Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography
|
|
- Mercy Booth
- 8 years ago
- Views:
Transcription
1 Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example: Embedding information into a high bit-depth host file so that it is not detectable Host files can include: Image files, audio files, and video files Steganalysis The scientific determination of the presence of embedded data within a host file. Scientific Explanation of Steganography The act of concealing information within the trivial bit space of a file (Phan, Raphael, & Ling, 2003). Uses the Least Significant Byte (LSB) of an image (or other host file) Process conceals the information from view via the associated normal file viewing application assigned to the file extension (Mangarae, 2006). Data extraction embedded within the host file requires an identical algorithm to be used in order to account for the method (e.g. bit shifting). Data may be further protected from extraction by passwords or encryption inside the file space. Steganography artifacts are not an automatic indicator of malicious intent. These tools are commonly used to apply invisible watermarks on copyrighted materials such as images and videos to prevent unauthorized usage and theft (Nelson, Phillips, Enfinger, & Steuart, 2008 p. 376). Summary - Steganography Process of hiding the existence of the data within another file Uses the Least Significant Byte (LSB) of an image (or other host file) Process conceals the information from view via the associated normal file viewing application assigned to the file extension (Mangarae, 2006). Data extraction embedded within the host file requires an identical algorithm to be used in order to account for the method (e.g. bit shifting). Data may be further protected from extraction by passwords or encryption inside the file space.
2 Defining Cryptography Cryptography Science of transforming information into an unintelligible form while it is being transmitted or stored so that unauthorized users cannot access it Practical Applications: Understanding how cryptography can be used as a security tool to protect data Appropriate Uses: Applying different types of Cryptographic Applications to the appropriate situation Legalities of Use (export restrictions, law enforcement implication, etc ) One of the most famous ancient cryptographers was Julius Caesar Shifted each letter of his messages to his generals three places down in the alphabet Encryption: Changing the original text to a secret message using cryptography Decryption: Change the secret message back to its original form Cryptography and Security Cryptography can provide basic security for information: Protects confidentiality of information Protect the integrity of the information Can help ensure the availability of the data Can provide verification (authenticity) of the sender through non-repudiation Summary - Cryptography: Cryptography: Science of transforming information into an unintelligible form while it is being transmitted or stored so that unauthorized users cannot access it One of the most famous ancient cryptographers was Julius Caesar Encryption: Changing the original text to a secret message using cryptography Decryption: Change the secret message back to its original form Cryptography can: Protects confidentiality and integrity of information Help ensure the availability and provide verification (authenticity) of the sender through non-repudiation Cryptographic Algorithms There are three categories of cryptographic algorithms: Hashing algorithms Symmetric encryption algorithms Asymmetric encryption algorithms
3 Hashing Also called a one-way hash A process for creating a unique signature for a set of data This signature, called a hash or digest, represents the contents Hashing ensures integrity and: Information is in its original form No unauthorized person or malicious software has altered the data Hash s are one-way and can not be reversed To be considered a Secure hashing algorithm: Ciphertext hash is a fixed size Two different sets of data cannot produce the same hash, which is known as a collision It should be impossible to produce a data set that has a desired or predefined hash The resulting hash ciphertext cannot be reversed The hash serves as a check to verify the message contents Hash values are often posted on Internet sites In order to verify the file integrity of files that can be downloaded Hash Types: Message Digest (MD) One common hash algorithm Three versions Message Digest 2 (MD2) Message Digest 4 (MD4) Message Digest 5 (MD5) Secure Hash Algorithm (SHA) A more secure hash than MD hash series Consists of a family of hashes SHA-1 Patterned after MD4 Creates 160 bit hash instead of 128 bits that MD4 uses SHA-2 Four variations: SHA-224 SHA-256 SHA-384 SHA-512 Considered secure Whirlpool A relatively recent cryptographic hash function Has received international recognition and adoption by standards organizations
