Better security for maintainers

Slides:

Advertisements

Similar presentations

Lecture 7 Overview. Advanced Encryption Standard 10, 12, 14 rounds for 128, 192, 256 bit keys – Regular Rounds (9, 11, 13) – Final Round is different.

Advertisements

Digital Signatures and Hash Functions. Digital Signatures.

Protection of personal mobile computer devices Information Security Isaac Fernandes, mci12009 Sofia Nunes, mci12014.

Software Certification and Attestation Rajat Moona Director General, C-DAC.

CMPE208 Presentation Terminal Access Controller Access Control System Plus (TACACS+) By MARVEL (Libing, Bhavana, Ramya, Maggie, Nitin)

“Chinese” Attacks on Hashes March 11, 2006, Bing Wu Topic 1.Background 2.“Chinese” collision attacks 3.Results for MD4 and MD5.

SHA (secure hash algorithm) Jen-Chang Liu, 2005 Adapted from lecture slides by Lawrie Brown.

Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.

Securing iSCSI for Data Backup and Disaster Recovery JAMES HUGHES CS526 5/03/05 James W. Hughes 1.

Hash Functions Nathanael Paul Oct. 9, Hash Functions: Introduction Cryptographic hash functions –Input – any length –Output – fixed length –H(x)

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Privilege Levels Cisco IOS provides for 16 different privilege levels ranging from 0 to 15. Cisco IOS comes with 2 predefined user levels. User mode.

KAIS T A lightweight secure protocol for wireless sensor networks 윤주범 ELSEVIER Mar

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

HASH Functions.

Hash Functions A hash function H accepts a variable-length block of data M as input and produces a fixed-size hash value h = H(M) Principal object is.

Using ISO tags for Authentication Eddie LaCost Embedded RF.

Dan Johnson. What is a hashing function? Fingerprint for a given piece of data Typically generated by a mathematical algorithm Produces a fixed length.

Lecture 4.1: Hash Functions, and Message Authentication Codes CS 436/636/736 Spring 2015 Nitesh Saxena.

Brand-New Hash Function   BeeM A. Satoh SCIS2006 SHA-1 Broken! Prof. Xiaoyun Wang.

Theory of Computation II Topic presented by: Alberto Aguilar Gonzalez.

11-Basic Cryptography Dr. John P. Abraham Professor UTPA.

1 Number Theory and Advanced Cryptography 6. Digital Signature Chih-Hung Wang Sept Part I: Introduction to Number Theory Part II: Advanced Cryptography.

Internationalization of Resource Registry Piotr Strzyżewski Silesian University of Technology, Computer Centre.

Lecture 4.2: Hash Functions: Design* CS 436/636/736 Spring 2012 Nitesh Saxena * some slides borrowed from Gene Tsudik.

CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Modern Cryptography.

Week 4 - Friday.  What did we talk about last time?  Snow day  But you should have read about  Key management.

Internet Safety Piotr Hasior Introduction Internet Safety Internet safety, or online safety, is the knowledge of maximizing the user's personal safety.

Date : 2/12/2010 Web Technology Solutions Class: Adding Security and Authentication Features to Your Application.

Computerized Adaptive Testing System Minh H Dang.

Encrypted Chat Program LCO Review Asif Daud & Craig Atkinson.

CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Web Security.

LESSON 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures for Securing.

CS426Fall 2010/Lecture 51 Computer Security CS 426 Lecture 5 Cryptography: Cryptographic Hash Function.

Matt Broman Kodiac Gamble Devin Nichol SECTION 4.2 INFORMATION SECURITY.

OSPF WG Cryptographic Algorithm Implementation Requirements for OSPF draft-bhatia-manral-crypto-req-ospf-00.txt Vishwas Manral, IPInfusion Manav Bhatia,

Hashes Lesson Introduction ●The birthday paradox and length of hash ●Secure hash function ●HMAC.

IT 221: Introduction to Information Security Principles Lecture 5: Message Authentications, Hash Functions and Hash/Mac Algorithms For Educational Purposes.

What is BitLocker and How Does It Work? Steve Lamb IT Pro Evangelist, Microsoft Ltd

CIS 450 – Network Security Chapter 10 – UNIX Password Crackers.

BTEC NATIONAL CERTIFICATE IN HEALTH AND SOCIAL CARE Unit 2: Equality, Diversity and Rights in Health and Social Care Settings.

 Encryption provides confidentiality  Information is unreadable to anyone without knowledge of the key  Hashing provides integrity  Verify the integrity.

FERPA & Data Security:FERPA & Data Security: Passwords and Authenticators.

CS480 Cryptography and Information Security Huiping Guo Department of Computer Science California State University, Los Angeles 13.Message Authentication.

Cryptography Hyunsung Kim, PhD University of Malawi, Chancellor College Kyungil University February, 2016.

@Yuan Xue 285: Network Security CS 285 Network Security Hash Algorithm Yuan Xue Fall 2012.

RSA Laboratories’ PKCS Series - a Tutorial

IS-IS WG IS-IS Cryptographic Authentication Requirements

Introduction Used for communication to verify

최신정보보호기술 경일대학교 사이버보안학과 김 현성.

Taewan kang, Kevin huangfu

Cryptographic Hash Functions Part I

ICS 454 Principles of Cryptography

Introduction to Problem Solving

CSE 484 Midterm Review “1st half of the quarter in 5 slides”

Kiran Subramanyam Password Cracking 1.

RIPE Whois Database Software Recent Changes

ICS 454 Principles of Cryptography

Cryptographic Hash Functions Part I

Lecture 4.1: Hash Functions, and Message Authentication Codes

Piotr Strzyżewski RIPE 72, AA-WG,

Hashing Hash are the auxiliary values that are used in cryptography.

Proposal to Deprecate MAIL-FROM in Maintainer Object

Lecture 4: Hash Functions

Cryptography Fundamentals

Seyed Amir Hossain Naseredini

Hash Function Requirements

Session 1 – Introduction to Information Security

Cryptographic Hash Functions

Blockchains Lecture 4.

Presentation transcript:

Better security for maintainers Piotr Strzyżewski Silesian University of Technology, Computer Centre

Reason Majority (almost all) of objects use password authentication Current implementation supports only MD5 MD5 is not collision resistant MD5 is considered as not suitable for further use Objects are not well protected

Idea Modify the DB software and introduce new, stronger hash algorithms: SHA-2 family GOST Others? Remove support for MD5 within 1-2 years from introduction of new alghoritms

Pros and cons (+) Objects will be better protected against abuse (-) LIRs have to change their maintainer objects (-) Some objects will be locked after MD5 removal (lesson from history)

Questions?