Chapter 9 Security 9.1 The security environment

Slides:



Advertisements
Similar presentations
Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
Advertisements

1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.
Security Chapters 14,15. The Security Environment Threats Security goals and threats.
Security Chapters 14,15. The Security Environment Threats Security goals and threats.
ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Security Chapter The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from.
ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Security Chapter The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from.
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
BR1 Protection and Security B. Ramamurthy Chapters 18 and 19.
Introduction to Public Key Cryptography
Public Key Model 8. Cryptography part 2.
 Introduction  Requirements for RSA  Ingredients for RSA  RSA Algorithm  RSA Example  Problems on RSA.
9/21/2015B.Ramamurthy1 Security Chapter 7. 9/21/2015B.Ramamurthy2 Introduction What is the security model of your system? There are many issues: 1. Security.
Cryptography, Authentication and Digital Signatures
Public-Key Cryptography CS110 Fall Conventional Encryption.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Digital Signatures A primer 1. Why public key cryptography? With secret key algorithms Number of key pairs to be generated is extremely large If there.
Midterm Review Cryptography & Network Security
Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.
Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!
From Coulouris, Dollimore, Kindberg and Blair Distributed Systems: Concepts and Design Edition 5, © Addison-Wesley 2012 Slides for Chapter 11: Security.
1 Public-Key Cryptography and Message Authentication.
Computer and Network Security Rabie A. Ramadan Lecture 6.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
Chapter 3 – Public Key Cryptography and RSA (A). Private-Key Cryptography traditional private/secret/single-key cryptography uses one key shared by both.
Group 9 Chapter 8.3 – 8.6. Public Key Algorithms  Symmetric Key Algorithms face an inherent problem  Keys must be distributed to all parties but kept.
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
CS480 Cryptography and Information Security Huiping Guo Department of Computer Science California State University, Los Angeles 14. Digital signature.
Network security Cryptographic Principles
Overview Modern public-key cryptosystems: RSA
Security Outline Encryption Algorithms Authentication Protocols
Public-Key Cryptography and Message Authentication
Public Key Encryption Systems
Public Key Encryption and Digital Signatures
Chapters 14,15 Security.
Fundamental Concepts in Security and its Application Cloud Computing
Basic Network Encryption
Cryptography.
Digital Signatures Last Updated: Oct 14, 2017.
Slides for Chapter 11: Security
Security Chapter 7 11/21/2018 B.Ramamurthy.
Asymmetric Cryptography
PART VII Security.
Introduction to Symmetric-key and Public-key Cryptography
Enabling Technology1: Cryptography
Intro to Cryptography Some slides have been taken from:
Encryption INST 346, Section 0201 April 3, 2018.
Security Chapter 7 1/14/2019 B.Ramamurthy.
Security Chapter 11 2/16/2019 B.Ramamurthy.
NET 311 Information Security
Security Chapter 7 2/22/2019 B.Ramamurthy.
Chapters 14,15 Security.
Security Chapter 7 2/28/2019 B.Ramamurthy.
Protection and Security
Security Chapter 7 4/8/2019 B.Ramamurthy.
Chapter -7 CRYPTOGRAPHIC HASH FUNCTIONS
Public-Key, Digital Signatures, Management, Security
Chapter -8 Digital Signatures
Chapter 3 - Public-Key Cryptography & Authentication
Chapter 29 Cryptography and Network Security
Basic Network Encryption
Security Chapter 7 4/29/2019 B.Ramamurthy.
Fluency with Information Technology Lawrence Snyder
Public Key Encryption Systems
Introduction to Encryption Technology
Presentation transcript:

Chapter 9 Security 9.1 The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from outside the system 9.6 Protection mechanisms 9.7 Trusted systems

The Security Environment Threats Security goals and threats

Basics of Cryptography Relationship between the plaintext and the ciphertext

Secret-Key Cryptography Monoalphabetic substitution each letter replaced by different letter Given the encryption key, easy to find decryption key Secret-key crypto called symmetric-key crypto

