INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.

Slides:



Advertisements
Similar presentations
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Advertisements

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Crytography Chapter 8.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.
Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
Network Security Chapter 8. Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic.
Guide to Network Defense and Countermeasures Second Edition
Part 5:Security Network Security (Access Control, Encryption, Firewalls)
Principles of Information Security, 2nd edition1 Cryptography.
Cryptography.
Web Security for Network and System Administrators1 Chapter 4 Encryption.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
Principles of Information Security, 2nd edition2 Learning Objectives Upon completion of this material, you should be able to:  Describe the most significant.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 22.
Cryptographic Technologies
Cryptography.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Chapter 8 Network Security 4/17/2017
Chapter 20: Network Security Business Data Communications, 4e.
Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.
Cipher Methods Plaintext can be encrypted through bit stream or block cipher method Bit stream: each plaintext bit transformed into cipher bit one bit.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Computer Networks NYUS FCSIT Spring 2008 Milos STOLIC, Bs.C. Teaching Assistant
Network Security. An Introduction to Cryptography The encryption model (for a symmetric-key cipher).
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
SYSTEM ADMINISTRATION Chapter 13 Security Protocols.
OpenVPN OpenVPN: an open source, cross platform client/server, PKI based VPN.
32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
Introduction Cryptography: process of making and using codes to secure transmission of information Encryption: converting original message into a form.
Linux Networking and Security Chapter 8 Making Data Secure.
Principles of Information Security, Fifth Edition
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
1 TCP/IP Applications. 2 NNTP: Network News Transport Protocol NNTP is a TCP/IP protocol based upon text strings sent bidirectionally over 7 bit ASCII.
每时每刻 可信安全 1The DES algorithm is an example of what type of cryptography? A Secret Key B Two-key C Asymmetric Key D Public Key A.
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
Types of Electronic Infection
Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.
1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.
Network Security David Lazăr.
IPsec IPsec (IP security) Security for transmission over IP networks –The Internet –Internal corporate IP networks –IP packets sent over public switched.
Chapter 7: Cryptographic Systems
Chapter 32 Internet Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Network Security Chapter 8 12/13/ Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental.
Guide to Firewalls and VPNs, 3 rd Edition Chapter Nine Encryption-The Foundation for the Virtual Private Network.
Intrusion Detection and Prevention Systems The term intrusion detection/prevention system (IDPS) can be used to describe current anti- intrusion technologies.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
Network Security Chapter 8 Institute of Information Science and Technology. Chengdu University YiYong 2008 年 2 月 25 日.
People want and need privacy and security while communicating. In the past, cryptography is heavily used for military applications to keep sensitive information.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
VPNs and IPSec Review VPN concepts Encryption IPSec Lab.
Cryptography Principles of Information Security, 2nd edition
MANAGEMENT of INFORMATION SECURITY, Fifth Edition
Chapter 8 Network Security.
CompTIA Security+ Study Guide (SY0-401)
CompTIA Security+ Study Guide (SY0-501)
VPNs and IPSec Review VPN concepts Encryption IPSec Lab.
Chapter 8 Network Security.
Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls
Presentation transcript:

INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY

Cryptography Encryption – The process of converting an original message into a form that cannot be understood by unauthorized individuals Cryptology – The science of encryption – Composed of two disciplines: – cryptography – cryptanalysis

Cryptography (cont’d.) Algorithm Key Keyspace Encipher Cryptosystem Decipher

Common Ciphers Most commonly used algorithms include: Substitution Transposition Plaintext: 0010… Key: 1 > 3, 2 > 4, 3 > 2, 4 > 1, … Example: FROM -> MOFR

Common Ciphers XOR ‘0’ XOR’ed with ‘0’ results in a ‘0’. (0  0 = 0) ‘0’ XOR’ed with ‘1’ results in a ‘1’. (0  1 = 1) ‘1’ XOR’ed with ‘0’ results in a ‘1’. (1  0 = 1) ‘1’ XOR’ed with ‘1’ results in a ‘0’. (1  1 = 0) If the two values are the same, you get “0”; if not, you get “1” Process is reversible; if you XOR the ciphertext with the key stream, you get the plaintext = =

