1 / 7

QMCS 490 - Class Today

In this class recap, we explored key concepts surrounding desktop cryptography, including file and volume encryption, the importance of user-controlled sharing, and the security dilemmas inherent to software encryption. We discussed Moore's Law in relation to crypto key cracking and access control permissions, highlighting the critical roles of owners and system permissions. Students are tasked with reviewing Chapters 1 and 2, completing the homework assignments on crypto key sizes, and preparing for discussions on subversion and access control in upcoming classes.

devlin
Download Presentation

QMCS 490 - Class Today

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. QMCS 490 - Class Today • “Enigma” recap and finish • The quiz/survey • Next homework assignment • Desktop Crypto implementations R. Smith - University of St Thomas - Minnesota

  2. Homework Assignment • Look up some things in Chapter 5 • Use Moore’s Law to guess how large of a crypto key a DES Cracker-style computer can crack in a given year. • Turn the calculation around and guess the year in which such a machine will be able to crack a key of a given size. • Print out Chapters 1 and 2. Look at pretty picture and diagrams. Read a few stories. Bring them to class on Monday. R. Smith - University of St Thomas - Minnesota

  3. Desktop Crypto Implementations • File encryption • User controlled; sharing and separation on computer • Volume encryption • Device driver encrypts data written to the drive • Can’t boot without a password/phrase/key • Users can steal from each other • Everything is safe if stolen (and key is unknown) • Hard drive encryption • Fast crypto built into hard drive • Users can steal from each other • Crypto is harder to disable • Problem: how do we handle the key? R. Smith - University of St Thomas - Minnesota

  4. Software Crypto Dilemmas • How do we keep the crypto safe? • What can ‘they’ subvert • Subversion examples • File encryption • Hard drive encryption • Access control protections R. Smith - University of St Thomas - Minnesota

  5. Access Control for this class • For Access Control Examples • Three elements to consider • Operating system – always has full access • Owner (usually the creator) – always has full access • Everyone else – access may be restricted • To specify access on a file or other asset • Identify the owner • Identify permissions granted to everyone else, if any • Access permissions to grant • Read, write – usual meaning • Execute – if executable, may be executed by other users • Search – for directories: can’t read but can search R. Smith - University of St Thomas - Minnesota

  6. Access Control for Crypto • Who owns the executable? • Who can modify it? • Who owns keys? R. Smith - University of St Thomas - Minnesota

  7. Creative Commons License This work is licensed under the Creative Commons Attribution-Share Alike 3.0 United States License. To view a copy of this license, visit http://creativecommons.org/licenses/by-sa/3.0/us/ or send a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. R. Smith - University of St Thomas - Minnesota

More Related