1 Encryption and Forensics/Data Hiding. 2 Cryptography Background See: For more information.

Slides:



Advertisements
Similar presentations
Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
Advertisements

CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
Digital Signatures and Hash Functions. Digital Signatures.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Cryptographic Technologies
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
CS1001 Lecture 24. Overview Encryption Encryption Artificial Intelligence Artificial Intelligence Homework 4 Homework 4.
Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
Introduction to Cryptography
Computer Science CSC 774Dr. Peng Ning1 CSC 774 Advanced Network Security Topic 2. Review of Cryptographic Techniques.
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
Introduction to Public Key Cryptography
Chapter 31 Network Security
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.
© Neeraj Suri EU-NSF ICT March 2006 DEWSNet Dependable Embedded Wired/Wireless Networks MUET Jamshoro Computer Security: Principles and Practice Slides.
Security. Cryptography Why Cryptography Symmetric Encryption – Key exchange Public-Key Cryptography – Key exchange – Certification.
Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)
Lecture 19 Page 1 CS 111 Online Symmetric Cryptosystems C = E(K,P) P = D(K,C) E() and D() are not necessarily the same operations.
Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.
10/1/2015 9:38:06 AM1AIIS. OUTLINE Introduction Goals In Cryptography Secrete Key Cryptography Public Key Cryptograpgy Digital Signatures 2 10/1/2015.
The School of Electrical Engineering and Computer Science (EECS) CS/ECE Network Security Dr. Attila Altay Yavuz Basics Credit: Prof. Dr. Peng Ning Network.
Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.
Cryptography, Authentication and Digital Signatures
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
CSCE 201 Introduction to Information Security Fall 2010 Data Protection.
Chapter 17 Security. Information Systems Cryptography Key Exchange Protocols Password Combinatorics Other Security Issues 12-2.
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 2 – Cryptographic.
Network Security David Lazăr.
Dr. Reuven Aviv, Nov 2008 Conventional Encryption 1 Conventional Encryption & Message Confidentiality Acknowledgements for slides Henric Johnson Blekinge.
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
Lecture 2: Introduction to Cryptography
Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Security fundamentals Topic 4 Encryption. Agenda Using encryption Cryptography Symmetric encryption Hash functions Public key encryption Applying cryptography.
Cryptography and Network Security (CS435) Part Nine (Message Authentication)
Intro to Cryptography Lesson Introduction
Computer and Network Security - Message Digests, Kerberos, PKI –
Network Security Celia Li Computer Science and Engineering York University.
1 Cryptography Troy Latchman Byungchil Kim. 2 Fundamentals We know that the medium we use to transmit data is insecure, e.g. can be sniffed. We know that.
Lecture 3 Page 1 CS 236 Online Introduction to Cryptography CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
Prof. Reuven Aviv, Nov 2013 Public Key Infrastructure1 Prof. Reuven Aviv Tel Hai Academic College Department of Computer Science Public Key Infrastructure.
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.
1 Network Security. 2 Security Services Confidentiality: protection of any information from being exposed to unintended entities. –Information content.
CS/ECE 578 Cyber-Security Dr. Attila Altay Yavuz
CS/ECE Network Security Dr. Attila Altay Yavuz
IT443 – Network Security Administration Instructor: Bo Sheng
Computer Communication & Networks
Cryptographic Hash Function
Security through Encryption
CS/ECE 478 Network Security Dr. Attila Altay Yavuz
Security.
Introduction to Cryptography (1)
Presentation transcript:

1 Encryption and Forensics/Data Hiding

2 Cryptography Background See: For more information

3 Security Objectives Confidentiality (Secrecy): Prevent/Detect/Deter improper disclosure of information Integrity: Prevent/Detect/Deter improper modification of information Availability: Prevent/Detect/Deter improper denial of access to services provided by the system

4 Security Services Confidentiality: protection of any information from being exposed to unintended entities. –Information content –Parties involved –Where they are, how they communicate, how often, etc. Authentication: assurance that an entity of concern or the origin of a communication is authentic - it’s what it claims to be or from Integrity: assurance that the information has not been tampered with

5 Encryption/Decryption plaintext encryption ciphertext decryption plaintext Plaintext: a message in its original form Ciphertext: a message in the transformed, unrecognized form Encryption: the process for producing ciphertext from plaintext Decryption: the reverse of encryption Key: a secret value used to control encryption/decryption

6 Cryptanalysis: Break an Encryption Scheme Ciphertext only –Analyze only with the ciphertext –Exhaustive search until “recognizable plaintext” –Need enough ciphertext Known Plaintext – is obtained –Great for monoalphabetic cipher Chosen Plaintext: –Choose plaintext, get the ciphertext –Useful if limited set of messages

7 Methods for Attacking Encrypted Text Table 4-1 of the textbook Cryptanalysis –Ciphertext only Analyze only with the ciphertext Exhaustive search until “recognizable plaintext” Need enough ciphertext –Known Plaintext is obtained –Chosen Plaintext: Choose plaintext, get the ciphertext Useful if limited set of messages Password Guess (Similar to known plaintext) –Dictionary –Educated Guess –Brute Force

8 Methods for Attacking Encrypted Text – Con’t Scavenge Password –Physical Search –Logical Search –Network Sniff …

9 Computationally Difficult Cryptographic algorithms need to be reasonably efficient Cryptographic algorithms are not impossible to break with the key –e.g. try all the keys – brute-force cryptanalysis –Time can be saved by spending money on more computers. A scheme can be made more secure by making the key longer –Increase the length of the key by one bit The good guy’s job just a little bit harder The bad guy’s job up to twice as hard.

