Presentation is loading. Please wait.

Presentation is loading. Please wait.

ISA 330 Introduction to Proactive System Security

Published byCecily McDaniel Modified over 6 years ago

Similar presentations

Presentation on theme: "ISA 330 Introduction to Proactive System Security"— Presentation transcript:

1 ISA 330 Introduction to Proactive System Security
Week #8 Encryption and Cryptography Attacks Philip Robbins – December 7, 2013 Information Security & Assurance Program University of Hawai'i West Oahu 1

2 Encryption and Cryptography Attacks
Topics Encryption & Cryptography Review Q&A Quiz #7 2

3 3

4 Cryptology comes from “Crypto”
Cryptography Cryptology comes from “Crypto” - Meaning: To Hide Definition: The science of hiding communications. Why? - Protect , PII, transactions & data. Cryptographic systems use - Codes: “secret keys” - Ciphers: hiding the true meaning of a message 4

5 Cryptography & Encryption Confidentiality
- The process of protecting plaintext messages from monitoring or eavesdropping. - Cryptography v.s. Encryption?? N1 LAN N2 - Algorithm - Key - Algorithm - Key DATA / PLAINTEXT CLEARTEXT DATA / PLAINTEXT CLEARTEXT ENCRYPTION DECRYPTION CIPHERTEXT 5

6 3 Basic Elements of Cryptography - Algorithm - Key - Data
6

7 Basic Elements: Algorithm
Cryptography Basic Elements: Algorithm - Describes the process (instruction set) involved in producing a desired output. - In the case of Cryptography what is our desired output? Encryption / ciphertext / Confidentiality Does more Complexity = (mean) more Security? 7

8 Cryptography Non-reputation Authentication
- Sender can’t deny sending a message. Authentication - Associated with confirming a user’s identity - Also associated with message encryption 8

9 Cryptography Authentication
Data Origin: Identifying the transmitting node in a communications channel. Digital Signatures - Uses Hash Function & Encryption together Digital Certificates - Ensure identity of remote computer - Who are you sending your information to? 9

10 Substitution Algorithm
Cryptography Substitution Algorithm - Caesar’s Cipher - Rotate (shift) alphabet - Easy to decipher (frequency of common words, i.e. “the”) Key? Key Length? 10

11 Transposition Algorithm
Cryptography Transposition Algorithm - Encryption by changing position of plaintext. - Rail Fence Cipher DATA: 'WE ARE DISCOVERED. FLEE AT ONCE‘ KEY: 3 ‘Rails’ (rows) CIPHERTEXT: 11

12 Cryptography Running Key Cipher Concealment Cipher Steganography
- Text is used for a very long keystream. - Clever use of components in the world. - Example: Key = Every 3rd word from a book. Concealment Cipher - Not actually encrypted – just hidden. - A message (hidden) within a message. - Example: Message = Newspaper Page #, Word #, … Steganography - Security through obscurity. - Not recommended as encryption substitute. 12

13 Cryptography Vernam Cipher - Gilbert Vernam - 1917
- Uses a basic Boolean XOR Function!! XOR Logic Gate Symbols XOR Truth Table 13

14 Cryptography Stream Cipher: Dividing the message into bits for processing (Encrypting data one bit at a time). 14

15 Cryptography Block Cipher: Dividing the message into blocks for processing 1 Block 15

16 Cryptography Stream v.s. Block Cipher 16

17 Cryptography Key & Algorithm Relationship
- Algorithm’s are static mathematic functions. - Algorithm does not change; the key does. - The purpose of a key is to add randomization. - The key is a group of instructions for the algorithms. - Larger key space means better security: 128 bit strength = 2^128 = 3.4 x 10^38 possible keys (keyspace) - Processing power can brute force keys < 112 bit 17

18 Cryptography Key & Algorithm Relationship 18

19 Cryptography Symmetric (Public) Key Algorithm
- The same key is used to encipher plaintext to produce cipher text Plaintext ⊕ Key = Ciphertext *and to* - decipher cipher text to yield the original plaintext Ciphertext ⊕ Key = Plaintext 19

