9/17/2015. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "9/17/2015. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers"

Transcription

1 Cryptography Basics IT443 Network Security Administration Instructor: Bo Sheng Outline Basic concepts in cryptography system Secret cryptography Public cryptography Hash functions 1 2 Encryption/Decryption Cryptanalysis encryption decryption code breaking, attacking the cipher Plaintext: a message in its original form Ciphertext: a message in the transformed, unrecognized form Encryption: the process that transforms a into a Decryption: the process that transforms a to the corresponding Key: the value used to control encryption/decryption. Difficulty depends on sophistication of the cipher amount of information available to the code breaker Any cipher can be broken by exhaustive trials, but rarely practical 3 4 Caesar Cipher Replace each letter with the one 3 letters later in the ex.: CAT FDW Mono-Alphabetic Ciphers Generalized substitution cipher: an arbitrary (but fixed) mapping of one letter to another 26! ( 4.0* ) possibilities Trivial to break 5 6 1

2 Attacking Mono-Alphabetic Ciphers Broken by statistical analysis of letter, word, and phrase frequencies of the language Frequency of single letters in English language, taken from a large corpus of text: Ciphertext Only Attacks Ex.: attacker can intercept encrypted communications, nothing else Breaking the cipher: analyze patterns in the provides clues about the encryption method/ 7 8 Known Plaintext Attacks Ex.: attacker intercepts encrypted text, but also has access to some of the corresponding (definite advantage) Makes some codes (e.g., mono-ic ciphers) very easy to break Chosen Plaintext Attacks Ex.: attacker can choose any desired, and intercept the corresponding Allows targeted code breaking (choose exactly the messages that will reveal the most about the cipher) 9 10 The Weakest Link in Security Cryptography is rarely the weakest link Weaker links Implementation of cipher Distribution or protection of s Secret Keys vs Secret Algorithms Security by obscurity We can achieve better security if we keep the algorithms secret Hard to keep secret if used widely Reverse engineering, social engineering Publish the algorithms Security of the algorithms depends on the secrecy of the s Less unknown vulnerability if all the smart (good) people in the world are examine the algorithms

3 Outline Basic concepts in cryptography system Secret cryptography Public cryptography Hash functions Secret Key Cryptography encryption Same decryption Same is used for encryption and decryption Also known as Symmetric cryptography Conventional cryptography Secret Key Cryptography Stream cipher Block cipher Converts one input block of fixed size k bits to an output block of k bits DES, IDEA, AES, AES Selected from an open competition, organized by NSA Joan Daemen and Vincent Rijmen (Belgium) Block size=128 bits, Key Size= 128/192/256 bits Key Size Keys should be selected from a large potential set, to prevent brute force attacks Secret sizes 40 bits were considered adequate in 70 s 56 bits used by DES were adequate in the 80 s 128 bits are adequate for now If computers increase in power by 40% per year, need roughly 5 more bits per decade to stay sufficiently hard to break Public Key Cryptography Public Key Cryptography encryption decryption Sign Verify Public Private Private Public A public/private pair is used Public can be publicly known Private is kept secret by the owner of the Much slower than secret cryptography Also known as asymmetric cryptography Another mode: digital signature Digital signature Only the party with the private can create a digital signature. The digital signature is verifiable by anyone who knows the public. The signer cannot deny that he/she has done so

4 Public Key Cryptography It must be computationally easy to generate a public / private pair hard to determine the private, given the public It must be computationally easy to encrypt using the public easy to decrypt using the private hard to recover the message from just the and the public Symmetric vs Asymmetric Symmetric algorithms are much faster In the order of a 1000 times faster Symmetric algorithms require a shared secret Impractical if the communicating entities don t have another secure channel Both algorithms are combined to provide practical and efficient secure communication E.g., establish a secret session using asymmetric crypto and use symmetric crypto for encrypting the traffic Outline Basic concepts in cryptography system Secret cryptography Public cryptography Hash functions Message of arbitrary length Hash Function Hash A fixed-length short message Also known as Message digest One-way transformation One-way function Hash Length of H(m) much shorter than length of m Usually fixed lengths: 128 or 160 bits Properties of Hash Consider a hash function H Performance: Easy to compute H(m) One-way property: Given H(m) but not m, it s computationally infeasible to find m Weak collision resistance (free): Given H(m), it s computationally infeasible to find m such that H(m ) = H(m). Strong collision resistance (free): Computationally infeasible to find m 1, m 2 such that H(m 1 ) = H(m 2 ) Hash Applications File / Message integrity Check if a downloaded file is corrupted Detect if a file has been changed by someone after it was stored Compute a hash H(F) of file F openssl dgst -md5 filename