Common Ciphers Book or running key cipher – Uses text in a book as the algorithm to decrypt a message – The key relies on two components: Knowing which book to use A list of codes representing the page number, line number, and word number of the plaintext word

Symmetric Encryption – Known as private key encryption – Same key used to encrypt/decrypt the message

Symmetric Encryption Cryptosystem Data Encryption Standard (DES) – Based on the Data Encryption Algorithm which uses a 64-bit block size and a 56-bit key – Cracked in 1997 – Triple DES (3DES) improved version Advanced Encryption Standard (AES) – Based on the Rinjndael Block Cipher Variable block length and a key length of either 128, 192, or 256 bits

Asymmetric encryption Uses two different, but related keys Either key used to encrypt/decrypt message However, if Key A is used to encrypt the message, then only Key B can decrypt it; conversely, if Key B is used to encrypt a message, then only Key A can decrypt it Most valuable when one of the keys is private and the other is public

Figure Public key encryption Source: Course Technology/Cengage Learning Asymmetric encryption

Digital Signatures – Asymmetric process is reversed The fact that the message was sent by the organization that owns the private key cannot be refuted This nonrepudiation is the foundation of digital signatures Based on: Digital certificate A certificate authority (CA)

Public key infrastructure (PKI) The entire set of hardware, software, and cryptosystems necessary to implement public key encryption PKI systems are based on public key cryptosystems and include digital certificates and certificate authorities

Encryption Operations (cont’d.) PKI provides the following services – Authentication – Integrity – Confidentiality – Authorization – Nonrepudiation

Using Cryptographic Controls Modern cryptosystems can generate unbreakable ciphertext Cryptographic controls used for: – and its attachments – e-commerce transactions – remote access through VPN connections

Cryptographic Controls Secure Multipurpose Internet Mail Extensions (S/MIME) Privacy Enhanced Mail (PEM)

Cryptographic Controls Pretty Good Privacy (PGP) – Uses the IDEA Cipher A 128-bit symmetric key block encryption algorithm with 64-bit blocks for message encoding – Like PEM, it uses RSA for symmetric key exchange and to support digital signatures

Securing the Web IP Security (IPSec) – The primary and dominant cryptographic authentication and encryption product of the IETF’s IP Protocol Security Working Group – Combines several different cryptosystems: Diffie-Hellman key exchange Public key cryptography Bulk encryption algorithms Digital certificates

Securing the Web IPSec works in two modes of operation: – Transport Only the IP data is encrypted, not the IP headers themselves Allows intermediate nodes to read the source and destination addresses – Tunnel The entire IP packet is encrypted and inserted as the payload in another IP packet – Often used to support a virtual private network

Securing the Web Secure Electronic Transactions (SET) – Encrypts credit card transfers with DES for encryption and RSA for key exchange Secure Sockets Layer (SSL) – Uses RSA for key transfer On IDEA, DES, or 3DES for encrypted symmetric key-based data transfer HTTPS

Securing the Web - SSL

Securing the Web Secure Shell (SSH) – Provides security for remote access connections over public networks by using tunneling, authentication services between a client and a server – Used to secure replacement tools for terminal emulation, remote management, and file transfer applications

Hacking Cryptography Known plaintext attack Ciphertext-only attack Replay attack

Managing Cryptographic Controls Don’t lose your keys Know who you are communicating with It may be illegal to use a specific encryption technique when communicating to some nations Every cryptosystem has weaknesses Give access only to those with a business need When placing trust into a certificate authority, ask “Who watches the watchers?”

Managing Cryptographic Controls (cont’d.) There is no security in obscurity Security protocols and the cryptosystems they use are installed and configured by humans – They are only as good as their installers Make sure that your organization’s use of cryptography is based on well-constructed policy and supported with sound management procedures

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.