Scribd Logo
Загрузить

Добро пожаловать в Scribd!

  • Information Security & Cryptographic Principles

    Загружено:

    ipqtr
    34 просмотров39 страниц
    Information Security and cryptographic Principles. Introduction to Infosec and cryptography. Single key cryptographic algorithms DES and alternative algorithms. Crypto Applications Basic Problem Intranet Extranet Internet There are Confidence and Trust Issues. Multiple Security Issues Privacy Authentication Interception Spoofing Integrity Non-repudiation Claims Not sent not received Modification Proof of parties involved.

    Исходное описание:

    Оригинальное название

    Intro

    Авторское право

    © Attribution Non-Commercial (BY-NC)

    Доступные форматы

    PPTX, PDF, TXT или читайте онлайн в Scribd

    Этот документ был вам полезен?

    Это неприемлемый материал?

    Пожаловаться на этот документ
    Information Security and cryptographic Principles. Introduction to Infosec and cryptography. Single key cryptographic algorithms DES and alternative algorithms. Crypto Applications Basic Problem Intranet Extranet Internet There are Confidence and Trust Issues. Multiple Security Issues Privacy Authentication Interception Spoofing Integrity Non-repudiation Claims Not sent not received Modification Proof of parties involved.

    Авторское право:

    Attribution Non-Commercial (BY-NC)
    Скачайте в формате PPTX, PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    34 просмотров39 страниц

    Information Security & Cryptographic Principles

    Загружено:

    ipqtr
    Information Security and cryptographic Principles. Introduction to Infosec and cryptography. Single key cryptographic algorithms DES and alternative algorithms. Crypto Applications Basic Problem Intranet Extranet Internet There are Confidence and Trust Issues. Multiple Security Issues Privacy Authentication Interception Spoofing Integrity Non-repudiation Claims Not sent not received Modification Proof of parties involved.

    Авторское право:

    Attribution Non-Commercial (BY-NC)
    Скачайте в формате PPTX, PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    из 39

    Information Security & Cryptographic Principles

    Infosec and Cryptography


    Subjects / Topics :
    1. 2. 3. 4. 5. Introduction to Infosec and cryptography Single key cryptographic algorithms DES and alternative algorithms Public key cryptographic algorithms Crypto Applications

    Basic Problem

    Intranet Extranet Internet

    Bob

    Alice

    There are Confidence and Trust Issues

    Multiple Security Issues


    Privacy

    Authentication

    Interception

    Spoofing

    Integrity

    Non-repudiation
    Claims
    Not sent not received

    Modification

    Proof of parties involved

    Security Services
    Integrity Information has not been altered Confidentiality Content hidden during transport Authentication Identity of originator confirmed Non-Repudiation Originator cannot repudiate transaction

    Information Security

    Confidentiality

    Integrity

    Availability

    Data Confidentiality

    Some confidential text (message) in clear (readable) form

    Cryptography

    Some confidential text (message) in clear (readable) form

    Someconfid

    entialtext
    essage) in clear

    Encryption

    Cryptography

    Some confidential text (message) in clear (readable) form

    Someconfid

    entialtext
    essage) in clear

    Decryption

    Crypto Transformations

    Some confidential text (message) in clear (readable) form

    Someconfi Entialte essage) in clear

    Crypto Transformations

    Some confidential text (message) in clear (readable) form

    Someconfi Entialte essage) in clear

    Parameterization

    Some confidential text (message) in clear (readable) form Someconfid Someconfid Someconfid entialtext Someconfid entialtext entialtext Someconfi essage) entialtext Entialte essage) essage) essage) in clear essage) in clear in clear in clear in clear

    Crypto key

    Infosec and Cryptography


    Subjects / Topics :
    1. 2. 3. 4. 5. Introduction to Infosec and cryptography Single key cryptographic algorithms DES and alternative algorithms Public key cryptographic algorithms Crypto Applications

    Single Key Crypto

    Encryption

    Some confidential text (message) in clear (readable) form

    Someconfid Entialtext essage) in clear

    Crypto key

    Decryption

    Design . . . ?

    How to design good cryptographic systems ?


    What does it mean good crypto system ?

    Principles

    1. 2. 3. 4. 5. 6.

