Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright Justin Klein Keane InfoSec Training Encryption.

Published byEmma Moore Modified over 9 years ago

Similar presentations

Presentation on theme: "Copyright Justin Klein Keane InfoSec Training Encryption."— Presentation transcript:

1 Copyright Justin Klein Keane <jukeane@sas.upenn.edu InfoSec Training Encryption

2 Copyright Justin Klein Keane <jukeane@sas.upenn.edu Terminology Plaintext Ciphertext Encrypt Decrypt

3 Copyright Justin Klein Keane <jukeane@sas.upenn.edu About Encryption Idea is to obscure messages from observation Encryption can be used to protect secrets but also:  To verify identity  To verify authenticity  To verify integrity  To verify authorization

4 Copyright Justin Klein Keane <jukeane@sas.upenn.edu Not Encryption - Encoding Encoding is a method to alter data Follows a set of guidelines about how to represent data in a specific format Encoding is formatting, not data hiding

5 Copyright Justin Klein Keane <jukeane@sas.upenn.edu Not Encryption - Hashing Hashing uses a one way mathematical algorithm to take an input and generate a seemingly random, unique, output Hashing the same input twice produces the same output There is no way to reverse a hash (i.e. You can't go from a hash value to an original value) Collisions – when two different inputs produce the same hash

6 Copyright Justin Klein Keane <jukeane@sas.upenn.edu How Encryption works Take data Apply an algorithm to the data Use a key so that the process can be repeated Output should be unintelligible

7 Copyright Justin Klein Keane <jukeane@sas.upenn.edu Good Encryption There is no good “proprietary” encryption The best encryption schemes use open standards and protocols The standards and protocols are all well understood, verified, reviewed and vetted The secrecy is in the keys used

8 Copyright Justin Klein Keane <jukeane@sas.upenn.edu Encryption Types Symmetric (two way encryption)  Shared key Asymmetric (one way encryption)  Public key (think RSA and PGP)

9 Copyright Justin Klein Keane <jukeane@sas.upenn.edu Symmetric Encryption Same key used to encrypt and decrypt Very fast and computationally non-intensive Issue is sharing the key How do two parties trade keys in the presence of an adversary? Diffie-Hellman key exchange allows this

10 Copyright Justin Klein Keane <jukeane@sas.upenn.edu Asymmetric Encryption RSA is best example Public and private keys are used Public key used to encrypt Private key used to decrypt Thus public keys can be shared, private keys are held closely Key management is still an issue (is the public key you have for John the right one?)

11 Copyright Justin Klein Keane <jukeane@sas.upenn.edu Digital Signing Uses public key crypto A message is signed by turning it into a number, and running an operation on the number using the private key Anyone with the public key can reverse the operation and compare the numbers This allows assertions that the holder of the private key sent the message, and it was not changed in transit

12 Copyright Justin Klein Keane <jukeane@sas.upenn.edu Attacks on Crypto Brute force (a lot trickier than you'd think) Chosen plaintext attacks Chosen ciphertext attacks Birthday attack Dictionary (precomputation) attack Differential cryptoanalysis

13 Copyright Justin Klein Keane <jukeane@sas.upenn.edu Digital Certificates Used to validate the source of an encrypted message Certificate is passed to and verified by the client Let's you know you're talking to the “real” bank that you use Certificate Authorities (CA's) are supposed to verify identity before issuing certificates Stolen certs are a very bad thing Signing certs allow holders to issue sub-certs

14 Copyright Justin Klein Keane <jukeane@sas.upenn.edu Real World Crypto Whole disk encryption HTTPS/SSL SSH PGP VPN Hashing Two factor authentication

Download ppt "Copyright Justin Klein Keane InfoSec Training Encryption."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Cryptography Basic (cont)

Cryptography Basic (cont)
Chapter 5 Cryptography Protecting principals communication in systems.

Chapter 5 Cryptography Protecting principals communication in systems.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Cryptographic Technologies

Cryptographic Technologies
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.

How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Cryptography April 20, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.

Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
Encryption Methods By: Michael A. Scott 20140508.

Encryption Methods By: Michael A. Scott
Digital Signature Xiaoyan Guo/102587 Xiaohang Luo/104446.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Cryptography 101 Frank Hecker

Cryptography 101 Frank Hecker
Sorting Out Digital Certificates Bill blog.codingoutloud.com ··· Boston Azure ··· 13·Dec·2012 ···

Sorting Out Digital Certificates Bill blog.codingoutloud.com ··· Boston Azure ··· 13·Dec·2012 ···

Similar presentations

Ads by Google