20 Cryptography Symmetric (Public) Key Algorithm
- How is confidentiality maintained? 20

21 Cryptography Symmetric Key Algorithm - Advantages Fast
Hard to break if large key is used. - Disadvantages Only provides for confidentiality Key Management Distribution 21

22 = n(n-1)/2 Cryptography Symmetric Key Algorithm - Disadvantages
Key Management Assume you wanted to communicate with 10 other people while ensuring confidentiality. How many keys would you need? # of communication channels = n(n-1)/2 22

23 Cryptography Symmetric Key Algorithm
- Disadvantages (Most serious deficiency) Distribution How would we transfer symmetric keys securely? What if someone is monitoring comms? If sent in cleartext someone can intercept. 23

24 Key Pair {Public Key, Private Key}
Cryptography Asymmetric Encryption - One key is required to encrypt. Plaintext ⊕ Public Key = Ciphertext *and* - another key is required to decrypt. Ciphertext ⊕ Private Key = Plaintext Key Pair {Public Key, Private Key} 24

25 Cryptography Asymmetric Encryption given to anyone kept secret 25

26 Cryptography Asymmetric Encryption Key Pair {Public Key, Private Key}
26

27 Cryptography Asymmetric Encryption - SENDER
Messages are encrypted with either the public or private key. The public key can be given to anyone. - RECIEVER Only the matching key pair will decrypt it. The private key is kept secret. 27

28 Cryptography Asymmetric Encryption
- It should not be possible to get a key pair’s private key from the public key. - Anyone with a private key can generate its public pair. - This is done using one-way functions. 28

29 Cryptography Asymmetric Encryption - Advantages Key Management
Distribution - Disadvantages Can’t encrypt large amounts of data. 29

30 Cryptography Asymmetric Encryption - Advantages
Solves Key Management Problem!! Assume you wanted to communicate with 10 other people while ensuring confidentiality. How many keys would you need now? 30

31 31

32 Cryptography Hashing - Taking variable amounts
of data and compressing it into a fixed length value, producing unique outputs. - A different MD5 hash would indicate the file has been altered or corrupted. - Message digest helps to verify integrity. - Integrity and/or nonrepudiation 32

33 Cryptography Digital Signatures
Message goes through a Hashing algorithm. The message and the message digest is encrypted with the sender’s private key. The receiver validates the digital signature by decrypting it with the sender’s public key. Provides integrity, authenticity, and non-repudiation. If I use my private key to encrypt something then it proves it came from me. 33

34 Cryptography Digital Signatures 34

35 Cryptography Cryptographic Algorithms 35

36 Cryptography Cryptographic Algorithms
Symmetric Key Cryptography: Encryption Standards 36

37 Cryptography Characteristics of Strong Algorithms: - Confusion
Changing a char in plaintext doesn’t create predictable ciphertext. Reverse Engineering process is difficult. Contains Complexity. - Diffusion Changes in plaintext creates large change in ciphertext; avoiding discovery of key. 37

38 Cryptography Characteristics of Strong Algorithms: - Complexity
Distribution of frequency creating a flat cipher. 38

39 Cryptography Kerckoff’s Principal:
“…the security of a cipher system should depend on the key and not the algorithm…” Why would it be advantageous to release the cipher algorithm to the public? Why wouldn’t it be…? 39

40 40

41 How did they do that??? 41

42 Cryptography Attacks Birthday Attack
- Used to find the same hash value for two different inputs Reveals any mathematical weaknesses in the hashing algorithm. Total Hashes Input attempts required for 50% chance of output collision 42

