Security for Computer Networks

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Security for Computer Networks"

Transcription

1 Security for Computer Networks An Introduction to Data Security in Teleprocessing and Electronic Funds Transfer D. W. Davies Consultant for Data Security and W. L. Price National Physical Laboratory, Teddington, Middlesex A Wiley-Interscience Publication lecbnischs FACHBEREiCH INFORMATtK LLLLLP THEK Sadigebiste i Standorti JOHN WILEY & SONS Chichester New York Brisbane Toronto Singapore

2 Contents Preface xvii Chapter 1. Data Security The need for data security Assessment of security 3 Software integrity 5 Security and people The effect of technology The notation for encryption 7 The need for key distribution and management Some uses for encipherment General properties of cipher functions 12 Chapter 2. Ciphers and their Properties Introduction Substitution ciphers -' 17 The Caesar cipher 17 Monoalphabetic substitution 19 Polyalphabetic substitution 21 The Vigenere cipher Transposition ciphers 25 Simple transposition 26 The Nihilist cipher Product ciphers Cipher machines 28 The Jefferson cylinder 28 The Wheatstone disc 29 Rotor machines, the Enigma 30 vii

3 Vlll Printing cipher machines 32 Modern cipher machines 33 Substitution in modern ciphers 34 Keyed substitution 34 Transposition in modern ciphers Attacks against enciphered data 35 Classes of attack The stream cipher 38 The Vernam cipher The block cipher Measurement of cipher strength 41 Shannon's theory of secrecy systems 41 Limits of computation 42 An application of Shannon's theory Threats against a secure system 43 Active line taps 44 Methods of protection The encipherment key 46 References 47 Chapter 3. The Data Encryption Standard History of the DES 49 The role of NBS 50 The IBM Lucifer cipher 51 The process of establishing the DES The algorithm of the Data Encryption Standard 54 The ladder diagram 61 An algebraic representation The effect of the DES algorithm on data Known regularities in the DES algorithm 67 Complementation 67 The weak keys 68 The semi-weak keys 69 Hamiltonian cycles in the DES Argument over the security of the DES 71 Exhaustive search for a DES key 73 Multiple DES encipherment 74 Trapdoors in the DES? 75 Senate investigation of the DES 76

4 3.6 Implementations of the Data Encryption Standard 76 Single chips 77 Multiple-chip sets 78 Microprocessor implementations 78 Circuit boards for the Data Encryption Standard 79 Tamper-resistant security modules The IBM cryptographic scheme Future standardization of encipherment algorithms 84 References 86 Chapter 4. Using a Block Cipher in Practice Methods for using a block cipher 88 The limitations of the electronic codebook mode Cipher block chaining 91 The first and last blocks 93 Transmission errors in CBC encipherment 95 Choice of the initializing variable Cipher feedback 97 Error extension in cipher feedback 99 Initializing with CFB 100 Encipherment of an arbitrary character set Output feedback 104 Key stream repetition Standard and non-standard methods of operation The place of encipherment in network architecture 109 Line level encipherment 110 End-to-end encipherment 112 The key distribution problem for end-to-end encipherment 114 Node-by-node encipherment 114 A best place for encipherment in network architecture? Appendix: The birthday problem 116 References Chapter 5. Authentication Introduction Protection against errors in data preparation Protection against accidental errors in data transmission 122 Cyclic redundancy checks Authentication using secret parameters 123 IX

5 5.5 Requirements for an authenticator algorithm 125 The decimal shift and add algorithm 127 A 'main frame' authenticator algorithm 130 Authentication methods using the standard 'modes of operation' Message authentication by encipherment 134 Choice of the plaintext sum check method of authentication 134 Encipherment or authentication? 136 Authentication without a secret key The problem of replay 137 Use of a message sequence number 138 The use of random numbers for entity authentication 140 The use of date and time stamps 141 Authentication of stored data The problem of disputes 143 References 144 Chapter 6. Key Management Introduction Key generation 146 Random bit generators 147 Pseudo-random number generators Terminal and session keys 149 Routes for distribution of session keys 151 Session key distribution protocol 152 Authentication at the key acquisition phase 153 Authentication at the key transfer phase 154 Distribution of terminal keys The IBM key management scheme 156 Physical security requirements 157 The key hierarchy 158 The encipherment and decipherment of data at the host 159 Generation and distribution of a session key 160 Generation and distribution of the terminal key 162 The principles of file security in the IBM key management scheme 164 Generating and retrieving a file key 165 Transfer of enciphered data between hosts 166 Transfer of enciphered files between hosts Key management with tagged keys 168 Generation of new tagged keys 170 Extending the key hierarchy 171

