# Applied Cryptology. Ed Crowley

Save this PDF as:

Size: px
Start display at page:

## Transcription

1 Applied Cryptology Ed Crowley 1

2 Basics Topics Basic Services and Operations Symmetric Cryptography Encryption and Symmetric Algorithms Asymmetric Cryptography Authentication, Nonrepudiation, and Asymmetric Algorithms One way functions Integrity and Hashing Digital Signatures PKI 2

3 Basics Cryptography refers to the science and art of designing ciphers Currently defined as a branch of Mathematics Cryptanalysis refers to the science and art of breaking ciphers Cryptology, often shortened to crypto, refers to the study of both 3

4 Basic Crypto Services 1. Confidentiality Deals with who can read data 2. Integrity Deals with who can write data. 3. Authentication Deals with having proof of whom, or what, with which you are interacting When Bob receives a message that purports to be sent by Alice, Bob can be sure that the message was really sent by Alice. 4. Nonrepudiation Alice cannot later deny that the message was sent. Bob cannot later deny that the message was received. Third party verifiable Note: cryptography not concerned with availability. 4

5 Basic Crypto Operations Symmetric Crypto (aka single key or classic) Block or stream Asymmetric Crypto (aka two key or key pair) Problem hard one way, easy another One-way functions Integrity Most cryptosystems utilize multiple basic operations aka are Hybrid Cryptosystems For example, PKI combines all 3 operations. Digital Signatures combine Single and Two key 5

6 Practical Systems Combine Operations aka Hybrid Cryptosystems Hybrid systems combine multiple basic operations, potentially including: Symmetric Asymmetric One way. For example, in SSL the servers public key, from it s certificate, encrypts a temporary symmetric session key while a one way operation provides integrity. Lets look at Encryption. 6

7 Encryption Two inputs Key One and plain text are inputs to encryption algorithm. One output Cipher text which can be sent over an unsecure medium 7

8 Decryption Likewise, two inputs, one output Key Two and cipher text are inputs. One Output: Plain Text. Symmetric crypto, Key One and Key Two identical. Asymmetric crypto, Key One and Key Two, related but different. ciphers may either have one key for both encryption and decryption, in which case they re called shared key (also secret key or symmetric), or have separate keys for encryption and decryption, in which case they re called public key or asymmetric. --Ross Anderson 8

9 Kerckhoff s Principle aka Shannon s Maxim All security is in the key (aka the enemy knows/has the system) With large key sizes, can be very strong. In this context, strong symmetric crypto refers to key sizes 128 or more bits Key compromised? No security. Consequently, key management is critical And in Symmetric Crypto, key management is a problem 9

10 Symmetric Crypto Attributes Variety of algorithms Each of which can run in a variety of modes Symmetric Algorithms classified as either stream or block Fast. Block algorithms further classified by: Key length Block size Bulk encryption almost always implemented with symmetric crypto Given enough time and enough resources, brute force attack will always succeed.(ntim) 10

11 1914 Vernam Stream Cipher Machine Similar to teletypewriter except that it used three rather than one paper tapes. First tape, sender types a message in the form of holes and spaces. (plain text) Second tape, contains random characters. (key) Cipher Machine combines the holes and spaces of the message tape with the holes and spaces of the randomcharacter tape using Modulo-2 (XOR). This produced the third tape containing the enciphered message (cipher text). Cipher text then be transmitted and saved on a paper tape. 11

12 Exclusive Or (XOR) Very easy hardware implementation. Very fast hardware implementation. Reversible Plain text + Key = Cyphertext Cyphertext +Key= Plaintext Frequently used to implement stream ciphers. 12

13 Symmetric Ciphers RC-4 (Rivest Cipher 4) Fast symmetric streaming cipher used in a variety of implementations DES Former US Standard originally based on IBM s and Horst Feistel s Lucifer algorithm. Triple DES Temporary US Standard designed to response to brute force attacks against DES AES US National Encryption Standard for other than Top Secret 13

14 RC-4 Stream Cipher (WEP) Both Vernam and RC-4 are stream ciphers. Typically, stream ciphers are designed for hardware implementation. DES Block Cipher In contrast, DES is a block cipher. Typically, block ciphers are designed for software implementation. Operates on 64 bit blocks. 14

