Software Security Seminar - 1 Chapter 10. Using Algorithms 발표자 : 이장원 Applied Cryptography
Software Security Seminar - 2 Contents 10.5 Hardware Encryption vs Symmetric Cryptography 10.6 Compression, Encoding, and Encryption 10.7 Detecting Encryption 10.8 Hiding Ciphertext in Ciphertext 10.9 Destruction Information
Software Security Seminar - 3 Hardware Encryption vs Symmetric Cryptography Speed - Encryption algorithm (DES, RSA) run inefficiently on general- purpose processors Security - Encryption algorithm has no physical protection Hardware VLSI chips : coated with chemical Clipper & Capstone Chips : designed to be tamperproof [24] IBM’s Cryptographic system : include tamper-resistant modules to hold keys.[24]
Software Security Seminar - 4 Hardware Encryption vs Symmetric Cryptography(conti.) Ease of installation - cheaper to put special-purpose encryption hardware in the telephone, fax, & modem than to put in a microprocessor & software - easier to install a dedicated hardware encryption device than to modify the computer’s system software Hardware(conti.)
Software Security Seminar - 5 Hardware Encryption vs Symmetric Cryptography(conti.) Three basic kinds of encryption hardware Hardware(Conti.) Self contained encryption module : perform functions such as password verification and key management for banks Dedicated encryption boxes for communications links T-1 encryption boxes Newer boxes : accept higher bit rate and more versatile
Software Security Seminar - 6 Hardware Encryption vs Symmetric Cryptography(conti.) Three basic kinds of encryption hardware Hardware(Conti.) Board : plug into PC PC-Board encryptor usually encrypt everything written to the hard disk and can be configured to encrypt everything sent to the floppy disk and serial port as well Not shielded against electromagnatic radiation or physical interference
Software Security Seminar - 7 Hardware Encryption vs Symmetric Cryptography(conti.) Disadvantage : Speed, Cost, Ease of Modification(Manipulation) Advantage : Flexibility, Portability, Ease of Use and Upgrade Operating Systems Software
Software Security Seminar - 8 Compression, Encoding, and Encryption Compressing a file before encryption reduces redundancy. Compressing a file before encryption speeds up the entire process. Data compression algorithm Add any type of transmission encoding, or error detection and recovery Add that after encryption. Decryption after Error Control
Software Security Seminar - 9 Detecting Encryption Rely on the fact that most popular encryption programs have well- defined header : Electronic-mail message encrypted with either PEM or PGP. How distinguishing the ciphertext from seemingly random bits? How detecting an encryptied file ? - Examine the file 1)ASCII file : easy to spot 2)TIFF, TeX, C, …, Executable code : standard identifying characteristics 3)Unix files : magic number - Try to uncompress the file - Try to compress the file
Software Security Seminar - 10 Hiding Ciphertext in Ciphertext −Use one-time pad : P : plaintext, D : dummy plaintext, C : ciphertext K : real key, K ’ : dummy key Alice : encrypt P + K= C A & Bob : share K B : decrypt C + K= P A & B : surrender K ’ = C + D Police : recover the dummy plaintext C + K ’ = D WIBN to be able encrypt a file s.t there are two possible decryptions each with a different key.
Software Security Seminar - 11 Destruction Information -To erase a file so that file-recovery software cannot read it, physically write over all of the file’s bits on the disk. -Most commercial programs : overwriting three times