Presentation is loading. Please wait.

Presentation is loading. Please wait.

Foundation of Security

Published byBerniece Gregory Modified over 5 years ago

Similar presentations

Presentation on theme: "Foundation of Security"— Presentation transcript:

1 Foundation of Security
Encryption Foundation of Security Started in organization and systems, migrated to DB, then enhanced for software engineering. This is the longest of the three. Copyright © – Curt Hill

2 Copyright © - 2004-2018 – Curt Hill
Introduction Encryption is mechanism for obscuring a message from others in a reversible way Historically used to send messages during wars Non-standard hieroglypics date back to at least 1900 BC Most of the historic ciphers are relatively easy to break Copyright © – Curt Hill

3 Copyright © - 2004-2018 – Curt Hill
Why? Are we at war? Bank of America sent a backup tape to offsite repository in December 2004 1,200,000 names, numbers, addresses, SSNs, etc Never arrived, never recovered Not encrypted This an similar scenarios have been repeated again and again The stolen or lost laptop Copyright © – Curt Hill

4 Copyright © - 2004-2018 – Curt Hill
Terminology Plain text A message that is readable AKA Clear text Cipher text A message that has been disguised Key A string that allows the encryption and decrpytion Copyright © – Curt Hill

5 Copyright © - 2004-2018 – Curt Hill
What we want Encryption technique E(M,K) which takes a message M and a key K Decryption technique D(M,K) which also takes message M and key K Both E and D return a string M = D(E(M,K),K) Neither E nor D needs to be concealed Only secret thing is K the key E and D are efficiently computable Copyright © – Curt Hill

6 Copyright © - 2004-2018 – Curt Hill
Transposition Cipher AKA Caesar cipher Number the letters Add a value, divide by 26 and keep remainder Key is the value Decryption subtracts the value There are very few keys so easy to crack rot13 is a variant Copyright © – Curt Hill

7 Transposition Example
Plain ASCII B A T ASCII Numeric 66 65 84 Transpose 5 Cipher numeric 71 70 89 Cipher as ASCII G F Y Copyright © – Curt Hill

8 Copyright © - 2004-2018 – Curt Hill
Substitution Cipher Generalization of transposition cipher Each letter is substituted by another letter or character For 26 characters there are 26! keys Usually succumbs to letter frequency attacks Copyright © – Curt Hill

9 Copyright © - 2004-2018 – Curt Hill
Substitution Example Plain ASCII B A T See table Cipher as ASCII U G M A G B U C T M Copyright © – Curt Hill

10 Copyright © - 2004-2018 – Curt Hill
Enigma Code machine used by Germans in World War II Several rotors A letter is typed in the rotors provide a single substitution cipher for that letter The rotors are now advanced The next letter gets a different transposition The key becomes the initial rotor settings The Colosus was used to break Copyright © – Curt Hill

11 Copyright © - 2004-2018 – Curt Hill
Enigma Again Would have been secure if used properly Instead they often used same key for too long Predictable openings were often used: Common greetings: Mein Fueherer! This gives away the key to analysis Users thought it was magic so did not worry enough about security Copyright © – Curt Hill

12 Copyright © - 2004-2018 – Curt Hill
One time pad The one time pad is a string of offsets to add to each letter of message Two copies of the pad: the sender and receiver Pad is never reused Algorithmically unbreakable if there is no pattern in the pad Transfer of the pad may be a problem Copyright © – Curt Hill

13 Copyright © - 2004-2018 – Curt Hill
OTP Example Plain ASCII B A T ASCII Numeric 66 65 84 One time pad 12 9 23 Cipher numeric 78 74 107 Cipher as ASCII N J k Copyright © – Curt Hill

14 Data Encryption Standard
A form of Feistel Cipher Key size could be 40 or 56 bits Use 16 rounds This is breakable but difficult to do so Algorithm has shown no weaknesses but the length of key makes a brute force appoach practical In 1998 Electronic Frontier Foundation created a cracker for $250K The 56 bit DES took about three days Copyright © – Curt Hill

15 Copyright © - 2004-2018 – Curt Hill
Triple DES After DES was shown to be vulnerable 3DES was proposed Use the same algorithm but increase key to 112 or 168 bits This reduces the threat of the brute force attack However, the algorithm itself is comparatively slow Copyright © – Curt Hill

16 Copyright © - 2004-2018 – Curt Hill
Distribution The problem with all of these is called the key distribution problem How is the key given to the receiver by the sender? Since everything else is known this becomes a weak link The next technique does not suffer from this problem Copyright © – Curt Hill

17 Copyright © - 2004-2018 – Curt Hill
Public key encryption AKA Trapdoor algorithms Each user has a public and private key To encrypt a message you need your private key and the person’s public key that you will send to Everyone uses the same algorithms Postulated by Diffie and Hellman They did not produce an algorithm that had the needed characteristics Copyright © – Curt Hill

18 Copyright © - 2004-2018 – Curt Hill
Requirements The algorithm needs these requirements: Computationally easy to generate the keys Computationally easy to encrypt the message to be sent using the receiver’s public key and sender’s private key Computationally easy for receiver to decrypt using the sender’s public key and own private key Intractable to find a private key or the plaintext message given an encrypted message and the public key Copyright © – Curt Hill

19 Copyright © - 2004-2018 – Curt Hill
RSA Ron Rivest, Adi Shamir and Leonard Adleman came up with the first effective algorithm These are usually very large numbers, based on large primes The concept is that multiplying/dividing very large numbers is easy Factoring a very large number into primes is very difficult Conceivably taking years Copyright © – Curt Hill