15 One Cipher to Rule them All! One Time Pad Special Vernam Cipher implementation where: Key and message same length. Key totally random. Key used only one time for only one message. Key securely distributed Done properly, creates an unbreakable cryptosystem. Only cipher mathematically provable unbreakable. Considered by many impossible to do in a large scale real world implementation. See NSA s Venona project. 15

16 Symmetric Key Algorithms: DES First modern, secure symmetric encryption algorithm. Significant attributes: Known in great detail Free from patent issues Relatively simple, uses only three functions XOR Permutation Substitution Originally, designed for hardware implementation 16

17 Single DES Weaknesses Relatively short, 56 bit, fixed key length with a fixed 64 bit block length Designed for 70s era Hardware implementation Except for brute force, DES has proven resilient to all attacks Since November 1998, not US government approved. Triple DES (3DES), replaced DES. AES replaced Triple DES. 17

18 Triple DES (3DES) Original temporary DES replacement. Effective 168 bit key length 3X56 Implemented with 2 or 3 keys As FIPS Standard, DES was replaced by AES (Advanced Encryption Standard) Note: NIST Federal Information Processing Standard (FIPS) 140 sets standards for cryptographic modules. 18

19 DES Modes of Operation A block cipher by itself is only suitable for the secure cryptographic transformation (encryption or decryption) of one fixed-length group of bits called a block. A mode of operation describes how to repeatedly apply a cipher's single-block operation to securely transform amounts of data larger than a block 19

20 Electronic Codebook (ECB) Mode Message divided into blocks. Each block encrypted separately. Disadvantage: plaintext blocks encrypted into identical ciphertext blocks. 20

21 Cyber Block Chaining Mode Each block of plaintext is XORed with the previous ciphertext block before being encrypted. This way, each ciphertext block depends on all plaintext blocks processed up to that point. Most commonly used mode of operation 21

22 Cipher Feedback (CFB) Mode Makes a block cipher into a self-synchronizing stream cipher. Message does not need to be padded to a multiple of the cipher block size 22

23 Output Feedback (OFB) Mode Makes a block cipher into a synchronous stream cipher. Each output feedback block cipher operation depends on all previous ones, and so cannot be performed in parallel. 23

24 Advanced Encryption Standard (AES) AES, aka Rijndael Block Cipher Utilizes variable 128, 192, 256 bit length key with a 128 bit block size. Replaced DES/3-DES. Announced January Current Federal Information Processing Standard (FIPS) Standard US standard for protection of sensitive but unclassified information. 24

25 (Symmetric) Key Management Problem Issues include: Only works by prearrangement. Recipient must already posses key. How do you deliver key without someone intercepting it? If two people have the key and it is compromised, whom is responsible? If key is lost, cipher text cannot be decrypted. Doesn t scale well. A system with N users requires (N*(N-1))/2, keys Key Management problem led to the creation of Asymmetric Cryptography 25

26 Asymmetric Cryptography Utilizes mathematically related key pairs One key public, one key private Asymmetric private key is never shared. Keys based upon problems that are easy to solve one way but very difficult to solve the other For example, RSA utilizes, in part, the problem of factoring the product of two large primes Easy to multiply, very, very difficult to factor Other examples of difficult problems include those based upon discrete logarithms and elliptic curves Offers solution to Symmetrical Cryptography Key Management problems. 26

27 Symmetric/Asymmetric Technologies Compared Symmetric key Single shared secret key. AKA secret key, private key, single key, or classic cryptography. Fast Asymmetric key Two different, but related, keys One key public. One key private (secret) AKA public key or two key cryptography. Slow. Not usually used for bulk encryption 27

28 Asymmetric Algorithms RSA Used in hybrid crypto systems for encryption and digital signatures Most widely used asymmetric algorithm Elliptic Curve Economical in terms of computation, bandwidth, and storage Finding the discreet logarithm in a finite field. Optimum for use in small portable devices Diffie Hellman key exchange protocol Allows two entities to jointly establish a shared secret key over an insecure communications channel 28

29 RSA Public key algorithm derived from properties of large prime numbers. In part, based on difficulty of factoring a number N, which is the product of two large prime numbers. Defacto standard for digital signatures and encryption. At the time of its publication, Rivest, Shamir, and Addleman were all MIT Professors. Issued in 1983, patent expired in

