1 / 28

M150: Data, Computing and information

M150: Data, Computing and information. Outline Unit fourteen. What’s next. Review questions. Your questions. Unit fourteen : Hiding data. computers and security. Cryptography. Security in industry. the limits of security. the single user and security. Unit fourteen : Hiding data.

hillaryf
Download Presentation

M150: Data, Computing and information

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. M150: Data, Computing and information Outline Unit fourteen. What’s next. Review questions. Your questions.

  2. Unit fourteen : Hiding data computers and security. Cryptography. Security in industry. the limits of security. the single user and security.

  3. Unit fourteen : Hiding data • Explain the principles cryptographic techniques "what did the Romans ever do for us?" • Show how cryptography can aid security of computer applications • Show how cryptography can be used by businesses • Explain the limitations of computer security and how it may be compromised • Show why information passing over the internet must be secured • Show why security should concern us as individuals 3

  4. Unit fourteen : Hiding data Some types of attack False authority syndrome List Linking Roll your own credit cards Web attack Money transfer Internet worm 4

  5. Unit fourteen : Hiding data Cryptography The study of secret codes Plain text The original, understandable text Cipher text The text formed by applying some cryptographic method Encryption The process of transforming text so that it cannot be understood by anyone who does not have the key Decryption The process of returning an encrypted document to its original form by application of a key 5

  6. Unit fourteen : Hiding data Caesar Cipher Replacing each letter with one further along the alphabet What is the shift in the encrypted message below? 6

  7. Unit fourteen : Hiding data How many bits? (Tricky question) Imagine a Caesar cipher is to be used that works for upper and lower case letters and the following special characters: space, comma, question mark, full stop. The key (i.e. the shift) is to be represented as a binary number stored in a computer file. What is the minimum number of bits needed for the key to represent all the possible values the key could take? 7

  8. One-time pad • Two identical copies of a "pad" are made. Each page contains a key consisting of random letters • The sender uses the top page of their pad to encrypt the message ciphertext • The receiver uses the top page of their pad to decrypt the message • Both destroy the top page of the pad 8

  9. One-time pad example - encryption 9

  10. One-time pad example - decrypt 10

  11. Enigma machine • Used during World War II to encrypt and decrypt secret military messages • Did Enigma produce a monosubstitution or a polyalphabetic cipher? • Did Enigma use symmetric or asymmetric key cryptography? from www.pbs.org/wgbh/nova/decoding/enigmadiagram.html see http://en.wikipedia.org/wiki/Enigma_machine for a good detailed explanation of how the enigma machine worked. 11

  12. Data Encryption Standard (DES) • Developed for the US Government and considered impregnable at the time • Increases in computer power meant that it can be cracked by brute force • DES uses a symmetric key with permutation, swapping and function application Swap first two and last two letters Caesar cipher shift 2 Permutation in groups of 3 letters Hello_Mum leH_olmuM uMH_olmle wOJ_qnong 12

  13. Asymmetric Keys 13 http://www.int.gu.edu.au/courses/2010int/crypto.html

  14. RSA(Rivest, Shamir and Adleman) • An asymmetric key method using a public key for encryption and a private key for decryption and vice versa. • This asymmetry means that the public key can be distributed by insecure means - or even made public. • There are many public keys, one to match each private key. • RSA is a more complex computation than DES and is much slower. 14

  15. Security in Industry • The Internet is an open network and you can't control which computers will carry your messages. • Your message could be intercepted at any intermediate node. • Security is essential for some commercial transactions - for example processing credit card numbers. • Secure Sockets Layer (SSL) provides a mechanism to do this. 15

  16. Secure Sockets Layer • SSL uses symmetric and asymmetric keys • The bulk of the data is encrypted with a symmetric key for speed • A new key for symmetric encryption is created for each transaction • This key is itself encrypted and sent across the net for the receiving computer to use • The key is encrypted using an asymmetric technique for security • SSL is more efficient than RSA alone 16

  17. Secure Socket Layer data data data data data B A A and B exchange information about encryption and decryption methods Generate and encrypt key Decrypt with B's private key A generates symmetric key, encrypts it with B's public key and sends it to B Encrypt Decrypt Symmetric key Symmetric key 17

  18. How do I know a website is using SSL? Insecure Secure Secure Secure 18

  19. Digital Signature • A technology used to check whether data has been tampered with • It has two properties: • Authentication • Non-repudiation • It uses a message digest or hash function 19

  20. Digital Certificates • What's to stop a criminal putting up a spoof website containing a public key that they say belongs to a major bank? • You use the key to send messages to your bank. • Criminal intercepts and reads the messages. • A digital certificate provides basic authentication facilities on the internet • Must be issued by a certifying authority • The certifying authority holds a database of the details of the certificates

  21. The Certifying Authority The certifying authority database holds: • Name of the authority that issued the certificate • Name of the user associated with the certificate • Public key of the user and description of the user's asymmetric cryptography method • The digital signature of the certifying authority (contents of the certificate encrypted with the private key of the certifying authority)

  22. Web Security • The web uses a mixture of techniques • A firewall is a barrier which restricts the exchange of information between your PC and the net • A screening router determines which packets of data should be allowed to pass in each direction • A bastion host holds temporary copies of the web pages that you request • A Secure Socket Layer (SSL) • Secure Electronic Transaction (SET)

  23. Limits of Security • All users must be on their guard against attempts to breach security. • The best security is no good if the password is written on a piece of paper under the user's keyboard or it's the name of the dog or child! • Many systems offer strong security from a technical standpoint but are compromised by poor working practices. "Security is a chain; it's only as secure as the weakest link" Bruce Schneier

  24. Hazards for the Single User • Anyone connected to the internet is at risk • While you're on line and part of the web intruders can potentially: • read the contents of your address book • send messages from your email address • store files on your hard drive • The effects can range from mild irritation to catastrophic damage. • How would your life be affected if everyone in your address book received a set of offensive pictures from you by email?

  25. Some precautions • Don't publish your email address on the web • Use a number of email addresses • Keep one email address for personal use with people you trust • Have a separate email that you use when signing up for mailing lists etc. • Consider using a proxy server or anonymiser • Beware of executing unknown programs • Only give credit card details to secure sites • Keep a record of all transactions • Don't send credit card details by email • Install anti-virus software and keep it up-to-date • Run a firewall on your PC

  26. What’s next Unit 15. 26

  27. Review questions • Define the term cryptographic. • Define the term internal worm • Difference between plain and cipher text. • Define Caesar cipher. • What is an Enigma machine. • What is Data Encryption Standard (DES). • What do we mean by the term “brute force” • Define symmetric and asymmetric key. • Define RSA technique. • SSL stands for what. • Define digital signature. • Define authentication • What is digital certificate. • Define firewall

  28. 4- Your questions ?

More Related