4 Creates a hash of 512 bits Password Hashes Another use for hashes is in storing passwords When a password for an account is created, the password is hashed and stored Microsoft Uses either LM (LAN Manager) or NTLM hash algorithms Linux - Most systems use password-hashing algorithms such as MD5 Apple - Mac OS X uses SHA-1 hashes Summary - Hashing 3 categories of cryptographic algorithms are: Hashing; Symmetric encryption; and Asymmetric encryption Hashing is a One-Way function that creates a unique signature for a set of data that ensures integrity To be considered a Secure the Ciphertext hash is a fixed size; avoid collisions; and the resulting hash ciphertext cannot be reversed Secure Hash Algorithm (SHA) is more secure hash than MD hash series, consisting of family of hashes that include SHA-1 and SHA-2 Password Hashing Algorithms by OS: Microsoft either LM or NTLM; Linux - Most use MD5; Apple Mac OS X uses SHA-1 Symmetric Cryptographic Algorithms Symmetric cryptographic algorithms Single key to encrypt and decrypt a message Also called Private Key Cryptography Stream cipher Takes one character and replacesit with another Substitution cipher Simplest type of stream cipher Substitutes one letter or character for another Transposition cipher More complicated stream cipher Rearranges letters without changing them Most symmetric ciphers combine the cipher stream with the plaintext to create the ciphertext The process is accomplished through the exclusive OR (XOR) binary logic operation One-Time Pad (OTP) Combines a truly random key with the plaintext Block cipher Manipulates an entire block of plaintext at one time Plaintext is divided into separate blocks of 8-16 bytes Each block is encrypted independently Block cipher advantages and disadvantages
5 Fast when the plaintext is short More prone to attack because stream does not vary Considered more secure because the output is more random Cipher is reset to its original state after each block is processed Results in the ciphertext being more difficult to break Data Encryption Standard (DES) One of the first widely popular symmetric cryptography algorithms DES is a block cipher and encrypts data in 64-bit blocks However, the 8-bit parity bit is ignored so the effective key length is only 56 bits Uses a single round of encryption Uses prior block s cypher block to calculate the next blocks key Triple Data Encryption Standard (3DES) Pronounced as Triple DES Designed to replace DES Uses three rounds of encryption instead of just one Advanced Encryption Standard (AES) Approved by the NIST in late 2000 as a replacement for DES Performs 3 steps on every block (128 bits) of plaintext Within Step 2, multiple rounds are performed depending upon the key size 10 Rounds 128 bit key 12 Rounds 192-bit key 14 Rounds 256-bit key Within each round, bytes are substituted and rearranged, and then special ultiplication is performed based on the new arrangement Symmetric Cryptographic Algorithms (cont.) Several other Symmetric cryptographic algorithms are also used: Rivest Cipher (RC) family from RC1 to RC6 International Data Encryption Algorithm (IDEA) Blowfish Twofish Summary Symmetric Cryptography Symmetric cryptographic algorithms: Uses a single Key; referred to as Private Key Cryptography Stream cipher: Takes one character and replaces it with another Substitution cipher: Simplest type of stream cipher; Substitutes one letter or character for another Transposition cipher: More complicated stream cipher; Rearranges letters without changing them
6 One-Time Pad (OTP): Combines a truly random key with the plaintext Block cipher: Manipulates entire blocks of plaintext at one time; encrypts each block independently Advantages and Disadvantages Fast when the plaintext is short and considered more secure because output is more random More prone to attack because stream does not vary Data Encryption Standard (DES): First widely popular block symmetric cryptography algorithms; encrypts data in 64-bit blocks (effective key length is only 56 bits due to parity bits); and uses a single round of encryption Triple Data Encryption Standard (3DES): Designed to replace DES and uses three rounds of encryption Advanced Encryption Standard (AES): Replacement for DES, uses multiple rounds Asymmetric Cryptographic Algorithms Asymmetric cryptographic algorithms Also known as public key cryptography (PKI) Uses 2 keys instead of one The public key is known and freely distributed to everyone The private key is known only to the recipient of the message Data Encrypted by one key may only be decrypted by the other Asymmetric cryptography can also be used to create a digital signature A digital signature can: Verify the sender Prove the integrity of the message Prevent the sender from disowning the message Used as a legal non-repudiation mechanism Uses Mathematically related cryptographic key pairs Asymmetric Digital Signatures Summary Asymmetric Cryptography Asymmetric cryptographic algorithms: known as public key cryptography (PKI) Uses 2 keys known as the public (known) and private (Secret) keys Data Encrypted by one key may only be decrypted by the other Digital signatures can: Verify the sender Prove the integrity of the message Prevent the sender from disowning the message Used as a legal non-repudiation mechanism Uses Mathematically related cryptographic key pairs
7 Cryptographic Algorithms Index RSA Most common asymmetric cryptography algorithm RSA multiplies two large prime numbers p and q To compute their product (n=pq) A number e is chosen that is less than n and a prime factor to (p-1)(q-1) Another number d is determined, so that (ed-1) is divisible by (p-1)(q-1) Public key is the pair (n,e) Private key is (n,d) Diffie-Hellman Allows two users to share a secret key securely over a public network Once the key has been shared Then both parties can use it to encrypt and decrypt messages using symmetric cryptography Elliptic curve cryptography Uses special geometric shapes called elliptic curves An elliptic curve is a function drawn on an X-Y axis as a gently curved line By adding the values of two points on the curve, you can arrive at a third point on the curve The public aspect of an elliptic curve cryptosystem is that users share an elliptic curve and one point on the curve Summary RSA: Most common asymmetric cryptography algorithm; multiplies two large prime numbers to generate mathematically related key pairs called the Public and Private keys Diffie-Hellman: Allows two users to share a secret key securely over a public network using symmetric cryptography Elliptic Curve: Function drawn on an X-Y axis as a gently curved line; used to generate complex keys Using Cryptography on Files and Disks Cryptography can also be used to protect large numbers of files on a system or an entire disk Encryption prevents unauthorized viewing of information Reversible Hashing Verifies integrity of transmitted data Not reversible File and File System Cryptography File system: A method used by operating systems to store, retrieve, and organize files
