ITR3 lecture 5: Free software, Cryptogaphy, Linux Thomas Krichel 2002-10-16.

Slides:



Advertisements
Similar presentations
Chapter 3 Public Key Cryptography and Message authentication.
Advertisements

The Web Wizards Guide to Freeware/Shareware Chapter Six Open Source Software.
Free Beer and Free Speech Thomas Krichel
A Lawyer Looks at the Open Source Revolution Robert W. Gomulkiewicz Director, Intellectual Property Law & Policy Program Associate Professor of Law University.
What is GNU/Linux (Not Linux!)? David Sudjiman davidsudjiman (at) yahoo (dot) com The latest version of this document can.
NSRC Workshop Some fundamental security concerns... Confidentiality - could someone else read my data? Integrity - has my data been changed? Authentication.
Copyleft and cathedrals How the counterculture is changing the way we do business.
GNU, Linux and Open Source GNUKernel GNU/ Linux OpenSource.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
Introduction to Linux Chapter 1. Operating Systems Operating System (OS) - most basic and important software on a computer Performs core tasks Organize.
How Is Open Source Affecting Software Development? Je-Loon Yang.
Open Source Software Licensing: Software And it’s Components SEAN KENEFICK.
COMP 6005 An Introduction To Computing Session Two: Computer Software Acquiring Software.
Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.
CHAPTER 6 OPEN SOURCE SOFTWARE AND FREE SOFTWARE
Lecture 19 Page 1 CS 111 Online Security for Operating Systems: Cryptography, Authentication, and Protecting OS Resources CS 111 On-Line MS Program Operating.
OpenSSH: A Telnet Replacement Presented by Aaron Grothe Heimdall Linux, Inc.
What the hell is. Free software is software that anyone is free to use, copy, improve, examine or distribute, either free of cost or for a price. More.
Tonga Institute of Higher Education Design and Analysis of Algorithms IT 254 Lecture 9: Cryptography.
1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)
Copyright and Software and You. What is copyright? The Copyright Act of 1976 prevents the unauthorized copying of a work of authorship. – However, only.
1 EPICS EPICS Licensing BESSY, May 2002 Andrew Johnson.
Is Open Source Software a viable option for private and public organizations? Anthony W. Hamann Tuesday, March 21, 2006.
Licenses A Legal Necessity Copyright © 2015 – Curt Hill.
LIS508 lecture 9: GNU & introduction to networks Thomas Krichel
Programming and Application Packages
Overview of Linux Dr. Michael L. Collard 1.
A Basic Introduction to Free and Open Source Software Presented by John Bocan.
Open Licensing on the web Dr Savithri Singh Acharya Narendra Dev College February 29,
OPEN SOURCE AND FREE SOFTWARE. What is open source software? What is free software? What is the difference between the two? How the two differs from shareware?
CHAPTER 6 Cryptography. An Overview It is origin from the Greek word kruptos which means hidden. The objective is to hide information so that only the.
Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.
Open Source Ethics Muhammad Sarmad Ali. What is Open Source? Doesn’t just mean access to source code.
CPS 82, Fall Open Source, Copyright, Copyleft.
LIS508 last lecture: Cryptography & Security Thomas Krichel
Chapter 17 Security. Information Systems Cryptography Key Exchange Protocols Password Combinatorics Other Security Issues 12-2.
LIS508 background of GNU/Linux
Kerberos. What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open source or in supported commercial software.
Encryption.
Copyright 1999 S.D. Personick. All Rights Reserved. Telecommunications Networking II Lecture 41b Cryptography and Its Applications.
Lecture 2: Introduction to Cryptography
24-Nov-15Security Cryptography Cryptography is the science and art of transforming messages to make them secure and immune to attacks. It involves plaintext,
Encryption Basics Module 7 Section 2. History of Encryption Secret - NSA National Security Agency –has powerful computers - break codes –monitors all.
K. Salah1 Cryptography Module I. K. Salah2 Cryptographic Protocols  Messages should be transmitted to destination  Only the recipient should see it.
Open Source Software. Chris Moylan Group 5...I think.
How to Use The Creative Commons Licenses. [formats]
Lecture 3 Page 1 CS 236 Online Introduction to Cryptography CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
9.2 SECURE CHANNELS JEJI RAMCHAND VEDULLAPALLI. Content Introduction Authentication Message Integrity and Confidentiality Secure Group Communications.
LINUX Presented By Parvathy Subramanian. April 23, 2008LINUX, By Parvathy Subramanian2 Agenda ► Introduction ► Standard design for security systems ►
INCS 741: Cryptography Overview and Basic Concepts.
1 Example security systems n Kerberos n Secure shell.
Computer Security By Rubel Biswas. Introduction History Terms & Definitions Symmetric and Asymmetric Attacks on Cryptosystems Outline.
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
The New NAP Members’ Area Development. Elgg What is elgg? –Elgg is an award-winning open source social networking platform.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
Compsci 82, Fall Open Source, Copyright, Copyleft.
Free Software - Introduction to free software and the GPL Copyright © 2007 Marcus Rejås Free Software Foundation Europe I hereby grant everyone the right.
What is F/LOSS? By Scot Henderson.
LINUX History In 1984 a project was launched by Richard Stallman to develop a complete Unix-like operating system that would be considered free software.
OPEN SOURCE.
USAGE OF CRYPTOGRAPHY IN NETWORK SECURITY
What is Copyright?.
Chapter I. Freedom and Open Source
Presentation transcript:

