March 2005 1R. Smith - University of St Thomas - Minnesota CISC 210 - Class Today Going over the HomeworkGoing over the Homework RecapRecap What’s on the.

Slides:



Advertisements
Similar presentations
“Advanced Encryption Standard” & “Modes of Operation”
Advertisements

Modern Symmetric-Key Ciphers
Modern Symmetric-Key Ciphers
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
March R. Smith - University of St Thomas - Minnesota Today’s Class Quiz RecapQuiz Recap Exam ReviewExam Review C MaterialC Material Matlab MaterialMatlab.
Block Ciphers and the Data Encryption Standard
March R. Smith - University of St Thomas - Minnesota CISC Class Today Homework: Chapter 5, exercises E6-E17Homework: Chapter 5, exercises E6-E17.
Cryptography1 CPSC 3730 Cryptography Chapter 6 Triple DES, Block Cipher Modes of Operation.
March R. Smith - University of St Thomas - Minnesota QMCS Class Today Authentication ReduxAuthentication Redux Some more biometrics slidesSome.
Block Ciphers 1 Block Ciphers Block Ciphers 2 Block Ciphers  Modern version of a codebook cipher  In effect, a block cipher algorithm yields a huge.
March R. Smith - University of St Thomas - Minnesota CISC Class Today Returning Homeworks 5 and 6Returning Homeworks 5 and 6 Recap: Crypto.
March R. Smith - University of St Thomas - Minnesota QMCS Class Today Homework collect/returnHomework collect/return OS Security/PolicyOS Security/Policy.
March R. Smith - University of St Thomas - Minnesota QMCS 130: Today’s Class Functions and Array ArgumentsFunctions and Array Arguments ExamExam.
March R. Smith - University of St Thomas - Minnesota Today’s Class RecapRecap More course thingsMore course things Work on labs/projectsWork on labs/projects.
Chapter 5 Cryptography Protecting principals communication in systems.
March R. Smith - University of St Thomas - Minnesota QMCS 130: Today’s Class Exam StatusExam Status Recap of Lab 7 ExampleRecap of Lab 7 Example.
Modes of Operation CS 795. Electronic Code Book (ECB) Each block of the message is encrypted with the same secret key Problems: If two identical blocks.
March R. Smith - University of St Thomas - Minnesota CISC Class Today Return Homework; grading recapReturn Homework; grading recap “Enigma”
March R. Smith - University of St Thomas - Minnesota QMCS Class Today Finish the other presentationFinish the other presentation Cipher ModesCipher.
6/22/2015 1R. Smith - University of St Thomas - Minnesota QMCS Class Today St. Lukes Case StudySt. Lukes Case Study.
Spring R. Smith - University of St Thomas - Minnesota QMCS 130: Today’s Class Return HomeworkReturn Homework Class ScheduleClass Schedule Functions:
March /18R. Smith - University of St Thomas - Minnesota QMCS 230: Today in Class Exam ReviewExam Review Arithmetic - I think everyone gets thisArithmetic.
March R. Smith - University of St Thomas - Minnesota QMCS Class Today Cryptography – introductory termsCryptography – introductory terms “Enigma”
McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
March R. Smith - University of St Thomas - Minnesota QMCS Class Today Homework backHomework back Take-home exam will be on Blackboard after.
March R. Smith - University of St Thomas - Minnesota QMCS 130: Today’s Class Data IndependenceData Independence Matlab #3: Exercise 5.1Matlab #3:
March R. Smith - University of St Thomas - Minnesota CISC Class Today “Help wanted” for security project“Help wanted” for security project.
March R. Smith - University of St Thomas - Minnesota QMCS 130: Today’s Class StatusStatus –Survey –Returning homework ArraysArrays –What are they?
March R. Smith - University of St Thomas - Minnesota QMCS 130: Today’s Class The examThe exam –Open book, no notes, like last time Exam TopicsExam.
Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from , semester’s past and others.
Lecture 23 Symmetric Encryption
March R. Smith - University of St Thomas - Minnesota Today’s Class Homework NotesHomework Notes –Always try to match the printed output if I give.