    Simple for users Complicated for intruders Public algorithm Secret key Large number of combinations Special properties

    Infosec and Cryptography


    Subjects / Topics :
    1. 2. 3. 4. 5. Introduction to Infosec and cryptography Single key cryptographic algorithms DES and alternative algorithms Public key cryptographic algorithms Crypto Applications

    DES Algorithm

    Cleartext

    DES Key
    Ciphertext

    DES
    Cleartext

    Key = Input
    1, 2, 3, . .... ... ... ... ... ... ... 64 1, 2, 3, . .... ... ... ... ... ... ... 64

    1011

    ...

    11

    1011

    ...

    11

    Key

    Cleartext

    DES

    Ciphertext

    101010

    ........

    10

    1, 2, 3, ... ...... ... ... .... ... ... 64

    Avalanche Effect
    1, 2, 3, . .... ... ... ... ... ... ... 64 1, 2, 3, . .... ... ... ... ... ... ... 64

    1011 ...

    1011...

    Key

    Cleartext

    DES

    Ciphertext

    101010

    10

    1, 2, 3, ... ...... ... ... .... ... ... 64

    DES Implementations

    Other Symmetric Algorithms

    1. AES 2. IDEA 3. Triple - DES 4. RC-2 5. RC-4 6. Blowfish

    Infosec and Cryptography


    Subjects / Topics :
    1. 2. 3. 4. 5. Introduction to Infosec and cryptography Single key cryptographic algorithms DES and alternative algorithms Public key cryptographic algorithms Crypto Applications

    Secret Key Systems

    Encryption

    Some confidential text (message) in clear (readable) form

    Someconfi entialtext essage) in clear

    Crypto key

    Decryption

    Key Exchange

    Public Key Cryptography

    Encryption
    Key 2
    Some confidential text (message) in clear (readable) form Someconfi entialtext essage) in clear

    Key 1

    Decryption

    Public Key Cryptography


    Bob
    MSG

    Alice
    Encryption
    tia

    Decryption

    MSG

    Bob Private

    Alice Private

    Bob Public

    Alice Public

    Digital Signature Authentication Non-Repudiation

    Public Key Cryptography


    Bob
    MSG

    Alice
    Encryption
    tia

    Decryption

    MSG

    Bob Private

    Alice Private

    Bob Public

    Alice Public

    Confidentiality

    Symmetric and Asymmetric Encryption Symmetric: Faster than asymmetric, hard to break with large key, hard to distribute keys, too many keys required, cannot authenticate or provide nonrepudiation.

    Includes: DES, Triple DES, Blowfish, IDEA, RC4, RC5, RC6, AES

    Symmetric and Asymmetric Encryption


    m

    Asymmetric cryptography: Better at key distribution, better scalability for large systems, can provide authentication and non-repudiation, slow, math intensive

    Includes: RSA, ECC, Diffie Hellman, El Gamal, DSA, Knapsack, PGP

    Infosec and Cryptography


    Subjects / Topics :
    1. 2. 3. 4. 5. Introduction to computer cryptography Single key cryptographic algorithms DES and alternative algorithms Public key cryptographic algorithms Crypto Applications

    Crypto Applications

    1. Digital signature 2. Digital enveloping 3. Digital certificates 4. Secret key exchange

    Digital Signature
    A Digital Signature is a data item

    that vouches for the origin and


    the integrity of a Message

    Intranet Extrane t

    Bob

    Internet

    Alice

    Digital Signature

    Message
    Digest Algorithm

    Message

    Hash Function Digest

    Digest Algorithm

    Hash Function

    Public Key

    Private Key

    Encryption

    Decryption
    Expected Digest Actual Digest

    Signature

    Signer

    Channel

    Receiver

    Digital Signature Real Identity of the Signer.

    Why should I trust what the Sender claims to be ?

    Moving towards PKI

    Digital Certificate

    A Digital Certificate is a binding


    between an entitys Public Key and one or more Attributes related to its Identity.
    The entity can be a Person, an Hardware Component, a Service, etc. A Digital Certificate is issued (and signed) by someone : Usually the issuer is a Trusted Third Party

    Digital Certificate

    CERTIFICATE
    Subject Issuer Subject Public Key

    Issuer Digital Signature

    Digital Certificate

    How are Digital Certificates Issued?


    Who is issuing them?

    Why should I Trust the Certificate Issuer?


    How can I check if a Certificate is valid? How can I revoke a Certificate? Who is revoking Certificates?
    Moving towards PKI

    Questions

    Вам также может понравиться