Presentation is loading. Please wait.

Presentation is loading. Please wait.

Códigos y Criptografía Francisco Rodríguez Henríquez Security Attacks: Active and Passive Active Masquerade (impersonation) Replay Modification of message.

Published byLindsey Jackson Modified over 8 years ago

Similar presentations

Presentation on theme: "Códigos y Criptografía Francisco Rodríguez Henríquez Security Attacks: Active and Passive Active Masquerade (impersonation) Replay Modification of message."— Presentation transcript:

1 Códigos y Criptografía Francisco Rodríguez Henríquez Security Attacks: Active and Passive Active Masquerade (impersonation) Replay Modification of message Denial of service Passive Traffic analysis Release of message contents

2 Códigos y Criptografía Francisco Rodríguez Henríquez Classes of Security Attacks Interruption Interception Modification Fabrication Anita Betito

3 Códigos y Criptografía Francisco Rodríguez Henríquez Classes of Security Attacks: Interruption Interruption Interception Modification Fabrication Anita Betito Availability

4 Códigos y Criptografía Francisco Rodríguez Henríquez Classes of Security Attacks: Interception Interruption Interception Modification Fabrication Anita Betito Confidentiality

5 Códigos y Criptografía Francisco Rodríguez Henríquez Classes of Security Attacks: modification Interruption Interception Modification Fabrication Anita Betito Integrity

6 Códigos y Criptografía Francisco Rodríguez Henríquez Classes of Security Attacks: fabrication Interruption Interception Modification Fabrication Anita Betito Authenticity

7 Códigos y Criptografía Francisco Rodríguez Henríquez Security Services Confidentiality- protect info value Authentication- protect info origin (sender) Identification- ensure identity of users Integrity- protect info accuracy Non-repudiation - protect from deniability Access control - access to info/resources Availability - ensure info delivery

8 Códigos y Criptografía Francisco Rodríguez Henríquez Some Practical Applications "Any sufficiently advanced technology is indistinguishable from magic.” Arthur C. Clarke. secure mail secure communications network authentication electronic voting electronic notary digital money (digital wallet) data distribution

9 Códigos y Criptografía Francisco Rodríguez Henríquez Secure Mail: PGP (Pretty Good Privacy) Pretty Good Privacy was created by Philip R. Zimmermann. For that, he was the target of a three-year criminal investigation, because the US government held that US export restrictions for cryptographic software were violated when PGP spread all around the world following its 1991 publication as freeware. Despite of this government persecution, PGP nonetheless became the most widely used email encryption software in the world. PGP is a freeware. A copy of the software can be obtain at, PGP download site: http://web.mit.edu/network/pgp.html

10 Códigos y Criptografía Francisco Rodríguez Henríquez Secure Communications Scenarios –Security for real-time electronic links –local area networks –link encryption –cellular (and ordinary) phones and faxes Goals –message privacy –sender and recipient authentication –non-repudiation Tools –key-agreement protocols –secret-key cryptosystems –public-key cryptosystems –digital signatures –certicates

11 Códigos y Criptografía Francisco Rodríguez Henríquez Data Distribution Scenarios –conditional access TV –software distribution via CD­ROM –information bulletin boards Goals –broadcast operation (TV, CD­ROM) –message privacy –selective reception Tools –secret­key cryptography –public­key cryptography –secure hardware

12 Códigos y Criptografía Francisco Rodríguez Henríquez Electronic Voting Scenarios –general elections –shareholders meetings –secure distributed computation Goals –anonymity –fairness –accountability Tools –RSA-based mathematics –blind signatures –sender untraceability protocols

13 Códigos y Criptografía Francisco Rodríguez Henríquez Digital Money (Digital Wallet) Scenarios –replacement for paper money –more flexible than credit cards Goals –anonymity –untraceability –fairness –dividability –transferability –off­line (from bank) operations –universality Tools –more RSA­based mathematics –zero­knowledge protocols –secure hardware tokens

14 Códigos y Criptografía Francisco Rodríguez Henríquez Some Research Interests in Cryptography Design of cryptographic algorithms Analysis of cryptographic algorithms Design of cryptographic protocols Hardware and software implementations Applications of cryptography

15 Códigos y Criptografía Francisco Rodríguez Henríquez Cryptography Schemes Sender Receiver Adversary Message Problem: How to have secure communication over an insecure channel?

16 Códigos y Criptografía Francisco Rodríguez Henríquez Solution A: Trusted Third Party using this model requires us to: design an algorithm for the security transformation generate the secret information used by the algorithm develop methods to distribute the secret information specify a protocol enabling the principals to use the transformation & secret info for a security service

17 Códigos y Criptografía Francisco Rodríguez Henríquez Solution B: Secret-key cryptography Sender Receiver Adversary Ciphertext Exchange the key over a secure channel Functions f(e; -) and g(d; -) are inverses of one another Encryption and decryption processes are symmetric key: e or d C := f(e; M)M := g(d; C)

18 Códigos y Criptografía Francisco Rodríguez Henríquez Problems with secret-key cryptography: requires establishment of a secure channel for key exchange two parties cannot start communication if they never met

19 Códigos y Criptografía Francisco Rodríguez Henríquez Alternative: Public-Key Cryptography requires establishment of a public-key directory in which everyone publishes their encryption keys two parties can start communication even they never met provides ability to sign digital data

Download ppt "Códigos y Criptografía Francisco Rodríguez Henríquez Security Attacks: Active and Passive Active Masquerade (impersonation) Replay Modification of message."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
6/9/2015Madhumita. Chatterjee1 Overview of Computer Security.

6/9/2015Madhumita. Chatterjee1 Overview of Computer Security.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution of public keys –use of public-key.

Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution of public keys –use of public-key.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Cryptographic Technologies

Cryptographic Technologies
Information Security of Embedded Systems 3.2.2010: Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.

Information Security of Embedded Systems : Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.
Introduction (Pendahuluan)  Information Security.

Introduction (Pendahuluan)  Information Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Digital Signature Xiaoyan Guo/102587 Xiaohang Luo/104446.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/

Similar presentations

Ads by Google