30 Potential Asymmetric Crypto Services Confidentiality Sender encodes message with receiver s public key. Receiver decodes with private key. Only short messages, typically shorter than key. Authentication and Non repudiation Sender encodes message with sender s private key. Receiver decodes with sender s public key. 30

31 Authentication and NonRepudiation Authentication verifies that a message came from whom it is represented to come from. Non repudiation provides evidence so that a message can not be disavowed at a later time. Process utilizes a secret known to only one person (private key). Methods include digital signatures. 31

32 One Way Process: Integrity A Hash, or message digest, enables you to discern whether or not a document has been altered. That is, it proves or disproves data integrity. A hash is considered bound to a document. Sometimes called a digital fingerprint. Hashes can also be components of digital signatures and Message Authentication Codes (MACs). The above drawing illustrates a keyless hash process. However, there are also keyed integrity processes called message authentication codes (MACs or HashMACs). 32

33 Message Digests (Hash) Message digest used as a proxy for a message.it is a shorter, redundant representation of that message. [1] May also be called a hash, digital fingerprint, or a digest. Two major types 1. Message Integrity Code or MIC 1. Bound just to original document 2. Message Authentication Code or MAC 1. Bound to original document and sender (by a shared secret key) [1.] H.X. Mel 33

34 Message Digest Attributes Original file cannot be created from message digest (one way function). Given a file and its corresponding message digest, it should not be feasible to find another file with the same message digest. Called a collision Could be strongly or weakly collision resistant See birthday attack Should be calculated using all of the original file s data. 34

35 SHA-1 Produces a unique 160 bit message digest. Any modifications to the message being sent to the receiver results in a different message digest being calculated by the receiver. NSA developed. Evolution of MD4. 35

36 MD5 Message digest algorithm. IETF standard (RFC 1321) Developed by Rivest in Used in PGP. Generates a 128 bit message digest from an arbitrary length text. Recent papers have pointed to weaknesses in some hashes including MD5. See: 36

37 RSA Digital Signature Creation 1. Hash document to create digest 2. Encrypt hash with senders private key 3. Attach to encrypted hash communication 4. Upon delivery, recipient decrypts hash with senders public key 5. Creates new document hash and compares 6. If hashes are identical, documents have integrity. Note One Algorithm1 is hash algorithm. Algorithm2 is asymmetric crypto algorithm. Note Two This is an example of an RSA based digital signature. There are other types of signatures. 37

38 RSA Digital Signature A document hash encrypted with a sender s private key is called a digital signature. Digital signatures bound to both: Document and Signer The receiver decrypts the message digest with the sender s public key. If the public key opens the message digest, the senders identity is verified. (nonrepudiation) The receiver can re-compute the message digest. If the value of the hash hasn t changed, the message has integrity. 38

39 RSA Digital Signatures Again First create a fixed length Message Digest. Then, encipher the digest with the senders private key. Process binds the fixed length block to: The original data The sender. 39

40 Certificate binds an entitie s public key to the entity. In instant case, Amazon is bound to the public key on the left. 40

41 Questions? Selected References

### IT Networks & Security CERT Luncheon Series: Cryptography

IT Networks & Security CERT Luncheon Series: Cryptography Presented by Addam Schroll, IT Security & Privacy Analyst 1 Outline History Terms & Definitions Symmetric and Asymmetric Algorithms Hashing PKI

### Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Cryptographic Tools for Data Security Murat Kantarcioglu Pag. 1 Purdue University Cryptographic Primitives We will discuss the

### Computer Security: Principles and Practice

Computer Security: Principles and Practice Chapter 20 Public-Key Cryptography and Message Authentication First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Public-Key Cryptography

### SECURITY IN NETWORKS

SECURITY IN NETWORKS GOALS Understand principles of network security: Cryptography and its many uses beyond confidentiality Authentication Message integrity Security in practice: Security in application,

### 7! Cryptographic Techniques! A Brief Introduction

7! Cryptographic Techniques! A Brief Introduction 7.1! Introduction to Cryptography! 7.2! Symmetric Encryption! 7.3! Asymmetric (Public-Key) Encryption! 7.4! Digital Signatures! 7.5! Public Key Infrastructures

### CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

CIS 6930 Emerging Topics in Network Security Topic 2. Network Security Primitives 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange; Hash functions; Application of hash

### Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:

### Lecture 9: Application of Cryptography

Lecture topics Cryptography basics Using SSL to secure communication links in J2EE programs Programmatic use of cryptography in Java Cryptography basics Encryption Transformation of data into a form that

### Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室

Network Security 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Security Attacks Normal flow: sender receiver Interruption: Information source Information destination

### CRYPTOGRAPHY IN NETWORK SECURITY

ELE548 Research Essays CRYPTOGRAPHY IN NETWORK SECURITY AUTHOR: SHENGLI LI INSTRUCTOR: DR. JIEN-CHUNG LO Date: March 5, 1999 Computer network brings lots of great benefits and convenience to us. We can

### CSCI-E46: Applied Network Security. Class 1: Introduction Cryptography Primer 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING 2016 1

CSCI-E46: Applied Network Security Class 1: Introduction Cryptography Primer 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING 2016 1 Welcome to CSCI-E46 Classroom & Schedule 53 Church Street L01 Wednesdays,

1 Introduction to Cryptography and Data Security 1 1.1 Overview of Cryptology (and This Book) 2 1.2 Symmetric Cryptography 4 1.2.1 Basics 4 1.2.2 Simple Symmetric Encryption: The Substitution Cipher...

### Network Security (2) CPSC 441 Department of Computer Science University of Calgary

Network Security (2) CPSC 441 Department of Computer Science University of Calgary 1 Friends and enemies: Alice, Bob, Trudy well-known in network security world Bob, Alice (lovers!) want to communicate

### Final Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket

IT 4823 Information Security Administration Public Key Encryption Revisited April 5 Notice: This session is being recorded. Lecture slides prepared by Dr Lawrie Brown for Computer Security: Principles

### Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest

### Lecture 6 - Cryptography

Lecture 6 - Cryptography CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07 Question 2 Setup: Assume you and I don t know anything about

### Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering

Network Security Gaurav Naik Gus Anderson, Philadelphia, PA Lectures on Network Security Feb 12 (Today!): Public Key Crypto, Hash Functions, Digital Signatures, and the Public Key Infrastructure Feb 14:

### CSCE 465 Computer & Network Security

CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Public Key Cryptogrophy 1 Roadmap Introduction RSA Diffie-Hellman Key Exchange Public key and

### Network Security. HIT Shimrit Tzur-David

Network Security HIT Shimrit Tzur-David 1 Goals: 2 Network Security Understand principles of network security: cryptography and its many uses beyond confidentiality authentication message integrity key

### Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Public Key Cryptography symmetric key crypto v requires sender, receiver know shared secret

### Cryptography. some history. modern secret key cryptography. public key cryptography. cryptography in practice

Cryptography some history Caesar cipher, rot13 substitution ciphers, etc. Enigma (Turing) modern secret key cryptography DES, AES public key cryptography RSA, digital signatures cryptography in practice

### Basics of Cryptography

Basics of Cryptography What is Cryptography? Cryptography is an applied branch of mathematics In some situations it can be used to provide Confidentiality Integrity Authentication Authorization Non-repudiation

### An Introduction to Cryptography as Applied to the Smart Grid

An Introduction to Cryptography as Applied to the Smart Grid Jacques Benoit, Cooper Power Systems Western Power Delivery Automation Conference Spokane, Washington March 2011 Agenda > Introduction > Symmetric

### Chapter 7: Network security

Chapter 7: Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer: secure e-mail transport

### How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and

How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and non-repudiation. How to obtain a digital certificate. Installing

### Cryptography & Digital Signatures

Cryptography & Digital Signatures CS 594 Special Topics/Kent Law School: Computer and Network Privacy and Security: Ethical, Legal, and Technical Consideration Prof. Sloan s Slides, 2007, 2008 Robert H.

