Security+ Guide to Network Security Fundamentals, Third Edition Chapter 11 Basic Cryptography.

Slides:



Advertisements
Similar presentations
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Advertisements

CIS 193A – Lesson6 CRYPTOGRAPHY RAPELCGRQ. CIS 193A – Lesson6 Focus Question Which cryptographic methods help computer users maintain confidentiality,
Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing.
Crytography Chapter 8.
1 ITNS and CERIAS CISSP Luncheon Series: Cryptography Presented by Addam Schroll, CISSP.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Principles of Information Security, 2nd edition1 Cryptography.
Web Security for Network and System Administrators1 Chapter 4 Encryption.
Security+ Guide to Network Security Fundamentals, Fourth Edition
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Cryptography Basic (cont)
Chapter 5 Cryptography Protecting principals communication in systems.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.
Cryptographic Technologies
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Dr Alejandra Flores-Mosri Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the.
What is Cryptography? Definition: The science or study of the techniques of secret writing, esp. code and cipher systems, methods, and the like Google.
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
Encryption Methods By: Michael A. Scott
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.
1 Chapter 4 Encryption. 2 Objectives In this chapter, you will: Learn the basics of encryption technology Recognize popular symmetric encryption algorithms.
1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.
DNSSEC Cryptography Review Track 2 Workshop July 3, 2010 American Samoa Hervey Allen.
1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.
Tonga Institute of Higher Education Design and Analysis of Algorithms IT 254 Lecture 9: Cryptography.
Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)
Linux Networking and Security Chapter 8 Making Data Secure.
Chapter 8: Scrambling Through Cryptography Security+ Guide to Network Security Fundamentals Second Edition.
Chapter 8: Scrambling Through Cryptography Security+ Guide to Network Security Fundamentals Second Edition.
Information Systems Security
Chapter 20 Symmetric Encryption and Message Confidentiality.
Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.
Cryptography, Authentication and Digital Signatures
Computer Security Fundamentals by Chuck Easttom Chapter 8 Encryption.
Chapter 20 Symmetric Encryption and Message Confidentiality.
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.
Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 2 – Cryptographic.
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
Symmetric Cryptography, Asymmetric Cryptography, and Digital Signatures.
Public / Private Keys was a big year… DES: Adopted as an encryption standard by the US government. It was an open standard. The NSA calls it “One.
Lecture 2: Introduction to Cryptography
Security fundamentals Topic 4 Encryption. Agenda Using encryption Cryptography Symmetric encryption Hash functions Public key encryption Applying cryptography.
BZUPAGES.COM Cryptography Cryptography is the technique of converting a message into unintelligible or non-understandable form such that even if some unauthorized.
1 Cryptography Troy Latchman Byungchil Kim. 2 Fundamentals We know that the medium we use to transmit data is insecure, e.g. can be sniffed. We know that.
BCIS 4630 Fundamentals of IT Security
Lecture 5 Page 1 CS 236 Online More on Cryptography CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Cryptography services Lecturer: Dr. Peter Soreanu Students: Raed Awad Ahmad Abdalhalim
Computer Security By Rubel Biswas. Introduction History Terms & Definitions Symmetric and Asymmetric Attacks on Cryptosystems Outline.
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
Cryptographic Algorithms
Cryptography.
IS3230 Access Security Unit 9 PKI and Encryption
10/7/2019 Created by Omeed Mustafa 1 st Semester M.Sc (Computer Science department) Cyber-Security.
Presentation transcript:

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 11 Basic Cryptography

Security+ Guide to Network Security Fundamentals, Third Edition Objectives Define cryptography Describe hashing List the basic symmetric cryptographic algorithms 2

Security+ Guide to Network Security Fundamentals, Third Edition Objectives (continued) Describe how asymmetric cryptography works List types of file and file system cryptography Explain how whole disk encryption works 3

Security+ Guide to Network Security Fundamentals, Third Edition Defining Cryptography Defining cryptography involves understanding what it is and what it can do It also involves understanding how cryptography can be used as a security tool to protect data 4

Security+ Guide to Network Security Fundamentals, Third Edition What Is Cryptography? Cryptography –The science of transforming information into an unintelligible form while it is being transmitted or stored so that unauthorized users cannot access it Steganography –Hides the existence of the data –What appears to be a harmless image can contain hidden data embedded within the image –Can use image files, audio files, or even video files to contain hidden information 5

Security+ Guide to Network Security Fundamentals, Third Edition6 What Is Cryptography? (continued)

Security+ Guide to Network Security Fundamentals, Third Edition What Is Cryptography? (continued) One of the most famous ancient cryptographers was Julius Caesar Caesar shifted each letter of his messages to his generals three places down in the alphabet Encryption –Changing the original text to a secret message using cryptography Decryption –Change the secret message back to its original form 7

Security+ Guide to Network Security Fundamentals, Third Edition8

Cryptography and Security Cryptography can provide basic security protection for information: –Cryptography can protect the confidentiality of information –Cryptography can protect the integrity of the information –Cryptography can help ensure the availability of the data –Cryptography can verify the authenticity of the sender –Cryptography can enforce non-repudiation 9