43 Cryptography Attacks Brute-Force Attack
- Tries all possible keys in a keyspace. 43

44 Cryptography Attacks Mathematical Attacks
Properties of the algorithm are attacked. MAIN CATAGORIES Chosen-plaintext attack: access to PT and CT to determine key. Known plaintext attack: access to “known” PT and CT forms. Chosen-ciphertext attack: access to the CT ready to be decrypted. Ciphertxt-only attack: access to CT but not the PT. Side-channel attack: misc info, EM emissions, noise, virbrations, ... 44

45 Review Questions Question #4 What is Cryptography? 45

46 Review Questions Question #4 What is Cryptography?
The science of hiding communications. 46

47 Review Questions Question #3 What is encryption? 47

48 Review Questions Question #3 What is encryption?
Transforming data into an unreadable format. 48

49 Review Questions Question #1 What is an algorithm? 49

50 Review Questions Question #1 What is an algorithm?
Describes the process (instruction set) involved in producing a desired output. 50

51 Review Questions Question #2 What is a Cryptographic Key? 51

52 Review Questions Question #2 What is a Cryptographic Key?
Piece of information that controls how the cryptographic algorithm functions (works). 52

53 Review Questions Question #5 What is Cryptanalysis? 53

54 Review Questions Question #5 What is Cryptanalysis?
Breaking cryptography; act of obtaining plain text from cipher text. 54

55 Review Questions Question #6
Which of the following best describes obtaining plain text from cipher text without a key? Frequency Analysis Cryptanalysis Decryption Cracking 55

56 Review Questions Question #6
Which of the following best describes obtaining plain text from cipher text without a key? Frequency Analysis Cryptanalysis Decryption Cracking 56

57 Review Questions Question #7
Which of the following is a disadvantage of symmetric key encryption? Key Size Speed Key Management Key Strength 57

58 Review Questions Question #7
Which of the following is a disadvantage of symmetric key encryption? Key Size Speed Key Management Key Strength 58

59 Review Questions Question #8
Which of the following attacks requires an attacker to obtain several encrypted messages that have been encrypted using the same encryption algorithm? Know plain text attack Cipher text attack Clear text attack Replay attack 59

60 Review Questions Question #8
Which of the following attacks requires an attacker to obtain several encrypted messages that have been encrypted using the same encryption algorithm? Know plain text attack Cipher text attack Clear text attack Replay attack 60

61 Review Questions Question #9
Why does a digital signature contain a message digest? To detect any alteration of the message To indicate the encryption algorithm To confirm the identity of the sender To enable transmission in a digital format 61

62 Review Questions Question #9
Why does a digital signature contain a message digest? To detect any alteration of the message To indicate the encryption algorithm To confirm the identity of the sender To enable transmission in a digital format 62

63 Review Questions Question #10
Which is NOT a property of a one-way hash function? It converts a message of a fixed length into a message digest of arbitrary length It is computationally infeasible to construct two messages with the same digest It converts a message of arbitrary length into a message of a fixed length Given a digest value, it is computationally infeasible to find the corresponding message 63

64 Review Questions Question #10
Which is NOT a property of a one-way hash function? It converts a message of a fixed length into a message digest of arbitrary length It is computationally infeasible to construct two messages with the same digest It converts a message of arbitrary length into a message of a fixed length Given a digest value, it is computationally infeasible to find the corresponding message 64

65 Review Questions Question #11
What are the three most important functions that digital signatures perform? Integrity, Confidentiality, and Authorization Integrity, Authentication, and Nonrepudiation Authorization, Authentication, and Nonrepudiation Authorization, Detection, and Accountability 65

66 Review Questions Question #11
What are the three most important functions that digital signatures perform? Integrity, Confidentiality, and Authorization Integrity, Authentication, and Nonrepudiation Authorization, Authentication, and Nonrepudiation Authorization, Detection, and Accountability 66

67 Review Questions Question #12
What is the result of a hash algorithm being applied to a message? A digital signature A ciphertext A message digest A plaintext 67

68 Review Questions Question #12
What is the result of a hash algorithm being applied to a message? A digital signature A ciphertext A message digest A plaintext 68