5 Hash Applications Password verification Password cannot be stored in In a hashed format Linux: /etc/passwd, /etc/shadow Hash Applications User authentication Alice wants to authenticate herself to Bob Assuming they already share a secret K Alice Bob cat /etc/shadow computes Y=H(R K) time verifies that Y=H(R K) Modern Hash Functions MD5 (128 bits) Previous versions (i.e., MD2, MD4) have weaknesses. Broken; collisions published in August 2004 Too weak to be used for serious applications SHA (Secure Hash Algorithm) Weaknesses were found SHA-1 (160 bits) Broken, but not yet cracked Collisions in 2 69 hash operations, much less than the brute-force attack of 2 80 operations Results were circulated in February 2005, and published in CRYPTO 05 in August 2005 SHA-256, SHA-384, Birthday Attack What is the smallest group size k such that The probability that at least two people in the group have the same birthday is greater than 0.5? 23 Implication for hash function H of length m With probability at least 0.5 If we hash about 2 m/2 random inputs, Two messages will have the same hash image m=64, 1ns per hash Brute force (2 64 ): seconds over 300 thousand years Birthday attack (2 32 ): 4 seconds Lab 1 Sample codes eecs.mit.edu s IP is Assume their subnetwork use 28-bit prefix Scan ~ dig -x short /home/shengbo/it443/scanip.sh /home/shengbo/it443/scanip.pl Plaintext Key Electronic Code Book (ECB) M 1 M 2 M 3 M padding E E E E Ciphertext C 1 C 2 C 3 C

6 Cipher Block Chaining (CBC) M 1 M 2 M 3 M 4 Initialization Vector Key padding E E E E C 1 C 2 C 3 C

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives CIS 6930 Emerging Topics in Network Security Topic 2. Network Security Primitives 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange; Hash functions; Application of hash

More information

IT Networks & Security CERT Luncheon Series: Cryptography

IT Networks & Security CERT Luncheon Series: Cryptography IT Networks & Security CERT Luncheon Series: Cryptography Presented by Addam Schroll, IT Security & Privacy Analyst 1 Outline History Terms & Definitions Symmetric and Asymmetric Algorithms Hashing PKI

More information

Network Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015

Network Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015 Network Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015 Chapter 2: Introduction to Cryptography What is cryptography? It is a process/art of mangling information in such a way so as to make it

More information

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Introduction to Cryptography What is cryptography?

More information

Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室

Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Network Security 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Security Attacks Normal flow: sender receiver Interruption: Information source Information destination

More information

SECURITY IN NETWORKS

SECURITY IN NETWORKS SECURITY IN NETWORKS GOALS Understand principles of network security: Cryptography and its many uses beyond confidentiality Authentication Message integrity Security in practice: Security in application,

More information

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Cryptographic Tools for Data Security Murat Kantarcioglu Pag. 1 Purdue University Cryptographic Primitives We will discuss the

More information

Introduction to Computer Security

Introduction to Computer Security Introduction to Computer Security Hash Functions and Digital Signatures Pavel Laskov Wilhelm Schickard Institute for Computer Science Integrity objective in a wide sense Reliability Transmission errors

More information

Cryptography. some history. modern secret key cryptography. public key cryptography. cryptography in practice

Cryptography. some history. modern secret key cryptography. public key cryptography. cryptography in practice Cryptography some history Caesar cipher, rot13 substitution ciphers, etc. Enigma (Turing) modern secret key cryptography DES, AES public key cryptography RSA, digital signatures cryptography in practice

More information

Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23 Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest

More information

Chapter 7: Network security

Chapter 7: Network security Chapter 7: Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer: secure e-mail transport

More information

Network Security (2) CPSC 441 Department of Computer Science University of Calgary

Network Security (2) CPSC 441 Department of Computer Science University of Calgary Network Security (2) CPSC 441 Department of Computer Science University of Calgary 1 Friends and enemies: Alice, Bob, Trudy well-known in network security world Bob, Alice (lovers!) want to communicate

More information

Message Authentication Codes

Message Authentication Codes 2 MAC Message Authentication Codes : and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l08, Steve/Courses/2013/s2/css322/lectures/mac.tex,

