© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 7 – Cryptographic Systems.

Slides:

Advertisements

Similar presentations

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Advertisements

Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.

15-1 Last time Internet Application Security and Privacy Public-key encryption Integrity.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

Cryptographic Technologies

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

Encryption Methods By: Michael A. Scott

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

C HAPTER 13 Asymmetric Key Cryptography Slides adapted from "Foundations of Security: What Every Programmer Needs To Know" by Neil Daswani, Christoph Kern,

Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.

Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.

Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward.

ECE453 – Introduction to Computer Networks Lecture 18 – Network Security (I)

© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 3: VPN and Encryption Technology.

CS110: Computers and the Internet Encryption and Certificates.

Chapter 2 – Elementary Cryptography  Concepts of encryption  Cryptanalysis  Symmetric (secret key) Encryption (DES & AES)(DES & AES)  Asymmetric (public.

Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.

Cryptography, Authentication and Digital Signatures

CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1

Chapter 17 Security. Information Systems Cryptography Key Exchange Protocols Password Combinatorics Other Security Issues 12-2.

Midterm Review Cryptography & Network Security

4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.

Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Symmetric-Key Cryptography

Elementary Cryptography  Concepts of encryption  Symmetric (secret key) Encryption (DES & AES)(DES & AES)  Asymmetric (public key) Encryption (RSA)(RSA)

Traditional Symmetric-Key Ciphers

Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

Encryption. What is Encryption? Encryption is the process of converting plain text into cipher text, with the goal of making the text unreadable.

Chapter 7: Cryptographic Systems

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

Upper OSI Layers Natawut Nupairoj, Ph.D. Department of Computer Engineering Chulalongkorn University.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Digital Signatures, Message Digest and Authentication Week-9.

1 Normal executable Infected executable Sequence of program instructions Entry Original program Entry Jump Replication and payload Viruses.

Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.

Overview of Cryptography & Its Applications

Public Key Infrastructure (PKI) Chien-Chung Shen

Security & Privacy. Learning Objectives Explain the importance of varying the access allowed to database elements at different times and for different.

Encryption CS110: Computer Science and the Internet.

INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.

Computer Security (CS4800)

INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.

Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.

This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

Computer Security By Rubel Biswas. Introduction History Terms & Definitions Symmetric and Asymmetric Attacks on Cryptosystems Outline.

Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.

Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke1 Database architecture and security Workshop 4.

CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.

Fundamentals of Network Security Ravi Mukkamala SCI 101 October 6, 2003.

3.1 Chapter 3 Traditional Symmetric-Key Ciphers Part2.

Cryptography – Test Review

Basics of Cryptography

Computer Communication & Networks

Chapter 5: The Art of Ensuring Integrity

Instructor Materials Chapter 5: The Art of Ensuring Integrity

Introduction to security goals and usage of cryptographic algorithms

NET 311 Information Security

Instructor Materials Chapter 5: The Art of Ensuring Integrity

Chapter 29 Cryptography and Network Security

Presentation transcript:

© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 7 – Cryptographic Systems

© 2012 Cisco and/or its affiliates. All rights reserved. 2 Explain how cryptology consists of cryptography (encoding messages) and cryptanalysis (decoding messages) and how these concepts apply to modern day cryptography. Explain how securing communications by various cryptographic methods, including encryption, hashing and digital signatures, ensures confidentiality, integrity, authentication and non-repudiation. Describe the use and purpose of hashes and digital signatures in providing authentication and integrity. Explain how authentication is ensured. Explain how integrity is ensured. Explain how data confidentiality is ensured using symmetric encryption algorithms and pre-shared keys. Explain how data confidentiality is ensured using asymmetric algorithms in a public key infrastructure to provide and guarantee digital certificates.

© 2012 Cisco and/or its affiliates. All rights reserved Implement VPN Technologies 9.1 Describe the different methods used in cryptology symmetric asymmetric HMAC message digest PKI

© 2012 Cisco and/or its affiliates. All rights reserved. 4 Secure communication requires integrity, authentication, and confidentiality. Cryptographic services consists of cryptology and cryptanalysis. Integrity and authenticity is provided by using cryptographic hashes Integrity is accomplished using MD-5 and SHA-1. Authenticity is accomplished using HMAC. Confidentiality is accomplished using encryption algorithms such as DES, 3DES, and AES. Public key cryptography is used mostly in asymmetric encryption using digital signatures and certificate authorities.

