Presentation is loading. Please wait.

Presentation is loading. Please wait.

Total Encryption. Encryption? Encryption? Cryptography.

Published byAnis McCormick Modified over 8 years ago

Similar presentations

Presentation on theme: "Total Encryption. Encryption? Encryption? Cryptography."— Presentation transcript:

1 Total Encryption

2 Encryption?

3 Encryption? Cryptography

4 single files

5 RAR

6 ZIP

7 Windows file encryption

8 holes

9 easy to crack

10 easy to crack (in the past)

11 why?

12 encryption not core feature

13 touchstone?

14 household name?

15 PGP

16 Pretty Good Privacy

17

18 Phil Zimmermann 1991

19 mail

20 Encryption/ Decryption

21 Signing/ Verification

22 proof of identity

23 1990’s

24 -----BEGIN PGP MESSAGE----- Version: foo hQIOA2US7SR8WYFzEAf+MSrImHD0Wq3HdxaPPPzj2yk50U1c0FD901HXlQROTyUv 8YGsig/y1vUFyJVtDU/cqgG0cDVAMLxpL24Mn/j/IQo9sJOeZGsEjCpu0r5T0F7E OgH6GPejjQooFZldx6hOP9cpQmQpXJqH+QhbBgZCOWC+nBLEUoxX+K0qTpNhrFd+ EGxOrjkYOyhARd9H2oMcGGKhvZlJ9MMey3+tn/NSXrQ8Ulu/MG10xGnqvsd/nXDl cqcRmRLojLJwJZ8QqgocVT+32lCMRZ/VrGPMo2SQHM5ipDHd3/X9KTf3n9C+estJ NekGEKbE5GEBvJb7jbxg6CPv8ZrQM1z+Jq0GZs4b2Af/TTf4s59zMDC+CF2UR0NX q5e+VDrKi2B1c51EhJEirqgcjbYodJIUrPE69MKkpOS2MbCBcAGkXRJHNf6XRJEW OR6M0zPltejZLCLfpYo2ixfvFkB7QDDbiQYpxHn+8hrNTFdwFNjvYNhMOpdM+dxY wOn1ZCwtLsmoG8l7QDLK6ZLAJ/ceY0lDmill3iFLATGsFl1xpauU4Jj7+5/E3Acm kMM7Me7VOEg6dpLxZ86JZml4tQsygOg2WhzSjo3eheAbd7DywzzMtTEuB0orAR1P 0EnUgJ2ELwgh2LEiB/4bQxEM5+XyshYJd6kCoIVJyuVRo7YRf5POflcqGkviRr+s nNLqAb3IMi1ya5jTCkSlPpGPF9ZC5vA2Sd0PIltdI3ueSAPWezA6iAmwXSyR/7nh DXIQzLkhqvlxP6qqYrOxWRtD63DpuR2pA+7edDluD/B7bjw6s2S0ev5TLpbUTNSH P4TSwC2G+SIjFPe/ehUw6DGHwZ4m2UMEdHv+EN7PNjjGclCvg9X0lkKm/B1L+UyQ c+QTaU82wg/t3V408iPBMybrt/PIc8cqQhNQ+F9i9WjmrSGMpssyl+IBwV5gQxKe 5Ev6K/y3hBHJ5RkKTL5j/YF/LavalHbS7+FhgqLjNnX2DyBp7bvYIluRVobFexN9... iCI/OEI4PR8CwvzAy43o0Ezys1pN9K7WBcQrHoXBTyEuMFuJRPZkyZo0z4WUCehy OJK0O2VJZiZSHPjNW6ch4Yl8YWfrMGM= =Joo8 -----END PGP MESSAGE-----

25 █$ pgp -d

26 2000

27 $

28

29

30

31 standardized

32 OpenPGP

33 OpenPGP RFC 4880 RFC 4880

34 in actual use

35

36 problem

37 █ $ gpg -- decrypt

38 Enigmail

39

40

41 plugin

42

43 mail reader

44

45 Enigmail

46 plugin

47

48 OpenPGP

49

50 http://enigmail.mozdev.org/

51 mail

52 WWW?

53 HTTP

54 HTTPS

55

56 SSL

57 Secure Socket Layer

58

59 1994–1996

60 SSL

61 SSL 2.0

62 SSL 3.0

63 1999

64 standardized

65

66 TLS

67 Transport Layer Security

68 TLS/SSL

69 web browser

70 web server

71 HTTPS

72 404

73 Connection refused

74 problem is on server

75 HTTPS not implemented

76 HTTPS not configured

77

78 server limits your security

79 server operator?

80 certificate

81 certificate authority

82 $$

83 limited choice

84

85 pre-loaded

86 web browser

87 choice meaningless

88

89 least trustworthy

90 make your own

91 cheap

92 self-signed certificate

93 X.509

94

95 “Someone tried to explain public ‐ key ‐ based authentication to aliens. Their universal translators were broken and they had to gesture a lot.” — Peter Gutmann Everything you Never Wanted to Know about PKI but were Forced to Find OutPeter Gutmann Everything you Never Wanted to Know about PKI but were Forced to Find Out

96 X.509 Certificates? (very briefly) CA cert Cert 2 Client CA cert Server Cert 2 CA cert Internet communication key 0 key 2 Cert 1 key 1 key 2

97 TLS could support OpenPGP keys

98 not supported by browsers

99 not supported by browsers (yet)

100 self-signed certificate

101

102

103 web

104 remote file access

105 FTP?

106 FTP

107 SMB? (Windows “shared folders”)

108 SMB (Windows “shared folders”)

109 FTPS? (FTP with TLS/SSL)

110 TLS/SSL

111 X.509

112

113 SFTP

114 SSH File Transfer Protocol

115 server Linux/Unix?