Security+ Guide to Network Security Fundamentals, Third Edition Cryptography and Security (continued) 10

Security+ Guide to Network Security Fundamentals, Third Edition Cryptographic Algorithms There are three categories of cryptographic algorithms: –Hashing algorithms –Symmetric encryption algorithms –Asymmetric encryption algorithms 11

Security+ Guide to Network Security Fundamentals, Third Edition Hashing Algorithms Hashing –Also called a one-way hash –A process for creating a unique “signature” for a set of data This signature, called a hash or digest, represents the contents Hashing is used only for integrity to ensure that: –Information is in its original form –No unauthorized person or malicious software has altered the data Hash created from a set of data cannot be reversed 12

Security+ Guide to Network Security Fundamentals, Third Edition Hashing Algorithms (continued) 13

Security+ Guide to Network Security Fundamentals, Third Edition Hashing Algorithms (continued) A hashing algorithm is considered secure if it has these characteristics: –The ciphertext hash is a fixed size –Two different sets of data cannot produce the same hash, which is known as a collision –It should be impossible to produce a data set that has a desired or predefined hash –The resulting hash ciphertext cannot be reversed The hash serves as a check to verify the message contents 14

Security+ Guide to Network Security Fundamentals, Third Edition15 Hashing Algorithms (continued)

Security+ Guide to Network Security Fundamentals, Third Edition Hashing Algorithms (continued) Hash values are often posted on Internet sites –In order to verify the file integrity of files that can be downloaded 16

Security+ Guide to Network Security Fundamentals, Third Edition17 Hashing Algorithms (continued)

Security+ Guide to Network Security Fundamentals, Third Edition18 Hashing Algorithms (continued)

Security+ Guide to Network Security Fundamentals, Third Edition Message Digest (MD) Message Digest (MD) algorithm –One common hash algorithm Three versions –Message Digest 2 (MD2) –Message Digest 4 (MD2) –Message Digest 5 (MD2) 19

Security+ Guide to Network Security Fundamentals, Third Edition Secure Hash Algorithm (SHA) –A more secure hash than MD –A family of hashes SHA-1 –Patterned after MD4, but creates a hash that is 160 bits in length instead of 128 bits SHA-2 –Comprised of four variations, known as SHA-224, SHA-256, SHA-384, and SHA-512 –Considered to be a secure hash 20

Security+ Guide to Network Security Fundamentals, Third Edition Whirlpool –A relatively recent cryptographic hash function –Has received international recognition and adoption by standards organizations –Creates a hash of 512 bits 21

Security+ Guide to Network Security Fundamentals, Third Edition Password Hashes Another use for hashes is in storing passwords –When a password for an account is created, the password is hashed and stored The Microsoft NT family of Windows operating systems hashes passwords in two different forms –LM (LAN Manager) hash –NTLM (New Technology LAN Manager) hash Most Linux systems use password-hashing algorithms such as MD5 Apple Mac OS X uses SHA-1 hashes 22

Security+ Guide to Network Security Fundamentals, Third Edition Symmetric Cryptographic Algorithms Symmetric cryptographic algorithms –Use the same single key to encrypt and decrypt a message –Also called private key cryptography Stream cipher –Takes one character and replaces it with one character Substitution cipher –The simplest type of stream cipher –Simply substitutes one letter or character for another 23

Security+ Guide to Network Security Fundamentals, Third Edition24

Security+ Guide to Network Security Fundamentals, Third Edition25 Symmetric Cryptographic Algorithms (continued)

Transposition cipher –A more complicated stream cipher –Rearranges letters without changing them With most symmetric ciphers, the final step is to combine the cipher stream with the plaintext to create the ciphertext –The process is accomplished through the exclusive OR (XOR) binary logic operation One-time pad (OTP) –Combines a truly random key with the plaintext Security+ Guide to Network Security Fundamentals26

Security+ Guide to Network Security Fundamentals, Third Edition27 Symmetric Cryptographic Algorithms (continued)

Security+ Guide to Network Security Fundamentals, Third Edition28 Symmetric Cryptographic Algorithms (continued)

Security+ Guide to Network Security Fundamentals, Third Edition Symmetric Cryptographic Algorithms (continued) Block cipher –Manipulates an entire block of plaintext at one time –Plaintext message is divided into separate blocks of 8 to 16 bytes And then each block is encrypted independently Stream cipher advantages and disadvantages –Fast when the plaintext is short –More prone to attack because the engine that generates the stream does not vary 29

Security+ Guide to Network Security Fundamentals, Third Edition Symmetric Cryptographic Algorithms (continued) Block cipher advantages and disadvantages –Considered more secure because the output is more random –Cipher is reset to its original state after each block is processed Results in the ciphertext being more difficult to break 30

Security+ Guide to Network Security Fundamentals, Third Edition Symmetric Cryptographic Algorithms (continued) 31

Security+ Guide to Network Security Fundamentals, Third Edition Symmetric Cryptographic Algorithms (continued) Data Encryption Standard (DES) –One of the first widely popular symmetric cryptography algorithms –DES is a block cipher and encrypts data in 64-bit blocks However, the 8-bit parity bit is ignored so the effective key length is only 56 bits Triple Data Encryption Standard (3DES) –Designed to replace DES –Uses three rounds of encryption instead of just one 32

