Information Security & Cryptographic Principles. Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction.

Slides:



Advertisements
Similar presentations
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Advertisements

Public Key Infrastructure and Applications
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Chapter 11: Cryptography
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
Public Key Infrastructure (X509 PKI)
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Encryption Matches Domain 4.0 Basics of Cryptography (15 percent of Security +) Network Security Class Dr. Kleist Note: Most material from Harris, Shon.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
Cryptography Basic (cont)
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.
E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.
Cryptographic Security Cryptographic Mechanisms 1Mesbah Islam– Operating Systems.
Computer Science Public Key Management Lecture 5.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
Sorting Out Digital Certificates Bill blog.codingoutloud.com ··· Boston Azure ··· 13·Dec·2012 ···
Chapter 31 Network Security
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.
Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.
1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
ECE453 – Introduction to Computer Networks Lecture 18 – Network Security (I)
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.
© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 3: VPN and Encryption Technology.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
S. Muftic Computer Networks Security 1 Lecture 4: Message Confidentiality and Message Integrity Prof. Sead Muftic.
Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian.
Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.
Cryptography, Authentication and Digital Signatures
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!
Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.
Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.
Symmetric Cryptography, Asymmetric Cryptography, and Digital Signatures.
Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.
Deck 10 Accounting Information Systems Romney and Steinbart Linda Batch March 2012.
Using Public Key Cryptography Key management and public key infrastructures.
7.6 Secure Network Security / G.Steffen1. In This Section Threats to Protection List Overview of Encrypted Processing Example.
Jump to first page Internet Security in Perspective Yong Cao December 2000.
Chapt. 10 – Key Management Dr. Wayne Summers Department of Computer Science Columbus State University
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
Key management issues in PGP
Basics of Cryptography
Computer Communication & Networks
IS3230 Access Security Unit 9 PKI and Encryption
Security in ebXML Messaging
Public Key Infrastructure
Chapt. 10 – Key Management Dr. Wayne Summers
Network Security - A Lecture 1 - NETW4006 NETW4006-Lecture01 1.
Public-Key, Digital Signatures, Management, Security
Presentation transcript:

Information Security & Cryptographic Principles

Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction to computer cryptography 2. Single key cryptographic algorithms 2. Single key cryptographic algorithms 3. Public key cryptographic algorithms 3. Public key cryptographic algorithms 4. Crypto Applications 4. Crypto Applications 5. Business Continuity 5. Business Continuity

Intranet Extranet Internet AliceBob There are Confidence and Trust Issues … Basic Problem

Multiple Security Issues Privacy Integrity Authentication Non-repudiation Not sent not received Interception Spoofing Modification Proof of parties involved Claims

Information Security IntegrityAvailability Confidentiality

Security Services Integrity Information has not been altered Confidentiality Content hidden during transport Authentication Identity of originator confirmed Non-Repudiation Originator cannot repudiate transaction

Some confidential text (message) in clear (readable) form Data Confidentiality

Some confidential text (message) in clear (readable) form Someconfid entialtext essage) in clear E n c r y p t i o n Cryptography

Some confidential text (message) in clear (readable) form D e c r y p t i o n Someconfid entialtext essage) in clear Cryptography

Some confidential text (message) in clear (readable) form Someconfi  Entialte  essage)  in clear Crypto Transformations

Some confidential text (message) in clear (readable) form Crypto Transformations Someconfi  Entialte  essage)  in clear

Some confidential text (message) in clear (readable) form Crypto key Parameterization Someconfid entialtext essage) in clear Someconfid entialtext essage) in clear Someconfid entialtext essage) in clear Someconfid entialtext essage) in clear Someconfid entialtext essage) in clear Someconfid entialtext essage) in clear Someconfid entialtext essage) in clear Someconfi  Entialte  essage)  in clear

Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction to computer cryptography 2. Single key cryptographic algorithms 2. Single key cryptographic algorithms 3. Public key cryptographic algorithms 3. Public key cryptographic algorithms 4. Crypto Applications 4. Crypto Applications 5. Business Continuity 5. Business Continuity

Some confidential text (message) in clear (readable) form Someconfid Entialtext essage) in clear E n c r y p t i o n D e c r y p t i o n Crypto key Single Key Crypto

How to design good cryptographic systems ? What does it mean good crypto system ? Design... ?

