Cryptography an overview csci 5233 computer security integrity
- Slides: 11
Cryptography: an overview csci 5233 computer security & integrity 1
Outline n Security components n Security mechanisms: – Symmetric Cryptography – Asymmetric Cryptography – Cryptographic Checksums – Digital Signatures csci 5233 computer security & integrity 2
Security components n aka. Security Goals – – – – n Confidentiality: Data is only for the authorized. data integrity: Data is correct. origin integrity: Origin of the data is correct. non-repudiability: There exists a mechanism to prove that the actor (sender, receiver, writer, retrieval, …) indeed performed that action. availability: Data is available to the authorized. access control anonymity etc. What components to implement depends on the application’s security policy/requirements. csci 5233 computer security & integrity 3
Security components n What components to implement depends on the application’s security policy/requirements. n Example applications that demand the various security components? csci 5233 computer security & integrity 4
Security components: Exercise n You are part of a project team, which is developing an information system for command, communication and control between a command center and nuclear submarines. Of course, the communication between the command center and the submarine must be secured from potential faults and attacks. Explain how each of the following goals could be achieved by providing detailed protocols (showing the actors and their respective actions). – Goal #1: The communication must remain secret. That is, only the targeted recipient of a message should have access to the content of the message. – Goal #2: The correctness of the messages/commands must be verifiable. That is, if the message ever gets altered, the change should be detected. – Goal #3: The recipient of a message should be able to verify the true identity of the sender. That is, an unauthentic sender should be detected. – Goal #4: A command issued by A cannot later be denied by A. That is, A cannot later deny either the content or the action of sending that message. csci 5233 computer security & integrity 5
Security Mechanisms n A security component is provided by one or more mechanisms. n Common security mechanisms: – – – – Symmetric Cryptography Asymmetric Cryptography Cryptographic Checksums Digital Signatures Digital Certificates Firewalls IDS Kerberos 802. 11 i WEP IPSec SSL … csci 5233 computer security & integrity 6
Classical Cryptography n Sender, receiver share common key – Keys may be the same, or trivial to derive from one another – Also called symmetric cryptography csci 5233 computer security & integrity 7
Public Key Cryptography n Sender, receiver use keys that are inverse – An entity has a key pair (public key, private key) – The public key is usually public, but the private key is known only to the owner. – Also called asymmetric cryptography csci 5233 computer security & integrity 8
Cryptographical Checksums n Message Digest – A checksum of the data – Sent or stored along with the source data – The receiver or the user of the data verifies the digest to determine the correctness. csci 5233 computer security & integrity 9
Cryptographical Checksums n Message Authentication Code (MAC) – Keyless checksum is not secure. Why? – MAC is usually used for data integrity. – Some sort of “protection” must be in place if keyless message digest is used. csci 5233 computer security & integrity 10
Digital Signatures n Powerful but expensive security mechanism n Provides data integrity, origin integrity, and sender non-repudiability. How? csci 5233 computer security & integrity 11
Wireless security in cryptography
Message integrity in cryptography
Csci 530
Netcheque
Csci430
Privat security
Cryptography security services
Security services of cryptography
Cryptography and network security 6th edition
Introduction to cryptography and network security
Number theory in cryptography and network security
Firewall base layer
