Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS480 Cryptography and Information Security Huiping Guo Department of Computer Science California State University, Los Angeles Course administration.

Published byBriana Nash Modified over 8 years ago

Similar presentations

Presentation on theme: "CS480 Cryptography and Information Security Huiping Guo Department of Computer Science California State University, Los Angeles Course administration."— Presentation transcript:

1 CS480 Cryptography and Information Security Huiping Guo Department of Computer Science California State University, Los Angeles Course administration

2 1. Introduction CS480_W16 Course administration r Lectures Sec1: Monday 6:10 – 10:00pm, ET A210 Sec2: Saturday 1:25 – 5:05pm, ET A220 Sec3: Thursday 6:10 – 10:00pm, ET A309 r Instructor: Huiping Guo m Email : hpguo@calstatela.eduhpguo@calstatela.edu m Phone: (323) 343-6673 m Office: ET-A318 m Office hours: M: 10:00 - 12:00 PM W: 10:30 – 12:30 r Course webpage m www.calstatela.edu/faculty/hpguo/Teaching/Winter16/ CS480/CS480_W16.htm www.calstatela.edu/faculty/hpguo/Teaching/Winter16/ CS480/CS480_W16.htm m The lectures will be video recorded 1-2

3 1. Introduction CS480_W16 Course administration (Cont.) r Textbook  Behrouz A. Forouzan, Cryptography and Network Security, McGraw Hill ISBN: 0072870222 r Reference(s): m Kaufman, Perlman and Speciner, Network Security: Private Communications in a Public World, second edition (Prentice Hall, 2002). m Menezes, Van Oorschot and Vanstone, Handbook of Applied Cryptography (CRC Press, 1997) m Bishop, Computer Security: Art and Science (Addison- Wesley, 2002). m Pfleeger and Pfleeger, Security in Computing, 4th edition (Prentice Hall, 2006). 1-3

4 1. Introduction CS480_W16 Course administration (Cont.) r Grading policy m Midterm (50%) 02/13 1:30 – 4:00pm (tentative) m Final exam (50%) 3/12 or 3/19 1:30 – 4:00pm r Final letter grade m A 90-100 A- 85-89 m B+ 80-84 B 70 - 79 m C 60-69 D 50-59 F < 50 1-4

5 1. Introduction CS480_W16 Course administration (Cont.) r Note: m The grading policy is for all students in the class m No extra homework for individual students m No make up exams DO NOT take this class if you cannot attend the midterm/final exam!  You ’ ll be graded based ONLY on your performance! NOT on your immigration status NOT on your graduation status NOT on your work status NOT on your request 1-5

6 1. Introduction CS480_W16 Course administration (Cont.) r CSNS webpage m http://csns.calstatela.edu/index.html http://csns.calstatela.edu/index.html m Every student enrolled in the class has an account m both of your username and password are your CIN. m When you first sign in, you will be asked to choose a different username and password. m If you already used the system in other classes, your username and password are the same as before. r Make sure you give the correct email address r How to check your grade m You’ll receive an email about your grade if your email address in CSNS is correct m Log into CSNS to check 1-6

7 1. Introduction CS480_W16 Course administration (Cont.) r Important date m Thursday, 02/18 Drop Deadline r Academic integrity m DON’T COPY OTHER’S WORK! m DON’T GIVE YOUR SOLUTIONS TO ANYONE! m If plagiarism is found, ALL parties involved will get F 1-7

8 1. Introduction CS480_W16 Other policies r Please turn off your cell phone during the lecture r DO NOT talk in class during lectures r After lecture, leave the classroom. m Students are not allowed to stay in the classroom alone without the presence of the instructor 1-8

9 1. Introduction

10 1. Introduction CS480_W16 Outline r Security goals r Security attacks m threaten security goals r Security services m how they are related to the security goals r Security mechanisms m provide security services r Security techniques m implement security mechanisms m cryptography and steganography 1-10

11 1. Introduction CS480_W16 Three Security Goals 1-11

12 1. Introduction CS480_W16 Security Goals r Confidentiality, also known as secrecy: m The most common aspect of information security m Only authorized person can get access to the secret information m Applies to both the storage of the information and the transmission of the information r Integrity m Modifications need to be done By authorized entities AND through authorized mechanism r Availability m The information created and stored by an organization needs to be available to authorized entities 1-12

13 1. Introduction CS480_W16 Security attacks r The three goals of security: confidentiality, integrity, and availability can be threatened by security attacks. m Attacks Threatening Confidentiality m Attacks Threatening Integrity m Attacks Threatening Availability r Category m Passive attacks m Active attacks 1-13

14 1. Introduction CS480_W16 Figure 1.2 Taxonomy of attacks with relation to security goals 1-14

15 1. Introduction CS480_W16 Passive versus Active Attacks r Passive attacks m Snooping refers to unauthorized access to or interception of data. m Traffic analysis refers to obtaining some other type of information by monitoring online traffic m Goal Obtain information that is being transmitted. m Difficult to detect They do not involve any alteration of the data The emphasis in dealing with passive attacks is on prevention rather than detection 1-15

16 1. Introduction CS480_W16 Passive attack: Snooping and Traffic Analysis Wiring, eavesdrop 1-16

17 1. Introduction CS480_W16 Attacks r Active attacks m Interruption, modification, fabrication Masquerade Replay Modification repudiation Denial of service m Are easier to detect than to prevent 1-17

