COMPUTER DATA SECURITY PRIVACY LECTURE 2 SECURITY MECHANISM

  • Slides: 24
Download presentation
COMPUTER DATA SECURITY & PRIVACY

COMPUTER DATA SECURITY & PRIVACY

LECTURE # 2 SECURITY MECHANISM 2/25

LECTURE # 2 SECURITY MECHANISM 2/25

 Specific security mechanisms: Digital signatures, access controls, data integrity, authentication exchange……. 3/25

Specific security mechanisms: Digital signatures, access controls, data integrity, authentication exchange……. 3/25

3. SECURITY MECHANISM ( METHODS OF DEFENCE) A mechanism that is designed to detect,

3. SECURITY MECHANISM ( METHODS OF DEFENCE) A mechanism that is designed to detect, prevents, or recovers from security attacks. There is no single mechanism that will provide all services but there is one particular element that underlies most of security mechanism in use that is. Cryptographic Techniques

CRYPTOGRAPHY PREFACE Cryptography comes from the Greek words Kryptos, meaning hidden, and Graphen, meaning

CRYPTOGRAPHY PREFACE Cryptography comes from the Greek words Kryptos, meaning hidden, and Graphen, meaning to write. Thus Cryptography is the study of secret (crypto) writing (graphy). Cryptography is the science of using mathematics to encrypt and decrypt data, and enables you to store sensitive information or transmit it across insecure networks so that it cannot be read by anyone except the intended recipient. 5/25

BASIC TERMINOLOGY Suppose that someone wanted to send a message to a receiver and

BASIC TERMINOLOGY Suppose that someone wanted to send a message to a receiver and wanted to be sure that no one else. In cryptographic terminology, the message is called plaintext. Encoding the contents of the message in such away that hides its contents from outsider is called encryption. The encrypted message is called ciphertext. The process of retrieving the plaintext from ciphertext is called decryption as shown in Figure 2. 1. 6/25

Figure 2. 1: Encryption and Decryption method 7/25

Figure 2. 1: Encryption and Decryption method 7/25

BASIC TERMINOLOGY CONT… Encryption and decryption usually make use of a key, and the

BASIC TERMINOLOGY CONT… Encryption and decryption usually make use of a key, and the coding methods are such that decryption can be performed only by knowing the proper key. Cryptanalysis is the art of breaking ciphers, i. e. retrieving plaintext without knowing the proper key. People who do cryptography are cryptographers, and practitioners of cryptanalysis are cryptanalysts. 8/25

Cryptography Classified along three independent dimensions: The type of operations used for transforming plaintext

Cryptography Classified along three independent dimensions: The type of operations used for transforming plaintext to ciphertext 2. The way in which the plaintext is processed 3. The number of keys used 1. A. B. Symmetric (single key) Asymmetric (two-keys, or public-key encryption) 9/25

1. THE TYPE OF OPERATIONS: The type of operations used for transforming plaintext to

1. THE TYPE OF OPERATIONS: The type of operations used for transforming plaintext to ciphertext. Most encryption algorithms are based on two general principles 10/25

1. 1 SUBSTITUTION: A cipher using the substitution method in which each element in

1. 1 SUBSTITUTION: A cipher using the substitution method in which each element in the plaintext is mapped into another element; the first ciphertext was used by Julius Caesar and still called Caesar Cipher; the cipher is shift key character down; for example, replaced character A with D and T with Z, 0 with 3 as shown in Figure 2. 2. 11/25

Figure 2. 2: Caesar Cipher with shift key = 3 down 12/25

Figure 2. 2: Caesar Cipher with shift key = 3 down 12/25

1. 2 TRANSPOSITION: Elements in the plaintext are rearranged as shown in Figure 2.

1. 2 TRANSPOSITION: Elements in the plaintext are rearranged as shown in Figure 2. 3. The plaintext is organized into two dimensional table, the columns are interchanged according to a key; and double transposition down as shown in Figure 2. 3, the plaintext: attackxatxdawn, Ciphertext: xtawxnatxadakc and key: matrix size and permutation (3, 5, 1, 4, 2) and (1, 3, 2). 13/25

Figure 2. 3: Transportation Method 14/25

Figure 2. 3: Transportation Method 14/25

CLASS WORK !!! 112 1 2 3 4 5 6 7 8 Encryption Decryption

CLASS WORK !!! 112 1 2 3 4 5 6 7 8 Encryption Decryption 1 2 3 4 5 6 7 8 Ciphertext 1 2 3 4 5 6 7 8 15/25

2. THE WAY OF PROCESS: The ways of process, in which the plaintext is

2. THE WAY OF PROCESS: The ways of process, in which the plaintext is processed. 16/25

2. 1 STREAM CIPHER: Stream cipher can encrypt a single bit of plaintext. A

2. 1 STREAM CIPHER: Stream cipher can encrypt a single bit of plaintext. A stream cipher consists of a state machine that outputs bits are commonly called the running key. The encryption can be implanted by just exclusively oring (XOR) the running key to plaintext message as shown in Figure 2. 4. Some of the better stream cipher is RC 4. Stream cipher is faster than usual block cipher. 17/25

. Figure 2. 4: Stream Cipher Operation 18/25

. Figure 2. 4: Stream Cipher Operation 18/25

2. 2 A BLOCK CIPHER Many commonly used ciphers are block ciphers. Block ciphers

2. 2 A BLOCK CIPHER Many commonly used ciphers are block ciphers. Block ciphers transform a fixed size block of data into another fixed size block using a function selected by the key. NIST has defined many modes of operation as CBC (Cipher Block Chaining), ECB (Electronic Codebook), CFB (Cipher Feedback) and OFB (Output Feedback). 19/25

2. 2. 1 CIPHER BLOCK CHAINING (CBC): CBC mode of operation was invented by

2. 2. 1 CIPHER BLOCK CHAINING (CBC): CBC mode of operation was invented by IBM in 1976. In the cipher-block chaining (CBC) mode, each block of plaintext is XORed with the previous ciphertext block before being encrypted as shown in Figure 2. 5; this way, each ciphertext block is dependent on all plaintext blocks processed up to that point. Also, to make each message unique, an initialization vector must be used in the first block and decrypted as shown in Figure 2. 6. 20/25

Figure 2. 5: Cipher Block Chining (CBC) mode encryption 21/25

Figure 2. 5: Cipher Block Chining (CBC) mode encryption 21/25

Block Cipher decryption Figure 2. 6: Cipher Block Chining (CBC) mode decryption 22/25

Block Cipher decryption Figure 2. 6: Cipher Block Chining (CBC) mode decryption 22/25

3. THE NUMBER OF KEY 3. 1 Symmetric: If both sender and receiver used

3. THE NUMBER OF KEY 3. 1 Symmetric: If both sender and receiver used the same key, the system referred to as symmetric, single key, or conventional encryption, 3. 2 Asymmetric: If sender and receiver each used different key, the system is referred to as asymmetric, two key, or public key encryption. 23/25

END SLIDE SHOW L: Rania Tabeidi 24/11

END SLIDE SHOW L: Rania Tabeidi 24/11