ITR3 lecture 5: Free software, Cryptogaphy, Linux Thomas Krichel

Structure Principles of cryptography –ssh –putty Playing around with Linux Free Software

Cryptography

Introduction A subject with a very colorful history. In the past cryptography mainly used by military, diplomatic corps, diarists and lovers. For the military, difficulty of encryption in the battlefield was main problem. Original data, called “plaintext” is transformed by a function parameterized by a “key”, to get “cyphertext”. The art of finding the way to get from the cyphertext to the plain text is called cryptanalysis. We assume that the cryptanalyst knows the general method, but does not know the key. Cryptanalysts one of three types of problems –cyphertext only –known plaintext –chosen plaintext

Tradition methods Substitution ciphers keep letters in the same position but replace each letter of the alphabet with another. Transposition ciphers keep each letter as it is but shovels the letters around. We need some redundant data in the ciphertext in order to deter active intruders from generating bogus message but the more redundant data in the plain text makes it easier for passive intruders. Main problem: keeping the key secret.

Diffie and Hellman (1978) Let P be the plaintext, C be the cyphertext. E() is the encryption key and D() is the decryption key. Then we have public key cryptography if –1. D(E(P))=P –2. E() can not be broken by chosen plaintext attack –3. Knowing E() will give you no clue about D(). E can then be made public and is referred to as the public key, D() is the private key. It is possible to find key pairs that have these properties.

Authentication I want to securely login to a host machine. I send the hast an encrypted message ``hey, I am Thomas, my public key is blahblahblah.'' Machine then knows how to send me messages that other people can not decode. But it can not be sure that it was me who sent the message. Lynn may have done that since me public key is public. It therefore encodes a random number, and challenges me to decode that number. This is a challenge-response system.

After challenge/response My software and the host will agree on a session key to use to encrypt all communication. Thus the communication is encoded using simple cryptography because that is less intensive.

If Lynn is really evil Then she operates a clone of the host I want to talk to, and redirects my communication to the clone, rather than to the host that I want to talk to. This is called a “man-in-the-middle” attack. Therefore hosts issues a key, too. I can compare the host key issued with a list of keys that I already know, and challenge any host. But on first connection, I do not know the host key, so I have to take it on trust.

Ssh, an implementation The secure shell ssh is an implementation of public-key cryptography mainly on UNIX and Co systems. Version 1 and 2 exist. ssh-keygen –t rsa generate a public and private key in.ssh/.ssh/authorized_keys is a list of keys that are allowed to login to the account without password

putty Is a free ssh client for windows machines. Get it and install it.

Why is buying software different than buying a car?

Software anatomy Software can be distributed in two ways –Binary code –Source code Sometimes both are available

Binary code Looks like this ^ 4 ^ô

Binary code It will run on a compute with one operating system, may not run on a computer with another. It can not be modified. It is difficult to find out what it does.

Source code /* For now, don't try to include termcap.h. On some systems, configure finds a non-standard termcap.h that the main build won't find. */ #if defined HAVE_TERMCAP_H && 0 #include #else extern void tputs P_ ((const char *, int, int (*)(int))); extern int tgetent P_ ((char *, const char *)); extern int tgetflag P_ ((char *id)); extern int tgetnum P_ ((char *id)); #endif

Source code This is human (geek) readable code. May be understood by humans. Can be changed. Needs a compiler software to translate it to translate it to binary code, for every type of machine where it needs to run.