8 Pretty Good Privacy (PGP): One of the most widely used asymmetric cryptography system for files and messages on Windows systems GNU Privacy Guard (GPG): Open-source version of PGP PGP and GPG use both asymmetric & symmetric cryptography Microsoft Windows Encrypting File System (EFS) A cryptography system for Windows operating systems Uses Windows NTFS file system Tightly integration with file system enables transparent file encryption and decryption EFS encrypts the data as it is written to disk Can be assigned to individual files or folders If folder assigned, any file moved from the folder is decrypted at time of the move operation Whole disk encryption Cryptography applied to entire disks Windows BitLocker A hardware-enabled data encryption feature Can encrypt the entire Windows volume Includes Windows system files as well as all user files Encrypts the entire system volume, including the Windows Registry and any temporary files that might hold confidential information Can be integrated with a Trusted Platform Module for enhanced security Trusted Platform Module (TPM) A chip on the motherboard that provides cryptographic services Includes a true random number generator Measures and tests key components as the computer is starting up Alterations to key configuration parameters require revalidation of system trust Computer that do not support hardware-based TPM allow encryption keys to be stored on external flash drives Bitlocker Bonus Information GPO s can be set to force storage of recovery keys in AD Access to Recovery keys in AD can be restricted to specific security groups Changes in hardware state requires re-entry of the Bitlocker key (prevents theft of hard drive) Complicates the forensic process Can t Ghost system and redeploy to new hardware if Bitlockered Summary File System Cryptography PGP and GPG: Both use asymmetric & symmetric cryptography Microsoft Windows Encrypting File System (EFS): tightly integrated cryptography system for Windows; uses NTFS; enables transparent file encryption and decryption
9 Whole disk encryption: Cryptography applied to entire disks Windows BitLocker: Hardware-enabled data encryption; encrypts the entire system volume to include Registry, temporary, and User files Trusted Platform Module (TPM): Chip on the motherboard; provides cryptographic services; Includes a true random number generator Summary Cryptography is the science of transforming information into a secure form while it is being transmitted or stored so that unauthorized users cannot access it Hashing creates a unique signature, called a hash or digest, which represents the contents of the original text Symmetric cryptography, also called private key cryptography, uses a single key to encrypt and decrypt a message Asymmetric cryptography, also known as public key cryptography, uses two keys instead of one Cryptography can also be used to protect large numbers of files on a system or an entire disk
IT Networks & Security CERT Luncheon Series: Cryptography
IT Networks & Security CERT Luncheon Series: Cryptography Presented by Addam Schroll, IT Security & Privacy Analyst 1 Outline History Terms & Definitions Symmetric and Asymmetric Algorithms Hashing PKI
More informationNetwork Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室
Network Security 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Security Attacks Normal flow: sender receiver Interruption: Information source Information destination
More informationNetwork Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23
Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest
More informationHow encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and
How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and non-repudiation. How to obtain a digital certificate. Installing
More informationDr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010
CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Introduction to Cryptography What is cryptography?
More informationCIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives
CIS 6930 Emerging Topics in Network Security Topic 2. Network Security Primitives 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange; Hash functions; Application of hash
More informationOverview of Cryptographic Tools for Data Security. Murat Kantarcioglu
UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Cryptographic Tools for Data Security Murat Kantarcioglu Pag. 1 Purdue University Cryptographic Primitives We will discuss the
More informationCRYPTOGRAPHY IN NETWORK SECURITY
ELE548 Research Essays CRYPTOGRAPHY IN NETWORK SECURITY AUTHOR: SHENGLI LI INSTRUCTOR: DR. JIEN-CHUNG LO Date: March 5, 1999 Computer network brings lots of great benefits and convenience to us. We can
More information159.334 Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology
Network Security 1 Professor Richard Harris School of Engineering and Advanced Technology Presentation Outline Overview of Identification and Authentication The importance of identification and Authentication
More informationCryptography & Digital Signatures
Cryptography & Digital Signatures CS 594 Special Topics/Kent Law School: Computer and Network Privacy and Security: Ethical, Legal, and Technical Consideration Prof. Sloan s Slides, 2007, 2008 Robert H.
