Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Encryption and Forensics/Data Hiding. 2 Cryptography Background See: For more information.

Published byRosalind Leonard Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Encryption and Forensics/Data Hiding. 2 Cryptography Background See: For more information."— Presentation transcript:

1 1 Encryption and Forensics/Data Hiding

2 2 Cryptography Background See: http://www.cacr.math.uwaterloo.ca/hac/ For more information

3 3 Security Objectives Confidentiality (Secrecy): Prevent/Detect/Deter improper disclosure of information Integrity: Prevent/Detect/Deter improper modification of information Availability: Prevent/Detect/Deter improper denial of access to services provided by the system

4 4 Security Services Confidentiality: protection of any information from being exposed to unintended entities. –Information content –Parties involved –Where they are, how they communicate, how often, etc. Authentication: assurance that an entity of concern or the origin of a communication is authentic - it’s what it claims to be or from Integrity: assurance that the information has not been tampered with

5 5 Encryption/Decryption plaintext encryption ciphertext decryption plaintext Plaintext: a message in its original form Ciphertext: a message in the transformed, unrecognized form Encryption: the process for producing ciphertext from plaintext Decryption: the reverse of encryption Key: a secret value used to control encryption/decryption

6 6 Cryptanalysis: Break an Encryption Scheme Ciphertext only –Analyze only with the ciphertext –Exhaustive search until “recognizable plaintext” –Need enough ciphertext Known Plaintext – is obtained –Great for monoalphabetic cipher Chosen Plaintext: –Choose plaintext, get the ciphertext –Useful if limited set of messages

7 7 Methods for Attacking Encrypted Text Table 4-1 of the textbook Cryptanalysis –Ciphertext only Analyze only with the ciphertext Exhaustive search until “recognizable plaintext” Need enough ciphertext –Known Plaintext is obtained –Chosen Plaintext: Choose plaintext, get the ciphertext Useful if limited set of messages Password Guess (Similar to known plaintext) –Dictionary –Educated Guess –Brute Force

8 8 Methods for Attacking Encrypted Text – Con’t Scavenge Password –Physical Search –Logical Search –Network Sniff …

9 9 Computationally Difficult Cryptographic algorithms need to be reasonably efficient Cryptographic algorithms are not impossible to break with the key –e.g. try all the keys – brute-force cryptanalysis –Time can be saved by spending money on more computers. A scheme can be made more secure by making the key longer –Increase the length of the key by one bit The good guy’s job just a little bit harder The bad guy’s job up to twice as hard.

10 10 Types of Cryptographic functions Secret Key Cryptography –One key Public Key Cryptography –Two keys: public, private Hash function –No key

11 11 Secret Key Cryptography plaintext encryption ciphertext decryption plaintext key Same key is used for both encryption and decryption –Symmetric cryptography –Conventional cryptography Ciphertext is about the same length as the plaintext Examples: DES, IDEA, AES… same key

12 12 Public Key Cryptography plaintext encryption ciphertext decryption plaintext public keyprivate key Invented/published in 1975 Each individual has two keys: –Private key is kept secret –Public key is publicly known Much slower than secret key cryptography Also known as –Asymmetric cryptography

13 13 Public Key Cryptography cont’d plaintext signing Signed message verification plaintext private keypublic key Digital Signature –Only the party with the private key can generate a digital signature –Verification of the signature only requires the knowledge of the public key –The signer cannot deny he/she has done so. –Example illustrated in Fig. 4-4 and 4-5

14 14 Applications of Public Key Cryptography Security uses of public key cryptography –Known public key cryptography is orders of magnitude slower than the best known secret key cryptographic algo. Transmitting over an Insecure Channel Alice Encrypt m A using e B Bob Decrypt to m A using d B Encrypt m B using e A Decrypt to m B using d A e: public key, d: private key Secure Storage on Insecure Media –Because of performance issues, you can randomly generate a secret key, encrypt the data with that secret key, and encrypt the secret key with the public key –Using public key of a trusted person

15 15 Hash Algorithms Message digests, one-way transformations Message of arbitrary length Hash h A fixed-length short message Easy to compute h(m) Given h(m), no easy way to find m Computationally infeasible to find m 1 and m 2, so that h(m 1 ) = h(m 2 )

16 16 Trusted Intermediaries Cannot do pair-wise authentication with secret key technology –Each computer needs to know n-1 keys Key Distribution Center (KDC) Certification Authorities (CAs) Certificate

