Software Security Seminar - 1 Chapter 10. Using Algorithms 발표자 : 이장원 Applied Cryptography

Software Security Seminar - 2 Contents 10.5 Hardware Encryption vs Symmetric Cryptography 10.6 Compression, Encoding, and Encryption 10.7 Detecting Encryption 10.8 Hiding Ciphertext in Ciphertext 10.9 Destruction Information

Software Security Seminar - 3 Hardware Encryption vs Symmetric Cryptography  Speed - Encryption algorithm (DES, RSA) run inefficiently on general- purpose processors  Security - Encryption algorithm has no physical protection Hardware VLSI chips : coated with chemical Clipper & Capstone Chips : designed to be tamperproof [24] IBM’s Cryptographic system : include tamper-resistant modules to hold keys.[24]

Software Security Seminar - 4 Hardware Encryption vs Symmetric Cryptography(conti.)  Ease of installation - cheaper to put special-purpose encryption hardware in the telephone, fax, & modem than to put in a microprocessor & software - easier to install a dedicated hardware encryption device than to modify the computer’s system software Hardware(conti.)

Software Security Seminar - 5 Hardware Encryption vs Symmetric Cryptography(conti.)  Three basic kinds of encryption hardware Hardware(Conti.) Self contained encryption module : perform functions such as password verification and key management for banks Dedicated encryption boxes for communications links  T-1 encryption boxes  Newer boxes : accept higher bit rate and more versatile

Software Security Seminar - 6 Hardware Encryption vs Symmetric Cryptography(conti.)  Three basic kinds of encryption hardware Hardware(Conti.) Board : plug into PC  PC-Board encryptor usually encrypt everything written to the hard disk and can be configured to encrypt everything sent to the floppy disk and serial port as well  Not shielded against electromagnatic radiation or physical interference

Software Security Seminar - 7 Hardware Encryption vs Symmetric Cryptography(conti.)  Disadvantage : Speed, Cost, Ease of Modification(Manipulation)  Advantage : Flexibility, Portability, Ease of Use and Upgrade  Operating Systems Software

Software Security Seminar - 8 Compression, Encoding, and Encryption Compressing a file before encryption reduces redundancy. Compressing a file before encryption speeds up the entire process.  Data compression algorithm  Add any type of transmission encoding, or error detection and recovery Add that after encryption.  Decryption after Error Control

Software Security Seminar - 9 Detecting Encryption Rely on the fact that most popular encryption programs have well- defined header : Electronic-mail message encrypted with either PEM or PGP. How distinguishing the ciphertext from seemingly random bits?  How detecting an encryptied file ? - Examine the file 1)ASCII file : easy to spot 2)TIFF, TeX, C, …, Executable code : standard identifying characteristics 3)Unix files : magic number - Try to uncompress the file - Try to compress the file

Software Security Seminar - 10 Hiding Ciphertext in Ciphertext −Use one-time pad : P : plaintext, D : dummy plaintext, C : ciphertext K : real key, K ’ : dummy key Alice : encrypt P + K= C A & Bob : share K B : decrypt C + K= P A & B : surrender K ’ = C + D Police : recover the dummy plaintext C + K ’ = D WIBN to be able encrypt a file s.t there are two possible decryptions each with a different key.

Software Security Seminar - 11 Destruction Information -To erase a file so that file-recovery software cannot read it, physically write over all of the file’s bits on the disk. -Most commercial programs : overwriting three times