1. Simple for users 1. Simple for users 2. Complicated for intruders 2. Complicated for intruders 3. Public algorithm 3. Public algorithm 4. Secret key 4. Secret key 5. Large number of combinations 5. Large number of combinations 6. Special properties 6. Special properties Principles

1. AES 1. AES 2. IDEA 2. IDEA 3. Triple - DES 3. Triple - DES 4. RC-2 4. RC-2 5. RC-4 5. RC-4 6. Blowfish 6. Blowfish Other Symmetric Algorithms

Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction to computer cryptography 2. Single key cryptographic algorithms 2. Single key cryptographic algorithms 3. Public key cryptographic algorithms 3. Public key cryptographic algorithms 4. Crypto Applications 4. Crypto Applications 5. Business Continuity 5. Business Continuity

Some confidential text (message) in clear (readable) form Someconfi entialtext essage) in clear E n c r y p t i o n D e c r y p t i o n Crypto key Secret Key Systems

? Key Exchange

Public Key Cryptography Some confidential text (message) in clear (readable) form Encryption Key 1 Key 2 Someconfi entialtext essage) in clear Decryption

Public Key Cryptography MSG Encryption Bob Public Bob tia Decryption MSG Alice Alice Public Bob PrivateAlice Private Digital Signature … Authentication … Non-Repudiation

Public Key Cryptography MSG Encryption Bob Public Bob tia Decryption MSG Alice Alice Public Bob PrivateAlice Private Confidentiality

m m Symmetric: Faster than asymmetric, hard to break with large key, hard to distribute keys, too many keys required, cannot authenticate or provide non- repudiation. m m Includes: DES, Triple DES, Blowfish, IDEA, RC4, RC5, RC6, AES Symmetric and Asymmetric Encryption

m m Asymmetric cryptography: Better at key distribution, better scalability for large systems, can provide authentication and non-repudiation, slow, math intensive m m Includes: RSA, ECC, Diffie Hellman, El Gamal, DSA, Knapsack, PGP Symmetric and Asymmetric Encryption

Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction to computer cryptography 2. Single key cryptographic algorithms 2. Single key cryptographic algorithms 3. Public key cryptographic algorithms 3. Public key cryptographic algorithms 4. Crypto Applications 4. Crypto Applications 5. Business Continuity 5. Business Continuity

1. Digital signature 2. Digital enveloping 3. Digital certificates 4. Secret key exchange Crypto Applications

A Digital Signature is a data item A Digital Signature is a data item that vouches for the origin and that vouches for the origin and the integrity of a Message the integrity of a Message Intranet Extrane t Internet Alice Bob Digital Signature

Hash Function Message Signature Private Key Encryption Digest Message Decryption Public Key ExpectedDigestActualDigest Hash Function SignerReceiver Channel DigestAlgorithm DigestAlgorithm Digital Signature

“Real Identity” of the Signer. Why should I trust what the Sender claims to be ? be ? Moving towards PKI … Digital Signature

A Digital Certificate is a binding between an entity’s Public Key and one or more Attributes related to its Identity. The entity The entity can be a Person, an Hardware Component, a Service, etc. A Digital Certificate A Digital Certificate is issued (and signed) by someone : Usually the issuer is a Trusted Third Party Digital Certificate

CERTIFICATE Issuer Subject Issuer Digital Signature Subject Public Key Digital Certificate

How are Digital Certificates Issued? How are Digital Certificates Issued? Who is issuing them? Who is issuing them? Why should I Trust the Certificate Issuer? Why should I Trust the Certificate Issuer? How can I check if a Certificate is valid? How can I check if a Certificate is valid? How can I revoke a Certificate? How can I revoke a Certificate? Who is revoking Certificates? Who is revoking Certificates? Moving towards PKI … Digital Certificate

Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction to computer cryptography 2. Single key cryptographic algorithms 2. Single key cryptographic algorithms 3. Public key cryptographic algorithms 3. Public key cryptographic algorithms 4. Crypto Applications 4. Crypto Applications 5. Business Continuity 5. Business Continuity

Business Continuity and Disaster Recovery m m Businesses are more susceptible to failure after a disaster m m Goal To minimize disaster aftermath and ensure resources, personnel, and business processes resume m m By Planning measures Backing up data and hardware Getting the right people in place m m Requirements Management support Driving the project, top-down approach Must understand value of investing in BCP – – Returns can be priceless

Business Continuity Steps m m Steps Develop the continuity planning policy statement Conduct the business impact analysis (BIA) Identify preventive controls Develop recovery strategies Develop the contingency plan Test the plan and conduct training and exercises Maintain the plan m m Understanding the Organization

Business Continuity Plan

Business Impact Analysis BIA Considered a functional analysis Team collects data in variety of ways Maps out following characteristics: – – Maximum tolerable downtime – – Operational disruption and productivity – – Financial considerations – – Regulatory responsibilities – – Reputation Understand the variety of possible threats Must go through all possible scenarios

Questions

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.