6 6.6 Key management by the key notarization method 172 The operation of key notarization 173 The management of data keys 174 Management of the interchange keys 176 Comparison with the IBM key management scheme 177 References 178 Chapter 7. Identity Verification Introduction Identity verification by something known Passwords Variable passwords based on a one-way function Questionnaires 7.3 Identity verification by a token Magnetic stripe cards Watermark tape Sandwich tape Active cards 7.4 Identity verification by personal characteristics Machine recognition System tolerance 7.5 Hand-written signature verification Techniques for recording pen movement Use of signature verification 7.6 Fingerprint verification Machine recoenitioh of fingerprints XI Voice verification Recognition of retinal patterns The verification process 202 Introduction 203 Verification 203 Tradeoffs Assessment of identity verification techniques 208 The Mitre evaluation studies 208 Voice 209 Signature 210 Fingerprints 211 Comparison of systems Performance of other identity verification systems 213 Speaker verification 213 Signature verification 214

7 Xll Fingerprint verification 215 Retinal patterns 215 Profile verification Selection of an identity verification system 216 References 217 Chapter 8. Public Key Ciphers The principle of public key encipherment 219 Access control with an asymmetric cipher 222 Constructing a public key system 222 One-way functions revisited 223 Number theory and finite arithmetic The exponential function and key distribution 225 The exponential as a one-way function 228 The complexity of the logarithm 230 Key distribution 231 Authentication and transparency The power function 234 Encipherment without key transport The Rivest, Shamir and Adleman public key cipher 237 An attack by iteration and a defence 240 Practical aspects of the RSA cipher The trapdoor knapsack 246 Practical aspects of the trapdoor knapsack A cipher based on error correcting codes The registry of public keys Complexity theory and cryptography 255 The limitations of complexity theory for cryptography Appendix: Finite arithmetic 257 Counting in modulo m arithmetic 257 Addition Subtraction 258 Multiplication 259 Division 260 The Euclidean algorithm 260 Calculation of the reciprocal 261 References 262 Chapter 9. Digital Signatures The problem of disputes 265

8 Xlll 9.2 Digital signature using a public key cipher 266 Signature and encipherment combined 269 Signature using the RSA cipher 270 The asymmetric use of DES as a signature substitute 273 A new, economical signature method Separation of the signature from the message 275 Falsifying a signed message by the 'Birthday' method 278 A one-way function for signature or authentication Signatures employing a symmetric cipher 281 Rabin's signature method 282 Arbitrated signatures The practical application of digital signatures 286 Revocation of signatures 287 References 289 Chapter 10. Electronic Funds Transfer and the Intelligent Token Introduction Established payment mechanisms 292 The bank cheque 293 Credit transfer 294 Summary of the properties of payment methods Inter-bank payments 297 The Society for Worldwide Inter-bank Financial Telecommunication s.c. 297 Message format standards 299 Security in the S.W.I.F.T. system 302 The Clearing Houses Automated Payments System (CHAPS) Automatic teller machines 306 On-line and off-line operation 308 PIN management 310 Algorithmic PIN checking 311 The dialogue for an on-line ATM 313 Shared ATM systems 315 Checking the PIN with an authentication parameter 320 Public key cryptography in a shared ATM system Point-of-sale payments 321 The end-to-end session key in shared ATM and point-of-sale systems 325 Off-line point-of-sale terminals 327 Physical security requirements of the intelligent token 328 PIN checking in an intelligent token 328

9 XIV 10.6 Payments by signed messages 331 Point-of-sale payments by electronic cheque 334 A development of the intelligent token Access control by intelligent tokens 336 Access control for centralized and distributed information services Negotiable documents 340 A general-purpose negotiable document 340 Protection of negotiable documents against theft 343 References 344 Chapter 11. Data Security Standards Introduction 345 The standards authorities Standardization related to the Data Encryption Standard 350 Federal Standard 1027 General security requirements for equipment using the DES Modes of operation Encipherment in the physical layer of data communications 354 Principles for encipherment at the physical layer 356 Signalling the start of transmission 358 Treatment of the break signal 359 The option of bypass control Encipherment in the data link layer Authentication standards Conclusion 365 References 366 Glossary 367 Index 381 Note added in proof The OSS quadratic signature method (p. 274) was described as 'tentative'. Since we wrote this, J. M. Pollard has shown that values of s and t can be obtained to satisfy the signature check, in other words that signatures can be forged, with a reasonable amount of calculation. However, C. P. Schnorr has devised a cubic version which defeats Pollard's attack. Will this prove to be secure?

Table of Contents. Bibliografische Informationen http://d-nb.info/996514864. digitalisiert durch

Table of Contents. Bibliografische Informationen http://d-nb.info/996514864. digitalisiert durch 1 Introduction to Cryptography and Data Security 1 1.1 Overview of Cryptology (and This Book) 2 1.2 Symmetric Cryptography 4 1.2.1 Basics 4 1.2.2 Simple Symmetric Encryption: The Substitution Cipher...