17 17 Key Distribution Center Use a trusted node known as Key Distribution Center (KDC) –Secret key cryptography The KDC knows keys for all nodes –  asks KDC for secret (securely) to talk to  –KDC encrypts R  with the key shared between  and KDC, send to  –KDC encrypts R  with the key shared between  and KDC, send to  : ticket

18 18 Certification Authorities (CAs) Public key cryptography –Problem: How can you be sure that the public keys are correct? CA: ensure validity of public keys Certificates –Signed messages specifying a name (Alice) and the corresponding public key –All nodes need to be preconfigured with the CA’s public key

19 19 Certificate Authorities Trusted by IE http://www.microsoft.com/technet/prodtechnol/ie/reskit/6/p art2/c06ie6rk.mspx?mfr=true

20 20 Certification Practice Statement Certification Practice Statement (CPS) –How certificate authorities operate, maintain the security of their infrastructures. –Certificate Revocation List One example: –Verisign CPS http://www.verisign.com/repository/CPS/

21 21 Codes and Compression uuencode –http://www.winzip.com/uuencode.htmhttp://www.winzip.com/uuencode.htm –Uuencoding obscures binary data, but not ASCII text –Winzip can open and extract uuencoded files Compression –Recognizable patterns –Lossless data compression Zip, gzip GIF, TIFF.. –Lossy data compression JPEG, MPEG… Data is often compressed before it is encrypted

22 22 Challenges Any transformation performed on text data make it difficult or impossible to do a batch search for keywords! How to identify encrypted data –To see if it can be compressed

23 23 Password recovery tool for Windows Cain: –http://www.oxid.it/cain.html (Doc: http://www.oxid.it/ca_um/)http://www.oxid.it/cain.html –Uncovering cached password –Recovering password by sniffing the network –Cracking encrypted password using Dictionary –Brute-force and Cryptanalysis attacks –…

24 24 Cain – uncover password from protected storage

25 25 Cain – attack against encrypted password

26 26 Password Cracker www.lostpassword.com L0phCrack ZipPassword

27 27 Hiding and Finding Data Changing a file’s extension –Windows uses the filename extension to identify the data type of the file –Quick View Plus Check the file header –Contain a hexadecimal value that can be usually correlated to file type File Format Information –http://www.wotsit.org/

28 28 Steganography Steganos: secret or hidden Graphy: drawing or writing http://www.stegoarchive.com/

29 29 File Systems Windows NT and Windows XP support NTFS, FAT16, and FAT 32.

30 30 NTFS Alternate Data Streams (ADS) NTFS file systems supports multiple data streams Allow files to be associated with more than one data stream Method of hiding executables or proprietary content Uses NTFS file system multiple attributes Syntax – {file name}:{stream name} Create: type file > visible:hidden Reference: –http://www.windowsecurity.com/articles/Alternate_Data_S treams.htmlhttp://www.windowsecurity.com/articles/Alternate_Data_S treams.html

31 31 ADS Example 1 start c:\temp\calc.exe:notepad.exe

32 32 ADS Example 2

33 33 ADS Example 2 – Con’t

34 34 ADS Example 2– Con’t

35 35 LADS – List Alternate Data Streams http://www.heysoft.de/en/software/lads.php

Download ppt "1 Encryption and Forensics/Data Hiding. 2 Cryptography Background See: For more information."

Similar presentations

Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.

Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.

CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Cryptographic Technologies

Cryptographic Technologies
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.

How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
CS1001 Lecture 24. Overview Encryption Encryption Artificial Intelligence Artificial Intelligence Homework 4 Homework 4.

CS1001 Lecture 24. Overview Encryption Encryption Artificial Intelligence Artificial Intelligence Homework 4 Homework 4.
Cryptography April 20, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
Introduction to Cryptography

Introduction to Cryptography
Computer Science CSC 774Dr. Peng Ning1 CSC 774 Advanced Network Security Topic 2. Review of Cryptographic Techniques.

Computer Science CSC 774Dr. Peng Ning1 CSC 774 Advanced Network Security Topic 2. Review of Cryptographic Techniques.
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.

Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
Introduction to Public Key Cryptography

Introduction to Public Key Cryptography
Chapter 31 Network Security

Chapter 31 Network Security

Similar presentations

Ads by Google