More information

CSCE 465 Computer & Network Security

CSCE 465 Computer & Network Security CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Public Key Cryptogrophy 1 Roadmap Introduction RSA Diffie-Hellman Key Exchange Public key and

More information

Network Security. HIT Shimrit Tzur-David

Network Security. HIT Shimrit Tzur-David Network Security HIT Shimrit Tzur-David 1 Goals: 2 Network Security Understand principles of network security: cryptography and its many uses beyond confidentiality authentication message integrity key

More information

Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering

Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering Network Security Gaurav Naik Gus Anderson, Philadelphia, PA Lectures on Network Security Feb 12 (Today!): Public Key Crypto, Hash Functions, Digital Signatures, and the Public Key Infrastructure Feb 14:

More information

Authentication requirement Authentication function MAC Hash function Security of

Authentication requirement Authentication function MAC Hash function Security of UNIT 3 AUTHENTICATION Authentication requirement Authentication function MAC Hash function Security of hash function and MAC SHA HMAC CMAC Digital signature and authentication protocols DSS Slides Courtesy

More information

Cryptography and Network Security Chapter 12

Cryptography and Network Security Chapter 12 Cryptography and Network Security Chapter 12 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 12 Message Authentication Codes At cats' green on the Sunday he

More information

lundi 1 octobre 2012 In a set of N elements, by picking at random N elements, we have with high probability a collision two elements are equal

lundi 1 octobre 2012 In a set of N elements, by picking at random N elements, we have with high probability a collision two elements are equal Symmetric Crypto Pierre-Alain Fouque Birthday Paradox In a set of N elements, by picking at random N elements, we have with high probability a collision two elements are equal N=365, about 23 people are

More information

How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and

How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and non-repudiation. How to obtain a digital certificate. Installing

More information

CIS433/533 - Computer and Network Security Cryptography

CIS433/533 - Computer and Network Security Cryptography CIS433/533 - Computer and Network Security Cryptography Professor Kevin Butler Winter 2011 Computer and Information Science A historical moment Mary Queen of Scots is being held by Queen Elizabeth and

More information

CSCI-E46: Applied Network Security. Class 1: Introduction Cryptography Primer 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING 2016 1

CSCI-E46: Applied Network Security. Class 1: Introduction Cryptography Primer 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING 2016 1 CSCI-E46: Applied Network Security Class 1: Introduction Cryptography Primer 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING 2016 1 Welcome to CSCI-E46 Classroom & Schedule 53 Church Street L01 Wednesdays,

More information

Symmetric and Public-key Crypto Due April 14 2015, 11:59PM

Symmetric and Public-key Crypto Due April 14 2015, 11:59PM CMSC 414 (Spring 2015) 1 Symmetric and Public-key Crypto Due April 14 2015, 11:59PM Updated April 11: see Piazza for a list of errata. Sections 1 4 are Copyright c 2006-2011 Wenliang Du, Syracuse University.

More information

Message Authentication

Message Authentication Message Authentication message authentication is concerned with: protecting the integrity of a message validating identity of originator non-repudiation of origin (dispute resolution) will consider the

More information

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1 Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Goals v understand principles of network security: cryptography and its many uses beyond

More information

Introduction to Encryption

Introduction to Encryption Computers and Society Introduction to Encryption Chris Brooks Department of Computer Science University of San Francisco Department of Computer Science University of San Francisco p.1/35 3-0: Terminology

More information

Common security requirements Basic security tools. Example. Secret-key cryptography Public-key cryptography. Online shopping with Amazon

Common security requirements Basic security tools. Example. Secret-key cryptography Public-key cryptography. Online shopping with Amazon 1 Common security requirements Basic security tools Secret-key cryptography Public-key cryptography Example Online shopping with Amazon 2 Alice credit card # is xxxx Internet What could the hacker possibly

More information

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1 Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Public Key Cryptography symmetric key crypto v requires sender, receiver know shared secret

More information

CSCE 465 Computer & Network Security

CSCE 465 Computer & Network Security CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Secret Key Cryptography (I) 1 Introductory Remarks Roadmap Feistel Cipher DES AES Introduction

More information

Cryptography and Network Security Chapter 11. Fourth Edition by William Stallings

Cryptography and Network Security Chapter 11. Fourth Edition by William Stallings Cryptography and Network Security Chapter 11 Fourth Edition by William Stallings Chapter 11 Message Authentication and Hash Functions At cats' green on the Sunday he took the message from the inside of

