CSCE 201 Introduction to Information Security Fall 2010 Data Protection.

Slides:

Advertisements

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Advertisements

Cryptography Ch-1 prepared by: Diwan.

Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.

Cryptography. 2 Objectives Explain common terms used in the field of cryptography Outline what mechanisms constitute a strong cryptosystem Demonstrate.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Block Ciphers: Workhorses of Cryptography COMP 1721 A Winter 2004.

First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.

CC3.12 Erdal KOSE Privacy & Digital Security Encryption.

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.

Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,

Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.

Network Security Essentials Fifth Edition by William Stallings Fifth Edition by William Stallings.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.

1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.

CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.

1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.

© Neeraj Suri EU-NSF ICT March 2006 DEWSNet Dependable Embedded Wired/Wireless Networks MUET Jamshoro Computer Security: Principles and Practice Slides.

1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.

Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)

Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.

Chapter 2 – Elementary Cryptography  Concepts of encryption  Cryptanalysis  Symmetric (secret key) Encryption (DES & AES)(DES & AES)  Asymmetric (public.

Cryptography, Authentication and Digital Signatures

Midterm Review Cryptography & Network Security

CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.

Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.

Public Key Encryption Terminology RSA Hash functions CSCE Farkas.

Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!

Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 2 “Cryptographic Tools”.

Public Key Cryptography. symmetric key crypto requires sender, receiver know shared secret key Q: how to agree on key in first place (particularly if.

Elementary Cryptography  Concepts of encryption  Symmetric (secret key) Encryption (DES & AES)(DES & AES)  Asymmetric (public key) Encryption (RSA)(RSA)

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 2 – Cryptographic.

Lecture 3 Basic Security Concepts cont.. Homework 1. Score: 10 points Due: September 12, :00 am via dropbox Last day to submit with 4%/day penalty:

Encryption No. 1  Seattle Pacific University Encryption: Protecting Your Data While in Transit Kevin Bolding Electrical Engineering Seattle Pacific University.

CRYPTOGRAPHY. TOPICS OF SEMINAR Introduction & Related Terms Categories and Aspects of cryptography Model of Network Security Encryption Techniques Public.

Cryptographic Hash Functions and Protocol Analysis

Lecture 2: Introduction to Cryptography

Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.

IT 221: Introduction to Information Security Principles Lecture 4: Public-Key Cryptography For Educational Purposes Only Revised: September 15, 2002.

24-Nov-15Security Cryptography Cryptography is the science and art of transforming messages to make them secure and immune to attacks. It involves plaintext,

Lecture 23 Symmetric Encryption

Security fundamentals Topic 4 Encryption. Agenda Using encryption Cryptography Symmetric encryption Hash functions Public key encryption Applying cryptography.

PUBLIC-KEY CRYPTOGRAPHY AND RSA – Chapter 9 PUBLIC-KEY CRYPTOGRAPHY AND RSA – Chapter 9 Principles Applications Requirements RSA Algorithm Description.

K. Salah1 Cryptography Module I. K. Salah2 Cryptographic Protocols  Messages should be transmitted to destination  Only the recipient should see it.

Intro to Cryptography Lesson Introduction

1.1 Introduction to Cryptography. 1.2 Basic Cryptography Cryptography is a deep mathematical subject. Cryptographic protocols provide a cornerstone for.

CS426Fall 2010/Lecture 51 Computer Security CS 426 Lecture 5 Cryptography: Cryptographic Hash Function.

Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.

Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.

CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.

Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.

Basics of Cryptography

ISA 400 Management of Information Security

Crypto in information security

Public Key Encryption and Digital Signatures

Security through Encryption

Elcomeway otay lasscay odaytay. Hetay opictay isway ryptographycay.

DISSERTATION ON CRYPTOGRAPHY.

Computer Security Chapter Two

Fluency with Information Technology Lawrence Snyder

10/7/2019 Created by Omeed Mustafa 1 st Semester M.Sc (Computer Science department) Cyber-Security.

Presentation transcript:

CSCE 201 Introduction to Information Security Fall 2010 Data Protection

CSCE Farkas22 Reading assignments Required for this class: – D. Cross, Data Protection and Recovery in Windows XP, – M. Horowitz The Safest Way to Protect Sensitive Computing Files, August 24, 2009, 61/article.htm 61/article.htm – Wikipedia, Encryption,

CSCE Farkas3 Sensitive Files Must be protected from – Hackers – Other users What to protect and at what level  security policy How to protect  security policy

CSCE Farkas4 Security Mechanism Several alternatives Which one to choose? – Level of assurance – User’s preferences (familiarity, ease of use, recommendations, etc.) – User’s technical knowledge – Availability – Financial considerations – Etc.

CSCE Farkas5 Data Protection via Operating System Microsoft® Windows® XP provides many enhancements in the area of data protection – Encrypting File System (EFS) – Data Recovery Agents (DRA) Best Practices Note: EFS is only available on Windows XP Professional; it is not supported on Windows XP Home Edition

What is Encryption? How secure it is? Can you decrypt the followings? HAY?OROWEU How are you? Hello

CSCE Farkas7 Insecure communications Sender Snooper Recipient Insecure channel Confidential

CSCE Farkas8 Terminology  Plaintext (cleartext): a message in its original form  Ciphertext (cyphertext): an encrypted message  Encryption: transformation of a message to hide its meaning  Cipher: cryptographic algorithm. A mathematical function used for encryption (encryption algorithm) and decryption (decryption algorithm).