More information

APNIC elearning: Cryptography Basics. Contact: esec02_v1.0

APNIC elearning: Cryptography Basics. Contact: esec02_v1.0 APNIC elearning: Cryptography Basics Contact: training@apnic.net esec02_v1.0 Overview Cryptography Cryptographic Algorithms Encryption Symmetric-Key Algorithm Block and Stream Cipher Asymmetric Key Algorithm

More information

Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai 2001. Siemens AG 2001, ICN M NT

Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai 2001. Siemens AG 2001, ICN M NT Part I Contents Part I Introduction to Information Security Definition of Crypto Cryptographic Objectives Security Threats and Attacks The process Security Security Services Cryptography Cryptography (code

More information

Applied Cryptology. Ed Crowley

Applied Cryptology. Ed Crowley Applied Cryptology Ed Crowley 1 Basics Topics Basic Services and Operations Symmetric Cryptography Encryption and Symmetric Algorithms Asymmetric Cryptography Authentication, Nonrepudiation, and Asymmetric

More information

1 Data Encryption Algorithm

1 Data Encryption Algorithm Date: Monday, September 23, 2002 Prof.: Dr Jean-Yves Chouinard Design of Secure Computer Systems CSI4138/CEG4394 Notes on the Data Encryption Standard (DES) The Data Encryption Standard (DES) has been

More information

159.334 Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology

159.334 Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology Network Security 1 Professor Richard Harris School of Engineering and Advanced Technology Presentation Outline Overview of Identification and Authentication The importance of identification and Authentication

More information

CRYPTOGRAPHY AND NETWORK SECURITY

CRYPTOGRAPHY AND NETWORK SECURITY CRYPTOGRAPHY AND NETWORK SECURITY PRINCIPLES AND PRACTICE SIXTH EDITION William Stallings International Edition contributions by Mohit P Tahiliani NITK Surathkal PEARSON Boston Columbus Indianapolis New

More information

CRYPTOG NETWORK SECURITY

CRYPTOG NETWORK SECURITY CRYPTOG NETWORK SECURITY PRINCIPLES AND PRACTICES FOURTH EDITION William Stallings Prentice Hall Upper Saddle River, NJ 07458 'jkfetmhki^^rij^jibwfcmf «MMr""'-^.;

More information

TELECOMMUNICATION NETWORKS

TELECOMMUNICATION NETWORKS THE USE OF INFORMATION TECHNOLOGY STANDARDS TO SECURE TELECOMMUNICATION NETWORKS John Snare * Manager Telematic and Security Systems Section Telecom Australia Research Laboratories Victoria TELECOMMUNICATIONS

More information

CRYPTOGRAPHY IN NETWORK SECURITY

CRYPTOGRAPHY IN NETWORK SECURITY ELE548 Research Essays CRYPTOGRAPHY IN NETWORK SECURITY AUTHOR: SHENGLI LI INSTRUCTOR: DR. JIEN-CHUNG LO Date: March 5, 1999 Computer network brings lots of great benefits and convenience to us. We can

More information

Lecture 9 - Network Security TDTS41-2006 (ht1)

Lecture 9 - Network Security TDTS41-2006 (ht1) Lecture 9 - Network Security TDTS41-2006 (ht1) Prof. Dr. Christoph Schuba Linköpings University/IDA Schuba@IDA.LiU.SE Reading: Office hours: [Hal05] 10.1-10.2.3; 10.2.5-10.7.1; 10.8.1 9-10am on Oct. 4+5,

More information

Lukasz Pater CMMS Administrator and Developer

Lukasz Pater CMMS Administrator and Developer Lukasz Pater CMMS Administrator and Developer EDMS 1373428 Agenda Introduction Why do we need asymmetric ciphers? One-way functions RSA Cipher Message Integrity Examples Secure Socket Layer Single Sign

More information

IT Networks & Security CERT Luncheon Series: Cryptography

IT Networks & Security CERT Luncheon Series: Cryptography IT Networks & Security CERT Luncheon Series: Cryptography Presented by Addam Schroll, IT Security & Privacy Analyst 1 Outline History Terms & Definitions Symmetric and Asymmetric Algorithms Hashing PKI

More information

Cryptography & Network Security

Cryptography & Network Security Cryptography & Network Security Lecture 1: Introduction & Overview 2002. 3. 27 chlim@sejong.ac.kr Common Terms(1) Cryptography: The study of mathematical techniques related to aspects of information security

More information

EXAM questions for the course TTM4135 - Information Security May 2013. Part 1

EXAM questions for the course TTM4135 - Information Security May 2013. Part 1 EXAM questions for the course TTM4135 - Information Security May 2013 Part 1 This part consists of 5 questions all from one common topic. The number of maximal points for every correctly answered question

More information

Properties of Secure Network Communication

Properties of Secure Network Communication Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able to understand the contents of the transmitted message. Because eavesdroppers may intercept the message,

More information

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Cryptographic Tools for Data Security Murat Kantarcioglu Pag. 1 Purdue University Cryptographic Primitives We will discuss the

More information

Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23 Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest

More information

ARCHIVED PUBLICATION

ARCHIVED PUBLICATION ARCHIVED PUBLICATION The attached publication, FIPS Publication 46-3 (reaffirmed October 25, 1999), was withdrawn on May 19, 2005 and is provided here only for historical purposes. For related information,

More information

Lectures for the course: Electronic Commerce Technology (IT 60104)

Lectures for the course: Electronic Commerce Technology (IT 60104) Lectures for the course: Electronic Commerce Technology (IT 60104) Week 1 Lecture 1 30/12/2010 Introduction to the course Evaluation guidelines Week 2 Lecture 2 3/01/2011 Overview of E-Commerce E-Commerce

