Presentation is loading. Please wait.

Presentation is loading. Please wait.

INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.

Published byElmer Floyd Modified over 8 years ago

Similar presentations

Presentation on theme: "INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY."— Presentation transcript:

1 INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY

2 Cryptography Encryption – The process of converting an original message into a form that cannot be understood by unauthorized individuals Cryptology – The science of encryption – Composed of two disciplines: – cryptography – cryptanalysis

3 Cryptography (cont’d.) Algorithm Key Keyspace Encipher Cryptosystem Decipher

4 Common Ciphers Most commonly used algorithms include three functions: Substitution Transposition Plaintext: 0010… Key: 1 > 3, 2 > 4, 3 > 2, 4 > 1, … Example: FROM -> MOFR

5 Common Ciphers XOR ‘0’ XOR’ed with ‘0’ results in a ‘0’. (0  0 = 0) ‘0’ XOR’ed with ‘1’ results in a ‘1’. (0  1 = 1) ‘1’ XOR’ed with ‘0’ results in a ‘1’. (1  0 = 1) ‘1’ XOR’ed with ‘1’ results in a ‘0’. (1  1 = 0) If the two values are the same, you get “0”; if not, you get “1” Process is reversible; if you XOR the ciphertext with the key stream, you get the plaintext 01010111 01101001 01101011 01101001 11110011 11110011 = 10100100 10011010 10011000 10011010 11110011 11110011 = 01010111 01101001 01101011 01101001

6 Common Ciphers Book or running key cipher – Uses text in a book as the algorithm to decrypt a message – The key relies on two components: Knowing which book to use A list of codes representing the page number, line number, and word number of the plaintext word

7 Symmetric Encryption – Known as private key encryption – Same key used to encrypt/decrypt the message

8 Symmetric Encryption Cryptosystem Data Encryption Standard (DES) – Based on the Data Encryption Algorithm which uses a 64-bit block size and a 56-bit key – Cracked in 1997 – Triple DES (3DES) improved version Advanced Encryption Standard (AES) – Based on the Rinjndael Block Cipher Variable block length and a key length of either 128, 192, or 256 bits

9 Asymmetric encryption Uses two different, but related keys Either key used to encrypt/decrypt message However, if Key A is used to encrypt the message, then only Key B can decrypt it; conversely, if Key B is used to encrypt a message, then only Key A can decrypt it Most valuable when one of the keys is private and the other is public

10 Figure 10-12 Public key encryption Source: Course Technology/Cengage Learning Asymmetric encryption

11 Digital Signatures – Asymmetric process is reversed The fact that the message was sent by the organization that owns the private key cannot be refuted This nonrepudiation is the foundation of digital signatures Based on: Digital certificate A certificate authority (CA)

12 Public key infrastructure (PKI) The entire set of hardware, software, and cryptosystems necessary to implement public key encryption PKI systems are based on public key cryptosystems and include digital certificates and certificate authorities

13 Encryption Operations (cont’d.) PKI provides the following services – Authentication – Integrity – Confidentiality – Authorization – Nonrepudiation

14 Hybrid Systems – Asymmetric encryption is typically employed in conjunction with symmetric key encryption, creating a hybrid system – Diffie-Hellman key exchange method – asymmetric encryption is used to exchange symmetric keys so that two organizations can conduct quick, efficient, secure communications based on symmetric encryption – Diffie-Hellman provided the foundation for subsequent developments in public key encryption

15 Encryption Operations (cont’d.) Figure 10-14 Hybrid encryption Source: Course Technology/Cengage Learning

16 Using Cryptographic Controls Modern cryptosystems can generate unbreakable ciphertext Cryptographic controls used for: – e-mail and its attachments – e-commerce transactions – remote access through VPN connections

17 Email Cryptographic Controls Secure Multipurpose Internet Mail Extensions (S/MIME) Privacy Enhanced Mail (PEM)

18 Email Cryptographic Controls Pretty Good Privacy (PGP) – Uses the IDEA Cipher A 128-bit symmetric key block encryption algorithm with 64-bit blocks for message encoding – Like PEM, it uses RSA for symmetric key exchange and to support digital signatures

19 Securing the Web IP Security (IPSec) – The primary and dominant cryptographic authentication and encryption product of the IETF’s IP Protocol Security Working Group – Combines several different cryptosystems: Diffie-Hellman key exchange Public key cryptography Bulk encryption algorithms Digital certificates

20 Securing the Web IPSec works in two modes of operation: – Transport Only the IP data is encrypted, not the IP headers themselves Allows intermediate nodes to read the source and destination addresses – Tunnel The entire IP packet is encrypted and inserted as the payload in another IP packet – Often used to support a virtual private network

21 Securing the Web Secure Electronic Transactions (SET) – Encrypts credit card transfers with DES for encryption and RSA for key exchange Secure Sockets Layer (SSL) – Uses RSA for key transfer On IDEA, DES, or 3DES for encrypted symmetric key-based data transfer HTTPS www.amazon.com

22 Securing the Web - SSL

23 Securing the Web Secure Shell (SSH) – Provides security for remote access connections over public networks by using tunneling, authentication services between a client and a server – Used to secure replacement tools for terminal emulation, remote management, and file transfer applications

24 Hacking Cryptography Known plaintext attack Ciphertext-only attack Replay attack

25 Managing Cryptographic Controls Don’t lose your keys Know who you are communicating with It may be illegal to use a specific encryption technique when communicating to some nations Every cryptosystem has weaknesses Give access only to those with a business need When placing trust into a certificate authority, ask “Who watches the watchers?”

26 Managing Cryptographic Controls (cont’d.) There is no security in obscurity Security protocols and the cryptosystems they use are installed and configured by humans – They are only as good as their installers Make sure that your organization’s use of cryptography is based on well-constructed policy and supported with sound management procedures

Download ppt "INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Network Security.

Network Security.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Crytography Chapter 8.

Crytography Chapter 8.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.

Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.
Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.

Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.

Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
Network Security Chapter 8. Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic.

Network Security Chapter 8. Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic.
Part 5:Security Network Security (Access Control, Encryption, Firewalls)

Part 5:Security Network Security (Access Control, Encryption, Firewalls)
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
Cryptography.

Cryptography.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
Principles of Information Security, 2nd edition2 Learning Objectives Upon completion of this material, you should be able to:  Describe the most significant.

Principles of Information Security, 2nd edition2 Learning Objectives Upon completion of this material, you should be able to:  Describe the most significant.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 22.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 22.
Cryptographic Technologies

Cryptographic Technologies
Cryptography.

Cryptography.
Chapter 8 Network Security 4/17/2017 www.noteshit.com.

Chapter 8 Network Security 4/17/2017

Similar presentations

Ads by Google