Security+ Guide to Network Security Fundamentals, Third Edition Symmetric Cryptographic Algorithms (continued) 33

Security+ Guide to Network Security Fundamentals, Third Edition34

Security+ Guide to Network Security Fundamentals, Third Edition Symmetric Cryptographic Algorithms (continued) Advanced Encryption Standard (AES) –Approved by the NIST in late 2000 as a replacement for DES –AES performs three steps on every block (128 bits) of plaintext –Within Step 2, multiple rounds are performed depending upon the key size –Within each round, bytes are substituted and rearranged, and then special multiplication is performed based on the new arrangement 35

Security+ Guide to Network Security Fundamentals, Third Edition Other Algorithms Several other symmetric cryptographic algorithms are also used: –Rivest Cipher (RC) family from RC1 to RC6 –International Data Encryption Algorithm (IDEA) –Blowfish –Twofish 36

Security+ Guide to Network Security Fundamentals, Third Edition Asymmetric Cryptographic Algorithms Asymmetric cryptographic algorithms –Also known as public key cryptography –Uses two keys instead of one The public key is known to everyone and can be freely distributed The private key is known only to the recipient of the message Asymmetric cryptography can also be used to create a digital signature 37

Security+ Guide to Network Security Fundamentals, Third Edition38

Security+ Guide to Network Security Fundamentals, Third Edition Asymmetric Cryptographic Algorithms (continued) A digital signature can: –Verify the sender –Prove the integrity of the message –Prevent the sender from disowning the message 39

Security+ Guide to Network Security Fundamentals, Third Edition40

Security+ Guide to Network Security Fundamentals, Third Edition41

Security+ Guide to Network Security Fundamentals, Third Edition42 Asymmetric Cryptographic Algorithms (continued)

Security+ Guide to Network Security Fundamentals, Third Edition RSA The most common asymmetric cryptography algorithm RSA multiplies two large prime numbers p and q –To compute their product (n=pq) A number e is chosen that is less than n and a prime factor to (p-1)(q-1) Another number d is determined, so that (ed-1) is divisible by (p-1)(q-1) The public key is the pair (n,e) while the private key is (n,d) 43

Security+ Guide to Network Security Fundamentals, Third Edition Diffie-Hellman –Allows two users to share a secret key securely over a public network Once the key has been shared –Then both parties can use it to encrypt and decrypt messages using symmetric cryptography 44

Security+ Guide to Network Security Fundamentals, Third Edition Elliptic Curve Cryptography Elliptic curve cryptography –Uses elliptic curves An elliptic curve is a function drawn on an X-Y axis as a gently curved line –By adding the values of two points on the curve, you can arrive at a third point on the curve The public aspect of an elliptic curve cryptosystem is that users share an elliptic curve and one point on the curve 45

Security+ Guide to Network Security Fundamentals, Third Edition Using Cryptography on Files and Disks Cryptography can also be used to protect large numbers of files on a system or an entire disk 46

Security+ Guide to Network Security Fundamentals, Third Edition File and File System Cryptography File system –A method used by operating systems to store, retrieve, and organize files Pretty Good Privacy (PGP) –One of the most widely used asymmetric cryptography system for files and messages on Windows systems GNU Privacy Guard (GPG) –A similar open-source program PGP and GPG use both asymmetric and symmetric cryptography 47

Security+ Guide to Network Security Fundamentals, Third Edition File and File System Cryptography (continued) Microsoft Windows Encrypting File System (EFS) –A cryptography system for Windows operating systems that use the Windows NTFS file system –Because EFS is tightly integrated with the file system, file encryption and decryption are transparent to the user –EFS encrypts the data as it is written to disk 48

Security+ Guide to Network Security Fundamentals, Third Edition Disk Cryptography Whole disk encryption –Cryptography applied to entire disks Windows BitLocker –A hardware-enabled data encryption feature –Can encrypt the entire Windows volume Includes Windows system files as well as all user files –Encrypts the entire system volume, including the Windows Registry and any temporary files that might hold confidential information 49

Security+ Guide to Network Security Fundamentals, Third Edition Disk Cryptography (continued) Trusted Platform Module (TPM) –A chip on the motherboard of the computer that provides cryptographic services –Includes a true random number generator –Can measure and test key components as the computer is starting up If the computer does not support hardware-based TPM then the encryption keys for securing the data on the hard drive can be stored by BitLocker on a USB flash drive 50

Security+ Guide to Network Security Fundamentals, Third Edition Summary Cryptography is the science of transforming information into a secure form while it is being transmitted or stored so that unauthorized users cannot access it Hashing creates a unique signature, called a hash or digest, which represents the contents of the original text Symmetric cryptography, also called private key cryptography, uses a single key to encrypt and decrypt a message 51

Security+ Guide to Network Security Fundamentals, Third Edition Summary (continued) Asymmetric cryptography, also known as public key cryptography, uses two keys instead of one Cryptography can also be used to protect large numbers of files on a system or an entire disk 52

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.