Software Security Seminar - 1 Chapter 10. Using Algorithms 2002. 9. 25. 조미성 Applied Cryptography.

Slides:



Advertisements
Similar presentations
1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.
Advertisements

Russell Martin August 9th, Contents Introduction to CPABE Bilinear Pairings Group Selection Key Management Key Insulated CPABE Conclusion & Future.
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
Block Ciphers and the Data Encryption Standard
15-1 Last time Internet Application Security and Privacy Public-key encryption Integrity.
CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
Block Ciphers: Workhorses of Cryptography COMP 1721 A Winter 2004.
Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
Attacks on Digital Signature Algorithm: RSA
CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.
Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
1 Lecture #10 Public Key Algorithms HAIT Summer 2005 Shimrit Tzur-David.
McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
Security Security is critical in the storage and transmission of information loss of information can not only cause problems to the organisation but can.
Dr Alejandra Flores-Mosri Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the.
Lecture 23 Symmetric Encryption
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.
Encryption Methods By: Michael A. Scott
Public-Key Cryptography and RSA CSE 651: Introduction to Network Security.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Tonga Institute of Higher Education Design and Analysis of Algorithms IT 254 Lecture 9: Cryptography.
Lecture 19 Page 1 CS 111 Online Symmetric Cryptosystems C = E(K,P) P = D(K,C) E() and D() are not necessarily the same operations.
Cryptography and Network Security (CS435)
Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Midterm Review Cryptography & Network Security
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Based on Bruce Schneier Chapter 7: Key Length Dulal C. Kar.
Cracking DES Cryptosystem A cryptosystem is made of these parts: Two parties who want to communicate over an insecure channel An encryption algorithm that.
Darci Miyashiro Math 480 April 29, 2013
Cryptography and Network Security Chapter 9 - Public-Key Cryptography
Cryptography Lynn Ackler Southern Oregon University.
Network Security David Lazăr.
Public / Private Keys was a big year… DES: Adopted as an encryption standard by the US government. It was an open standard. The NSA calls it “One.
Based on Bruce Schneier Chapter 8: Key Management Dulal C Kar.
Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 28 Omar Meqdadi Department of Computer Science and Software Engineering.
Lecture 2: Introduction to Cryptography
Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.
24-Nov-15Security Cryptography Cryptography is the science and art of transforming messages to make them secure and immune to attacks. It involves plaintext,
15-499Page :Algorithms and Applications Cryptography I – Introduction – Terminology – Some primitives – Some protocols.
Network Security Lecture 18 Presented by: Dr. Munam Ali Shah.
NEW DIRECTIONS IN CRYPTOGRAPHY Made Harta Dwijaksara, Yi Jae Park.
Lecture 23 Symmetric Encryption
+ Security. + What is network security? confidentiality: only sender, intended receiver should “understand” message contents sender encrypts message receiver.
PUBLIC-KEY CRYPTOGRAPHY AND RSA – Chapter 9 PUBLIC-KEY CRYPTOGRAPHY AND RSA – Chapter 9 Principles Applications Requirements RSA Algorithm Description.
Chapter 2 Symmetric Encryption.
Various Attacks on Cryptosystems slides (c) 2012 by Richard Newman.
Private key
Dan Boneh Introduction Course Overview Online Cryptography Course Dan Boneh.
MM Clements Cryptography. Last Week Firewalls A firewall cannot protect against poor server, client or network configuration A firewall cannot.
Cipher Transmission and Storage Modes Part 2: Stream Cipher Modes CSCI 5857: Encoding and Encryption.
Software Security Seminar - 1 Chapter 10. Using Algorithms 발표자 : 이장원 Applied Cryptography.
Cryptography services Lecturer: Dr. Peter Soreanu Students: Raed Awad Ahmad Abdalhalim
CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.
Software Security Seminar - 1 Chapter 2. Protocol Building Blocks 발표자 : 최두호 Applied Cryptography.
CS201 Tech-Talk Two: Cryptography Michael Hsu CSULA.
Outline Desirable characteristics of ciphers Stream and block ciphers
PART VII Security.
Public-Key, Digital Signatures, Management, Security
Review of Cryptography: Symmetric and Asymmetric Crypto Advanced Network Security Peter Reiher August, 2014.
Presentation transcript:

Software Security Seminar - 1 Chapter 10. Using Algorithms 조미성 Applied Cryptography

