Presentation is loading. Please wait.

Presentation is loading. Please wait.

System Security: Cryptography Technologies CPE 261403 - Operating Systems

Published byBranden Gordon Modified over 8 years ago

Similar presentations

Presentation on theme: "System Security: Cryptography Technologies CPE 261403 - Operating Systems"— Presentation transcript:

1 System Security: Cryptography Technologies CPE 261403 - Operating Systems http://www.e-cpe.org/moodle

2 What does the fish mean?

3 Ichthys

4

5 User name / Password

6 Threat Ex: Wifi Packet Sniffers

7 Protection with Cryptography

8 Encryption and Decryption Symmetric – Uses a shared key Asymmetric – Added security with Public and Private keys

9 Symmetric Encryption I LOVE YOU Simple example: Add a constant to the ASCII value J MPWF ZPV Key = 1

10 The Enigma Machine German Encryption Machine For WWI

11

12 Enigma was cracked by the Allies in WWII Some say this helped shortened WWII by two years

13 Some Examples Data Encryption Standard (DES)  56 bit key for every 64 bit value Advanced Encryption Standard (AES)  256 bit key for every 128 bit value RC4  As used in WEP (Wired Equivalent Privacy) WPA, WPA2 (Wi-Fi Protected Access)  256 bit key

14 Asymmetric Encryption

15 Algorithm Example Public Key = (kd, N) Private Key = (ke, N) N = p.q (where p, q are prime numbers) Pick kd that is < N Calculate ke where  ke.kd mod (p-1)(q-1) = 1

16 Example If p = 7 and q = 13 N = 7.13 = 91 Pick Kd = 5 Find Ke  Ke.5 mod (7-1)(13-1) = 1  Ke = 29 Public Key = (5, 91) Private Key = (29, 91)

17 Encrypting and Decrypting Encrypt message = (input ^ ke ) mod N Decrypt message = (input ^ kd) mod N If we want to send the number 69 Encrypted message = 69 ^ 5 mod 91 = 62 Decrypted message = 62 ^ 29 mod 91 = 69 *Note: number must < N

18 Notes In reality p and q can be 512 bits each

19 Case Study: SSL (Secure Socket Layer Protocol)

20 An Online Bank Example Browser SCB Server Request Secure Connection (HTTPS) Sends a Public Key Encrypt & Send Login/Password Is there a problem with this method? Yes. A fake web site can also send a public key

21 SSL Certificate Verification Browser SCB Server Request SSL Sends key + Certificate Verify

22 SSL Protocol Browser SCB Server Request SSL Sends key + Certificate Verify Encrypt + send user/password Ok. Now the client can send secure info to the server. But how can the bank send secure information to the client?

23 SSL Protocol Browser SCB Server Request SSL Sends key + Certificate Verify Sends client’s public key Do we need to verify the Server’s second response? Yes. But now it is easier. Data encrypted with client’s public key

24 SSL Protocol Browser SCB Server Request SSL Sends key + Certificate Verify Sends client’s public key If the client can de-crypt the data with the server’s public key It verifies that data is sent from the server. Data encrypted with client’s public key Encrypt with server’s private key

25 Browser SCB Server SSL Protocol Data encrypted with client’s public key Encrypt with server’s private key Double encryption is too much work. Can we optimize?

26 Browser with New (pub/pri) keys Server with New (pub/pri) keys SSL Protocol Send a new public key Encrypt with server’s private key Yes. The server can send a new set of keys for future use Secure Data Encrypt with the new public key Encrypt with the new private key Encrypt with the client’s public key

27 Summary Browser SCB Server Request SSL Sends key + Certificate Verify Sends client’s public key Send new pub key Secure Data

28 Encryption is a cat & mouse game Encryption is becoming more complex (64bits, 128bits, …, 512bits, …, ?) Relies on Mathematical Models. Can be cracked. Never fully trust that your data is safe with encryption

Download ppt "System Security: Cryptography Technologies CPE 261403 - Operating Systems"

Similar presentations

Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998.

Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998.
Network Security.

Network Security.
Cryptography and Network Security

Cryptography and Network Security
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, I've Got You under My Skin“ by Cole Porter.

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.

SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.
More on SSL/TLS. Internet security: TLS TLS is one of the more prominent internet security protocols. TLS is one of the more prominent internet security.

More on SSL/TLS. Internet security: TLS TLS is one of the more prominent internet security protocols. TLS is one of the more prominent internet security.
Digital Signatures. Anononymity and the Internet.

Digital Signatures. Anononymity and the Internet.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Security & Encryption Thomas Fenske & Joseph Minter.

Security & Encryption Thomas Fenske & Joseph Minter.
Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.

Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.
Wi-Fi Security January 21, 2008 by Larry Finger. Wi-Fi Security Most laptops now come with built-in wireless capability, which can be very handy; however,

Wi-Fi Security January 21, 2008 by Larry Finger. Wi-Fi Security Most laptops now come with built-in wireless capability, which can be very handy; however,
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
Electronic Transaction Security (E-Commerce)

Electronic Transaction Security (E-Commerce)
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.

Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
Wireless Encryption By: Kara Dolansky Network Management Spring 2009.

Wireless Encryption By: Kara Dolansky Network Management Spring 2009.

Similar presentations

Ads by Google