March /18R. Smith - University of St Thomas - Minnesota QMCS 230: Today in Class Change in order of topicsChange in order of topics –Starting Chapter.
March /18R. Smith - University of St Thomas - Minnesota QMCS 230: Today in Class The ExamThe Exam Homework NotesHomework Notes.
CS470, A.SelcukModes of Operation1 Encrypting with Block Ciphers CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
DNSSEC Cryptography Review Track 2 Workshop July 3, 2010 American Samoa Hervey Allen.
Modes of Operation. Topics  Overview of Modes of Operation  EBC, CBC, CFB, OFB, CTR  Notes and Remarks on each modes.
9/21/2015 1R. Smith - University of St Thomas - Minnesota CISC 130: Today’s Class RecapRecap Files, writing filesFiles, writing files 1D Array Recap1D.
Chapter 20 Symmetric Encryption and Message Confidentiality.
Lecture 4: Using Block Ciphers
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Chapter 9: Algorithms Types and Modes Dulal C. Kar Based on Schneier.
Encryption Types & Modes Chapter 9 Encryption Types –Stream Ciphers –Block Ciphers Encryption Modes –ECB - Electronic Codebook –CBC - Cipher Block Chaining.
Lecture 4 Page 1 CS 236 Stream and Block Ciphers Stream ciphers convert one symbol of plaintext immediately into one symbol of ciphertext Block ciphers.
1.1 Chapter 8 Encipherment Using Modern Symmetric-Key Ciphers Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
BLOCK CIPHER SYSTEMS OPERATION MODES OF DATA ENCRYPTION STANDARD (DES)
Chapter 9 Encrypting Volumes. FIGURE 9.0.F01: A hard drive volume with full-disk encryption (FDE).
Modes of Usage Dan Fleck CS 469: Security Engineering These slides are modified with permission from Bill Young (Univ of Texas) 11 Coming up: Modes of.
Public / Private Keys was a big year… DES: Adopted as an encryption standard by the US government. It was an open standard. The NSA calls it “One.
March R. Smith - University of St Thomas - Minnesota QMCS 130: Today’s Class Grades & Lab 12Grades & Lab 12 Upcoming ExamUpcoming Exam StructuresStructures.
March R. Smith - University of St Thomas - Minnesota QMCS Class Today “Enigma” recap and finish“Enigma” recap and finish The quiz/surveyThe.
Class 3 Cryptography Refresher II CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman
Lecture 23 Symmetric Encryption
Exam 1 Review CS461/ECE422 Fall Exam guidelines A single page of supplementary notes is allowed  8.5x11. Both sides. Write as small as you like.
March R. Smith - University of St Thomas - Minnesota CISC Class Today HomeworkHomework Project ScheduleProject Schedule LabLab RecapRecap Protecting.
1/28/2016 1R. Smith - University of St Thomas - Minnesota CISC 130: Today’s Class Assignments 7 and 8Assignments 7 and 8 ExamExam History Paper AssignmentHistory.
Lecture 4 Page 1 CS 236 Stream and Block Ciphers Stream ciphers convert one symbol of plaintext immediately into one symbol of ciphertext Block ciphers.
March /18R. Smith - University of St Thomas - Minnesota QMCS 230: Today in Class What’s on the Exam Next Week?What’s on the Exam Next Week? Lab 8Lab.
Cipher Transmission and Storage Modes Part 2: Stream Cipher Modes CSCI 5857: Encoding and Encryption.
7/6/2016 1R. Smith - University of St Thomas - Minnesota CISC 130: Today’s Class Collect PapersCollect Papers Review: Our ZeroesReview: Our Zeroes Review:
Block Cipher Modes Last Updated: Aug 25, ECB Mode Electronic Code Book Divide the plaintext into fixed-size blocks Encrypt/Decrypt each block independently.
Block Cipher Encrypting a large message Electronic Code Book (ECB) message m1 m2 m3 m4 m5 m6 c1 c2 c3 c4 c5 c6 E E E Secret.
Outline Desirable characteristics of ciphers Stream and block ciphers
Block Cipher Modes CS 465 Make a chart for the mode comparisons
CSE 484 Midterm Review “1st half of the quarter in 5 slides”
Block Ciphers (Crypto 2)
Counter Mode, Output Feedback Mode
Secret-Key Encryption
Presentation transcript:

March R. Smith - University of St Thomas - Minnesota CISC Class Today Going over the HomeworkGoing over the Homework RecapRecap What’s on the exam?What’s on the exam? Question TopicsQuestion Topics Example QuestionsExample Questions

March R. Smith - University of St Thomas - Minnesota Homework E6 – Key: Bob, the process, the key in RAME6 – Key: Bob, the process, the key in RAM –Plaintext: the process, the plaintext file E7 – Two ‘real’ pro and con argumentsE7 – Two ‘real’ pro and con arguments –“Encryption” is not an argument in favor of encryption –“Vulnerable to attack” is arguably true about anything E8-E11: One-time pad arithmeticE8-E11: One-time pad arithmetic –If you have a 10 digit text and 10 digit key, you get 10 digits out E12-17: SpreadsheetE12-17: Spreadsheet

March R. Smith - University of St Thomas - Minnesota Recap Block CiphersBlock Ciphers Block Cipher ModesBlock Cipher Modes Group Problem Solve – Block CiphersGroup Problem Solve – Block Ciphers Volume EncryptionVolume Encryption

March R. Smith - University of St Thomas - Minnesota Exam Format Closed Book – no book, actuallyClosed Book – no book, actually I will provide equations and lists of things, but I expect you to know how to use them!I will provide equations and lists of things, but I expect you to know how to use them! Write up a sheet of notes to bring along if you wish.Write up a sheet of notes to bring along if you wish.

March R. Smith - University of St Thomas - Minnesota What the Exam Covers Chapter 1 – Six phase processChapter 1 – Six phase process –Identifying assets and risks; Prioritizing risks Chapter 2 – Processes and access controlChapter 2 – Processes and access control –Control and data sections; access matrix; access diagram Chapter 3 – File access controlChapter 3 – File access control –Simple (Unix) permissions; access control lists Chapter 4 – Authentication and passwordsChapter 4 – Authentication and passwords –3 authentication factors, average attack space –Building blocks: randomness, one-way hash Chapter 5 plus – EncryptionChapter 5 plus – Encryption –Crypto building blocks: PRNGs, XOR, nonces –Block encryption, block cipher modes

March R. Smith - University of St Thomas - Minnesota What you should remember Access matrix vs. diagramAccess matrix vs. diagram –How to convert from one to the other File access controlFile access control –Given some policy guidance, specify the permissions –Difference between & use of basic permissions, groups, ACLs Average attack space vs. number of keysAverage attack space vs. number of keys –Average is half of total number – may be scaled by likelihood Three authentication factors Three authentication factors –Something you are, you have, you know Use of crypto building blocksUse of crypto building blocks –Effect of xor, one-way hash, block cipher encryption –Limitations of these

March R. Smith - University of St Thomas - Minnesota Question Topics, I Question Topics, I Security Process and RisksSecurity Process and Risks –Describe a scenario in terms of the six security phases I provide the scenario and list the phasesI provide the scenario and list the phases Talk of what did happen, not what should have happenedTalk of what did happen, not what should have happened –Do a simple risk analysis to prioritize some risks I provide some numbersI provide some numbers You do the analysis and tell me the answerYou do the analysis and tell me the answer Access controlAccess control –Given an access matrix, draw the diagram Or vice versa: given the diagram, fill in the matrixOr vice versa: given the diagram, fill in the matrix Elements for every item (file, data section)Elements for every item (file, data section) Elements for every actor (process, user)Elements for every actor (process, user) Permissions: read, write, executePermissions: read, write, execute

March R. Smith - University of St Thomas - Minnesota Question Topics, II Access ControlAccess Control –Given a policy, specify the access rights Use groups to separate non-owners from “everyone”Use groups to separate non-owners from “everyone” Use basic permissions for 1 owner+1 groupUse basic permissions for 1 owner+1 group Use ACLs if there are too many people and/or groupsUse ACLs if there are too many people and/or groups –Given some access rights, or a diagram, answer some questions Does user X have the right to do Y? Who can modify the file?Does user X have the right to do Y? Who can modify the file? AuthenticationAuthentication –Identify the factors used by real-word authentication examples –Calculate average attack space