20 Copyright © - 2004-2018 – Curt Hill
RSA RSA became the name of the algorithm MIT patented Published in 1977 Proofs of its effectiveness abound Rivest, Shamir and Adleman received Turing award Copyright © – Curt Hill

21 Copyright © - 2004-2018 – Curt Hill
Key Generation Find two large primes, P and Q Approximately equal in size Compute the product N = PQ N should be 1024 bits or larger Known as the modulus Compute  = (P-1)(Q-1)  is spelled phi and pronounced fee Copyright © – Curt Hill

22 Copyright © - 2004-2018 – Curt Hill
Two more Choose E such that 1 < E <  E and  must be relatively prime Neither needs to be prime but relatively prime to each other This is the public exponent or encryption exponent Find D 1 < D <  ED mod  = 1 This is the secret exponent or decryption exponent Copyright © – Curt Hill

23 Copyright © - 2004-2018 – Curt Hill
How it works The public key is a pair (E,N) and the private key is also a pair (D,N) Everyone participating in concealed messages publishes their public key where anyone can access The private key as well as P, Q and N are also kept secret Copyright © – Curt Hill

24 Copyright © - 2004-2018 – Curt Hill
Sending a message Albert wants to send Bob a secret message Obtains Bobs public key (E,N) Convert the clear text into numeric chunks of the suitable length, call one of these M Compute cipher text: C = ME mod N Repeat for subsequent chunks and send Copyright © – Curt Hill

25 Copyright © - 2004-2018 – Curt Hill
Reading sent message Bob now wants to read Albert’s message Using his own private key to restore the plain text M = CD mod N Copyright © – Curt Hill

26 Copyright © - 2004-2018 – Curt Hill
Another Thought Anyone may send a message to anyone else How do we determine if someone has falsified a message? The digital signing process is not that much different than the encryption and decryption Copyright © – Curt Hill

27 Copyright © - 2004-2018 – Curt Hill
Digital Signing Albert extracts pieces of the message to make a digest Albert uses his private key to compute S = MD mod N Bob uses Albert’s public key to compute V = SE mod N Bob uses the same extraction method and compares this with the sent signature Copyright © – Curt Hill

28 Copyright © - 2004-2018 – Curt Hill
Alternative Trap Door Another algorithm is the Elliptic Curve Cryptography Also includes a public and private key Appears to give the same security for a shorter key size Less well received because it has not been as thoroughly studied and tested IEEE has a standard P Copyright © – Curt Hill

29 Copyright © - 2004-2018 – Curt Hill
Where? There are a number of places to locate the encryption and decryption Any application may encrypt on writing to an external device An OS may encrypt within the file system Hardware may encrypt at the controller Copyright © – Curt Hill

30 Copyright © - 2004-2018 – Curt Hill
Finally We should encrypt sensitive files: On disk In the process of transmission Most practical algorithms, except one time pad, are crackable The problem is how long will it take? If the cost exceeds the benefit nobody will attempt Copyright © – Curt Hill

Download ppt "Foundation of Security"

Similar presentations

Cryptology  Terminology  plaintext - text that is not encrypted.  ciphertext - the output of the encryption process.  key - the information required.

Cryptology  Terminology  plaintext - text that is not encrypted.  ciphertext - the output of the encryption process.  key - the information required.
1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.

1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.
Modern Cryptography.

Modern Cryptography.
Creating Secret Messages. 2 Why do we need to keep things secret? Historically, secret messages were used in wars and battles For example, the Enigma.

Creating Secret Messages. 2 Why do we need to keep things secret? Historically, secret messages were used in wars and battles For example, the Enigma.
Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.

Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.
CC3.12 Erdal KOSE Privacy & Digital Security Encryption.

CC3.12 Erdal KOSE Privacy & Digital Security Encryption.
Public Key Cryptography

Public Key Cryptography
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.

8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.

Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.
Public Key Model 8. Cryptography part 2.

Public Key Model 8. Cryptography part 2.
1 Introduction to Codes, Ciphers, and Cryptography Michael A. Karls Ball State University.

1 Introduction to Codes, Ciphers, and Cryptography Michael A. Karls Ball State University.
Andreas Steffen, 17.10.2011, 4-PublicKey.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications.

Andreas Steffen, , 4-PublicKey.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications.
Chapter 12 Cryptography (slides edited by Erin Chambers)

Chapter 12 Cryptography (slides edited by Erin Chambers)
Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)

Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)
CS110: Computers and the Internet Encryption and Certificates.

CS110: Computers and the Internet Encryption and Certificates.
T TT The Cryptography Istituto Tecnico Industriale “E.Divini” San Severino Marche.

T TT The Cryptography Istituto Tecnico Industriale “E.Divini” San Severino Marche.
Cryptography: RSA & DES Marcia Noel Ken Roe Jaime Buccheri.

Cryptography: RSA & DES Marcia Noel Ken Roe Jaime Buccheri.
10/1/2015 9:38:06 AM1AIIS. OUTLINE Introduction Goals In Cryptography Secrete Key Cryptography Public Key Cryptograpgy Digital Signatures 2 10/1/2015.

10/1/2015 9:38:06 AM1AIIS. OUTLINE Introduction Goals In Cryptography Secrete Key Cryptography Public Key Cryptograpgy Digital Signatures 2 10/1/2015.
Encryption Coursepak little bit in chap 10 of reed.

Encryption Coursepak little bit in chap 10 of reed.
Copyright © - 2004-2014 – Curt Hill Cryptography Number Theory’s Practical Application.

Copyright © – Curt Hill Cryptography Number Theory’s Practical Application.

Similar presentations

Ads by Google