Copyright Justin Klein Keane InfoSec Training Encryption.

Slides:

Advertisements

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Advertisements

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

Cryptography Basic (cont)

Chapter 5 Cryptography Protecting principals communication in systems.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Cryptographic Technologies

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.

Encryption Methods By: Michael A. Scott

Digital Signature Xiaoyan Guo/ Xiaohang Luo/

Cryptography 101 Frank Hecker

Sorting Out Digital Certificates Bill blog.codingoutloud.com ··· Boston Azure ··· 13·Dec·2012 ···

8. Data Integrity Techniques

Chapter 31 Network Security

CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.

1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.

DNSSEC Cryptography Review Track 2 Workshop July 3, 2010 American Samoa Hervey Allen.

Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward.

Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

Cryptography ECT 582 – Winter 2004 Robin Burke. Discussion.

_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.

Crypto Bro Rigby. History

Symmetric versus Asymmetric Cryptography. Why is it worth presenting cryptography? Top concern in security Fundamental knowledge in computer security.

Public Key Encryption and the RSA Public Key Algorithm CSCI 5857: Encoding and Encryption.

Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.

Cryptography, Authentication and Digital Signatures

E-commerce What are the relationships among: – Client (i.e. you) – Server – Bank – Certification authority Other things to consider: – How to set up your.

©The McGraw-Hill Companies, Inc., 2000© Adapted for use at JMU by Mohamed Aboutabl, 2003Mohamed Aboutabl1 1 Chapter 29 Internet Security.

Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.

CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.

4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.

Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.

Basic Cryptography 1. What is cryptography? Cryptography is a mathematical method of protecting information –Cryptography is part of, but not equal to,

Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!

ITIS 1210 Introduction to Web-Based Information Systems Chapter 50 Cryptography, Privacy, and Digital Certificates.

Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.

Internet-security.ppt-1 ( ) 2000 © Maximilian Riegel Maximilian Riegel Kommunikationsnetz Franken e.V. Internet Security Putting together the.

11-Basic Cryptography Dr. John P. Abraham Professor UTPA.

Encryption. What is Encryption? Encryption is the process of converting plain text into cipher text, with the goal of making the text unreadable.

Symmetric Cryptography, Asymmetric Cryptography, and Digital Signatures.

Public / Private Keys was a big year… DES: Adopted as an encryption standard by the US government. It was an open standard. The NSA calls it “One.

Encryption No. 1  Seattle Pacific University Encryption: Protecting Your Data While in Transit Kevin Bolding Electrical Engineering Seattle Pacific University.

Digital Signatures, Message Digest and Authentication Week-9.

Lecture 2: Introduction to Cryptography

1 Normal executable Infected executable Sequence of program instructions Entry Original program Entry Jump Replication and payload Viruses.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Security fundamentals Topic 4 Encryption. Agenda Using encryption Cryptography Symmetric encryption Hash functions Public key encryption Applying cryptography.

Cryptography Readings Encryption, Decryption, & Digital Certificates.

Mort Anvari Introduction to Encryption Technology To insert your company logo on this slide From the Insert Menu Select “Picture” Locate your logo file.

Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does.

Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

Computer Security By Rubel Biswas. Introduction History Terms & Definitions Symmetric and Asymmetric Attacks on Cryptosystems Outline.

CPIS 312 Chapter Four: PUBLIC KEY CRYPTO. Index 2 A.Introduction A.1 Asymmetric Key Cryptography- Introduction A.2 General ideas about the Public Key.

CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.

Web Applications Security Cryptography 1

Attacks on Public Key Encryption Algorithms

Security through Encryption

Lesson Objectives Aims You should know about: 1.3.1:

The Secure Sockets Layer (SSL) Protocol

Presentation transcript:

Copyright Justin Klein Keane InfoSec Training Encryption

Copyright Justin Klein Keane Terminology Plaintext Ciphertext Encrypt Decrypt

Copyright Justin Klein Keane About Encryption Idea is to obscure messages from observation Encryption can be used to protect secrets but also:  To verify identity  To verify authenticity  To verify integrity  To verify authorization

Copyright Justin Klein Keane Not Encryption - Encoding Encoding is a method to alter data Follows a set of guidelines about how to represent data in a specific format Encoding is formatting, not data hiding

Copyright Justin Klein Keane Not Encryption - Hashing Hashing uses a one way mathematical algorithm to take an input and generate a seemingly random, unique, output Hashing the same input twice produces the same output There is no way to reverse a hash (i.e. You can't go from a hash value to an original value) Collisions – when two different inputs produce the same hash

Copyright Justin Klein Keane How Encryption works Take data Apply an algorithm to the data Use a key so that the process can be repeated Output should be unintelligible

Copyright Justin Klein Keane Good Encryption There is no good “proprietary” encryption The best encryption schemes use open standards and protocols The standards and protocols are all well understood, verified, reviewed and vetted The secrecy is in the keys used

Copyright Justin Klein Keane Encryption Types Symmetric (two way encryption)  Shared key Asymmetric (one way encryption)  Public key (think RSA and PGP)

Copyright Justin Klein Keane Symmetric Encryption Same key used to encrypt and decrypt Very fast and computationally non-intensive Issue is sharing the key How do two parties trade keys in the presence of an adversary? Diffie-Hellman key exchange allows this

Copyright Justin Klein Keane Asymmetric Encryption RSA is best example Public and private keys are used Public key used to encrypt Private key used to decrypt Thus public keys can be shared, private keys are held closely Key management is still an issue (is the public key you have for John the right one?)

Copyright Justin Klein Keane Digital Signing Uses public key crypto A message is signed by turning it into a number, and running an operation on the number using the private key Anyone with the public key can reverse the operation and compare the numbers This allows assertions that the holder of the private key sent the message, and it was not changed in transit

Copyright Justin Klein Keane Attacks on Crypto Brute force (a lot trickier than you'd think) Chosen plaintext attacks Chosen ciphertext attacks Birthday attack Dictionary (precomputation) attack Differential cryptoanalysis

Copyright Justin Klein Keane Digital Certificates Used to validate the source of an encrypted message Certificate is passed to and verified by the client Let's you know you're talking to the “real” bank that you use Certificate Authorities (CA's) are supposed to verify identity before issuing certificates Stolen certs are a very bad thing Signing certs allow holders to issue sub-certs

Copyright Justin Klein Keane Real World Crypto Whole disk encryption HTTPS/SSL SSH PGP VPN Hashing Two factor authentication