More information7! Cryptographic Techniques! A Brief Introduction
7! Cryptographic Techniques! A Brief Introduction 7.1! Introduction to Cryptography! 7.2! Symmetric Encryption! 7.3! Asymmetric (Public-Key) Encryption! 7.4! Digital Signatures! 7.5! Public Key Infrastructures
More informationCSE/EE 461 Lecture 23
CSE/EE 461 Lecture 23 Network Security David Wetherall djw@cs.washington.edu Last Time Naming Application Presentation How do we name hosts etc.? Session Transport Network Domain Name System (DNS) Data
More informationSafeguarding Data Using Encryption. Matthew Scholl & Andrew Regenscheid Computer Security Division, ITL, NIST
Safeguarding Data Using Encryption Matthew Scholl & Andrew Regenscheid Computer Security Division, ITL, NIST What is Cryptography? Cryptography: The discipline that embodies principles, means, and methods
More informationLecture 9: Application of Cryptography
Lecture topics Cryptography basics Using SSL to secure communication links in J2EE programs Programmatic use of cryptography in Java Cryptography basics Encryption Transformation of data into a form that
More informationSimple Encryption/Decryption Application
Simple Encryption/Decryption Application Majdi Al-qdah Faculty of Information Technology Multimedia University Cyberjaya, 63100, Malaysia majdi.qdah@mmu.edu.my Lin Yi Hui Faculty of Information Technology
More informationCommon Pitfalls in Cryptography for Software Developers. OWASP AppSec Israel July 2006. The OWASP Foundation http://www.owasp.org/
Common Pitfalls in Cryptography for Software Developers OWASP AppSec Israel July 2006 Shay Zalalichin, CISSP AppSec Division Manager, Comsec Consulting shayz@comsecglobal.com Copyright 2006 - The OWASP
More informationChapter 10. Network Security
Chapter 10 Network Security 10.1. Chapter 10: Outline 10.1 INTRODUCTION 10.2 CONFIDENTIALITY 10.3 OTHER ASPECTS OF SECURITY 10.4 INTERNET SECURITY 10.5 FIREWALLS 10.2 Chapter 10: Objective We introduce
More informationNetwork Security. Omer Rana
Network Security Omer Rana CM0255 Material from: Cryptography Components Sender Receiver Plaintext Encryption Ciphertext Decryption Plaintext Encryption algorithm: Plaintext Ciphertext Cipher: encryption
More informationSavitribai Phule Pune University
Savitribai Phule Pune University Centre for Information and Network Security Course: Introduction to Cyber Security / Information Security Module : Pre-requisites in Information and Network Security Chapter
More informationCryptography & Network Security
Cryptography & Network Security Lecture 1: Introduction & Overview 2002. 3. 27 chlim@sejong.ac.kr Common Terms(1) Cryptography: The study of mathematical techniques related to aspects of information security
More informationCryptography: Motivation. Data Structures and Algorithms Cryptography. Secret Writing Methods. Many areas have sensitive information, e.g.
Cryptography: Motivation Many areas have sensitive information, e.g. Data Structures and Algorithms Cryptography Goodrich & Tamassia Sections 3.1.3 & 3.1.4 Introduction Simple Methods Asymmetric methods:
More informationHow To Understand And Understand The History Of Cryptography
CSE497b Introduction to Computer and Network Security - Spring 2007 - Professors Jaeger Lecture 5 - Cryptography CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07/
More informationEvaluation of the RC4 Algorithm for Data Encryption
Evaluation of the RC4 Algorithm for Data Encryption Allam Mousa (1) and Ahmad Hamad (2) (1) Electrical Engineering Department An-Najah University, Nablus, Palestine (2) Systems Engineer PalTel Company,
More informationApplication Layer (1)
Application Layer (1) Functionality: providing applications (e-mail, www, USENET etc) providing support protocols to allow the real applications to function properly security comprising a large number
More informationHow To Encrypt Data With Encryption
USING ENCRYPTION TO PROTECT SENSITIVE INFORMATION Commonwealth Office of Technology Security Month Seminars Alternate Title? Boy, am I surprised. The Entrust guy who has mentioned PKI during every Security
More informationOverview of CSS SSL. SSL Cryptography Overview CHAPTER
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers
More informationPGP (Pretty Good Privacy) INTRODUCTION ZHONG ZHAO
PGP (Pretty Good Privacy) INTRODUCTION ZHONG ZHAO In The Next 15 Minutes, You May Know What is PGP? Why using PGP? What can it do? How did it evolve? How does it work? How to work it? What s its limitation?
More informationEfficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms
Efficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms Radhika G #1, K.V.V. Satyanarayana *2, Tejaswi A #3 1,2,3 Dept of CSE, K L University, Vaddeswaram-522502,
More informationAC76/AT76 CRYPTOGRAPHY & NETWORK SECURITY DEC 2014
Q.2a. Define Virus. What are the four phases of Viruses? In addition, list out the types of Viruses. A virus is a piece of software that can infect other programs by modifying them; the modification includes
More informationTable of Contents. Bibliografische Informationen http://d-nb.info/996514864. digitalisiert durch
1 Introduction to Cryptography and Data Security 1 1.1 Overview of Cryptology (and This Book) 2 1.2 Symmetric Cryptography 4 1.2.1 Basics 4 1.2.2 Simple Symmetric Encryption: The Substitution Cipher...
More informationHP ProtectTools Embedded Security Guide
HP ProtectTools Embedded Security Guide Document Part Number: 364876-001 May 2004 This guide provides instructions for using the software that allows you to configure settings for the HP ProtectTools Embedded
More informationSecurity. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key
Friends and Enemies Security Outline Encryption lgorithms Protocols Message Integrity Protocols Key Distribution Firewalls Figure 7.1 goes here ob, lice want to communicate securely Trudy, the intruder
More informationAn Introduction to Cryptography as Applied to the Smart Grid
An Introduction to Cryptography as Applied to the Smart Grid Jacques Benoit, Cooper Power Systems Western Power Delivery Automation Conference Spokane, Washington March 2011 Agenda > Introduction > Symmetric
More informationNETWORK SECURITY. Farooq Ashraf. Department of Computer Engineering King Fahd University of Petroleum and Minerals Dhahran 31261, Saudi Arabia
NETWORK SECURITY Farooq Ashraf Department of Computer Engineering King Fahd University of Petroleum and Minerals Dhahran 31261, Saudi Arabia O u t l i n e o f t h e P r e s e n t a t i o n What is Security
More informationChapter 8. Network Security
Chapter 8 Network Security Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Need for Security Some people who
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure
More informationNetwork Security Technology Network Management
COMPUTER NETWORKS Network Security Technology Network Management Source Encryption E(K,P) Decryption D(K,C) Destination The author of these slides is Dr. Mark Pullen of George Mason University. Permission
More informationCS 758: Cryptography / Network Security
CS 758: Cryptography / Network Security offered in the Fall Semester, 2003, by Doug Stinson my office: DC 3122 my email address: dstinson@uwaterloo.ca my web page: http://cacr.math.uwaterloo.ca/~dstinson/index.html
More informationNetwork Security (2) CPSC 441 Department of Computer Science University of Calgary
Network Security (2) CPSC 441 Department of Computer Science University of Calgary 1 Friends and enemies: Alice, Bob, Trudy well-known in network security world Bob, Alice (lovers!) want to communicate
More informationCSCE 465 Computer & Network Security
CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Public Key Cryptogrophy 1 Roadmap Introduction RSA Diffie-Hellman Key Exchange Public key and
More information1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies
1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies Dave Corbett Technical Product Manager Implementing Forward Secrecy 1 Agenda Part 1: Introduction Why is Forward Secrecy important?
