1 / 19

Computer Security

Computer Security. Cryptography. Cryptography Now and Before. In the past – mainly used for confidentiality Today Still used for confidentiality Data integrity Source authentication Non-repudiation. Definitions. Cryptography Hiding the meaning of communication Cipher

chesmu
Download Presentation

Computer Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Computer Security Cryptography

  2. Cryptography Now and Before • In the past – mainly used for confidentiality • Today • Still used for confidentiality • Data integrity • Source authentication • Non-repudiation

  3. Definitions • Cryptography • Hiding the meaning of communication • Cipher • Transforms characters or bits into an unreadable format • Cryptographic Algorithm • Procedure that turns readable data into an unreadable format (usually through mathematical formulas

  4. More Definitions • Cryptanalysis • Science of studying and breaking encryption mechanisms • Cryptology • Study of cryptography and cryptanalysis • Key Clustering • When two keys generate the same ciphertext from the same plaintext

  5. MORE Definitions • Cryptosystem • Encompasses all of the components for encryption and decryption • Plaintext • Readable format / decrypted • Ciphertext • Unreadable format / encrypted • Work Factor • Time, effort, and resources necessary to break a cryptosystem (should be too high for compromise)

  6. Symmetric Cryptography • Two instances of the same key • One key used for encryption and decryption • Sender/receiver use same key (public/shared) • Key distribution a problem • Secure 2nd channel needed or offline • Does not implement non-repudiation

  7. Historical Symmetric Keys • Hieroglyphics • Recorded in use in 2000 B.C. • 1st known type of cryptography • Only certain people knew the symbols • Used to glorify the life of deceased

  8. Scytale Cipher • Paper or leather was wrapped around a rod • Message was written on paper and delivered by messenger • Sender and receiver had to have rod of same diameter • Was used around 400 B.C. • Transposition Cipher

  9. Caesar Cipher • Symmetric cipher • Keys shifted ‘n’ number of letters • Also referred to as a shift cipher • If one alphabet is used – monoalphabetic substitution • If two alphabets are used – polyalphabetic substitution

  10. Example • Decode the following messages: • OP CPOVT QPJOUT PO FYBN

  11. Vigenere Cipher • Polyalphabetic substitution cipher • Proposed by court of King Henry III • An extension of the Caesar Cipher • Strength is no frequency analysis can be performed

  12. Enigma Machine • Rotor cipher used polyalphabetic substitution • Employed in WWII • Symmetric – original setting of rotors and how rotors moved must be the same • Sender entered characters and the rotors moved

  13. Vernam Cipher • One-time pad • Only method that is completely secure • Still used today for backups encryption method • Senders uses one-time pad to encrypt and receiver uses twin to decrypt

  14. Vernam • Deemed unbreakable if: • Pad is truly random values • Used only once • Securely distributed • Securely stored • Pad is at least as long as message

  15. Key & Algorithm Relationship • Key – long string of values • Algorithm – group of mathematical equations that can be used for the encryption process • Used together – key values are used by the algorithm to indicate which equations to use, in what order, and with what values

  16. Breaking Cryptosystems • Brute Force • Attempts all possible combinations of a given key space to derive the key • Takes ciphertext, applies key, and sees if understandable plaintext is derived • How many possible keys? • 40-bit key = 1 trillion • 56-bit key = 72 quadrillion • Easily breakable due to Moore’s Law • In 1998, broke DES in three days with 1536 PCs running at 40 MHz

  17. Frequency Analysis • Patterns in ciphertext are identified and matched back to plaintext • For example, the most common letters in the English language are “iron seat” • Allows attackers to reverse-engineer encryption process

  18. Characteristics of Strong Algorithms • Confusion • Complexity of the process to increase the workfactor of reverse engineering • Interceptor should not be able to predict what changing one character will do to ciphertext • Diffusion • Component going through an encryption should have MANY things take place • Change should affect many part of the ciphertext

  19. Kerckhoff’s Principle • Only secrecy involved with cryptography should be the key • Should not base security on figuring out the algorithm • Algorithms should be publicly known • Government does NOT agree

More Related