© 2012 Cisco and/or its affiliates. All rights reserved. 5 Chapter 7 Lab A: Exploring Encryption Methods Part 1: Optional) Build the Network and Configure the PCs Part 2: Decipher a Pre-encrypted Message Using the Vigenère Cipher Part 3: Create a Vigenère Cipher Encrypted Message and Decrypt It Part 4: Use Steganography to Embed a Secret Message in a Graphic

© 2012 Cisco and/or its affiliates. All rights reserved. 6

7

8

9

10 There is very little change from the previous version.

© 2012 Cisco and/or its affiliates. All rights reserved. 11 Chapter 7 is mostly theory based and its goal is to introduce students to cryptographic systems used to secure data in networks. The lab is designed to introduce students to the Vigenère cipher and the use of steganography. An alternative would be to use the Terms and Acronyms table with only the first column listing the terms and acronyms and then have students add the descriptions to each.

© 2012 Cisco and/or its affiliates. All rights reserved. 12 Have the students research other encryption methods and write a short one paragraph describing it. Example of other ciphers include: ADFGVX, Affine, Alberti, Atbash, Autokey, Bifid, Book, Caesar, Dvorak, Four-square, Great, Hill, Keyword, Nihilist, One- time pad, Permutation, Pigpen, Playfair, Polyalphabetic, Polybius, Rail Fence, Reihenschieber, Reservehandverfahren, ROT13, Running key, Scytale, Smithy code, Solitaire, Straddling checkerboard, Substitution, Tap code, Transposition, Trifid, Two-square, and VIC cipher. Groups students in pairs and have them encrypt and then decrypt each others message using first the Caesar cipher and then the Vigenère cipher.

© 2012 Cisco and/or its affiliates. All rights reserved. 13 To explain symmetric encryption, assume Alice and Bob exchange messages on a regular basis. Alice first puts the secret message in a box, and locks the box using a padlock to which she has a key. She then sends the box to Bob through regular mail. When Bob receives the box, he uses an identical copy of Alice's key (which he has somehow obtained previously, maybe by a face-to-face meeting) to open the box, and reads the message. Bob can then use the same padlock to send his secret reply. The advantage of asymmetric encryption is that Alice and Bob never need to send a copy of their keys to each other.

© 2012 Cisco and/or its affiliates. All rights reserved. 14 To explain asymmetric encryption, assume Alice and Bob exchange messages on a regular basis. Bob and Alice have separate padlocks. First, Alice asks Bob to send his open padlock to her through regular mail, keeping his key to himself. When Alice receives it she uses it to lock a box containing her message, and sends the locked box to Bob. Bob can then unlock the box with his key and reads the message from Alice. To reply, Bob must similarly get Alice's open padlock to lock the box before sending it back to her.

© 2012 Cisco and/or its affiliates. All rights reserved. 15 To explain public-key encryption use the analogy of a locked mailbox with a mail slot. The mail slot is exposed and accessible to the public; its location (the street address) is in essence the public key. Anyone knowing the street address can go to the door and drop a written message through the slot; however, only the person who possesses the key can open the mailbox and read the message

© 2012 Cisco and/or its affiliates. All rights reserved. 16 To explain digital signatures, an analogy is the sealing of an envelope with a personal wax seal. The message can be opened by anyone, but the presence of the seal authenticates the sender.

© 2012 Cisco and/or its affiliates. All rights reserved. 17 To explain PKI, we could use someone coming in from an international flight and going through customs and immigration. The arriving passenger cannot simply verbally claims to be John Doe. The customs office doesn't know the person he has no way of knowing whether he is trustworthy. Instead, the customs officer relies on a trusted third party in the form of a government passport issuing office. The passport office goes through the process of confirming a person's identity before issuing a passport. The passenger then uses this passport to confirm to the customs officer that they are who they say they are. Because the person has a passport, and the customs officer trusts the passport office the person is permitted into the country.

© 2012 Cisco and/or its affiliates. All rights reserved. 18 There are many areas of classroom discussion in this chapter. Discussion can include and are not limited to the following: Is there such a thing as an unbreakable encryption algorithm. Do you record your passwords somewhere? How do you keep them safe?

© 2012 Cisco and/or its affiliates. All rights reserved. 19 There are many movies that include cryptography in them. Have students research some of these movies. Examples of movies with encryption in them include National Treasure, DaVinci Code, Angels and Demons, A Beautiful Mind, Clear and Present Danger, Runaway Jury, Live Free or Die Hard, U-571, Sneakers, Swordfish, Windtalkers, The Mummy, … Examples of TV shows with encryption in them include: 24, Criminal Minds, NCIS, The X Files, Star Trek, Stargate, Alias, …

© 2012 Cisco and/or its affiliates. All rights reserved

© 2011 Cisco and/or its affiliates. All rights reserved. 21