69 Review Questions Question #13
Digital signatures are used to do which of the following? Verify that a message was received Ensure that repudiation is provided Provided authentication and nonrepudiation Encrypt sensitive messages 69

70 Review Questions Question #13
Digital signatures are used to do which of the following? Verify that a message was received Ensure that repudiation is provided Provided authentication and nonrepudiation Encrypt sensitive messages 70

71 Review Questions Question #14
What is the standard for PKI certificates? X.500 X.400 X.509 MySQL.409 71

72 Review Questions Question #14
What is the standard for PKI certificates? X.500 X.400 X.509 MySQL.409 72

73 Review Questions Question #15
A hash value is a fixed-length string used to verify message integrity? TRUE FALSE 73

74 Review Questions Question #15
A hash value is a fixed-length string used to verify message integrity? TRUE FALSE 74

75 Review Questions Question #16
OpenPGP is focused on protecting which of the following? Web content messages Database systems IPSec traffic 75

76 Review Questions Question #16
OpenPGP is focused on protecting which of the following? Web content messages Database systems IPSec traffic 76

77 Review Questions Question #17
Why did the NSA decide to drop support for DES? The cost was too high. The encryption algorithm was too slow. The processing power of computers had increased. It was too difficult for government agencies to use. 77

78 Review Questions Question #17
Why did the NSA decide to drop support for DES? The cost was too high. The encryption algorithm was too slow. The processing power of computers had increased. It was too difficult for government agencies to use. 78

79 Review Questions Question #18
Two different messages producing the same hash value results in which of the following? Duplicate key Corrupt key Collision Message digest 79

80 Review Questions Question #18
Two different messages producing the same hash value results in which of the following? Duplicate key Corrupt key Collision Message digest 80

81 Review Questions Question #19
Asymmetric cryptography systems are which of the following? Faster than symmetric cryptography systems Slower than symmetric cryptography systems The same speed as symmetric cryptography systems Practical only on systems with multiple processors 81

82 Review Questions Question #19
Asymmetric cryptography systems are which of the following? Faster than symmetric cryptography systems Slower than symmetric cryptography systems The same speed as symmetric cryptography systems Practical only on systems with multiple processors 82

83 Review Questions Question #20
Which of the following is an asymmetric algorithm? DES AES RSA Blowfish 83

84 Review Questions Question #20
Which of the following is an asymmetric algorithm? DES AES RSA Blowfish 84

85 Review Questions Question #21 (last one)
What type of cryptographic algorithm is being used? 85

86 Review Questions Question #21 (last one)
What type of cryptographic algorithm is being used? Caesar Cipher / Substitution Algorithm / ROT 86

87 Quiz #7 Short answer, closed book, closed notes. 87

88 probbins@hawaii.edu Questions? www2.hawaii.edu/~probbins
88

Download ppt "ISA 330 Introduction to Proactive System Security"

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.

Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.

CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.

First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.
CC3.12 Erdal KOSE Privacy & Digital Security Encryption.

CC3.12 Erdal KOSE Privacy & Digital Security Encryption.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
Encryption Methods By: Michael A. Scott 20140508.

Encryption Methods By: Michael A. Scott
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.

Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.
Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.

Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.
Cryptography Week-6.

Cryptography Week-6.
CS5204 – Fall 2009 1 Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.

CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
Security in Computing Cryptography (Introduction) Derived from Greek words: ‘Kruptos’ (hidden) and ‘graphein’ (writing.

Security in Computing Cryptography (Introduction) Derived from Greek words: ‘Kruptos’ (hidden) and ‘graphein’ (writing.
Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.

Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.
Cryptography, Authentication and Digital Signatures

Cryptography, Authentication and Digital Signatures
CSCE 201 Introduction to Information Security Fall 2010 Data Protection.

CSCE 201 Introduction to Information Security Fall 2010 Data Protection.
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.

CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.

Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.

Similar presentations

Ads by Google