Security, Cryptography, and Magic

Slides:



Advertisements
Similar presentations
Public Key Infrastructure and Applications
Advertisements

Secure Mobile IP Communication
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
Computer and Network Security Mini Lecture by Milica Barjaktarovic.
Digital Signatures. Anononymity and the Internet.
Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
FIT3105 Smart card based authentication and identity management Lecture 4.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
1 Security and Software Engineering Steven M. Bellovin AT&T Labs – Research
Programming Satan’s Computer
Public-key Cryptography Strengths and Weaknesses Matt Blumenthal.
Cryptography, Authentication and Digital Signatures
Engineering Secure Software. A Ubiquitous Concern  You can make a security mistake at every step of the development lifecycle  Requirements that allow.
Review of basic cryptographically algorithm Asymmetric encoding (Private and Public Keys), Hash Function, Digital Signatures and Certification.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Module 9: Fundamentals of Securing Network Communication.
1 Chapter 10: Key Management in Public key cryptosystems Fourth Edition by William Stallings Lecture slides by Lawrie Brown (Modified by Prof. M. Singhal,
Java Security Session 19. Java Security / 2 of 23 Objectives Discuss Java cryptography Explain the Java Security Model Discuss each of the components.
Grid technology Security issues Andrey Nifatov A hacker.
1 Host versus Network Security Steven M. Bellovin
Security Systems | ST/SRM3-NA | 4/6/2016 © 2016 Robert Bosch LLC and affiliates. All rights reserved. 1 Ensure data security in a hyper-connected world.
Engineering Secure Software. A Ubiquitous Concern  You can make a security mistake at every step of the development lifecycle  Requirements that allow.
TUF: Secure Software Updates Justin Cappos NYU Poly Computer Science and Engineering.
Key management issues in PGP
DNS Security The Domain Name Service (DNS) translates human-readable names to IP addresses E.g., thesiger.cs.ucla.edu translates to DNS.
Security of Digital Signatures
DNS Security Advanced Network Security Peter Reiher August, 2014
Security Outline Encryption Algorithms Authentication Protocols
USAGE OF CRYPTOGRAPHY IN NETWORK SECURITY
TASHKENT UNIVERSITY OF INFORMATION TECHNOLOGIES NAMED AFTER MUHAMMAD AL-KHWARIZMI THE SMART HOME IS A BASIC OF SMART CITIES: SECURITY AND METHODS OF.
IT443 – Network Security Administration Instructor: Bo Sheng
Protecting Memory What is there to protect in memory?
Assignment #5 – Solutions
Why Do We Need More Research?
Outline Desirable characteristics of ciphers Uses of cryptography
Module 8: Securing Network Traffic by Using IPSec and Certificates
Introduction to Security
DNS Security The Domain Name Service (DNS) translates human-readable names to IP addresses E.g., thesiger.cs.ucla.edu translates to DNS.
S/MIME T ANANDHAN.
Outline Desirable characteristics of ciphers Uses of cryptography
Who Uses Encryption? Module 7 Section 3.
Preventing Denial of Service Attacks
Message Digest Cryptographic checksum One-way function Relevance
LINUX SECURITY Dongmei Wu ID: /25/00.
NAAS 2.0 Features and Enhancements
What DNSSEC Provides Cryptographic signatures in the DNS
SSH: SECURE LOGIN CONNECTIONS OVER THE INTERNET
Assignment #7 – Solutions
development lifecycle & Principles
Student: Ying Hong Course: Database Security Instructor: Dr. Yang
CS 465 Certificates Last Updated: Oct 14, 2017.
Lecture 4 - Cryptography
CS2911 Week 9, Class 1 Today Discussion on RSA Video Eavesdropping
Outline Using cryptography in networks IPSec SSL and TLS.
Module 8: Securing Network Traffic by Using IPSec and Certificates
Install AD Certificate Services
Public-Key, Digital Signatures, Management, Security
e-Security Solutions Penki Kontinentai Vladas Lapinskas
CSC 774 Advanced Network Security
Advanced Computer Networks
September 2002 CSG Meeting Jim Jokl
Anonymous Communication
DNS Security The Domain Name Service (DNS) translates human-readable names to IP addresses E.g., thesiger.cs.ucla.edu translates to DNS.
Security in Wide Area Networks
Presentation transcript:

Security, Cryptography, and Magic Steven M. Bellovin smb@research.att.com http://www.research.att.com/~smb

Weak Points of the Internet The DNS Routing Host security Cryptography can help with the first two, but...

Security Flaws At least 85% of CERT advisories describe problems that cryptography can’t fix. 9 out of 13 advisories last year are about buffer overflows. Of the othes, 2 describe problems in cryptographic modules…

Going Around the Cryptography Cryptography relies on the secrecy of keys. Can we protect them, on today’s systems? Smart cards, etc., encrypt, decrypt, and sign what the host system hands them. Can we trust the host? What about the certificate hierarchy?

Certificates Most users don’t know what certificates are. Of those who do, most don’t verify the signature chain. Most of those people don’t know if they should trust an arbitrary root. Conclusion: for most practical purposes, we don’t have a PKI -- and most people neither know nor care.

Cryptography and Identity Given the PKI problems, encrypted traffic is effectively unauthenticated. This does prevent broad-spectrum eavesdropping. But active attacks can go around the cryptography to penetrate systems -- and such attacks are taking place.

Conclusions Cryptography is necessary, but not sufficient. Using cryptography properly is very hard. We can wave our magic wands and solve that problem, and deploy strong cryptography everywhere. But we don’t have a big enough wand to fix the buggy code.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.