18 1. Introduction CS480_W16 Attack: Masquerade Mike Attacker I am Mike! Masquerading or spoofing happens when the attacker impersonates somebody else. Tom 1-18

19 1. Introduction CS480_W16 Attack: Replay message Same message Replaying means the attacker obtains a copy of a message sent by a user and later tries to replay it. Attacker Mike Tom 1-19

20 1. Introduction CS480_W16 Attack: Modification intercept Replaced info Modification means that the attacker intercepts the message and changes it. 1-20

21 1. Introduction CS480_W16 Attack: repudiation Send a message I didn’t send it! Repudiation means that sender of the message might later deny that she has sent the message; the receiver of the message might later deny that he has received the message. 1-21

22 1. Introduction CS480_W16 Attack: Denial of Service Server Denial of service (DoS) is a very common attack. It may slow down or totally interrupt the service of a system. 1-22

23 1. Introduction CS480_W16 Table 1.1 Categorization of passive and active attacks 1-23

24 1. Introduction CS480_W16 Services and Mechanism r ITU-T provides some security services and some mechanisms to implement those services r Security services and mechanisms are closely related m A mechanism or combination of mechanisms are used to provide a service m One mechanism can be used in one or more services 1-24

25 1. Introduction CS480_W16 Security Services 1-25

26 1. Introduction CS480_W16 Security Mechanisms 1-26

27 1. Introduction CS480_W16 Relation between Services and Mechanisms 1-27

28 1. Introduction CS480_W16 Security techniques r Mechanisms are only theoretical recipes to implement security r The actual implementation of security goals needs some techniques. r Two techniques are prevalent today m cryptography m steganography 1-28

29 1. Introduction CS480_W16 Cryptography r Cryptography is the study of m Secret (crypto-) writing (-graphy) m science and art of transforming messages to make them secure and immune to attacks. r Concerned with developing algorithms: m Conceal the context of some message from all except the sender and recipient (privacy or secrecy), and/or m Verify the correctness of a message to the recipient (authentication) m Form the basis of many technological solutions to computer and communications security problems 1-29

30 1. Introduction CS480_W16 Basic Concepts r Plaintext m The original intelligible message r Ciphertext m The transformed message r Message m Is treated as a non-negative integer hereafter 1-30

31 1. Introduction CS480_W16 Basic Concepts r Key m Some critical information used by the cipher, known only to the sender & receiver r cipher m an algorithm for encryption and decryption. The exact operation of ciphers is normally controlled by a key — some secret piece of information that customizes how the ciphertext is produced r Encipher (encode) m The process of converting plaintext to ciphertext r Decipher (decode) m The process of converting ciphertext back into plaintext 1-31

32 1. Introduction CS480_W16 Basic Concepts r Protocols m specify the details of how ciphers (and other cryptographic primitives) are to be used to achieve specific tasks. m A suite of protocols, ciphers, key management, user- prescribed actions implemented together as a system constitute a cryptosystem; m this is what an end-user interacts with, e.g. PGP 1-32

33 1. Introduction CS480_W16 Encryption and Decryption Plaintext ciphertext Encipher C = E (K1) (P) Decipher P = D (K2) (C) K1, K2: from keyspace 1-33

34 1. Introduction CS480_W16 Steganography r means “covered writing,” m in contrast with cryptography, which means “secret writing.” Example: covering data with text 1-34

35 1. Introduction CS480_W16 Can you find the hidden message? 1-35

Download ppt "CS480 Cryptography and Information Security Huiping Guo Department of Computer Science California State University, Los Angeles Course administration."

Similar presentations

Network Security Chapter 1 - Introduction.

Network Security Chapter 1 - Introduction.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
1 資訊安全 Network Security Instructor: 孫宏民 Room: EECS 6402, Tel:03-5742968, Fax : 886-3-572-3694.

1 資訊安全 Network Security Instructor: 孫宏民 Room: EECS 6402, Tel: , Fax :
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Applied Cryptography for Network Security

Applied Cryptography for Network Security
“Network Security” Introduction. My Introduction Obaid Ullah Owais Khan Obaid Ullah Owais Khan B.E (I.T) – Hamdard University(2003), Karachi B.E (I.T)

“Network Security” Introduction. My Introduction Obaid Ullah Owais Khan Obaid Ullah Owais Khan B.E (I.T) – Hamdard University(2003), Karachi B.E (I.T)
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
1 CSE 651: Introduction to Network Security Steve Lai Spring 2010.

1 CSE 651: Introduction to Network Security Steve Lai Spring 2010.
1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.

1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
1 Cryptography and Network Security Fourth Edition by William Stallings Lecture slides by Lawrie Brown Changed by: Somesh Jha [Lecture 1]

1 Cryptography and Network Security Fourth Edition by William Stallings Lecture slides by Lawrie Brown Changed by: Somesh Jha [Lecture 1]
1.1 Chapter 1 Introduction Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

1.1 Chapter 1 Introduction Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
3.1 SERVICES AND MECHANISMS SERVICES AND MECHANISMS The International Telecommunication Union- Telecommunication Standardization Section (ITU-T) provides.

3.1 SERVICES AND MECHANISMS SERVICES AND MECHANISMS The International Telecommunication Union- Telecommunication Standardization Section (ITU-T) provides.
Cryptography and Network Security

Cryptography and Network Security
Information Security Principles (ESGD4222)

Information Security Principles (ESGD4222)
@Yuan Xue CS 285 Network Security Fall 2008.

@Yuan Xue CS 285 Network Security Fall 2008.
Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.

Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.

Similar presentations

Ads by Google