More information

Modes of Operation of Block Ciphers

Modes of Operation of Block Ciphers Chapter 3 Modes of Operation of Block Ciphers A bitblock encryption function f: F n 2 Fn 2 is primarily defined on blocks of fixed length n To encrypt longer (or shorter) bit sequences the sender must

More information

Principles of Network Security

Principles of Network Security he Network Security Model Bob and lice want to communicate securely. rudy (the adversary) has access to the channel. lice channel data, control s Bob Kai Shen data secure sender secure receiver data rudy

More information

CSE/EE 461 Lecture 23

CSE/EE 461 Lecture 23 CSE/EE 461 Lecture 23 Network Security David Wetherall djw@cs.washington.edu Last Time Naming Application Presentation How do we name hosts etc.? Session Transport Network Domain Name System (DNS) Data

More information

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1 Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions

More information

Lecture 9: Application of Cryptography

Lecture 9: Application of Cryptography Lecture topics Cryptography basics Using SSL to secure communication links in J2EE programs Programmatic use of cryptography in Java Cryptography basics Encryption Transformation of data into a form that

More information

OOo Digital Signatures. Malte Timmermann Technical Architect Sun Microsystems GmbH

OOo Digital Signatures. Malte Timmermann Technical Architect Sun Microsystems GmbH OOo Digital Signatures Malte Timmermann Technical Architect Sun Microsystems GmbH About the Speaker Technical Architect in OpenOffice.org/StarOffice development OOo/StarOffice developer since 1991/94 Main

More information

Computer Security: Principles and Practice

Computer Security: Principles and Practice Computer Security: Principles and Practice Chapter 20 Public-Key Cryptography and Message Authentication First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Public-Key Cryptography

More information

The Misuse of RC4 in Microsoft Word and Excel

The Misuse of RC4 in Microsoft Word and Excel The Misuse of RC4 in Microsoft Word and Excel Hongjun Wu Institute for Infocomm Research, Singapore hongjun@i2r.a-star.edu.sg Abstract. In this report, we point out a serious security flaw in Microsoft

More information

CRYPTOGRAPHY IN NETWORK SECURITY

CRYPTOGRAPHY IN NETWORK SECURITY ELE548 Research Essays CRYPTOGRAPHY IN NETWORK SECURITY AUTHOR: SHENGLI LI INSTRUCTOR: DR. JIEN-CHUNG LO Date: March 5, 1999 Computer network brings lots of great benefits and convenience to us. We can

More information

Security. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key

Security. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key Friends and Enemies Security Outline Encryption lgorithms Protocols Message Integrity Protocols Key Distribution Firewalls Figure 7.1 goes here ob, lice want to communicate securely Trudy, the intruder

More information

Center for Internet Security. INTEGRATED INTELLIGENCE CENTER Technical White Paper William F. Pelgrin, CIS President and CEO

Center for Internet Security. INTEGRATED INTELLIGENCE CENTER Technical White Paper William F. Pelgrin, CIS President and CEO INTEGRATED INTELLIGENCE CENTER Technical White Paper William F. Pelgrin, CIS President and CEO Private and Public Key Cryptography and Ransomware December 2014 Authored by:ted Fischer (CIS) Security Operations

More information

Message authentication and. digital signatures

Message authentication and. digital signatures Message authentication and " Message authentication digital signatures verify that the message is from the right sender, and not modified (incl message sequence) " Digital signatures in addition, non!repudiation

More information

Introduction to Cryptography CS 355

Introduction to Cryptography CS 355 Introduction to Cryptography CS 355 Lecture 30 Digital Signatures CS 355 Fall 2005 / Lecture 30 1 Announcements Wednesday s lecture cancelled Friday will be guest lecture by Prof. Cristina Nita- Rotaru

More information

Client Server Registration Protocol

Client Server Registration Protocol Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are

More information

A Standards-based Approach to IP Protection for HDLs

A Standards-based Approach to IP Protection for HDLs A Standards-based Approach to IP Protection for HDLs John Shields Staff Engineer, Modelsim Overview Introduction A Brief Status First Look at The Flow Encryption Technology Concepts Key Management Second

More information

What is network security?