### What is network security?

Network security Network Security Srinidhi Varadarajan Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application

### Cryptography & Network Security

Cryptography & Network Security Lecture 1: Introduction & Overview 2002. 3. 27 chlim@sejong.ac.kr Common Terms(1) Cryptography: The study of mathematical techniques related to aspects of information security

### Overview of CSS SSL. SSL Cryptography Overview CHAPTER

CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers

### Authentication requirement Authentication function MAC Hash function Security of

UNIT 3 AUTHENTICATION Authentication requirement Authentication function MAC Hash function Security of hash function and MAC SHA HMAC CMAC Digital signature and authentication protocols DSS Slides Courtesy

### Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions

### Cryptography: Motivation. Data Structures and Algorithms Cryptography. Secret Writing Methods. Many areas have sensitive information, e.g.

Cryptography: Motivation Many areas have sensitive information, e.g. Data Structures and Algorithms Cryptography Goodrich & Tamassia Sections 3.1.3 & 3.1.4 Introduction Simple Methods Asymmetric methods:

### Cryptosystems. Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K.

Cryptosystems Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K. C= E(M, K), Bob sends C Alice receives C, M=D(C,K) Use the same key to decrypt. Public

### Encryption, Data Integrity, Digital Certificates, and SSL. Developed by. Jerry Scott. SSL Primer-1-1

Encryption, Data Integrity, Digital Certificates, and SSL Developed by Jerry Scott 2002 SSL Primer-1-1 Ideas Behind Encryption When information is transmitted across intranets or the Internet, others can

### Lecture 9 - Network Security TDTS41-2006 (ht1)

Lecture 9 - Network Security TDTS41-2006 (ht1) Prof. Dr. Christoph Schuba Linköpings University/IDA Schuba@IDA.LiU.SE Reading: Office hours: [Hal05] 10.1-10.2.3; 10.2.5-10.7.1; 10.8.1 9-10am on Oct. 4+5,

### Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Introduction to Cryptography What is cryptography?

### CS 758: Cryptography / Network Security

CS 758: Cryptography / Network Security offered in the Fall Semester, 2003, by Doug Stinson my office: DC 3122 my email address: dstinson@uwaterloo.ca my web page: http://cacr.math.uwaterloo.ca/~dstinson/index.html

### CIS433/533 - Computer and Network Security Cryptography

CIS433/533 - Computer and Network Security Cryptography Professor Kevin Butler Winter 2011 Computer and Information Science A historical moment Mary Queen of Scots is being held by Queen Elizabeth and

### Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Goals v understand principles of network security: cryptography and its many uses beyond

### Public Key (asymmetric) Cryptography

Public-Key Cryptography UNIVERSITA DEGLI STUDI DI PARMA Dipartimento di Ingegneria dell Informazione Public Key (asymmetric) Cryptography Luca Veltri (mail.to: luca.veltri@unipr.it) Course of Network Security,

### Overview. SSL Cryptography Overview CHAPTER 1

CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure

### Network Security - ISA 656 Introduction to Cryptography

Network Security - ISA 656 Angelos Stavrou September 18, 2007 Codes vs. K = {0, 1} l P = {0, 1} m C = {0, 1} n, C C E : P K C D : C K P p P, k K : D(E(p, k), k) = p It is infeasible to find F : P C K Let

### Overview. SSL Cryptography Overview CHAPTER 1

CHAPTER 1 Secure Sockets Layer (SSL) is an application-layer protocol that provides encryption technology for the Internet. SSL ensures the secure transmission of data between a client and a server through

### SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES

www.arpapress.com/volumes/vol8issue1/ijrras_8_1_10.pdf SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES Malek Jakob Kakish Amman Arab University, Department of Computer Information Systems, P.O.Box 2234,

### USING ENCRYPTION TO PROTECT SENSITIVE INFORMATION Commonwealth Office of Technology Security Month Seminars October 29, 2013

USING ENCRYPTION TO PROTECT SENSITIVE INFORMATION Commonwealth Office of Technology Security Month Seminars Alternate Title? Boy, am I surprised. The Entrust guy who has mentioned PKI during every Security

### Public Key Cryptography Overview

Ch.20 Public-Key Cryptography and Message Authentication I will talk about it later in this class Final: Wen (5/13) 1630-1830 HOLM 248» give you a sample exam» Mostly similar to homeworks» no electronic

### Cryptography and Network Security

Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 3: Block ciphers and DES Ion Petre Department of IT, Åbo Akademi University January 17, 2012 1 Data Encryption Standard

### Chapter 10. Network Security

Chapter 10 Network Security 10.1. Chapter 10: Outline 10.1 INTRODUCTION 10.2 CONFIDENTIALITY 10.3 OTHER ASPECTS OF SECURITY 10.4 INTERNET SECURITY 10.5 FIREWALLS 10.2 Chapter 10: Objective We introduce

### 1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies

1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies Dave Corbett Technical Product Manager Implementing Forward Secrecy 1 Agenda Part 1: Introduction Why is Forward Secrecy important?