CSCE Farkas9 Terminology  Decryption: recovering meaning from ciphertext  Cryptography: art and science of keeping messages secure  Cryptanalysis: art and science of breaking ciphertext  Cryptology: study of both cryptography and cryptanalysis

CSCE Farkas10 Lecture 4 Encryption and Decryption Plaintext EncryptionDecryption Ciphertext Additional requirements : Authentication Between communicating parties Third-party authentication Non-repudiation Integrity verification Key distribution Secret key (secure distribution) Public key (reliable distribution)

CSCE Farkas11 Lecture 4 Cryptanalysis Cryptanalyst’s goal: – Break message – Break key – Break algorithm

Secret Key Encryption (Symmetric key, Traditional)

CSCE Farkas13 Lecture 4 Secret Key Cryptosystem Encryption Decryption Plaintext Ciphertext K SenderRecipient C=E(K,M) M=D(K,C) K needs secure channel

CSCE Farkas14 Lecture 4 Basic Encryption Techniques Substitution (confusion) Permutation (diffusion) Combinations and iterations of these

CSCE Farkas15 Lecture 4 Simple Alphabetic Substitution Assign a new symbol to each plain text symbol randomly or by key, e.g., C  k, A  h, B  l M=CAB C =k h l  Advantages: large key space 26!  Disadvantages: trivially broken for known plaintext attack, repeated pattern, letter frequency distributions unchanged

CSCE Farkas16 Lecture 4 Transposition Letters of the message are rearranged Break patterns, e.g., columnar transposition Plaintext: this is a test t h i s i s a ttiehssiatst! e s t ! Advantages: easy to implement Disadvantages:  Trivially broken for known plaintext attack  Easily broken for cipher only attack

CSCE Farkas17 Symmetric Key Encryption Algorithms Data Encryption Standard (DES) Advanced Encryption Standard (AES)

CSCE Farkas18 Public-Key Encryption Two keys – one is private one is public Solves the key distribution problem (but need reliable channel) Provides electronic signatures Slower than secret-key encryption

CSCE Farkas19 Public-Key Encryption Needed for security: – One of the keys must be kept secret – Impossible (at least impractical) to decipher message if no other information is available – Knowledge of algorithm, one of the keys, and samples of ciphertext must be insufficient to determine the other key

CSCE Farkas20 Confidentiality A Sender B Recipient Insecure channel Plaintext Ciphertext Encryption Alg. Decryption Alg. B’s public key B’s private key (need reliable channel)

CSCE Farkas21 Public Key Cryptosystem Concept conceived by Diffie and Hellman in 1976 Rivest, Shamir, and Adleman (RSA) describe a public key system in 1978 Many proposals have been broken e.g., Merkle-Hellman proposal broken by Shamir Serious candidates (public domain) – RSA – El Gamal

CSCE Farkas22 Digital Signatures in RSA A B Insecure channel Plaintext Signed plaintext Encryption Alg. Decryption Alg. A’s public keyA’s private key (need reliable channel) SignVerify

CSCE Farkas23 Signature and Encryption D EDE A B Plaintext Signed Plaintext Signed Plaintext Encrypted Signed Plaintext A’s private key B’s public key B’s private key A’s public key

CSCE Farkas24 Hash Functions Hash function h maps an input x of arbitrary length to a fixed length output h(x) (compression) Accidental or intentional change to the data will change the hash value Given h and x, h(x) is easy to compute (ease of computation)

CSCE Farkas25 Hash functions Preimage resistant (one-way): if for all specified outputs, it is computationally infeasible to find any input that hashes to that output Second-preimage resistent (weak collision resistant): if it is computationally infeasible to find any second input which has the same output as any specified input Collision resistant (strong collision resistant): if it is computationally infeasible to find any two distinct inputs that has the same output

CSCE Farkas26 Attacks First preimage attack: given a hash h, find a message m such that hash(m) = h Second preimage attack: given a fixed message m1, find a different message m2 such that hash(m2) = hash(m1) Attack complexity: 2 n (considered too high for a typical output size of n=160 bits) Practical attacks: Collision attack

Use of Encryption for Data Protection

CSCE Farkas28 Data Recovery A process by which individual data elements such as files or folders are encrypted for more than one person or entity Windows XP operating system: symmetrically encrypted data blocks The symmetric key being protected by one or more public keys of a public/private key pair

CSCE Farkas29 Encrypting File System (EFS) Provides file system-level encryption Enables files to be transparently encrypted on NTFS file systems Protects confidential data from attackers with physical access to the computer While the operating system is running: User authentication and access control lists Attacker gains physical access to the computer: need protection of harddrive

CSCE Farkas30 File system-level encryption Individual files or directories are encrypted by the file system itself Advantages: – Flexible file-based key management – Individual management of encrypted files – Access control can be enforced through the use of public-key cryptography – Cryptographic keys are only held in memory while the file that is decrypted by them is held open

CSCE Farkas31 Next Class Malicious code