One upon a time Early 80s, MIT lab get a printer as a shared resource, but with faulty driver software that leads the printer to be jammed. Richard Stallman tries to get the source code to change the driver software, but can not get it. Decides to work for software freedom. Founds Free Software Foundation FSF. Resigns from MIT AI lab to work on a free replacement of UNIX. Wrote important parts of UNIX replacement

Stallman’s theory of 4 freedoms Free software is a matter of the users' freedom to run, copy, distribute, study, change and improve the software. It implies –The freedom to run the program, for any purpose (freedom 0). –The freedom to study how the program works, and adapt it to your needs (freedom 1). –The freedom to redistribute copies so you can help your neighbor (freedom 2). –The freedom to improve the program, and release your improvements to the public, so that the whole community benefits. (freedom 3). Access to the source code is a precondition for freedom 1 and 3. For that reason, some people refer to free software as open source software.

GNU public license GNU is not UNIX Its license is the most famous among a group of licenses for free software. License to implement the four freedoms. Key idea: The licensee is not allowed to impose restrictions on the code that (s)he has developed from the code that she received. Such software is know as “copylefted” software.

Free speech and free beer “Public domain software”, not copyrighted, but modified copies may not be free. “Copy-lefted free software”, comes with the permission to use and modify, but prohibits adding further restrictions to the distribution. “Non-copylefted free software”, comes with the permission to use, modify and add restrictions of distribution. “Semi-free software” comes with permission for individuals to use, copy, distribute, and modify (including distribution of modified versions) for non-profit purposes. “Proprietary software”, is not free or semi-free. “Shareware”, comes with a permission to distribute but users have to pay a fee. “Freeware” has no agreed meaning. “Commercial software” is software written to make a profit from its use. There is such a thing as commercial free software.

Debian Is a distribution of free software that provides an operating system and application programs Named after Deborah and Ian Jackson Uses the Linux kernel, but could run with other kernels Uses mainly GNU software Therefore also called Debian GNU/Linux

Debian social contact Debian Will Remain 100% Free Software We Will Give Back to the Free Software Community We Won't Hide Problems Our Priorities are Our Users and Free Software Programs That Don't Meet Our Free- Software Standards –Are distributed as well

Debian free software license Free Redistribution –The license of a Debian component may not restrict any party from selling or giving away the software as a component of an aggregate software distribution containing programs from several different sources. – The license may not require a royalty or other fee for such sale. Source Code –The program must include source code, and must allow distribution in source code as well as compiled form. Derived Works –The license must allow modifications and derived works, and must allow them to be distributed under the same terms as the license of the original software. Integrity of The Author's Source Code –The license may restrict source-code from being distributed in modified form _only_ if the license allows the distribution of "patch files" with the source code for the purpose of modifying the program at build time. – The license must explicitly permit distribution of software built from modified source code. – The license may require derived works to carry a different name or version number from the original software.

Debian free software guidelines No Discrimination Against Persons or Groups –The license must not discriminate against any person or group of persons. No Discrimination Against Fields of Endeavor –The license must not restrict anyone from making use of the program in a specific field of endeavor. For example, it may not restrict the program from being used in a business, or from being used for genetic research. Distribution of License –The rights attached to the program must apply to all to whom the program is redistributed without the need for execution of an additional license by those parties. License Must Not Be Specific to Debian –The rights attached to the program must not depend on the program's being part of a Debian system. If the program is extracted from Debian and used or distributed without Debian but otherwise within the terms of the program's license, all parties to whom the program is redistributed should have the same rights as those that are granted in conjunction with the Debian system. License Must Not Contaminate Other Software –The license must not place restrictions on other software that is distributed along with the licensed software. For example, the license must not insist that all other programs distributed on the same medium must be free software. Example Licenses –The "GPL", "BSD", and "Artistic" licenses are examples of licenses that we consider "free".GPLBSDArtistic

Debian releases Debian always has at least three releases in active maintenance: “stable”, “testing” and ``unstable”. stable –The “stable” distribution contains the latest officially released distribution of Debian. This is the production release of Debian, the one which we primarily recommend using. testing –The “testing” distribution contains packages that haven't been accepted into a ``stable'' release yet, but they are in the queue for that. The main advantage of using this distribution is that it has more recent versions of software, and the main disadvantage is that it's not completely tested and has no official support from Debian security team. See the Debian FAQ for more information on what is ``testing'' and how it becomes ``stable''.Debian FAQwhat is ``testing''how it becomes ``stable'' unstable –The ``unstable'' distribution is where active development of Debian occurs. Generally, this distribution is run by developers and those who like to live on the edge. Each release has a name, usually from the toy story, an animation movie picture.

Thank you for your attention!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.