CSCE 201 Introduction to Information Security Fall 2015
- Slides: 24
CSCE 201 Introduction to Information Security Fall 2015 Data Protection
Sensitive Files l Must be protected from – Hackers – Other users to protect and at what level security policy l How to protect security policy l What CSCE 201 - Farkas 2
Security Mechanism Several alternatives l Which one to choose? l – Level of assurance – User’s preferences (familiarity, ease of use, – – recommendations, etc. ) User’s technical knowledge Availability Financial considerations Etc. CSCE 201 - Farkas 3
Data Protection l Operating System’s Data protection – File encryption, e. g. , MS Window’s support for encryption, https: //msdn. microsoft. com/enus/library/windows/desktop/aa 364223(v=vs. 85). aspx l Best Practices CSCE 201 - Farkas 4
What is Encryption? How secure it is? Can you decrypt the followings? HAY? OROWEU How are you? Hello
Insecure communications Snooper Confidential Insecure channel Recipient Sender CSCE 201 - Farkas 6
Terminology § Plaintext (cleartext): a message in its original § § § form Ciphertext (cyphertext): an encrypted message Encryption: transformation of a message to hide its meaning Cipher: cryptographic algorithm. A mathematical function used for encryption (encryption algorithm) and decryption (decryption algorithm). CSCE 201 - Farkas 7
Terminology §Decryption: recovering meaning from ciphertext §Cryptography: art and science of keeping messages secure §Cryptanalysis: art and science of breaking ciphertext §Cryptology: study of both cryptography and cryptanalysis CSCE 201 - Farkas 8
Encryption and Decryption Plaintext Encryption Ciphertext Decryption Plaintext Additional requirements: • Authentication • Between communicating parties • Third-party authentication • Non-repudiation • Integrity verification • Key distribution • Secret key (secure distribution) • Public key (reliable distribution) Lecture 4 CSCE 201 - Farkas 9 9
Cryptanalysis Cryptanalyst’s goal: – Break message – Break key – Break algorithm Lecture 4 CSCE 201 - Farkas 10 10
Secret Key Encryption (Symmetric key, Traditional)
Secret Key Cryptosystem Plaintext Ciphertext Encryption Decryption Sender Recipient C=E(K, M) M=D(K, C) Lecture 4 Plaintext K K needs secure channel CSCE 201 - Farkas 12 12
Basic Encryption Techniques Substitution (confusion) n Permutation (diffusion) n Combinations and iterations of these n Lecture 4 CSCE 201 - Farkas 13 13
Simple Alphabetic Substitution n Assign a new symbol to each plain text symbol randomly or by key, e. g. , C k, A h, B l M=CAB C =k h l §Advantages: large key space 26! §Disadvantages: trivially broken for known plaintext attack, repeated pattern, letter frequency distributions unchanged Lecture 4 CSCE 201 - Farkas 14 14
Transposition n n Letters of the message are rearranged Break patterns, e. g. , columnar transposition Plaintext: this is a test this isat est! n n Lecture 4 tiehssiatst! Advantages: easy to implement Disadvantages: ¨ Trivially broken for known plaintext attack ¨ Easily broken for cipher only attack CSCE 201 - Farkas 15 15
Symmetric Key Encryption Algorithms l Data Encryption Standard (DES) l Advanced Encryption Standard (AES) CSCE 201 - Farkas 16
Public-Key Encryption l Two keys – one is private one is public l Solves the key distribution problem (but need reliable channel) l Provides electronic signatures l Slower than secret-key encryption CSCE 201 - Farkas 17
Public-Key Encryption l Needed for security: – One of the keys must be kept secret – Impossible (at least impractical) to decipher message if no other information is available – Knowledge of algorithm, one of the keys, and samples of ciphertext must be insufficient to determine the other key CSCE 201 - Farkas 18
Confidentiality Insecure channel Plaintext A Encryption Alg. Ciphertext Decryption Alg. Plaintext B Recipient Sender B’s public key B’s private key (need reliable channel) CSCE 201 - Farkas 19
Public Key Cryptosystem Concept conceived by Diffie and Hellman in 1976 l Rivest, Shamir, and Adleman (RSA) describe a public key system in 1978 l Many proposals have been broken e. g. , Merkle-Hellman proposal broken by Shamir l Serious candidates (public domain) l – RSA – El Gamal CSCE 201 - Farkas 20
Digital Signatures in RSA Insecure channel Sign Plaintext A Verify Decryption Alg. Signed plaintext Encryption Alg. Plaintext B A’s private key A’s public key (need reliable channel) CSCE 201 - Farkas 21
Signature and Encryption A Plaintext Signed Plaintext D B Encrypted Signed Plaintext E Signed Plaintext D B’s public key A’s private key CSCE 201 - Farkas E Plaintext A’s public key B’s private key 22
Hash Functions l Hash function h maps an input x of arbitrary length to a fixed length output h(x) (compression) l Accidental or intentional change to the data will change the hash value l Given h and x, h(x) is easy to compute (ease of computation) CSCE 201 - Farkas 23
Hash functions l Collision resistant (strong collision resistant): if it is computationally infeasible to find any two distinct inputs that has the same output CSCE 201 - Farkas 24
Private securit
Explain about visa international security mode
Nstissc security model
Introduction to information security chapter 2
What is the osi security architecture
Security guide to network security fundamentals
Wireless security in cryptography and network security
Electronic mail security in network security
E commerce security policy
Seven touchpoints for software security
Security guide to network security fundamentals
Security guide to network security fundamentals
Csce 221 tamu
Csce 314
Csce 314
Csce 314
Csce 314 tamu
Tamu csce 314
Csce 314
Csce 481
Csce 181
Csce 181
Csce 181 tamu
Csce 121 tamu
Csce 411