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 20 Public-Key Cryptography and Message Authentication First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Public-Key Cryptography
More informationCIS433/533 - Computer and Network Security Cryptography
CIS433/533 - Computer and Network Security Cryptography Professor Kevin Butler Winter 2011 Computer and Information Science A historical moment Mary Queen of Scots is being held by Queen Elizabeth and
More informationReview of methods for secret sharing in cloud computing
Review of methods for secret sharing in cloud computing Dnyaneshwar Supe Amit Srivastav Dr. Rajesh S. Prasad Abstract:- Cloud computing provides various IT services. Many companies especially those who
More informationComputer System Management: Hosting Servers, Miscellaneous
Computer System Management: Hosting Servers, Miscellaneous Amarjeet Singh October 22, 2012 Partly adopted from Computer System Management Slides by Navpreet Singh Logistics Any doubts on project/hypo explanation
More informationNetwork Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide
Network Security [2] Public Key Encryption Also used in message authentication & key distribution Based on mathematical algorithms, not only on operations over bit patterns (as conventional) => much overhead
More informationSecure Network Communications FIPS 140 2 Non Proprietary Security Policy
Secure Network Communications FIPS 140 2 Non Proprietary Security Policy 21 June 2010 Table of Contents Introduction Module Specification Ports and Interfaces Approved Algorithms Test Environment Roles
More informationSecurity. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1
Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions
More informationAuthentication requirement Authentication function MAC Hash function Security of
UNIT 3 AUTHENTICATION Authentication requirement Authentication function MAC Hash function Security of hash function and MAC SHA HMAC CMAC Digital signature and authentication protocols DSS Slides Courtesy
More informationSubmitedBy: Name Reg No Email Address. Mirza Kashif Abrar 790604-T079 kasmir07 (at) student.hh.se
SubmitedBy: Name Reg No Email Address Mirza Kashif Abrar 790604-T079 kasmir07 (at) student.hh.se Abid Hussain 780927-T039 abihus07 (at) student.hh.se Imran Ahmad Khan 770630-T053 imrakh07 (at) student.hh.se
More informationCS 348: Computer Networks. - Security; 30 th - 31 st Oct 2012. Instructor: Sridhar Iyer IIT Bombay
CS 348: Computer Networks - Security; 30 th - 31 st Oct 2012 Instructor: Sridhar Iyer IIT Bombay Network security Security Plan (RFC 2196) Identify assets Determine threats Perform risk analysis Implement
More informationNetwork Security. Security. Security Services. Crytographic algorithms. privacy authenticity Message integrity. Public key (RSA) Message digest (MD5)
Network Security Security Crytographic algorithms Security Services Secret key (DES) Public key (RSA) Message digest (MD5) privacy authenticity Message integrity Secret Key Encryption Plain text Plain
More informationCLOUD COMPUTING SECURITY ARCHITECTURE - IMPLEMENTING DES ALGORITHM IN CLOUD FOR DATA SECURITY
CLOUD COMPUTING SECURITY ARCHITECTURE - IMPLEMENTING DES ALGORITHM IN CLOUD FOR DATA SECURITY Varun Gandhi 1 Department of Computer Science and Engineering, Dronacharya College of Engineering, Khentawas,
More information7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?
7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk
More informationKy Vu DeVry University, Atlanta Georgia College of Arts & Science
Ky Vu DeVry University, Atlanta Georgia College of Arts & Science Table of Contents - Objective - Cryptography: An Overview - Symmetric Key - Asymmetric Key - Transparent Key: A Paradigm Shift - Security
More informationCiphire Mail. Abstract
Ciphire Mail Technical Introduction Abstract Ciphire Mail is cryptographic software providing email encryption and digital signatures. The Ciphire Mail client resides on the user's computer between the
More informationProperties of Secure Network Communication
Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able to understand the contents of the transmitted message. Because eavesdroppers may intercept the message,
More informationDigital Signature For Text File
Digital Signature For Text File Ayad Ibrahim Abdulsada Dept. of Computer Science, College of Education, University of Basrah, Basrah, Iraq. E-mail: mraiadibraheem@yahoo.com Abstract: Digital signatures
More informationPublic Key Cryptography Overview
Ch.20 Public-Key Cryptography and Message Authentication I will talk about it later in this class Final: Wen (5/13) 1630-1830 HOLM 248» give you a sample exam» Mostly similar to homeworks» no electronic
More informationPresentation on Black Hat Europe 2003 Conference. Security Analysis of Microsoft Encrypting File System (EFS) http://www.elcomsoft.
Presentation on Black Hat Europe 2003 Conference Security Analysis of Microsoft Encrypting File System (EFS) Microsoft Encrypting File System Encrypting File File System System (EFS) (EFS) is is a a new
More informationLecture 9 - Network Security TDTS41-2006 (ht1)
Lecture 9 - Network Security TDTS41-2006 (ht1) Prof. Dr. Christoph Schuba Linköpings University/IDA Schuba@IDA.LiU.SE Reading: Office hours: [Hal05] 10.1-10.2.3; 10.2.5-10.7.1; 10.8.1 9-10am on Oct. 4+5,
More informationNetwork Security. HIT Shimrit Tzur-David
Network Security HIT Shimrit Tzur-David 1 Goals: 2 Network Security Understand principles of network security: cryptography and its many uses beyond confidentiality authentication message integrity key
More informationNXP & Security Innovation Encryption for ARM MCUs
NXP & Security Innovation Encryption for ARM MCUs Presenters Gene Carter- International Product Manager, NXP Semiconductors Gene is responsible for marketing of the ARM7 and Cortex-M3 microcontrollers.