More information

INFORMATION SECURITY PRINCIPLES AND PRACTICE

INFORMATION SECURITY PRINCIPLES AND PRACTICE INFORMATION SECURITY PRINCIPLES AND PRACTICE Mark Stamp San Jose State University 'INTERSCIENCE A JOHN WILEY & SONS, INC., PUBLICATION Preface About The Author Acknowledgments xv xix xxi 1 INTRODUCTION

More information

CS 758: Cryptography / Network Security

CS 758: Cryptography / Network Security CS 758: Cryptography / Network Security offered in the Fall Semester, 2003, by Doug Stinson my office: DC 3122 my email address: dstinson@uwaterloo.ca my web page: http://cacr.math.uwaterloo.ca/~dstinson/index.html

More information

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives CIS 6930 Emerging Topics in Network Security Topic 2. Network Security Primitives 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange; Hash functions; Application of hash

More information

Chapter 10. Network Security

Chapter 10. Network Security Chapter 10 Network Security 10.1. Chapter 10: Outline 10.1 INTRODUCTION 10.2 CONFIDENTIALITY 10.3 OTHER ASPECTS OF SECURITY 10.4 INTERNET SECURITY 10.5 FIREWALLS 10.2 Chapter 10: Objective We introduce

More information

Authentication requirement Authentication function MAC Hash function Security of

Authentication requirement Authentication function MAC Hash function Security of UNIT 3 AUTHENTICATION Authentication requirement Authentication function MAC Hash function Security of hash function and MAC SHA HMAC CMAC Digital signature and authentication protocols DSS Slides Courtesy

More information

Today ENCRYPTION. Cryptography example. Basic principles of cryptography

Today ENCRYPTION. Cryptography example. Basic principles of cryptography Today ENCRYPTION The last class described a number of problems in ensuring your security and privacy when using a computer on-line. This lecture discusses one of the main technological solutions. The use

More information

Mathematical Model Based Total Security System with Qualitative and Quantitative Data of Human

Mathematical Model Based Total Security System with Qualitative and Quantitative Data of Human Int Jr of Mathematics Sciences & Applications Vol3, No1, January-June 2013 Copyright Mind Reader Publications ISSN No: 2230-9888 wwwjournalshubcom Mathematical Model Based Total Security System with Qualitative

More information

Network Security. Chapter 3 Symmetric Cryptography. Symmetric Encryption. Modes of Encryption. Symmetric Block Ciphers - Modes of Encryption ECB (1)

Network Security. Chapter 3 Symmetric Cryptography. Symmetric Encryption. Modes of Encryption. Symmetric Block Ciphers - Modes of Encryption ECB (1) Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Network Security Chapter 3 Symmetric Cryptography General Description Modes of ion Data ion Standard (DES)

More information

2009-2010. SSL Firewalls

2009-2010. SSL Firewalls & 2009-2010 & ( ) SSL Firewalls :. :.. byte 0x01 : 1,. 1 , :,, : ( ) ). : : (Confidentiality) (Integrity) (Availability) :.,,. :. :...,,. :,,. 2 (Identification) (Authentication).,,, )... (Authorization)

More information

Cryptography: Motivation. Data Structures and Algorithms Cryptography. Secret Writing Methods. Many areas have sensitive information, e.g.

Cryptography: Motivation. Data Structures and Algorithms Cryptography. Secret Writing Methods. Many areas have sensitive information, e.g. Cryptography: Motivation Many areas have sensitive information, e.g. Data Structures and Algorithms Cryptography Goodrich & Tamassia Sections 3.1.3 & 3.1.4 Introduction Simple Methods Asymmetric methods:

More information

Modes of Operation of Block Ciphers

Modes of Operation of Block Ciphers Chapter 3 Modes of Operation of Block Ciphers A bitblock encryption function f: F n 2 Fn 2 is primarily defined on blocks of fixed length n To encrypt longer (or shorter) bit sequences the sender must

More information

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:

More information

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Introduction to Cryptography What is cryptography?

More information

CRYPTOGRAPHY AND NETWORK SECURITY Principles and Practice

CRYPTOGRAPHY AND NETWORK SECURITY Principles and Practice CRYPTOGRAPHY AND NETWORK SECURITY Principles and Practice THIRD EDITION William Stallings Prentice Hall Pearson Education International CONTENTS CHAPTER 1 OVERVIEW 1 1.1 1.2 1.3 1.4 1.5 1.6 PART ONE CHAPTER

More information

Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering

Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering Network Security Gaurav Naik Gus Anderson, Philadelphia, PA Lectures on Network Security Feb 12 (Today!): Public Key Crypto, Hash Functions, Digital Signatures, and the Public Key Infrastructure Feb 14:

More information

Shift Cipher. Ahmet Burak Can Hacettepe University. Substitution Cipher. Enigma Machine. How perfect secrecy can be satisfied?

