX 1. Introduction... 3 1.1. SKX Interface... 3 1.2. SKX Installation... 5 1.3. SKX Advance: Application Program... 5 1.3.1. SKX
More informationAn Introduction to Digital Signature Schemes
An Introduction to Digital Signature Schemes Mehran Alidoost Nia #1, Ali Sajedi #2, Aryo Jamshidpey #3 #1 Computer Engineering Department, University of Guilan-Rasht, Iran m.alidoost@hotmail.com #2 Software
More information1.2 Using the GPG Gen key Command
Creating Your Personal Key Pair GPG uses public key cryptography for encrypting and signing messages. Public key cryptography involves your public key which is distributed to the public and is used to
More informationA NEW HASH ALGORITHM: Khichidi-1
A NEW HASH ALGORITHM: Khichidi-1 Abstract This is a technical document describing a new hash algorithm called Khichidi-1 and has been written in response to a Hash competition (SHA-3) called by National
More informationModes of Operation of Block Ciphers
Chapter 3 Modes of Operation of Block Ciphers A bitblock encryption function f: F n 2 Fn 2 is primarily defined on blocks of fixed length n To encrypt longer (or shorter) bit sequences the sender must
More informationRARP: Reverse Address Resolution Protocol
SFWR 4C03: Computer Networks and Computer Security January 19-22 2004 Lecturer: Kartik Krishnan Lectures 7-9 RARP: Reverse Address Resolution Protocol When a system with a local disk is bootstrapped it
More information