More informationSECURITY IN NETWORKS
SECURITY IN NETWORKS GOALS Understand principles of network security: Cryptography and its many uses beyond confidentiality Authentication Message integrity Security in practice: Security in application,
More informationFixity Checks: Checksums, Message Digests and Digital Signatures Audrey Novak, ILTS Digital Preservation Committee November 2006
Fixity Checks: Checksums, Message Digests and Digital Signatures Audrey Novak, ILTS Digital Preservation Committee November 2006 Introduction: Fixity, in preservation terms, means that the digital object
More informationComputer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University
Computer Networks Network Security and Ethics Week 14 College of Information Science and Engineering Ritsumeikan University Security Intro for Admins l Network administrators can break security into two
More informationComputer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt
Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt 1 Lecture 11: Network Security Reference: Chapter 8 - Computer Networks, Andrew S. Tanenbaum, 4th Edition, Prentice
More informationModule 8. Network Security. Version 2 CSE IIT, Kharagpur
Module 8 Network Security Lesson 2 Secured Communication Specific Instructional Objectives On completion of this lesson, the student will be able to: State various services needed for secured communication
More informationCryptosystems. Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K.
Cryptosystems Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K. C= E(M, K), Bob sends C Alice receives C, M=D(C,K) Use the same key to decrypt. Public
More informationEncryption, Data Integrity, Digital Certificates, and SSL. Developed by. Jerry Scott. SSL Primer-1-1
Encryption, Data Integrity, Digital Certificates, and SSL Developed by Jerry Scott 2002 SSL Primer-1-1 Ideas Behind Encryption When information is transmitted across intranets or the Internet, others can
More informationCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITY PRINCIPLES AND PRACTICE SIXTH EDITION William Stallings International Edition contributions by Mohit P Tahiliani NITK Surathkal PEARSON Boston Columbus Indianapolis New
More informationConnected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)
Cryptelo Drive Cryptelo Drive is a virtual drive, where your most sensitive data can be stored. Protect documents, contracts, business know-how, or photographs - in short, anything that must be kept safe.
More informationCryptography Lecture 8. Digital signatures, hash functions
Cryptography Lecture 8 Digital signatures, hash functions A Message Authentication Code is what you get from symmetric cryptography A MAC is used to prevent Eve from creating a new message and inserting
More informationAN IMPLEMENTATION OF HYBRID ENCRYPTION-DECRYPTION (RSA WITH AES AND SHA256) FOR USE IN DATA EXCHANGE BETWEEN CLIENT APPLICATIONS AND WEB SERVICES
HYBRID RSA-AES ENCRYPTION FOR WEB SERVICES AN IMPLEMENTATION OF HYBRID ENCRYPTION-DECRYPTION (RSA WITH AES AND SHA256) FOR USE IN DATA EXCHANGE BETWEEN CLIENT APPLICATIONS AND WEB SERVICES Kalyani Ganesh
More informationArchived NIST Technical Series Publication
Archived NIST Technical Series Publication The attached publication has been archived (withdrawn), and is provided solely for historical purposes. It may have been superseded by another publication (indicated
More informationOverview of Public-Key Cryptography
CS 361S Overview of Public-Key Cryptography Vitaly Shmatikov slide 1 Reading Assignment Kaufman 6.1-6 slide 2 Public-Key Cryptography public key public key? private key Alice Bob Given: Everybody knows
More informationSecuring Data at Rest ViSolve IT Security Team
Securing Data at Rest ViSolve IT Security Team 1 Table of Contents 1 Introduction... 3 2 Why Data at Rest needs to be secure?... 4 3 Securing Data... 4 3.1 Encryption - Access Control Approach... 5 3.1.1
More informationEncrypting the Private Files on Your Computer Presentation by Eric Moore, CUGG June 12, 2010
Encrypting the Private Files on Your Computer Presentation by Eric Moore, CUGG June 12, 2010 I. File Encryption Basics A. Encryption replaces data within a file with ciphertext which resembles random data
More informationSPC5-CRYP-LIB. SPC5 Software Cryptography Library. Description. Features. SHA-512 Random engine based on DRBG-AES-128
SPC5 Software Cryptography Library Data brief SHA-512 Random engine based on DRBG-AES-128 RSA signature functions with PKCS#1v1.5 ECC (Elliptic Curve Cryptography): Key generation Scalar multiplication
More informationIntroduction to Cryptography
Introduction to Cryptography Part 3: real world applications Jean-Sébastien Coron January 2007 Public-key encryption BOB ALICE Insecure M E C C D channel M Alice s public-key Alice s private-key Authentication
More informationSecureDoc Disk Encryption Cryptographic Engine
SecureDoc Disk Encryption Cryptographic Engine FIPS 140-2 Non-Proprietary Security Policy Abstract: This document specifies Security Policy enforced by SecureDoc Cryptographic Engine compliant with the