What is network security? Network security Network Security Srinidhi Varadarajan Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application

More information

Common Pitfalls in Cryptography for Software Developers. OWASP AppSec Israel July 2006. The OWASP Foundation http://www.owasp.org/

Common Pitfalls in Cryptography for Software Developers. OWASP AppSec Israel July 2006. The OWASP Foundation http://www.owasp.org/ Common Pitfalls in Cryptography for Software Developers OWASP AppSec Israel July 2006 Shay Zalalichin, CISSP AppSec Division Manager, Comsec Consulting shayz@comsecglobal.com Copyright 2006 - The OWASP

More information

Hash Functions. Integrity checks

Hash Functions. Integrity checks Hash Functions EJ Jung slide 1 Integrity checks Integrity vs. Confidentiality! Integrity: attacker cannot tamper with message! Encryption may not guarantee integrity! Intuition: attacker may able to modify

More information

CS549: Cryptography and Network Security

CS549: Cryptography and Network Security CS549: Cryptography and Network Security by Xiang-Yang Li Department of Computer Science, IIT Cryptography and Network Security 1 Notice This lecture note (Cryptography and Network Security) is prepared

More information

Cryptography: Motivation. Data Structures and Algorithms Cryptography. Secret Writing Methods. Many areas have sensitive information, e.g.

Cryptography: Motivation. Data Structures and Algorithms Cryptography. Secret Writing Methods. Many areas have sensitive information, e.g. Cryptography: Motivation Many areas have sensitive information, e.g. Data Structures and Algorithms Cryptography Goodrich & Tamassia Sections 3.1.3 & 3.1.4 Introduction Simple Methods Asymmetric methods:

More information

Outline. CSc 466/566. Computer Security. 8 : Cryptography Digital Signatures. Digital Signatures. Digital Signatures... Christian Collberg

Outline. CSc 466/566. Computer Security. 8 : Cryptography Digital Signatures. Digital Signatures. Digital Signatures... Christian Collberg Outline CSc 466/566 Computer Security 8 : Cryptography Digital Signatures Version: 2012/02/27 16:07:05 Department of Computer Science University of Arizona collberg@gmail.com Copyright c 2012 Christian

More information

Digital signatures. Informal properties

Digital signatures. Informal properties Digital signatures Informal properties Definition. A digital signature is a number dependent on some secret known only to the signer and, additionally, on the content of the message being signed Property.

More information

Chapter 10. Network Security

Chapter 10. Network Security Chapter 10 Network Security 10.1. Chapter 10: Outline 10.1 INTRODUCTION 10.2 CONFIDENTIALITY 10.3 OTHER ASPECTS OF SECURITY 10.4 INTERNET SECURITY 10.5 FIREWALLS 10.2 Chapter 10: Objective We introduce

More information

1 Data Encryption Algorithm

1 Data Encryption Algorithm Date: Monday, September 23, 2002 Prof.: Dr Jean-Yves Chouinard Design of Secure Computer Systems CSI4138/CEG4394 Notes on the Data Encryption Standard (DES) The Data Encryption Standard (DES) has been

More information

Fundamentals of Computer Security

Fundamentals of Computer Security Fundamentals of Computer Security Spring 2015 Radu Sion Intro Encryption Hash Functions A Message From Our Sponsors Fundamentals System/Network Security, crypto How do things work Why How to design secure

More information

12/8/2015. Review. Final Exam. Network Basics. Network Basics. Network Basics. Network Basics. 12/10/2015 Thursday 5:30~6:30pm Science S-3-028

12/8/2015. Review. Final Exam. Network Basics. Network Basics. Network Basics. Network Basics. 12/10/2015 Thursday 5:30~6:30pm Science S-3-028 Review Final Exam 12/10/2015 Thursday 5:30~6:30pm Science S-3-028 IT443 Network Security Administration Instructor: Bo Sheng True/false Multiple choices Descriptive questions 1 2 Network Layers Application

More information

Cryptography and Network Security Digital Signature

Cryptography and Network Security Digital Signature Cryptography and Network Security Digital Signature Xiang-Yang Li Message Authentication Digital Signature Authentication Authentication requirements Authentication functions Mechanisms MAC: message authentication

More information

Cryptography Lecture 8. Digital signatures, hash functions

Cryptography Lecture 8. Digital signatures, hash functions Cryptography Lecture 8 Digital signatures, hash functions A Message Authentication Code is what you get from symmetric cryptography A MAC is used to prevent Eve from creating a new message and inserting

More information

WIRELESS LAN SECURITY FUNDAMENTALS

WIRELESS LAN SECURITY FUNDAMENTALS WIRELESS LAN SECURITY FUNDAMENTALS Jone Ostebo November 2015 #ATM15ANZ @ArubaANZ Learning Goals Authentication with 802.1X But first: We need to understand some PKI And before that, we need a cryptography