Shift Cipher. Ahmet Burak Can Hacettepe University. Substitution Cipher. Enigma Machine. How perfect secrecy can be satisfied? One Time Pad, Block Ciphers, Encryption Modes Ahmet Burak Can Hacettepe University abc@hacettepe.edu.tr Basic Ciphers Shift Cipher Brute-force attack can easily break Substitution Cipher Frequency analysis

More information

Tim Bovles WILEY. Wiley Publishing, Inc.

Tim Bovles WILEY. Wiley Publishing, Inc. Tim Bovles WILEY Wiley Publishing, Inc. Contents Introduction xvii Assessment Test xxiv Chapter 1 Introduction to Network Security 1 Threats to Network Security 2 External Threats 3 Internal Threats 5

More information

Symmetric and asymmetric cryptography overview

Symmetric and asymmetric cryptography overview Symmetric and asymmetric cryptography overview Modern cryptographic methods use a key to control encryption and decryption Two classes of key-based encryption algorithms symmetric (secret-key) asymmetric

More information

SECURITY IN NETWORKS

SECURITY IN NETWORKS SECURITY IN NETWORKS GOALS Understand principles of network security: Cryptography and its many uses beyond confidentiality Authentication Message integrity Security in practice: Security in application,

More information

NETWORK ADMINISTRATION AND SECURITY

NETWORK ADMINISTRATION AND SECURITY NETWORK ADMINISTRATION AND SECURITY Unit I (NAS) (W- 10) Q. 1) What is Security Attack? Explain general categories of attack with examples. 7 Q. 2) List and define the five security services. 5 Q. 3) Define

More information

Principles of Public Key Cryptography. Applications of Public Key Cryptography. Security in Public Key Algorithms

Principles of Public Key Cryptography. Applications of Public Key Cryptography. Security in Public Key Algorithms Principles of Public Key Cryptography Chapter : Security Techniques Background Secret Key Cryptography Public Key Cryptography Hash Functions Authentication Chapter : Security on Network and Transport

More information

Crypto Basics. Ed Crowley. Spring 2010

Crypto Basics. Ed Crowley. Spring 2010 Crypto Basics Ed Crowley Spring 2010 Kerckhoff s Principle Symmetric Crypto Overview Key management problem Attributes Modes Symmetric Key Algorithms DES Attributes Modes 3DES AES Other Symmetric Ciphers

More information

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1 Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Goals v understand principles of network security: cryptography and its many uses beyond

More information

VALLIAMMAI ENGINEERING COLLEGE

VALLIAMMAI ENGINEERING COLLEGE VALLIAMMAI ENGINEERING COLLEGE (A member of SRM Institution) SRM Nagar, Kattankulathur 603203. DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING Year and Semester : I / II Section : 1 Subject Code : NE7202

More information

Security usually depends on the secrecy of the key, not the secrecy of the algorithm (i.e., the open design model!)

Security usually depends on the secrecy of the key, not the secrecy of the algorithm (i.e., the open design model!) 1 A cryptosystem has (at least) five ingredients: 1. 2. 3. 4. 5. Plaintext Secret Key Ciphertext Encryption algorithm Decryption algorithm Security usually depends on the secrecy of the key, not the secrecy

More information

Secure Network Communications FIPS 140 2 Non Proprietary Security Policy

Secure Network Communications FIPS 140 2 Non Proprietary Security Policy Secure Network Communications FIPS 140 2 Non Proprietary Security Policy 21 June 2010 Table of Contents Introduction Module Specification Ports and Interfaces Approved Algorithms Test Environment Roles

More information

Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室

Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Network Security 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Security Attacks Normal flow: sender receiver Interruption: Information source Information destination

More information

JTC 1/SC 27Security Techniques - Översikt arbetsgrupper och standarder

JTC 1/SC 27Security Techniques - Översikt arbetsgrupper och standarder JTC 1/SC 27Security Techniques - Översikt arbetsgrupper och standarder WG 1 Information security management systems WG 2 Cryptography and security mechanisms WG 3 Security evaulation criteria WG 4 Security

More information

The Encryption Technology of Automatic Teller Machine Networks

The Encryption Technology of Automatic Teller Machine Networks Software Engineering 4C03 Winter 2005 The Encryption Technology of Automatic Teller Machine Networks Researcher: Shun Wong Last revised: April 2nd, 2005 1 Introduction ATM also known as Automatic Teller

More information

" Authentication Techniques. for Smart Cards

 Authentication Techniques. for Smart Cards " Authentication Techniques. for Smart Cards R. A. Nelson DatePublished February 1994 To BePresentedat CardTechSecurTech'94 Arlington,Virginia April10-13,1994 Prepared for the U.S. Department of Energy

More information

Chapter 7: Network security

Chapter 7: Network security Chapter 7: Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer: secure e-mail transport

More information

lundi 1 octobre 2012 In a set of N elements, by picking at random N elements, we have with high probability a collision two elements are equal

lundi 1 octobre 2012 In a set of N elements, by picking at random N elements, we have with high probability a collision two elements are equal Symmetric Crypto Pierre-Alain Fouque Birthday Paradox In a set of N elements, by picking at random N elements, we have with high probability a collision two elements are equal N=365, about 23 people are