### CS 393 Network Security. Nasir Memon Polytechnic University Module 11 Secure Email

CS 393 Network Security Nasir Memon Polytechnic University Module 11 Secure Email Course Logistics HW 5 due Thursday Graded exams returned and discussed. Read Chapter 5 of text 4/2/02 Module 11 - Secure

### 159.334 Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology

Network Security 1 Professor Richard Harris School of Engineering and Advanced Technology Presentation Outline Overview of Identification and Authentication The importance of identification and Authentication

### Chapter 8 Security. IC322 Fall 2014. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Chapter 8 Security IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross, All

### Message Authentication

Message Authentication message authentication is concerned with: protecting the integrity of a message validating identity of originator non-repudiation of origin (dispute resolution) will consider the

### EXAM questions for the course TTM4135 - Information Security May 2013. Part 1

EXAM questions for the course TTM4135 - Information Security May 2013 Part 1 This part consists of 5 questions all from one common topic. The number of maximal points for every correctly answered question

### Network Security Technology Network Management

COMPUTER NETWORKS Network Security Technology Network Management Source Encryption E(K,P) Decryption D(K,C) Destination The author of these slides is Dr. Mark Pullen of George Mason University. Permission

### A New Efficient Digital Signature Scheme Algorithm based on Block cipher

IOSR Journal of Computer Engineering (IOSRJCE) ISSN: 2278-0661, ISBN: 2278-8727Volume 7, Issue 1 (Nov. - Dec. 2012), PP 47-52 A New Efficient Digital Signature Scheme Algorithm based on Block cipher 1

### Lukasz Pater CMMS Administrator and Developer

Lukasz Pater CMMS Administrator and Developer EDMS 1373428 Agenda Introduction Why do we need asymmetric ciphers? One-way functions RSA Cipher Message Integrity Examples Secure Socket Layer Single Sign

### Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai 2001. Siemens AG 2001, ICN M NT

Part I Contents Part I Introduction to Information Security Definition of Crypto Cryptographic Objectives Security Threats and Attacks The process Security Security Services Cryptography Cryptography (code

### Network Security. Chapter 3 Symmetric Cryptography. Symmetric Encryption. Modes of Encryption. Symmetric Block Ciphers - Modes of Encryption ECB (1)

Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Network Security Chapter 3 Symmetric Cryptography General Description Modes of ion Data ion Standard (DES)

### Chapter 8. Network Security

Chapter 8 Network Security Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Need for Security Some people who

### The Data Encryption Standard (DES)

The Data Encryption Standard (DES) As mentioned earlier there are two main types of cryptography in use today - symmetric or secret key cryptography and asymmetric or public key cryptography. Symmetric

### Cryptography and Network Security Block Cipher

Cryptography and Network Security Block Cipher Xiang-Yang Li Modern Private Key Ciphers Stream ciphers The most famous: Vernam cipher Invented by Vernam, ( AT&T, in 1917) Process the message bit by bit

### The mathematics of cryptology

The mathematics of cryptology Paul E. Gunnells Department of Mathematics and Statistics University of Massachusetts, Amherst Amherst, MA 01003 www.math.umass.edu/ gunnells April 27, 2004 What is Cryptology?

