Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Chapter 9 9.1 The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Security Chapter 9 9.1 The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from."— Presentation transcript:

1 Security Chapter 9 9.1 The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from outside the system 9.6 Protection mechanisms 9.7 Trusted systems

2 The Security Environment Threats Security goals and threats

3 Basics of Cryptography Relationship between the plaintext and the ciphertext

4 Monoalphabetic substitution –each letter replaced by different letter Given the encryption key, –easy to find decryption key Secret-key crypto called symmetric-key crypto Secret-Key Cryptography

5 Public-Key Cryptography All users pick a public key/private key pair –publish the public key –private key not published Public key is the encryption key –private key is the decryption key

6 RSA Encryption To find a key pair e, d: 1. Choose two large prime numbers, P and Q (each greater than 10100), and form: N = P x Q Z = (P–1) x (Q–1) 2. For d choose any number that is relatively prime with Z (that is, such that d has no common factors with Z). We illustrate the computations involved using small integer values for P and Q: P = 13, Q = 17 –> N = 221, Z = 192 d = 5 3.To find e solve the equation: e x d = 1 mod Z That is, e x d is the smallest element divisible by d in the series Z+1, 2Z+1, 3Z+1,.... e x d = 1 mod 192 = 1, 193, 385,... 385 is divisible by d e = 385/5 = 77

7 RSA Encryption (contd.) To encrypt text using the RSA method, the plaintext is divided into equal blocks of length k bits where 2 k < N (that is, such that the numerical value of a block is always less than N; in practical applications, k is usually in the range 512 to 1024). k = 7, since 2 7 = 128 The function for encrypting a single block of plaintext M is: (N = P X Q = 13X17 = 221), e = 77, d = 5: E'(e,N,M) = M e mod N for a message M, the ciphertext is M 77 mod 221 The function for decrypting a block of encrypted text c to produce the original plaintext block is: D'(d,N,c) = c d mod N The two parameters e,N can be regarded as a key for the encryption function, and similarly d,N represent a key for the decryption function. So we can write K e = and K d =, and we get the encryption function: E(K e, M) ={M} K (the notation here indicating that the encrypted message can be decrypted only by the holder of the private key K d ) and D(K d, ={M} K ) = M. - public key, d – private key for a station

8 Application of RSA Lets say a person in Atlanta wants to send a message M to a person in Buffalo: Atlanta encrypts message using Buffalo’s public key B  E(M,B) Only Buffalo can read it using it private key b: E(b, E(M,B))  M In other words for any public/private key pair determined as previously shown, the encrypting function holds two properties: –E(p, E(M,P))  M –E(P, E(M,p))  M

9 How can you authenticate “sender”? In real life you will use signatures: we will look at concept of digital signatures next. Instead of sending just a simple message, Atlanta will send a signed message signed by Atlanta’s private key: –E(B,E(M,a)) Buffalo will first decrypt using its private key and use Atlanta’s public key to decrypt the signed message: –E(b, E(B,E(M,a))  E(M,a) –E(A,E(M,a))  M

10 Digital Signatures Strong digital signatures are essential requirements of a secure system. These are needed to verify that a document is: Authentic : source Not forged : not fake Non-repudiable : The signer cannot credibly deny that the document was signed by them.

11 Digest Functions Are functions generated to serve a signatures. Also called secure hash functions. It is message dependent. Only the Digest is encrypted using the private key.

12 Alice’s bank account certificate 1.Certificate type:Account number 2.Name:Alice 3.Account:6262626 4.Certifying authority:Bob’s Bank 5.Signature:{Digest(field 2 + field 3)} K Bpriv

13 Digital signatures with public keys

14 Low-cost signatures with a shared secret key

15 One-Way Functions Function such that given formula for f(x) –easy to evaluate y = f(x) But given y –computationally infeasible to find x

16 Digital Signatures Computing a signature block What the receiver gets (b)

17 Buffer Overflow (a) Situation when main program is running (b) After program A called (c) Buffer overflow shown in gray

18 Covert Channels (1) Client, server and collaborator processes Encapsulated server can still leak to collaborator via covert channels

19 Covert Channels (2) A covert channel using file locking

20 Covert Channels (3) Pictures appear the same Picture on right has text of 5 Shakespeare plays –encrypted, inserted into low order bits of color values Zebras Hamlet, Macbeth, Julius Caesar Merchant of Venice, King Lear

Download ppt "Security Chapter 9 9.1 The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from."

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.

Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.

Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.
1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.

1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.
YSLInformation Security -- Public-Key Cryptography1 Elliptic Curve Cryptography (ECC) For the same length of keys, faster than RSA For the same degree.

YSLInformation Security -- Public-Key Cryptography1 Elliptic Curve Cryptography (ECC) For the same length of keys, faster than RSA For the same degree.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.
Dr. Lo’ai Tawalbeh Summer 2007 Chapter 9 – Public Key Cryptography and RSA Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus INCS.

Dr. Lo’ai Tawalbeh Summer 2007 Chapter 9 – Public Key Cryptography and RSA Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus INCS.
Security Chapters 14,15. The Security Environment Threats Security goals and threats.

Security Chapters 14,15. The Security Environment Threats Security goals and threats.
Security Chapters 14,15. The Security Environment Threats Security goals and threats.

Security Chapters 14,15. The Security Environment Threats Security goals and threats.
CNS2010handout 10 :: digital signatures1 computer and network security matt barrie.

CNS2010handout 10 :: digital signatures1 computer and network security matt barrie.
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Security Chapter 9 9.1 The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from.

Security Chapter The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from.
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
1 Security and Protection Chapter 9. 2 The Security Environment Threats Security goals and threats.

1 Security and Protection Chapter 9. 2 The Security Environment Threats Security goals and threats.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.

Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
6/28/20151 Bringing Semantic Security to Semantic Web Services B. Ramamurthy.

6/28/20151 Bringing Semantic Security to Semantic Web Services B. Ramamurthy.

Similar presentations

Ads by Google