More information

First Semester Examinations 2011/12 INTERNET PRINCIPLES

First Semester Examinations 2011/12 INTERNET PRINCIPLES PAPER CODE NO. EXAMINER : Martin Gairing COMP211 DEPARTMENT : Computer Science Tel. No. 0151 795 4264 First Semester Examinations 2011/12 INTERNET PRINCIPLES TIME ALLOWED : Two Hours INSTRUCTIONS TO CANDIDATES

More information

7! Cryptographic Techniques! A Brief Introduction

7! Cryptographic Techniques! A Brief Introduction 7! Cryptographic Techniques! A Brief Introduction 7.1! Introduction to Cryptography! 7.2! Symmetric Encryption! 7.3! Asymmetric (Public-Key) Encryption! 7.4! Digital Signatures! 7.5! Public Key Infrastructures

More information

Chapter 10 Asymmetric-Key Cryptography

Chapter 10 Asymmetric-Key Cryptography Chapter 10 Asymmetric-Key Cryptography Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 10.1 Chapter 10 Objectives To distinguish between two cryptosystems: symmetric-key

More information

Stream Ciphers. Example of Stream Decryption. Example of Stream Encryption. Real Cipher Streams. Terminology. Introduction to Modern Cryptography

Stream Ciphers. Example of Stream Decryption. Example of Stream Encryption. Real Cipher Streams. Terminology. Introduction to Modern Cryptography Introduction to Modern Cryptography Lecture 2 Symmetric Encryption: Stream & Block Ciphers Stream Ciphers Start with a secret key ( seed ) Generate a keying stream i-th bit/byte of keying stream is a function

More information

The Data Encryption Standard (DES)

The Data Encryption Standard (DES) The Data Encryption Standard (DES) As mentioned earlier there are two main types of cryptography in use today - symmetric or secret key cryptography and asymmetric or public key cryptography. Symmetric

More information

Network Security - ISA 656 Introduction to Cryptography

Network Security - ISA 656 Introduction to Cryptography Network Security - ISA 656 Angelos Stavrou September 18, 2007 Codes vs. K = {0, 1} l P = {0, 1} m C = {0, 1} n, C C E : P K C D : C K P p P, k K : D(E(p, k), k) = p It is infeasible to find F : P C K Let

More information

Chap. 1: Introduction

Chap. 1: Introduction Chap. 1: Introduction Introduction Services, Mechanisms, and Attacks The OSI Security Architecture Cryptography 1 1 Introduction Computer Security the generic name for the collection of tools designed

More information

Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs

Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs Enes Pasalic University of Primorska Koper, 2014 Contents 1 Preface 3 2 Problems 4 2 1 Preface This is a

More information

The Elements of Cryptography

The Elements of Cryptography The Elements of Cryptography (March 30, 2016) Abdou Illia Spring 2016 Learning Objectives Discuss Cryptography Terminology Discuss Symmetric Key Encryption Discuss Asymmetric Key Encryption Distinguish

More information

Content Teaching Academy at James Madison University

Content Teaching Academy at James Madison University Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect

More information

Insight Guide. Encryption: A Guide

Insight Guide. Encryption: A Guide Encryption: A Guide for Beginners If you read anything about information security, you re likely to have come across the word encryption. It s a fundamental building block when it comes to securing your

More information

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1 Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions

More information

Public Key Cryptography in Practice. c Eli Biham - May 3, 2005 372 Public Key Cryptography in Practice (13)

Public Key Cryptography in Practice. c Eli Biham - May 3, 2005 372 Public Key Cryptography in Practice (13) Public Key Cryptography in Practice c Eli Biham - May 3, 2005 372 Public Key Cryptography in Practice (13) How Cryptography is Used in Applications The main drawback of public key cryptography is the inherent

More information

The Misuse of RC4 in Microsoft Word and Excel

The Misuse of RC4 in Microsoft Word and Excel The Misuse of RC4 in Microsoft Word and Excel Hongjun Wu Institute for Infocomm Research, Singapore hongjun@i2r.a-star.edu.sg Abstract. In this report, we point out a serious security flaw in Microsoft

More information

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Purpose This paper is intended to describe the benefits of smart card implementation and it combination with Public

More information

Advanced Authentication

Advanced Authentication White Paper Advanced Authentication Introduction In this paper: Introduction 1 User Authentication 2 Device Authentication 3 Message Authentication 4 Advanced Authentication 5 Advanced Authentication is

More information

Symmetric Key cryptosystem

Symmetric Key cryptosystem SFWR C03: Computer Networks and Computer Security Mar 8-11 200 Lecturer: Kartik Krishnan Lectures 22-2 Symmetric Key cryptosystem Symmetric encryption, also referred to as conventional encryption or single

More information

General about the course. Course assignment. Outline. T Cryptosystems. Summary and review of lectures

General about the course. Course assignment. Outline. T Cryptosystems. Summary and review of lectures General about the course T 110.5211 Cryptosystems Summary and review of lectures 4.12.2008 This is the fifth time the course was arranged We need a course covering practical cryptographic topics Security