More informationNetwork Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering
Network Security Gaurav Naik Gus Anderson, Philadelphia, PA Lectures on Network Security Feb 12 (Today!): Public Key Crypto, Hash Functions, Digital Signatures, and the Public Key Infrastructure Feb 14:
More informationUsing etoken for SSL Web Authentication. SSL V3.0 Overview
Using etoken for SSL Web Authentication Lesson 12 April 2004 etoken Certification Course SSL V3.0 Overview Secure Sockets Layer protocol, version 3.0 Provides communication privacy over the internet. Prevents
More informationNetwork Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1
Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Public Key Cryptography symmetric key crypto v requires sender, receiver know shared secret
More informationCipherShare Features and Benefits
CipherShare s and CipherShare s and Security End-to-end Encryption Need-to-Know: Challenge / Response Authentication Transitive Trust Consistent Security Password and Key Recovery Temporary Application
More informationInformation Security
Information Security Dr. Vedat Coşkun Malardalen September 15th, 2009 08:00 10:00 vedatcoskun@isikun.edu.tr www.isikun.edu.tr/~vedatcoskun What needs to be secured? With the rapid advances in networked
More informationIntroduction to Network Security. 1. Introduction. And People Eager to Take Advantage of the Vulnerabilities
TÜBİTAK Ulusal Elektronik ve Kriptoloji Araştırma Enstitüsü Introduction to Network Security (Revisit an Historical 12 year old Presentation) Prof. Dr. Halûk Gümüşkaya Why Security? Three primary reasons
More informationGuide to Data Field Encryption
Guide to Data Field Encryption Contents Introduction 2 Common Concepts and Glossary 3 Encryption 3 Data Field Encryption 3 Cryptography 3 Keys and Key Management 5 Secure Cryptographic Device 7 Considerations
More informationChapter 8. Cryptography Symmetric-Key Algorithms. Digital Signatures Management of Public Keys Communication Security Authentication Protocols
Network Security Chapter 8 Cryptography Symmetric-Key Algorithms Public-Key Algorithms Digital Signatures Management of Public Keys Communication Security Authentication Protocols Email Security Web Security
More informationLukasz Pater CMMS Administrator and Developer
Lukasz Pater CMMS Administrator and Developer EDMS 1373428 Agenda Introduction Why do we need asymmetric ciphers? One-way functions RSA Cipher Message Integrity Examples Secure Socket Layer Single Sign
More informationINTRODUCTION TO CRYPTOGRAPHY
INTRODUCTION TO CRYPTOGRAPHY AUTHOR: ANAS TAWILEH anas@tawileh.net Available online at: http://www.tawileh.net/courses/ia This work is released under a Creative Commons Attribution-ShareAlike 2.5 License
More informationVoIP Security. Seminar: Cryptography and Security. 07.06.2006 Michael Muncan
VoIP Security Seminar: Cryptography and Security Michael Muncan Overview Introduction Secure SIP/RTP Zfone Skype Conclusion 1 Introduction (1) Internet changed to a mass media in the middle of the 1990s
More informationEXAM questions for the course TTM4135 - Information Security June 2010. Part 1
EXAM questions for the course TTM4135 - Information Security June 2010 Part 1 This part consists of 6 questions all from one common topic. The number of maximal points for every correctly answered question
More informationSecure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213
Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213 UNCLASSIFIED Example http ://www. greatstuf f. com Wants credit card number ^ Look at lock on browser Use https
More informationCrypTool. www.cryptool.de www.cryptool.com www.cryptool.org. Claudia Eckert / Thorsten Clausius Bernd Esslinger / Jörg Schneider / Henrik Koy
CrypTool A free software program for creating awareness of IT security issues for learning about and obtaining experience of cryptography for demonstrating encryption algorithms and analysis procedures
More informationCSCI-E46: Applied Network Security. Class 1: Introduction Cryptography Primer 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING 2016 1
CSCI-E46: Applied Network Security Class 1: Introduction Cryptography Primer 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING 2016 1 Welcome to CSCI-E46 Classroom & Schedule 53 Church Street L01 Wednesdays,
More informationWaspmote Encryption Libraries. Programming guide
Waspmote Encryption Libraries Programming guide Index Document version: v4.3-01/2015 Libelium Comunicaciones Distribuidas S.L. INDEX 1. General Concepts... 4 2. Integrity... 7 2.1. Waspmote Libraries...7
More informationRecipe for Mobile Data Security: TPM, Bitlocker, Windows Vista and Active Directory
Recipe for Mobile Data Security: TPM, Bitlocker, Windows Vista and Active Directory Tom Olzak October 2007 If your business is like mine, laptops regularly disappear. Until recently, centrally managed
More informationInsight Guide. Encryption: A Guide
Encryption: A Guide for Beginners If you read anything about information security, you re likely to have come across the word encryption. It s a fundamental building block when it comes to securing your
More information