More information

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:

More information

Ky Vu DeVry University, Atlanta Georgia College of Arts & Science

Ky Vu DeVry University, Atlanta Georgia College of Arts & Science Ky Vu DeVry University, Atlanta Georgia College of Arts & Science Table of Contents - Objective - Cryptography: An Overview - Symmetric Key - Asymmetric Key - Transparent Key: A Paradigm Shift - Security

More information

Table of Contents. Bibliografische Informationen http://d-nb.info/996514864. digitalisiert durch

Table of Contents. Bibliografische Informationen http://d-nb.info/996514864. digitalisiert durch 1 Introduction to Cryptography and Data Security 1 1.1 Overview of Cryptology (and This Book) 2 1.2 Symmetric Cryptography 4 1.2.1 Basics 4 1.2.2 Simple Symmetric Encryption: The Substitution Cipher...

More information

Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai 2001. Siemens AG 2001, ICN M NT

Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai 2001. Siemens AG 2001, ICN M NT Part I Contents Part I Introduction to Information Security Definition of Crypto Cryptographic Objectives Security Threats and Attacks The process Security Security Services Cryptography Cryptography (code

More information

Cryptosystems. Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K.

Cryptosystems. Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K. Cryptosystems Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K. C= E(M, K), Bob sends C Alice receives C, M=D(C,K) Use the same key to decrypt. Public

More information

7! Cryptographic Techniques! A Brief Introduction

7! Cryptographic Techniques! A Brief Introduction 7! Cryptographic Techniques! A Brief Introduction 7.1! Introduction to Cryptography! 7.2! Symmetric Encryption! 7.3! Asymmetric (Public-Key) Encryption! 7.4! Digital Signatures! 7.5! Public Key Infrastructures

More information

Network Security - ISA 656 Introduction to Cryptography

Network Security - ISA 656 Introduction to Cryptography Network Security - ISA 656 Angelos Stavrou September 18, 2007 Codes vs. K = {0, 1} l P = {0, 1} m C = {0, 1} n, C C E : P K C D : C K P p P, k K : D(E(p, k), k) = p It is infeasible to find F : P C K Let

More information

An Introduction to Cryptography and Digital Signatures

An Introduction to Cryptography and Digital Signatures An Introduction to Cryptography and Digital Signatures Author: Ian Curry March 2001 Version 2.0 Copyright 2001-2003 Entrust. All rights reserved. Cryptography The concept of securing messages through

More information

Public Key Cryptography Overview

Public Key Cryptography Overview Ch.20 Public-Key Cryptography and Message Authentication I will talk about it later in this class Final: Wen (5/13) 1630-1830 HOLM 248» give you a sample exam» Mostly similar to homeworks» no electronic

More information

The Data Encryption Standard (DES)

The Data Encryption Standard (DES) The Data Encryption Standard (DES) As mentioned earlier there are two main types of cryptography in use today - symmetric or secret key cryptography and asymmetric or public key cryptography. Symmetric

More information

Network Security. Modes of Operation. Steven M. Bellovin February 3, 2009 1

Network Security. Modes of Operation. Steven M. Bellovin February 3, 2009 1 Modes of Operation Steven M. Bellovin February 3, 2009 1 Using Cryptography As we ve already seen, using cryptography properly is not easy Many pitfalls! Errors in use can lead to very easy attacks You

More information

SAMPLE EXAM QUESTIONS MODULE EE5552 NETWORK SECURITY AND ENCRYPTION ECE, SCHOOL OF ENGINEERING AND DESIGN BRUNEL UNIVERSITY UXBRIDGE MIDDLESEX, UK

SAMPLE EXAM QUESTIONS MODULE EE5552 NETWORK SECURITY AND ENCRYPTION ECE, SCHOOL OF ENGINEERING AND DESIGN BRUNEL UNIVERSITY UXBRIDGE MIDDLESEX, UK SAMPLE EXAM QUESTIONS MODULE EE5552 NETWORK SECURITY AND ENCRYPTION September 2010 (reviewed September 2014) ECE, SCHOOL OF ENGINEERING AND DESIGN BRUNEL UNIVERSITY UXBRIDGE MIDDLESEX, UK NETWORK SECURITY

More information

Cryptography & Digital Signatures

Cryptography & Digital Signatures Cryptography & Digital Signatures CS 594 Special Topics/Kent Law School: Computer and Network Privacy and Security: Ethical, Legal, and Technical Consideration Prof. Sloan s Slides, 2007, 2008 Robert H.

