1 / 28

Cryptography

Cryptography. Practical Understanding & Applications. Topics to be Discussed. Practical Understanding Definitions Necessary considerations Types of encryption Trusted encryption methods Applications Secure Email (OpenPGP) Hard Disk Protection (TrueCrypt). Practical Understanding.

vanna-petty
Download Presentation

Cryptography

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cryptography Practical Understanding & Applications

  2. Topics to be Discussed • Practical Understanding • Definitions • Necessary considerations • Types of encryption • Trusted encryption methods • Applications • Secure Email (OpenPGP) • Hard Disk Protection (TrueCrypt)

  3. Practical Understanding Basic Concepts & Definitions

  4. What is Cryptography? • Definition - the use of encryption methods to conceal “plaintext” data (messages, files, etc.) • Encryption pre-dates computing • Caesar Cipher • Enigma machine

  5. Why do we need Cryptography? • Plaintext data is vulnerable to 4 attack types: • Interruption • Interception • Modification • Fabrication • Used to ensure: • Confidentiality • Integrity

  6. Key Considerations • Theoretically vs. Practically Breakable • Moore’s Law • Key Management • Key Distribution

  7. Encryption Types • Symmetric Encryption • Same key utilization for encryption/decryption • Asymmetric Encryption • Different keys utilized for encryption/decryption • Most schemes involve a “private” and “public” key concept

  8. Validated Encryption Schemes • Symmetric • Triple-DES • AES • Asymmetric • RSA • PGP

  9. Applications Two Key Examples of Cryptography

  10. Secure Email • Ensures confidentiality of messages even across insecure networks or email clients • Can be used as a “digital signature” to validate message authenticity • Most common implementation is PGP

  11. OpenPGP • PGP = “Pretty Good Privacy” • Proprietary and Open Source software providers exist • Symantec Encryption • Paid, Proprietary • GNU Privacy Guard • Free, Open Source • http://www.gnupg.org/

  12. Example of an E-Mail encrypted with OpenPGP

  13. GnuPG + Thunderbird • GnuPG • Free OpenPGP standard implementation • Available on Linux/Windows/Mac OS X • Thunderbird • Free E-Mail client by Mozilla • Uses Enigmail extension to allow for handling OpenPGP standard signed/encrypted mail

  14. Steps to Setup Secure Mail • Download & install Mozilla Thunderbird • Download & install Enigmail extension • Download & install GnuPG • Setup Private/Public Key Pair • Share Public Key • Direct Sharing • Key Server (e.g. http://pgp.mit.edu/) • Assign encryption rules

  15. Deployment Considerations • Security is only as good as the protection given to one’s private key • If lost or compromised, the old key pair must be invalidated and a new one generated • Per-User rules should be carefully applied

  16. Hard Disk Encryption • Prevents unauthorized access to hard drives • Even if stolen, encrypted disks are useless to clone • Hardware or Software Implementations • Self-encrypting hard disks are available • Software implementations are much more typical • Open Source and Proprietary providers exist • Symantec Encryption • TrueCrypt

  17. TrueCrypt • On-the-fly encryption provider suite • Good performance due to pipelining/parallelization • Variety of Encryption Options • Encrypted Folder • Encrypted Partition • Full Disk Encryption • Open Source and available for Linux/Windows/MAC OS X

  18. Supported Encryption • Encryption • AES • Serpent • Twofish • Cascades • Application of two or more of the above encryption methods

  19. Supported Hashes • TrueCrypt utilizes hashes to provide a pseudorandom random number generator for key and salt creation. • Hashes • RIPEMD-160 • SHA-512 • Whirlpool

  20. TrueCrypt Screenshots

  21. Advanced Features • Hidden Volume Creation • Hides a TrueCrypt volume within an outer TrueCrypt volume • Outer can be revealed (decrypted) without revealing the existence of the hidden drive • Hidden Operating System • Even if pre-boot authentication password is forced to be revealed, only a “decoy” operating system will be accessed

  22. Hidden Volume Diagram from TrueCrypt site

  23. Hidden Operating System Diagram from TrueCrypt site

  24. Deployment Considerations • Data Leaks • System memory is NOT encrypted • Dependent on password strength/secrecy • Malware, keyloggers, etc. can compromise even a strong password • Wear-Leveling • Flash Memory

  25. Conclusion Putting it all together

  26. Closing Thoughts • Encryption provides one of the foundational layers of digital security • Utilize the appropriate level of security to meet your needs • Don’t fall into “false sense of security” traps • Free, open source encryption methods are readily available -- use them!

  27. Questions?

  28. References • http://www.openpgp.org/ • http://en.wikipedia.org/wiki/Pretty_Good_Privacy • http://www.gnupg.org/ • https://www.enigmail.net/home/index.php • http://www.truecrypt.org/

More Related