More information

Cryptography and Network Security Block Cipher

Cryptography and Network Security Block Cipher Cryptography and Network Security Block Cipher Xiang-Yang Li Modern Private Key Ciphers Stream ciphers The most famous: Vernam cipher Invented by Vernam, ( AT&T, in 1917) Process the message bit by bit

More information

IBM SecureWay Cryptographic Products IBM. Transaction Security System. General Information Manual GA34-2137-08

IBM SecureWay Cryptographic Products IBM. Transaction Security System. General Information Manual GA34-2137-08 IBM SecureWay Cryptographic Products IBM Transaction Security System General Information Manual GA34-2137-08 IBM SecureWay Cryptographic Products IBM Transaction Security System General Information Manual

More information

The Mathematics of the RSA Public-Key Cryptosystem

The Mathematics of the RSA Public-Key Cryptosystem The Mathematics of the RSA Public-Key Cryptosystem Burt Kaliski RSA Laboratories ABOUT THE AUTHOR: Dr Burt Kaliski is a computer scientist whose involvement with the security industry has been through

More information

Security (II) ISO 7498-2: Security Architecture of OSI Reference Model. Outline. Course Outline: Fundamental Topics. EE5723/EE4723 Spring 2012

Security (II) ISO 7498-2: Security Architecture of OSI Reference Model. Outline. Course Outline: Fundamental Topics. EE5723/EE4723 Spring 2012 Course Outline: Fundamental Topics System View of Network Security Network Security Model Security Threat Model & Security Services Model Overview of Network Security Security Basis: Cryptography Secret

More information

Network Security 網 路 安 全. Lecture 1 February 20, 2012 洪 國 寶

Network Security 網 路 安 全. Lecture 1 February 20, 2012 洪 國 寶 Network Security 網 路 安 全 Lecture 1 February 20, 2012 洪 國 寶 1 Outline Course information Motivation Introduction to security Basic network concepts Network security models Outline of the course 2 Course

More information

Lecture 9: Application of Cryptography

Lecture 9: Application of Cryptography Lecture topics Cryptography basics Using SSL to secure communication links in J2EE programs Programmatic use of cryptography in Java Cryptography basics Encryption Transformation of data into a form that

More information

uses same key for encryption, decryption classical, conventional, single-key encryption

uses same key for encryption, decryption classical, conventional, single-key encryption CEN 448 Security and Internet Protocols Chapter 2 Classical Encryption Techniques Dr. Mostafa Hassan Dahshan Computer Engineering Department College of Computer and Information Sciences King Saud University

More information

Computer Science A Cryptography and Data Security. Claude Crépeau

Computer Science A Cryptography and Data Security. Claude Crépeau Computer Science 308-547A Cryptography and Data Security Claude Crépeau These notes are, largely, transcriptions by Anton Stiglic of class notes from the former course Cryptography and Data Security (308-647A)

More information

INTRODUCTION to CRYPTOGRAPHY & CRYPTOGRAPHIC SERVICES on Z/OS BOSTON UNIVERSITY SECURITY CAMP MARCH 14, 2003

INTRODUCTION to CRYPTOGRAPHY & CRYPTOGRAPHIC SERVICES on Z/OS BOSTON UNIVERSITY SECURITY CAMP MARCH 14, 2003 INTRODUCTION to CRYPTOGRAPHY & CRYPTOGRAPHIC SERVICES on Z/OS BOSTON UNIVERSITY SECURITY CAMP MARCH 14, 2003 History of Cryptography The concept of securing messages through cryptography has a long history.

More information

Cryptography and Network Security

Cryptography and Network Security Cryptography and Network Security Third Edition by William Stallings Lecture slides by Shinu Mathew John http://shinu.info/ Chapter 1 Introduction http://shinu.info/ 2 Background Information Security requirements

More information

9/17/2015. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

9/17/2015. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers Cryptography Basics IT443 Network Security Administration Instructor: Bo Sheng Outline Basic concepts in cryptography system Secret cryptography Public cryptography Hash functions 1 2 Encryption/Decryption

More information

Symantec Corporation Symantec Enterprise Vault Cryptographic Module Software Version: 1.0.0.2

Symantec Corporation Symantec Enterprise Vault Cryptographic Module Software Version: 1.0.0.2 Symantec Corporation Symantec Enterprise Vault Cryptographic Module Software Version: 1.0.0.2 FIPS 140 2 Non Proprietary Security Policy FIPS Security Level: 1 Document Version: 1.1 Prepared for: Prepared

More information

Network Security. HIT Shimrit Tzur-David

Network Security. HIT Shimrit Tzur-David Network Security HIT Shimrit Tzur-David 1 Goals: 2 Network Security Understand principles of network security: cryptography and its many uses beyond confidentiality authentication message integrity key

More information

Security Policy for Oracle Advanced Security Option Cryptographic Module

Security Policy for Oracle Advanced Security Option Cryptographic Module Security Policy for Oracle Advanced Security Option Cryptographic Module Version 1.0 September 1999 Prepared by Oracle Corporation A. Scope of Document This document describes the security policy for the