More information

CS 758: Cryptography / Network Security

CS 758: Cryptography / Network Security CS 758: Cryptography / Network Security offered in the Fall Semester, 2003, by Doug Stinson my office: DC 3122 my email address: dstinson@uwaterloo.ca my web page: http://cacr.math.uwaterloo.ca/~dstinson/index.html

More information

Chapter 8 Security. IC322 Fall 2014. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Chapter 8 Security. IC322 Fall 2014. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 Chapter 8 Security IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross, All

More information

CS 348: Computer Networks. - Security; 30 th - 31 st Oct 2012. Instructor: Sridhar Iyer IIT Bombay

CS 348: Computer Networks. - Security; 30 th - 31 st Oct 2012. Instructor: Sridhar Iyer IIT Bombay CS 348: Computer Networks - Security; 30 th - 31 st Oct 2012 Instructor: Sridhar Iyer IIT Bombay Network security Security Plan (RFC 2196) Identify assets Determine threats Perform risk analysis Implement

More information

Cryptography and Network Security Chapter 11

Cryptography and Network Security Chapter 11 Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 11 Cryptographic Hash Functions Each of the messages, like each

More information

Implementation and Comparison of Various Digital Signature Algorithms. -Nazia Sarang Boise State University

Implementation and Comparison of Various Digital Signature Algorithms. -Nazia Sarang Boise State University Implementation and Comparison of Various Digital Signature Algorithms -Nazia Sarang Boise State University What is a Digital Signature? A digital signature is used as a tool to authenticate the information

More information

Basics of Cryptography

Basics of Cryptography Basics of Cryptography What is Cryptography? Cryptography is an applied branch of mathematics In some situations it can be used to provide Confidentiality Integrity Authentication Authorization Non-repudiation

More information

Insight Guide. Encryption: A Guide

Insight Guide. Encryption: A Guide Encryption: A Guide for Beginners If you read anything about information security, you re likely to have come across the word encryption. It s a fundamental building block when it comes to securing your

More information

Application Layer (1)

Application Layer (1) Application Layer (1) Functionality: providing applications (e-mail, www, USENET etc) providing support protocols to allow the real applications to function properly security comprising a large number

More information

ICOM 5018 Network Security and Cryptography

ICOM 5018 Network Security and Cryptography ICOM 5018 Network Security and Cryptography Description This course introduces and provides practical experience in network security issues and cryptographic techniques. Cryptographic algorithms and protocols

More information

Block encryption. CS-4920: Lecture 7 Secret key cryptography. Determining the plaintext ciphertext mapping. CS4920-Lecture 7 4/1/2015

Block encryption. CS-4920: Lecture 7 Secret key cryptography. Determining the plaintext ciphertext mapping. CS4920-Lecture 7 4/1/2015 CS-4920: Lecture 7 Secret key cryptography Reading Chapter 3 (pp. 59-75, 92-93) Today s Outcomes Discuss block and key length issues related to secret key cryptography Define several terms related to secret

More information

Public Key (asymmetric) Cryptography

Public Key (asymmetric) Cryptography Public-Key Cryptography UNIVERSITA DEGLI STUDI DI PARMA Dipartimento di Ingegneria dell Informazione Public Key (asymmetric) Cryptography Luca Veltri (mail.to: luca.veltri@unipr.it) Course of Network Security,

More information

CS155. Cryptography Overview

CS155. Cryptography Overview CS155 Cryptography Overview Cryptography Is n A tremendous tool n The basis for many security mechanisms Is not n The solution to all security problems n Reliable unless implemented properly n Reliable

More information

Encryption, Data Integrity, Digital Certificates, and SSL. Developed by. Jerry Scott. SSL Primer-1-1

Encryption, Data Integrity, Digital Certificates, and SSL. Developed by. Jerry Scott. SSL Primer-1-1 Encryption, Data Integrity, Digital Certificates, and SSL Developed by Jerry Scott 2002 SSL Primer-1-1 Ideas Behind Encryption When information is transmitted across intranets or the Internet, others can

More information

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure) Cryptelo Drive Cryptelo Drive is a virtual drive, where your most sensitive data can be stored. Protect documents, contracts, business know-how, or photographs - in short, anything that must be kept safe.