10 Types of Cryptographic functions Secret Key Cryptography –One key Public Key Cryptography –Two keys: public, private Hash function –No key

11 Secret Key Cryptography plaintext encryption ciphertext decryption plaintext key Same key is used for both encryption and decryption –Symmetric cryptography –Conventional cryptography Ciphertext is about the same length as the plaintext Examples: DES, IDEA, AES… same key

12 Public Key Cryptography plaintext encryption ciphertext decryption plaintext public keyprivate key Invented/published in 1975 Each individual has two keys: –Private key is kept secret –Public key is publicly known Much slower than secret key cryptography Also known as –Asymmetric cryptography

13 Public Key Cryptography cont’d plaintext signing Signed message verification plaintext private keypublic key Digital Signature –Only the party with the private key can generate a digital signature –Verification of the signature only requires the knowledge of the public key –The signer cannot deny he/she has done so. –Example illustrated in Fig. 4-4 and 4-5

14 Applications of Public Key Cryptography Security uses of public key cryptography –Known public key cryptography is orders of magnitude slower than the best known secret key cryptographic algo. Transmitting over an Insecure Channel Alice Encrypt m A using e B Bob Decrypt to m A using d B Encrypt m B using e A Decrypt to m B using d A e: public key, d: private key Secure Storage on Insecure Media –Because of performance issues, you can randomly generate a secret key, encrypt the data with that secret key, and encrypt the secret key with the public key –Using public key of a trusted person

15 Hash Algorithms Message digests, one-way transformations Message of arbitrary length Hash h A fixed-length short message Easy to compute h(m) Given h(m), no easy way to find m Computationally infeasible to find m 1 and m 2, so that h(m 1 ) = h(m 2 )

16 Trusted Intermediaries Cannot do pair-wise authentication with secret key technology –Each computer needs to know n-1 keys Key Distribution Center (KDC) Certification Authorities (CAs) Certificate

17 Key Distribution Center Use a trusted node known as Key Distribution Center (KDC) –Secret key cryptography The KDC knows keys for all nodes –  asks KDC for secret (securely) to talk to  –KDC encrypts R  with the key shared between  and KDC, send to  –KDC encrypts R  with the key shared between  and KDC, send to  : ticket

18 Certification Authorities (CAs) Public key cryptography –Problem: How can you be sure that the public keys are correct? CA: ensure validity of public keys Certificates –Signed messages specifying a name (Alice) and the corresponding public key –All nodes need to be preconfigured with the CA’s public key

19 Certificate Authorities Trusted by IE art2/c06ie6rk.mspx?mfr=true

20 Certification Practice Statement Certification Practice Statement (CPS) –How certificate authorities operate, maintain the security of their infrastructures. –Certificate Revocation List One example: –Verisign CPS

21 Codes and Compression uuencode – –Uuencoding obscures binary data, but not ASCII text –Winzip can open and extract uuencoded files Compression –Recognizable patterns –Lossless data compression Zip, gzip GIF, TIFF.. –Lossy data compression JPEG, MPEG… Data is often compressed before it is encrypted

22 Challenges Any transformation performed on text data make it difficult or impossible to do a batch search for keywords! How to identify encrypted data –To see if it can be compressed

23 Password recovery tool for Windows Cain: – (Doc: –Uncovering cached password –Recovering password by sniffing the network –Cracking encrypted password using Dictionary –Brute-force and Cryptanalysis attacks –…

24 Cain – uncover password from protected storage

25 Cain – attack against encrypted password

26 Password Cracker L0phCrack ZipPassword

27 Hiding and Finding Data Changing a file’s extension –Windows uses the filename extension to identify the data type of the file –Quick View Plus Check the file header –Contain a hexadecimal value that can be usually correlated to file type File Format Information –

28 Steganography Steganos: secret or hidden Graphy: drawing or writing

29 File Systems Windows NT and Windows XP support NTFS, FAT16, and FAT 32.

30 NTFS Alternate Data Streams (ADS) NTFS file systems supports multiple data streams Allow files to be associated with more than one data stream Method of hiding executables or proprietary content Uses NTFS file system multiple attributes Syntax – {file name}:{stream name} Create: type file > visible:hidden Reference: – treams.htmlhttp:// treams.html

31 ADS Example 1 start c:\temp\calc.exe:notepad.exe

32 ADS Example 2

33 ADS Example 2 – Con’t

34 ADS Example 2– Con’t

35 LADS – List Alternate Data Streams