Public-Key Cryptography All users pick a public key/private key pair publish the public key private key not published Public key is the encryption key private key is the decryption key

RSA Encryption To find a key pair e, d: 1. Choose two large prime numbers, P and Q (each greater than 10100), and form: N = P x Q Z = (P–1) x (Q–1) 2. For d choose any number that is relatively prime with Z (that is, such that d has no common factors with Z). We illustrate the computations involved using small integer values for P and Q: P = 13, Q = 17 –> N = 221, Z = 192 d = 5 3. To find e solve the equation: e x d = 1 mod Z That is, e x d is the smallest element divisible by d in the series Z+1, 2Z+1, 3Z+1, ... . e x d = 1 mod 192 = 1, 193, 385, ... 385 is divisible by d e = 385/5 = 77

RSA Encryption (contd.) To encrypt text using the RSA method, the plaintext is divided into equal blocks of length k bits where 2k < N (that is, such that the numerical value of a block is always less than N; in practical applications, k is usually in the range 512 to 1024). k = 7, since 27 = 128 The function for encrypting a single block of plaintext M is: (N = P X Q = 13X17 = 221), e = 77, d = 5: E'(e,N,M) = Me mod N for a message M, the ciphertext is M77 mod 221 The function for decrypting a block of encrypted text c to produce the original plaintext block is: D'(d,N,c) = cd mod N The two parameters e,N can be regarded as a key for the encryption function, and similarly d,N represent a key for the decryption function. So we can write Ke = <e,N> and Kd = <d,N>, and we get the encryption function: E(Ke, M) ={M}K (the notation here indicating that the encrypted message can be decrypted only by the holder of the private key Kd) and D(Kd, ={M}K ) = M. <e,N> - public key, d – private key for a station

Application of RSA Lets say a person in Atlanta wants to send a message M to a person in Buffalo: Atlanta encrypts message using Buffalo’s public key B  E(M,B) Only Buffalo can read it using it private key b: E(b, E(M,B))  M In other words for any public/private key pair determined as previously shown, the encrypting function holds two properties: E(p, E(M,P))  M E(P, E(M,p))  M

How can you authenticate “sender”? In real life you will use signatures: we will look at concept of digital signatures next. Instead of sending just a simple message, Atlanta will send a signed message signed by Atlanta’s private key: E(B,E(M,a)) Buffalo will first decrypt using its private key and use Atlanta’s public key to decrypt the signed message: E(b, E(B,E(M,a))  E(M,a) E(A,E(M,a))  M

Digital Signatures Strong digital signatures are essential requirements of a secure system. These are needed to verify that a document is: Authentic : source Not forged : not fake Non-repudiable : The signer cannot credibly deny that the document was signed by them.

Digest Functions Are functions generated to serve a signatures. Also called secure hash functions. It is message dependent. Only the Digest is encrypted using the private key.

Alice’s bank account certificate 1. Certificate type : Account number 2. Name Alice 3. Account 6262626 4. Certifying authority Bob’s Bank 5. Signature {Digest(field 2 + field 3)} KBpriv

Digital signatures with public keys

Low-cost signatures with a shared secret key

One-Way Functions Function such that given formula for f(x) easy to evaluate y = f(x) But given y computationally infeasible to find x

Digital Signatures Computing a signature block What the receiver gets

Buffer Overflow (a) Situation when main program is running (b) After program A called (c) Buffer overflow shown in gray

Covert Channels (1) Encapsulated server can still leak to collaborator via covert channels Client, server and collaborator processes

A covert channel using file locking Covert Channels (2) A covert channel using file locking

Covert Channels (3) Pictures appear the same Picture on right has text of 5 Shakespeare plays encrypted, inserted into low order bits of color values Hamlet, Macbeth, Julius Caesar Merchant of Venice, King Lear Zebras

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.