More information

Cryptographic Hash Functions Message Authentication Digital Signatures

Cryptographic Hash Functions Message Authentication Digital Signatures Cryptographic Hash Functions Message Authentication Digital Signatures Abstract We will discuss Cryptographic hash functions Message authentication codes HMAC and CBC-MAC Digital signatures 2 Encryption/Decryption

More information

Digital Signatures. Murat Kantarcioglu. Based on Prof. Li s Slides. Digital Signatures: The Problem

Digital Signatures. Murat Kantarcioglu. Based on Prof. Li s Slides. Digital Signatures: The Problem Digital Signatures Murat Kantarcioglu Based on Prof. Li s Slides Digital Signatures: The Problem Consider the real-life example where a person pays by credit card and signs a bill; the seller verifies

More information

Overview of Public-Key Cryptography

Overview of Public-Key Cryptography CS 361S Overview of Public-Key Cryptography Vitaly Shmatikov slide 1 Reading Assignment Kaufman 6.1-6 slide 2 Public-Key Cryptography public key public key? private key Alice Bob Given: Everybody knows

More information

Lecture 5 - Cryptography

Lecture 5 - Cryptography CSE497b Introduction to Computer and Network Security - Spring 2007 - Professors Jaeger Lecture 5 - Cryptography CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07/

More information

AC76/AT76 CRYPTOGRAPHY & NETWORK SECURITY DEC 2014

AC76/AT76 CRYPTOGRAPHY & NETWORK SECURITY DEC 2014 Q.2a. Define Virus. What are the four phases of Viruses? In addition, list out the types of Viruses. A virus is a piece of software that can infect other programs by modifying them; the modification includes

More information

1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies

1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies 1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies Dave Corbett Technical Product Manager Implementing Forward Secrecy 1 Agenda Part 1: Introduction Why is Forward Secrecy important?

More information

Tutorial 2. May 11, 2015

Tutorial 2. May 11, 2015 Tutorial 2 May 11, 2015 I. Basic Notions Review Questions Chapter 5 & 11 Multiple-choice Example Chapter 5 Which is the first step in securing an operating system? a. implement patch management b. configure

More information

PGP - Pretty Good Privacy

PGP - Pretty Good Privacy I should be able to whisper something in your ear, even if your ear is 1000 miles away, and the government disagrees with that. -- Philip Zimmermann PGP - Pretty Good Privacy - services - message format

More information

Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs

Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs Enes Pasalic University of Primorska Koper, 2014 Contents 1 Preface 3 2 Problems 4 2 1 Preface This is a

More information

SSL/TLS: The Ugly Truth

SSL/TLS: The Ugly Truth SSL/TLS: The Ugly Truth Examining the flaws in SSL/TLS protocols, and the use of certificate authorities. Adrian Hayter CNS Hut 3 Team adrian.hayter@cnsuk.co.uk Contents Introduction to SSL/TLS Cryptography

More information

USING ENCRYPTION TO PROTECT SENSITIVE INFORMATION Commonwealth Office of Technology Security Month Seminars October 29, 2013

USING ENCRYPTION TO PROTECT SENSITIVE INFORMATION Commonwealth Office of Technology Security Month Seminars October 29, 2013 USING ENCRYPTION TO PROTECT SENSITIVE INFORMATION Commonwealth Office of Technology Security Month Seminars Alternate Title? Boy, am I surprised. The Entrust guy who has mentioned PKI during every Security

More information

Cryptography and Network Security

Cryptography and Network Security Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 3: Block ciphers and DES Ion Petre Department of IT, Åbo Akademi University January 17, 2012 1 Data Encryption Standard

More information

DataTrust Backup Software. Whitepaper Data Security. Version 6.8

DataTrust Backup Software. Whitepaper Data Security. Version 6.8 Version 6.8 Table of Contents 1 Introduction... 3 2 DataTrust Offsite Backup Server Secure, Robust and Reliable... 4 2.1 Secure 128-bit SSL communication... 4 2.2 Backup data are securely encrypted...

More information

Lecture 9 - Network Security TDTS41-2006 (ht1)

Lecture 9 - Network Security TDTS41-2006 (ht1) Lecture 9 - Network Security TDTS41-2006 (ht1) Prof. Dr. Christoph Schuba Linköpings University/IDA Schuba@IDA.LiU.SE Reading: Office hours: [Hal05] 10.1-10.2.3; 10.2.5-10.7.1; 10.8.1 9-10am on Oct. 4+5,

More information