Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction to Security

Published byMay Banks Modified over 6 years ago

Similar presentations

Presentation on theme: "Introduction to Security"— Presentation transcript:

1 Introduction to Security
Chapter 9 Security Introduction to Security

2 Overview Why study security Types of Threats Security mechanisms
Design issues Cryptography

3 Why study Security

4 Why study Security Computers and mobile phones are used extensively
Malicious intentions of “bad” folks Manipulate data or watch data exchanged Imperative to understand Security of Distributed Systems What mechanisms to apply and where to use them

5 Why study Security Security in Distributed systems
Secure channel for communication Access control of users What does a secure computer mean Available Reliable Dependable Maintains integrity Confidential

6 Types of Threats

7 Types of Threats Interception Interruption Modification Fabrication
Gains access to service or data - Eavesdropping Interruption Service or data becomes unavailable Modification Tampering of service or changing data in the system Fabrication Additional data or activity generated and inserted in system

8 Security Mechanisms Encryption Authentication Authorization Auditing
Transform data to make it unrecognizable to attacker Can check if the data is modified Authentication Verify identify the user, client, server, host Authorization Verify authorization to perform Auditing Audit logs help in analyze breach

9 Design Issues

10 Focus of Control - 3 approaches for protection
Protection of data against invalid operations

11 2. Control which operation may be invoked

12 3. Protection against unauthorized users

13 Layering of Security Mechanisms
At which level should security mechanisms be placed

14 Distribution of Security Mechanisms
Trusted Computing Base – set of all security mechanisms

15 Simplicity Designing is generally difficult
Simple mechanism is not sufficient

16 Cryptography

17 Cryptography It is fundamental to security Secures communication
Encrypt the data into something unintelligible Those meant to receive can decipher the data C = EK(P) P = DK(C) P – Plain text C – Cipher text K – Key E and D – Encryption and Decryption algorithms

18 3 types of cryptographic systems
3 types of attacks Eavesdropping Modification of messages Insertion of messages 3 types of cryptographic systems Symmetric Asymmetric Hash Functions

19

20 Symmetric Cryptograms
Secret key or shared key systems Sender and Receiver share the secret key before hand Example DES Operates on 64 bit block of data An initial round of permutation Block is broken into two parts , Right and Left 16 rounds of identical operations, f After the 16 rounds, the halves are joined A final permutation(inverse of the initial)

21 DES

22 DES – Key Generation

23 DES Difficult is break using analytical methods Key search can break it Triple DES encrypt – decrypt – encrypt (message) Design not known, so harder to break Latest algorithms use larger blocks and larger keys

24 Asymmetric Cryptograms
2 different keys, public key and private key Encryption and decryption use different keys Encryption function is hard, one way function Mathematically not feasible for the attacker to calculate private key from private key Public key is usually ‘signed’ by a third party

25 RSA Named after the Ron, Shamir, Adleman Each person communicating needs to generate public and private keys Public key: Select two large prime numbers p, q Let n = p*q Choose e such that it 1 < e < (p -1)(q – 1) and e and (p -1)(q -1) are coprime (n ,e) form the public key

26 Private key: Encryption C = P e mod n Decryption
It is calculated from p, q, e. There is a unique number d for given n, e. d is the inverse of e ≡ (p-1)(q-1) or de ≡ 1 mod (p - 1)(q - 1) d is the private key Encryption C = P e mod n Decryption P = C d mod n

27 Strong collision resistance, cannot find m’ such that
Hash Functions takes an arbitrary length input m and produces a bit string of fixed length h h = H(m) They are one way functions, computationally infeasible to find m knowing h Strong collision resistance, cannot find m’ such that H(m) = H(m’) Often used to authenticate digital signatures

28 MD5 Message Digest Algorithm
MD5 hashes are 128-bits in length and are normally shown in their 32 digit hexadecimal value equivalent it has been found to suffer from extensive vulnerabilities MD5 is neither encryption nor encoding Most U.S. government applications now require the SHA-2 family of hash functions In 2012, the Flame malware exploited the weaknesses in MD5 to fake a Microsoft digital signature.