116 easy! OpenSSH

117 server Windows?

118 FreeSSHd http://www.freesshd.com/ http://www.freesshd.com/

119

120 (freeware, not open source)

121 Free Software

122 copSSH http://www.itefix.no/ http://www.itefix.no/

123 OpenSSH

124

125 OpenSSH by hand

126 OpenSSH for Windows http://pigtail.net/LRP/printsrv/cygwin-sshd.html http://pigtail.net/LRP/printsrv/cygwin-sshd.html

127 server

128 client?

129 WinSCP

130

131 Windows only

132 FileZilla

133 Windows & Linux

134

135 remote file access

136 remote desktop

137 none are Free Software

138 Linux/Unix

139 X11 through SSH tunnel

140 SSH server

141 SSH tunnel

142 tunnel RDP

143 tunnel VNC

144 RDP Windows “Remote Desktop Protocol”

145

146 VNC

147 Virtual Network Computing

148 TightVNC

149 http://www.tightvnc.com/

150 remote desktop

151 remote terminal

152 SSH

153 Windows

154 PuTTY

155

156 p2p file sharing

157 BitTorrent

158 Azureus

159 Perfect Dark

160 日本語!日本語!

161 ANts

162 GNUnet

163 RShare

164

165

166

167 p2p file sharing

168 VPN tunnels

169 must be set up in advance

170 both sides

171 IPsec

172 structurally cleaner

173 very complex

174 (see separate Ipsec lecture)

175 OpenVPN

176 non-standard protocol

177 should be avoided

178 security concerns

179 standards interoperability

180 however

181 easy to set up

182 endorsed by experts

183 standards interoperability

184 OpenVPN

185 network

186 stolen laptop

187 whole-disk encryption

188 TrueCrypt

189

190 non-standard

191 not in kernel

192 no other implementation

193 dual-platform

194 dm-crypt/LUKS

195 in kernel

196 FreeOTFE http://www.freeotfe.org/ http://www.freeotfe.org/

197

198 can read dm-crypt/LUKS

199 FAT/NTFS

200 boot-time whole-disk encryption

201 dm-crypt/LUKS

202 /boot unencrypted

203 /boot on USB key

204 small gain

205 unfeasible for servers

206 password?

207 password in /boot file

208 vulnerable to computer seizure

209 password on USB key

210 enter password at boot

211 neither works for server hosts

212 need unattended reboots

213 Mandos

214 gives passwords to hosts

215 uses TLS

216 all hosts run Mandos queryer

217 host key stored in /boot

218 one host runs Mandos responder

219 host down too long?

220 host gets no password

221 unattended reboots

222 security from server seizure

223 some security

224

225

Download ppt "Total Encryption. Encryption? Encryption? Cryptography."

Similar presentations

Network Security.

Network Security.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography.
Copyright © 1995-2003 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.
Advanced Web 2012 Lecture 2 Sean Costain 2012. How the Web Works - Refresh Sean Costain 2012 The web is a matrix of servers that handle client requests.

Advanced Web 2012 Lecture 2 Sean Costain How the Web Works - Refresh Sean Costain 2012 The web is a matrix of servers that handle client requests.
TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik.

TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik.
Remote Desktop Security Raghav Chawla, Jon Ussery Group 20.

Remote Desktop Security Raghav Chawla, Jon Ussery Group 20.
Remote Networking Architectures

Remote Networking Architectures
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Strategies in Linux Platforms and.

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.
NetComm Wireless VPN Functionality Feature Spotlight.

NetComm Wireless VPN Functionality Feature Spotlight.
Course 201 – Administration, Content Inspection and SSL VPN

Course 201 – Administration, Content Inspection and SSL VPN
Computation for Physics 計算物理概論 Introduction to Linux.

Computation for Physics 計算物理概論 Introduction to Linux.
VPN: An Easy Software / Appliance Solution for Remote Access Robert Gulick, EdD DBA/Technology Trainer Parma City School District

VPN: An Easy Software / Appliance Solution for Remote Access Robert Gulick, EdD DBA/Technology Trainer Parma City School District
OpenVPN OpenVPN: an open source, cross platform client/server, PKI based VPN.

OpenVPN OpenVPN: an open source, cross platform client/server, PKI based VPN.
Securing Data at the Application Layer Planning Authenticity and Integrity of Transmitted Data Planning Encryption of Transmitted Data.

Securing Data at the Application Layer Planning Authenticity and Integrity of Transmitted Data Planning Encryption of Transmitted Data.
70-284 MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.

MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.
Linux Networking and Security Chapter 8 Making Data Secure.

Linux Networking and Security Chapter 8 Making Data Secure.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Portable SSH Brian Minton EKU, Dept. of Technology, CEN/CET)‏

Portable SSH Brian Minton EKU, Dept. of Technology, CEN/CET)‏

Similar presentations

Ads by Google