March R. Smith - University of St Thomas - Minnesota Question Topics, III Crypto ImplementationCrypto Implementation –Explain how a Trojan horse can steal unencrypted data –Given a diagram, show where keys and plaintext are MS Windows ‘encryption’MS Windows ‘encryption’ File encryption programFile encryption program Encrypting device driver (TrueCrypt)Encrypting device driver (TrueCrypt) Crypto Building BlocksCrypto Building Blocks –Given # of key bits, find # of keys, or the average attack space Know the difference/relationship between themKnow the difference/relationship between them –Identifying matching keystreams; role of the nonce –Error propagation, like we did in class the other day

March R. Smith - University of St Thomas - Minnesota Sample Questions Scenario and 6 phases: I35W bridgeScenario and 6 phases: I35W bridge Risk trade-offRisk trade-off –“Back room” computer at a restaurant Access matrix example: diagram or tableAccess matrix example: diagram or table –2-3 processes with some shared RAM Given a policy, specify access controlGiven a policy, specify access control –Access to nobody except 2 people –Read Access to all, full access to 2 people and separate group Authentication factors in...Authentication factors in... Crypto diagrams (see last slide)Crypto diagrams (see last slide)

March R. Smith - University of St Thomas - Minnesota Building Block: PRNG Design Use a one-way hash function, give it feedbackUse a one-way hash function, give it feedback InputsInputs –First time, use the seed or key as the input –All future times, use the previous output value as the input OutputOutput –For each call, the resulting hash value is the next block of output One-way hash Random input The ‘seed’ or ‘key’ The output or “keystream”

March R. Smith - University of St Thomas - Minnesota Building Block: Stream Cipher Design One-way hash generates the keystreamOne-way hash generates the keystream –Key serves as PRNG “seed” –Plaintext XORs with the ciphertext –Cisco uses this in TACACS products Decryption is roughly identicalDecryption is roughly identical –Swap plaintext and ciphertext – still uses XOR One-way hash Key Plaintext Ciphertext

March R. Smith - University of St Thomas - Minnesota Building block: one-way hash Hash “compresses” the phraseHash “compresses” the phrase –The same passphrase always yields the same encryption key To invert: exchange encryption/decryptionTo invert: exchange encryption/decryption

March R. Smith - University of St Thomas - Minnesota Building block: Nonce To reverse, extract nonce from the ciphertextTo reverse, extract nonce from the ciphertext Reconstruct hash from remembered phraseReconstruct hash from remembered phrase

March R. Smith - University of St Thomas - Minnesota Error propagation in straight block cipher Everything happens a block at a timeEverything happens a block at a time To reverse, just change encryptions to decryptions, plaintexts to ciphertexts, etc.To reverse, just change encryptions to decryptions, plaintexts to ciphertexts, etc.

March R. Smith - University of St Thomas - Minnesota Error propagation in OFB mode The key doesn’t depend on the dataThe key doesn’t depend on the data –One bit affected for every bit changed To encrypt, swap plaintext and ciphertextTo encrypt, swap plaintext and ciphertext –Like any stream cipher

March R. Smith - University of St Thomas - Minnesota Error propagation in CTR The cipher stream is independent of the dataThe cipher stream is independent of the data Changes and errors are bit-by-bitChanges and errors are bit-by-bit To invert, swap ciphertext and plaintextTo invert, swap ciphertext and plaintext

March R. Smith - University of St Thomas - Minnesota Error Propagation in CBC The data actually affects the crypto streamThe data actually affects the crypto stream Error in ciphertext propagatesError in ciphertext propagates –Current block is completely hashed; plus one bit in next block

March R. Smith - University of St Thomas - Minnesota Creative Commons License This work is licensed under the Creative Commons Attribution-Share Alike 3.0 United States License. To view a copy of this license, visit sa/3.0/us/ or send a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.