### SAMPLE EXAM QUESTIONS MODULE EE5552 NETWORK SECURITY AND ENCRYPTION ECE, SCHOOL OF ENGINEERING AND DESIGN BRUNEL UNIVERSITY UXBRIDGE MIDDLESEX, UK

SAMPLE EXAM QUESTIONS MODULE EE5552 NETWORK SECURITY AND ENCRYPTION September 2010 (reviewed September 2014) ECE, SCHOOL OF ENGINEERING AND DESIGN BRUNEL UNIVERSITY UXBRIDGE MIDDLESEX, UK NETWORK SECURITY

### lundi 1 octobre 2012 In a set of N elements, by picking at random N elements, we have with high probability a collision two elements are equal

Symmetric Crypto Pierre-Alain Fouque Birthday Paradox In a set of N elements, by picking at random N elements, we have with high probability a collision two elements are equal N=365, about 23 people are

### Evaluation of the RC4 Algorithm for Data Encryption

Evaluation of the RC4 Algorithm for Data Encryption Allam Mousa (1) and Ahmad Hamad (2) (1) Electrical Engineering Department An-Najah University, Nablus, Palestine (2) Systems Engineer PalTel Company,

### INTRODUCTION to CRYPTOGRAPHY & CRYPTOGRAPHIC SERVICES on Z/OS BOSTON UNIVERSITY SECURITY CAMP MARCH 14, 2003

INTRODUCTION to CRYPTOGRAPHY & CRYPTOGRAPHIC SERVICES on Z/OS BOSTON UNIVERSITY SECURITY CAMP MARCH 14, 2003 History of Cryptography The concept of securing messages through cryptography has a long history.

### CS 348: Computer Networks. - Security; 30 th - 31 st Oct 2012. Instructor: Sridhar Iyer IIT Bombay

CS 348: Computer Networks - Security; 30 th - 31 st Oct 2012 Instructor: Sridhar Iyer IIT Bombay Network security Security Plan (RFC 2196) Identify assets Determine threats Perform risk analysis Implement

Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect

### AC76/AT76 CRYPTOGRAPHY & NETWORK SECURITY DEC 2014

Q.2a. Define Virus. What are the four phases of Viruses? In addition, list out the types of Viruses. A virus is a piece of software that can infect other programs by modifying them; the modification includes

### Outline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures

Outline Computer Science 418 Digital Signatures Mike Jacobson Department of Computer Science University of Calgary Week 12 1 Digital Signatures 2 Signatures via Public Key Cryptosystems 3 Provable 4 Mike

### Introduction to Encryption

Computers and Society Introduction to Encryption Chris Brooks Department of Computer Science University of San Francisco Department of Computer Science University of San Francisco p.1/35 3-0: Terminology

### Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)

Cryptelo Drive Cryptelo Drive is a virtual drive, where your most sensitive data can be stored. Protect documents, contracts, business know-how, or photographs - in short, anything that must be kept safe.

### The Misuse of RC4 in Microsoft Word and Excel

The Misuse of RC4 in Microsoft Word and Excel Hongjun Wu Institute for Infocomm Research, Singapore hongjun@i2r.a-star.edu.sg Abstract. In this report, we point out a serious security flaw in Microsoft

### Savitribai Phule Pune University

Savitribai Phule Pune University Centre for Information and Network Security Course: Introduction to Cyber Security / Information Security Module : Pre-requisites in Information and Network Security Chapter

### Common Pitfalls in Cryptography for Software Developers. OWASP AppSec Israel July 2006. The OWASP Foundation http://www.owasp.org/

Common Pitfalls in Cryptography for Software Developers OWASP AppSec Israel July 2006 Shay Zalalichin, CISSP AppSec Division Manager, Comsec Consulting shayz@comsecglobal.com Copyright 2006 - The OWASP

### 12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or

### CSCE 465 Computer & Network Security

CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Secret Key Cryptography (I) 1 Introductory Remarks Roadmap Feistel Cipher DES AES Introduction

### Cryptographic Hash Functions Message Authentication Digital Signatures

Cryptographic Hash Functions Message Authentication Digital Signatures Abstract We will discuss Cryptographic hash functions Message authentication codes HMAC and CBC-MAC Digital signatures 2 Encryption/Decryption

### Virtual Private Networks

Outline Virtual Private Networks Cmput 410 Presentations November 25-2004 Introduction Types of VPNs Tunneling Security Encryption Future of VPNs VPN - Definition Introduction a way to provide remote access

### Chapter 8. Cryptography Symmetric-Key Algorithms. Digital Signatures Management of Public Keys Communication Security Authentication Protocols

Network Security Chapter 8 Cryptography Symmetric-Key Algorithms Public-Key Algorithms Digital Signatures Management of Public Keys Communication Security Authentication Protocols Email Security Web Security