More information

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

Overview of CSS SSL. SSL Cryptography Overview CHAPTER CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers

More information

SPC5-CRYP-LIB. SPC5 Software Cryptography Library. Description. Features. SHA-512 Random engine based on DRBG-AES-128

SPC5-CRYP-LIB. SPC5 Software Cryptography Library. Description. Features. SHA-512 Random engine based on DRBG-AES-128 SPC5 Software Cryptography Library Data brief SHA-512 Random engine based on DRBG-AES-128 RSA signature functions with PKCS#1v1.5 ECC (Elliptic Curve Cryptography): Key generation Scalar multiplication

More information

CSCE 465 Computer & Network Security

CSCE 465 Computer & Network Security CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Public Key Cryptogrophy 1 Roadmap Introduction RSA Diffie-Hellman Key Exchange Public key and

More information

Lecture 5 - Cryptography

Lecture 5 - Cryptography CSE497b Introduction to Computer and Network Security - Spring 2007 - Professors Jaeger Lecture 5 - Cryptography CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07/

More information

SubmitedBy: Name Reg No Email Address. Mirza Kashif Abrar 790604-T079 kasmir07 (at) student.hh.se

SubmitedBy: Name Reg No Email Address. Mirza Kashif Abrar 790604-T079 kasmir07 (at) student.hh.se SubmitedBy: Name Reg No Email Address Mirza Kashif Abrar 790604-T079 kasmir07 (at) student.hh.se Abid Hussain 780927-T039 abihus07 (at) student.hh.se Imran Ahmad Khan 770630-T053 imrakh07 (at) student.hh.se

More information

Cryptography and Network Security

Cryptography and Network Security Cryptography and Network Security Xiang-Yang Li Introduction The art of war teaches us not on the likelihood of the enemy s not coming, but on our own readiness to receive him; not on the chance of his

More information

Guide to Data Field Encryption

Guide to Data Field Encryption Guide to Data Field Encryption Contents Introduction 2 Common Concepts and Glossary 3 Encryption 3 Data Field Encryption 3 Cryptography 3 Keys and Key Management 5 Secure Cryptographic Device 7 Considerations

More information

ECE 297:11 - Lecture 1. Security Services. Basic Concepts of Cryptology. Security Threats and Security Services. Need for information security

ECE 297:11 - Lecture 1. Security Services. Basic Concepts of Cryptology. Security Threats and Security Services. Need for information security ECE 297:11 - Lecture 1 Security Services Basic Concepts of Cryptology Need for information security widespread use of data processing equipment: computer security widespread use of computer networks and

More information

PUBLIC KEY ENCRYPTION

PUBLIC KEY ENCRYPTION PUBLIC KEY ENCRYPTION http://www.tutorialspoint.com/cryptography/public_key_encryption.htm Copyright tutorialspoint.com Public Key Cryptography Unlike symmetric key cryptography, we do not find historical

More information

Cryptography and Network Security

Cryptography and Network Security Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 3: Block ciphers and DES Ion Petre Department of IT, Åbo Akademi University January 17, 2012 1 Data Encryption Standard

More information

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1 Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Public Key Cryptography symmetric key crypto v requires sender, receiver know shared secret

More information

Final Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket

Final Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket IT 4823 Information Security Administration Public Key Encryption Revisited April 5 Notice: This session is being recorded. Lecture slides prepared by Dr Lawrie Brown for Computer Security: Principles

More information

AN IMPLEMENTATION OF HYBRID ENCRYPTION-DECRYPTION (RSA WITH AES AND SHA256) FOR USE IN DATA EXCHANGE BETWEEN CLIENT APPLICATIONS AND WEB SERVICES

AN IMPLEMENTATION OF HYBRID ENCRYPTION-DECRYPTION (RSA WITH AES AND SHA256) FOR USE IN DATA EXCHANGE BETWEEN CLIENT APPLICATIONS AND WEB SERVICES HYBRID RSA-AES ENCRYPTION FOR WEB SERVICES AN IMPLEMENTATION OF HYBRID ENCRYPTION-DECRYPTION (RSA WITH AES AND SHA256) FOR USE IN DATA EXCHANGE BETWEEN CLIENT APPLICATIONS AND WEB SERVICES Kalyani Ganesh

More information

Chapter 8. Network Security

Chapter 8. Network Security Chapter 8 Network Security Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Need for Security Some people who

More information

Applied Cryptography Public Key Algorithms

Applied Cryptography Public Key Algorithms Applied Cryptography Public Key Algorithms Sape J. Mullender Huygens Systems Research Laboratory Universiteit Twente Enschede 1 Public Key Cryptography Independently invented by Whitfield Diffie & Martin

More information

Associate Prof. Dr. Victor Onomza Waziri

Associate Prof. Dr. Victor Onomza Waziri BIG DATA ANALYTICS AND DATA SECURITY IN THE CLOUD VIA FULLY HOMOMORPHIC ENCRYPTION Associate Prof. Dr. Victor Onomza Waziri Department of Cyber Security Science, School of ICT, Federal University of Technology,

More information