Slide design: Dr. Mark L. Hornick CS2910 4/25/2019 CS2910 Week 9, Class 2 Today Network Security – Focus on Encryption Week 9, Monday Quiz: Potential topics TCP window size & header format Public/private key encryption Sharing symmetric keys Applying a stream cipher Known-plaintext attack Unicode, UTF-8 encoding, and quoted-printable May include some questions requiring you to interpret or create raw data SE-2811 Slide design: Dr. Mark L. Hornick Content: Dr. Hornick Errors: Dr. Yoder Dr. Josiah Yoder

WWII Encryption: The Enigma Machine CS2910 4/25/2019 WWII Encryption: The Enigma Machine A story of a known-plaintext attack http://www.cnet.com/pictures/breaking-the-nazis-enigma-codes-at-bletchley-park-photos/2/ SE-2811 Dr.Yoder Dr. Josiah Yoder

WWII Encryption: The Enigma and the Bomb CS2910 4/25/2019 WWII Encryption: The Enigma and the Bomb Mavis Batey SE-2811 Dr.Yoder Dr. Josiah Yoder

CS2910 4/25/2019 Video Questions So if a key is only shared between two people, that means there must be a unique key for every pair? Also, when keys are generated, how are they shared securely over networks?? Are there standard encryption/decryption algorithms or do companies create and adopt their own? Would a company have different algorithms for each program or would they have a standard? How are modern day encryption keys generated and how do those work? Is there any way to tell whether a message has been manipulated/accessed in transmission due to a cryptographic attack? SE-2811 Dr.Yoder Dr. Josiah Yoder

CS2910 4/25/2019 Video Questions Why was the symmetric key and "caesar cipher" approach every considered a "secure" encryption? What is the most commonly used encryption algorithm for companies that store and send sensitive data? What does a session key do? Why would basic ciphers like Symmetric Key Systems be helpful, when not paired with other encryption methods at the same time? What would be an example of a "function" used in encryption? It was mentioned that a function is most commonly used instead of a table for block ciphers; What would be an example of a function that could be used? I am confused on what block cyphering is? I watched it multiple times and still dont quite understand. Also i thought there was a public and a private key not just one key? SE-2811 Dr.Yoder Dr. Josiah Yoder

CS2910 4/25/2019 Video Questions Given primes p,q: What is the point of z = (p-1)*(q-1)? What other types of encryption algorithms are there? Other than Symmetrical Encryption What is the most complex encryption algorithm that you know of? How does the receiver know the key? Can you explain more on the RSA Algorithm? Is it just an equation that requires extensive time and work to decipher a person's public key? Why is a session key generated for each message? I understand the backwards security, but I thought the purpose of the session key was to improve performance, but there is still a new one for each message. Why isn't gpg style encryption used more often (preshared public keys)? SE-2811 Dr.Yoder Dr. Josiah Yoder

CS2910 4/25/2019 Video Questions Why would cipher-block-chaining need to use encryption data from previous blocks to get the desired outcome of the same plain text resulting in differing encrypted text. Couldn't you use other data, such as block index? (IE, a simple Caesar cipher where the displacement value is the block index+1) In ciphertext encryption, how does the key remain a secret? In certain cases, it seems really easy to find out what the key is. How exactly does Xor encryption work/ what two values are being XOR'd? (I didn't quite get it from the video). A short example might help. Will we be learning about some of the other aspects of cryptography? (e.g. Forward secrecy, deniable authentication) What are the benefits of stream vs block? To increase security, why aren't privately designed algorithms more prevalent? Seems to add another layer on top of a private key. SE-2811 Dr.Yoder Dr. Josiah Yoder

CS2910 4/25/2019 Video Questions Is there an easy way to switch the key if it becomes compromised? what stops someone from intercepting an encrypted message, and changing the way it is encrypted and sending it on to the intended receiver? clarity on how a message sender is determined when it's a private or public key Where did the names Alice and Bob come from? How exactly does perfect future encryption work? SE-2811 Dr.Yoder Dr. Josiah Yoder

Themes Standard Algorithms Session Keys CS2910 4/25/2019 Themes Standard Algorithms What are they? How do they work? Why not make your own? Session Keys How to share keys? Why use if public/private keys are needed anyway? Why regenerate for every session? Detecting Forgery / Man-in-the middle Dr. Josiah Yoder

Standard Block Cipher Algorithms CS2910 4/25/2019 Standard Block Cipher Algorithms DES, Triple DES (Data Encryption Standard) NSA AES (Advanced Encryption Standard) NIST, but note NSA involvement in other algorithms published by NIST Blowfish Not standard. Self-published algorithm Why not write your own? (Because …) SE-2811 Dr.Yoder Dr. Josiah Yoder

https://www.polleverywhere.com/free_text_polls/zIp2tH2IVWjXv4H CS2910 4/25/2019 Muddiest Point SE-2811 Dr. Josiah Yoder Dr. Josiah Yoder