29

30 MD5 The message m is padded to make it congruent to 448 modulo 512, made 64 bits less than A 64 bit representation of m is appended to the result of the above step A four word buffer (A,B,C,D) is used to compute the message digest A,B,C,D are 32 bit registers word A : word B : 89 ab cd ef word C : fe dc ba 98 word D :

31 MD5 There are 4 functions that take each take 3 32-bit words as input and produce one 32-bit word as output F (X, Y, Z) = XY or not (X) Z G (X, Y, Z) = XZ or Y not (Z) H (X, Y, Z) = X xor Y xor Z I (X, Y, Z) = Y xor (X or not (Z))

32 MD5 [abcd k s i] denote the operation a = b + ((a + F (b, c, d) + X [k] + T [i]) <<< s). Do the following 16 operations. [ABCD ] [DABC ] [CDAB ] [BCDA ] [ABCD ] [DABC ] [CDAB ] [BCDA ] [ABCD ] [DABC ] [CDAB ] [BCDA ] [ABCD ] [DABC ] [CDAB ] [BCDA ]

33 MD5 The message digest produced as output is A, B, C, D. That is, output begins with the low-order byte of A, and end with the high-order byte of D

34 Current Research MD5 DES
Increasing the data structure size and the key length ensure the strength of the encryption algorithm. RSA It can be made more secure by using 4 prime numbers instead of 4 MD5

35 References Tanenbaum, Andrew S., and Maarten van Steen. Distributed Systems: Principles and Paradigms. Maarten Van Steen, 2016. A hybrid security algorithm for RSA cryptosystem Prabhat K. Panda; Sudipta Chattopadhyay 2017 4th International Conference on Advanced Computing and Communication Systems (ICACCS) Extended DES algorithm to Galois Fields Luminiţa Scripcariu; Petre-Daniel Mătăsaru; Felix Diaconu 2017 International Symposium on Signals, Circuits and Systems (ISSCS)

Download ppt "Introduction to Security"

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.

1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.
Distributed Systems CS 15-440 Security – Part I Lecture 21, Nov 28, 2011 Majd F. Sakr, Vinay Kolar, Mohammad Hammoud.

Distributed Systems CS Security – Part I Lecture 21, Nov 28, 2011 Majd F. Sakr, Vinay Kolar, Mohammad Hammoud.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
MD5 Message Digest Algorithm CS265 Spring 2003 Jerry Li Computer Science Department San Jose State University.

MD5 Message Digest Algorithm CS265 Spring 2003 Jerry Li Computer Science Department San Jose State University.
8.1 Learning Objectives To become familiar with the range of security threats faced by networked and distributed systems (DSs); To examine various cryptographic.

8.1 Learning Objectives To become familiar with the range of security threats faced by networked and distributed systems (DSs); To examine various cryptographic.
Cryptography April 20, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.

1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 DISTRIBUTED SYSTEMS.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.

Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.
Chapter 12 Cryptography (slides edited by Erin Chambers)

Chapter 12 Cryptography (slides edited by Erin Chambers)
CS5204 – Fall 2009 1 Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.

CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
Lecture 15 Lecture’s outline Public algorithms (usually) that are each other’s inverse.

Lecture 15 Lecture’s outline Public algorithms (usually) that are each other’s inverse.
How HTTPS Works J. David Giese. Hyper Text Transfer Protocol BrowserHTTP Server GET / HTTP/1.1 HOST: edge-effect.github.io HEADERS BODY HTTP/1.1 200 OK.

How HTTPS Works J. David Giese. Hyper Text Transfer Protocol BrowserHTTP Server GET / HTTP/1.1 HOST: edge-effect.github.io HEADERS BODY HTTP/ OK.
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)

Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)

Similar presentations

Ads by Google