Software Security Seminar - 2 Contents 10.1 Choosing An Algorithm 10.2 Public-Key Cryptography versus Symmetric Cryptography 10.3 Encrypting Communications Channels 10.4 Encrypting Data For Storage

Software Security Seminar - 3 Introduction Security data communication information  The security of the entire system is only as strong as the weakest link Designer of a secure system Cryptanalyst Cryptography : only a part of security the mathematics of making a system secure which is different from actually making a system secure

Software Security Seminar Choosing an Algorithm Choosing an algorithm… - choose published algorithm - trust a manufacturer - trust a private consultant - trust government - write their own algorithm Algorithms for Export : approved by NSA - leak a key bit, embedded in the ciphertext - “dumb down” the efficient key to something in the 30-bit range - use a fixed IV or encrypt a fixed header at the beginning of each encrypted message - generate a few random bytes, encrypt them with the key and then put both the plaintext and the ciphertext of the random bytes at the beginning of the encrypted message

Software Security Seminar Public-key Cryptography versus Symmetric Cryptography Needham and Schroeder  the symmetric alg. was more efficient than the public-key alg. Whitfield Diffie - hybrid system - Symmetric cryptography is best for encrypting data - Public-key cryptography is best for key management and a myriad of protocols discussed in Part I

Software Security Seminar Encrypting Communications Channels Alice M Bob secure  encryption Link-by-link encryption : everything going through a particular data link is encrypted node1 node2 node3 node4 P E k 1 D k 1 E k 2 D k 2 E k 3 D k3 P link1 link2 link3

Software Security Seminar - 7 Link-by-Link encryption : Advantages and Disadvantages Advantages: - easier operation - only one set of keys per link is required - provides traffic-flow security - encryption is on-line Disadvantage: - data is exposed in the intermediate nodes 10.3 Encrypting Communications Channels

Software Security Seminar Encrypting Communications Channels End-to-end encryption : the data are encrypted selectively and stay encrypted until they are decrypted by the intended final recipient node1 node2 node3 node4 P E k D k P link1 link2 link3 End-to-end encryption : Advantages and Disadvantages Advantages: Higher secrecy level Disadvantages : - requires a more complex key-management system - traffic analysis is possible - encryption is offline

Software Security Seminar - 9 Alice M Bob secure  Alice  prevent unrecoverable errors from creeping in the ciphertext Problems to encrypting computer data for storage - the data may be exist in plaintext form  known-plaintext attack - | ciphertext |  |plaintext | - the speed of I/O device demands fast encryption and decryption  require encryption hardware - safe, long-term storage for keys is required - key management is much more complicated 10.4 Encrypting Data For Storage

Software Security Seminar - 10 Dereferencing Keys encrypting a large hard drive - encrypt all the data using a simple key  cryptanalyst : a large amount of ciphertext to analyze impossible to allow multiple users to see only parts of the drive - encrypt each file with a different key  memorize a different key for each file Solution : encrypt each file with a separate key and encrypt the keys with another key known by the users 10.4 Encrypting Data For Storage

Software Security Seminar - 11 Driver-Level vs. File-Level Encryption two ways to encrypt a hard drive : at the file level and at the driver level - File-level encryption Benefits: ease of implementation and use, flexible relatively small performance penalty users can move files between different machines without problems Security Issues: potential leakage through security-unconscious programs bad implementation  re-encrypt with the same key for same password Usability problems: user has to figure out what to do there may be different passwords for different files manual encryption of selected files is the only access control 10.4 Encrypting Data For Storage

Software Security Seminar Drive-level encryption Benefits: temporary files, work files, and so forth can be kept on the secure drive it’s harder to forget to re-encrypt something on this kind of system Security Issues: lots of things can go wrong with a device-driver or memory-resident program bad implementation  chosen-plaintext(ciphertext) attack if whole system is master-keyed under one password, loss of that password means that the attacker gets everything a more limited set of ciphers can reasonably be used for this kind Usability problems: there will be a performance penalty 10.4 Encrypting Data For Storage

Software Security Seminar - 13 Providing Random Access to an Encrypted Drive : access individual disk sectors randomly - Use the sector address to generate a unique IV for each sector being encrypted or decrypted - For the master key, generate a pseudo-random block as large as one sector. To encrypt any sector, first XOR in this pseudo-random block, then encrypt normally with a block cipher 10.4 Encrypting Data For Storage

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.