Códigos y Criptografía Francisco Rodríguez Henríquez Security Attacks: Active and Passive Active Masquerade (impersonation) Replay Modification of message.

Slides:



Advertisements
Similar presentations
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Advertisements

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Principles of Information Security, 2nd edition1 Cryptography.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
6/9/2015Madhumita. Chatterjee1 Overview of Computer Security.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution of public keys –use of public-key.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Cryptographic Technologies
Information Security of Embedded Systems : Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.
Applied Cryptography for Network Security
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.
Introduction (Pendahuluan)  Information Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Review security basic concepts IT 352 : Lecture 2- part1 Najwa AlGhamdi, MSc – 2012 /1433.
1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus
Cryptography and Network Security
Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Information Security Principles (ESGD4222)
Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.
Security.  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.
Cryptography, Authentication and Digital Signatures
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
© Oxford University Press 2011 DISTRIBUTED COMPUTING Sunita Mahajan Sunita Mahajan, Principal, Institute of Computer Science, MET League of Colleges, Mumbai.
CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1
Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.
1 Information Security Practice I Lab 5. 2 Cryptography and security Cryptography is the science of using mathematics to encrypt and decrypt data.
1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester
Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
Lecture 16: Security CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
Códigos y Criptografía Francisco Rodríguez Henríquez Códigos y Criptografía Francisco Rodríguez Henríquez CINVESTAV
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
1 Chapter 10: Key Management in Public key cryptosystems Fourth Edition by William Stallings Lecture slides by Lawrie Brown (Modified by Prof. M. Singhal,
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does.
Ch 13 Trustworthiness Myungchul Kim
Key Management Network Systems Security Mort Anvari.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
7.6 Secure Network Security / G.Steffen1. In This Section Threats to Protection List Overview of Encrypted Processing Example.
Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Chapt. 10 – Key Management Dr. Wayne Summers Department of Computer Science Columbus State University
Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.
Network Security Celia Li Computer Science and Engineering York University.
Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
1 Network Security: Introduction Behzad Akbari Fall 2009 In the Name of the Most High.
Fall 2006CS 395: Computer Security1 Key Management.
Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.
6.033 Quiz3 Review Spring How can we achieve security? Authenticate agent’s identity Verify the integrity of the request Check the agent’s authorization.
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.
@Yuan Xue Case Study (Mid-term question) Bob sells BatLab Software License Alice buys BatLab Credit card information Number of.
Introduction (Pendahuluan)  Information Security  Criptography.
People want and need privacy and security while communicating. In the past, cryptography is heavily used for military applications to keep sensitive information.
Information and Network Security
Chapt. 10 – Key Management Dr. Wayne Summers
Presentation transcript:

Códigos y Criptografía Francisco Rodríguez Henríquez Security Attacks: Active and Passive Active Masquerade (impersonation) Replay Modification of message Denial of service Passive Traffic analysis Release of message contents

Códigos y Criptografía Francisco Rodríguez Henríquez Classes of Security Attacks Interruption Interception Modification Fabrication Anita Betito

Códigos y Criptografía Francisco Rodríguez Henríquez Classes of Security Attacks: Interruption Interruption Interception Modification Fabrication Anita Betito Availability

Códigos y Criptografía Francisco Rodríguez Henríquez Classes of Security Attacks: Interception Interruption Interception Modification Fabrication Anita Betito Confidentiality

Códigos y Criptografía Francisco Rodríguez Henríquez Classes of Security Attacks: modification Interruption Interception Modification Fabrication Anita Betito Integrity

Códigos y Criptografía Francisco Rodríguez Henríquez Classes of Security Attacks: fabrication Interruption Interception Modification Fabrication Anita Betito Authenticity

Códigos y Criptografía Francisco Rodríguez Henríquez Security Services Confidentiality- protect info value Authentication- protect info origin (sender) Identification- ensure identity of users Integrity- protect info accuracy Non-repudiation - protect from deniability Access control - access to info/resources Availability - ensure info delivery

Códigos y Criptografía Francisco Rodríguez Henríquez Some Practical Applications "Any sufficiently advanced technology is indistinguishable from magic.” Arthur C. Clarke. secure mail secure communications network authentication electronic voting electronic notary digital money (digital wallet) data distribution

Códigos y Criptografía Francisco Rodríguez Henríquez Secure Mail: PGP (Pretty Good Privacy) Pretty Good Privacy was created by Philip R. Zimmermann. For that, he was the target of a three-year criminal investigation, because the US government held that US export restrictions for cryptographic software were violated when PGP spread all around the world following its 1991 publication as freeware. Despite of this government persecution, PGP nonetheless became the most widely used encryption software in the world. PGP is a freeware. A copy of the software can be obtain at, PGP download site:

Códigos y Criptografía Francisco Rodríguez Henríquez Secure Communications Scenarios –Security for real-time electronic links –local area networks –link encryption –cellular (and ordinary) phones and faxes Goals –message privacy –sender and recipient authentication –non-repudiation Tools –key-agreement protocols –secret-key cryptosystems –public-key cryptosystems –digital signatures –certicates

Códigos y Criptografía Francisco Rodríguez Henríquez Data Distribution Scenarios –conditional access TV –software distribution via CD­ROM –information bulletin boards Goals –broadcast operation (TV, CD­ROM) –message privacy –selective reception Tools –secret­key cryptography –public­key cryptography –secure hardware

Códigos y Criptografía Francisco Rodríguez Henríquez Electronic Voting Scenarios –general elections –shareholders meetings –secure distributed computation Goals –anonymity –fairness –accountability Tools –RSA-based mathematics –blind signatures –sender untraceability protocols

Códigos y Criptografía Francisco Rodríguez Henríquez Digital Money (Digital Wallet) Scenarios –replacement for paper money –more flexible than credit cards Goals –anonymity –untraceability –fairness –dividability –transferability –off­line (from bank) operations –universality Tools –more RSA­based mathematics –zero­knowledge protocols –secure hardware tokens

Códigos y Criptografía Francisco Rodríguez Henríquez Some Research Interests in Cryptography Design of cryptographic algorithms Analysis of cryptographic algorithms Design of cryptographic protocols Hardware and software implementations Applications of cryptography

Códigos y Criptografía Francisco Rodríguez Henríquez Cryptography Schemes Sender Receiver Adversary Message Problem: How to have secure communication over an insecure channel?

Códigos y Criptografía Francisco Rodríguez Henríquez Solution A: Trusted Third Party using this model requires us to: design an algorithm for the security transformation generate the secret information used by the algorithm develop methods to distribute the secret information specify a protocol enabling the principals to use the transformation & secret info for a security service

Códigos y Criptografía Francisco Rodríguez Henríquez Solution B: Secret-key cryptography Sender Receiver Adversary Ciphertext Exchange the key over a secure channel Functions f(e; -) and g(d; -) are inverses of one another Encryption and decryption processes are symmetric key: e or d C := f(e; M)M := g(d; C)

Códigos y Criptografía Francisco Rodríguez Henríquez Problems with secret-key cryptography: requires establishment of a secure channel for key exchange two parties cannot start communication if they never met

Códigos y Criptografía Francisco Rodríguez Henríquez Alternative: Public-Key Cryptography requires establishment of a public-key directory in which everyone publishes their encryption keys two parties can start communication even they never met provides ability to sign digital data

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.