### CPS 590.5 Computer Security Lecture 9: Introduction to Network Security. Xiaowei Yang xwy@cs.duke.edu

CPS 590.5 Computer Security Lecture 9: Introduction to Network Security Xiaowei Yang xwy@cs.duke.edu Previous lectures Worm Fast worm design Today Network security Cryptography building blocks Existing

### Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Module No. # 01 Lecture No. # 02 Overview on Modern Cryptography

### Secure Network Communications FIPS 140 2 Non Proprietary Security Policy

Secure Network Communications FIPS 140 2 Non Proprietary Security Policy 21 June 2010 Table of Contents Introduction Module Specification Ports and Interfaces Approved Algorithms Test Environment Roles

### CSC474/574 - Information Systems Security: Homework1 Solutions Sketch

CSC474/574 - Information Systems Security: Homework1 Solutions Sketch February 20, 2005 1. Consider slide 12 in the handout for topic 2.2. Prove that the decryption process of a one-round Feistel cipher

### Dustin Moody Post Quantum Cryptography Team National Institute of Standards and Technology (NIST)

Dustin Moody Post Quantum Cryptography Team National Institute of Standards and Technology (NIST) When will a quantum computer be built that breaks current crypto? 15 years, \$1 billion USD, nuclear power

### CS155. Cryptography Overview

CS155 Cryptography Overview Cryptography Is n A tremendous tool n The basis for many security mechanisms Is not n The solution to all security problems n Reliable unless implemented properly n Reliable

6.857 Computer and Network Security Fall Term, 1997 Lecture 4 : 16 September 1997 Lecturer: Ron Rivest Scribe: Michelle Goldberg 1 Conditionally Secure Cryptography Conditionally (or computationally) secure

### Data Encryption WHITE PAPER ON. Prepared by Mohammed Samiuddin. www.itmr.ac.in

01 0110 0001 01101 WHITE PAPER ON Data Encryption Prepared by Mohammed Samiuddin www.itmr.ac.in Contents INTRODUCTION... 2 NEED FOR DATA ENCRYPTION... 3 DUE CARE... 3 REPUTATIONAL RISK... 3 REGULATORY

### Lecture 5 - Cryptography

CSE497b Introduction to Computer and Network Security - Spring 2007 - Professors Jaeger Lecture 5 - Cryptography CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07/

### Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Lecture No. # 11 Block Cipher Standards (DES) (Refer Slide

### SubmitedBy: Name Reg No Email Address. Mirza Kashif Abrar 790604-T079 kasmir07 (at) student.hh.se

SubmitedBy: Name Reg No Email Address Mirza Kashif Abrar 790604-T079 kasmir07 (at) student.hh.se Abid Hussain 780927-T039 abihus07 (at) student.hh.se Imran Ahmad Khan 770630-T053 imrakh07 (at) student.hh.se

### Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths

NIST Special Publication 800-131A Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths Elaine Barker and Allen Roginsky Computer Security Division Information

### Safeguarding Data Using Encryption. Matthew Scholl & Andrew Regenscheid Computer Security Division, ITL, NIST

Safeguarding Data Using Encryption Matthew Scholl & Andrew Regenscheid Computer Security Division, ITL, NIST What is Cryptography? Cryptography: The discipline that embodies principles, means, and methods

### Modeling and verification of security protocols

Modeling and verification of security protocols Part I: Basics of cryptography and introduction to security protocols Dresden University of Technology Martin Pitt martin@piware.de Paper and slides available

### Secure Network Communication Based on Text-to-Image Encryption

Secure Network Communication Based on Text-to-Image Encryption Ahmad Abusukhon 1, Mohamad Talib 2, Issa Ottoum 3 1 IT Faculty, - Computer Network Department Al-Zaytoonah University of Jordan Amman, JORDAN

### Network Security. Modes of Operation. Steven M. Bellovin February 3, 2009 1

Modes of Operation Steven M. Bellovin February 3, 2009 1 Using Cryptography As we ve already seen, using cryptography properly is not easy Many pitfalls! Errors in use can lead to very easy attacks You

### Message Authentication Codes

2 MAC Message Authentication Codes : and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l08, Steve/Courses/2013/s2/css322/lectures/mac.tex,