60 %
40 %
Information about Encryption

Published on December 31, 2007

Author: smith

Source: authorstream.com

Encryption Matches Domain 4.0 Basics of Cryptography (15 percent of Security +):  Encryption Matches Domain 4.0 Basics of Cryptography (15 percent of Security +) Network Security Class Dr. Kleist Note: Most material from Harris, Shon. (2003). All-In-One CISSP Certification Exam Guide. New York: McGraw-Hill/Osborne. Security + Exam and Cryptography:  Security + Exam and Cryptography 4.1 Identify and explain hashing, symmetric, asymmetric (chpt. 5) 4.2 Understand cryptography and confidentiality, integrity (digital signatures), authentication, non-repudiation (digital signatures), access control (Chpt. 5) 4.3 PKI: certificates, certificate policies, revocation, trust models (Chpt. 5) 4.4 Crypto standards and protocols (Chpt. 5) 4.5 Key Management and Certificate Lifecycles (centralized v. decentralized, storage, escrow, expiration, revocation, suspension, recovery, renewal, destruction, key usage (Chpt. 6) Sources of Lecture:  Sources of Lecture Slides are drawn from several sources. Some research from Conklin, W. A., G. White, C. Cothren, D. Williams, R. Davis. (2004). Principles of Computer Security. Boston:  McGraw-Hill Technology Education.  Also material from Schneier, B. (2000, 2004).  Secrets & Lies:  Digital Security in a Networked World.  Indianapolis:  Wiley Publishing, Inc. Most of this material from Harris, Shon. (2003). All-In-One CISSP Certification Exam Guide. New York: McGraw-Hill/Osborne. Exam 1:  Exam 1 Real exam is 90 minutes for 100 questions, you must get a score of 764, and your points are normalized from 100 to 900 points (i.e., changed in scale Our exam 1 will be from real Security + exams, and will cover sections that are matched to the chapters in our text, our lectures and the Schneier book. First exam will have 60 multiple choice questions. Outline of Crypto Section:  Outline of Crypto Section History of Cryptography Common elements of all cryptographic systems Cryptographic systems strength Types of ciphers Government involvement Symmetric and asymmetric encryption Digital signatures and certificate authorities Cryptography in real networks PKI Outline, cont’d.:  Outline, cont’d. Key escrow Methods of Encryption Symmetric cryptography in Networks Asymmetric cryptography in Networks Hybrid systems PKI CA Message Integrity and Hashes Digital Signature One time pad Outline, cont’d:  Outline, cont’d Key management Hardware vs. software key management Email standards, MIME, S/MIME, PEM, MSP Standard cryptography used in networks of interest Attacks on crypto systems History of Crypto:  History of Crypto The Code Book Substitution cipher Transposition cipher Monoalphabetic substitution Scytale cipher Caesar cipher Mary Queen of Scots Benedict Arnold Enigma and Turing Windtalkers Lucifer Common Elements of All Crypto:  Common Elements of All Crypto Cryptanalysis.  Trying to figure out the message without the key. Algorithm.  Set of mathematical rules that dictate enciphering and deciphering.  Not part of the encryption process, widely known.  Key.  The key is the secret part of the process.  An algorithm contains a keyspace, which is a range of values that can be used to construct a key.  Key is random values within the keyspace range.  The larger the key space, the more values can be used, and some think the safer the key, although Schneier disagrees.  Keyspace:  Possible values to construct keys Plaintext.  The original data. Ciphertext.  Message after key is used following the algorithm to the message, transforming it so eavesdroppers cannot figure it out. Common Elements of All Crypto:  Common Elements of All Crypto Encipher:  Transform data into unreadable format Decipher:  Transform data into readable format Work factor:  Definition of the amount of time, effort and resources necessary to break a crypto system. Cryptographic Systems Strength:  Cryptographic Systems Strength Strength of encryption comes from:  Algorithm, secrecy of key, length of key, initialization vectors, and how they all work together.  Improper protection of the key can seriously weaken crypto.  (2600 discussion) Goals of Crypto systems:  confidentiality, authenticity, integrity, nonrepudiation Crypto system:  The hardware and software that implement the crypto transformations Types of Ciphers:  Types of Ciphers Substitution cipher Transposition cipher Running and concealment cipher Stream and Block Ciphers A little bit different: Steganography Government Involvement:  Government Involvement NSA Clipper Chip FBI and Wiretapping Symmetric and Asymmetric Encryption:  Symmetric and Asymmetric Encryption Symmetric: Faster than asymmetric, hard to break with large key, hard to distribute keys, too many keys required, cannot authenticate or provide non-repudiation. Includes: DES, Triple DES, Blowfish, IDEA, RC4, RC5, RC6, AES Symmetric and Asymmetric Encryption:  Symmetric and Asymmetric Encryption Asymmetric cryptography: Better at key distribution, better scalability for large systems, can provide authentication and non-repudiation, slow, math intensive Includes: RSA, ECC, Diffie Hellman, El Gamal, DSA, Knapsack, PGP Hybrid Asymmetric and Symmetric Systems:  Hybrid Asymmetric and Symmetric Systems Called Public Key Cryptography Use asymmetric algorithm for protecting symmetric encryption keys Use asymmetric for protecting key distribution Use secret key for bulk encryption requirements Just don’t let the secret key travel unless it was asymmetrically encrypted! Uses best advantages of each approach Public Key Infrastructure:  Public Key Infrastructure Comprehensive approach to establishing a level of security PKI as an amalgam of approaches Infrastructure Provides authentication, confidentiality, nonrepudiation, integrity Specific protocols are not PKI, but an overarching architecture Certificate Authority:  Certificate Authority Public Key Certificate Registration Authority Structure of Certificates Trusted Organization Can be internal or external to the organization Entrust, Verisign Certification Revocation Lists Can be provided by browser Message Integrity and Hashes:  Message Integrity and Hashes Has message been altered? Hash, hash function One way hash Message digest Create a fingerprint of a message Message can be altered either intentionally or unintentionally Digital Signature:  Digital Signature Hash value encrypted with the sender’s private key Act of signing means encrypting message’s hash value with private key Ensures that message was not altered and also came from Bob Ensures integrity, authentication, and non-repudiation DSS Algorithms:  Algorithms Asymmetric RSA ECC Diffie Hellman El Gamal Digital Signature Symmetric DES, 3DES Blowfish IDEA RC4 SAFER Hashing Algorithms:  Hashing Algorithms MD2 MD4 MD5 SHA HAVAL What does a good cryptographic hash function have? One Time Pad:  One Time Pad What is a one time pad? Perfect encryption Random Integrated into some applications High security But, have to distribute pad (like German High Command with submarines and Enigma codes) Issues of Key Management:  Issues of Key Management Principles Key length Storage Random More used, shorter its lifetime Escrow Destroy at end of lifetime Hardware v. Software:  Hardware v. Software Software less expensive Hardware more expensive Software slower throughput Hardware faster throughput Software more easily modified High end solutions will be hardware Email Standards:  Email Standards MIME S/MIME PEM MSP What do Networks Use for Real?:  What do Networks Use for Real? PGP:  PGP Phil Zimmerman Free Download Implement Use on email Print message encoded and decoded Web of Trust Internet Security:  Internet Security HTTP S-HTTP HTTPS SSL SET SSH IPSec Attacks on Crypto Systems:  Attacks on Crypto Systems Ciphertext Only Attack Know Plaintext Attack Chosen Plaintext Attack Man In the Middle Attack Dictionary Attack Side Channel

Add a comment

Related presentations

Related pages

dict.cc | encryption | Wörterbuch Englisch-Deutsch

Übersetzung für encryption im Englisch-Deutsch-Wörterbuch dict.cc.
Read more

Data Encryption Standard – Wikipedia

Der Data Encryption Standard (DES) ist ein weit verbreiteter symmetrischer Verschlüsselungsalgorithmus. Der DES-Algorithmus wurde als offizieller Standard ...
Read more

Encryption - Wikipedia, the free encyclopedia

In cryptography, encryption is the process of encoding messages or information in such a way that only authorized parties can read it. Encryption does not ...
Read more

How Encryption Works | HowStuffWorks

How secure is the Internet for sending sensitive information? Learn all about encryption, authentication, hash algorithms and more.
Read more

AES and RSA encryption | Boxcryptor uses highest security ...

AES and RSA Encryption AES- 256 encryption. Advanced Encryption Standard (AES) is one of the most frequently used and most secure encryption algorithms ...
Read more


Click the drive C: (or any other drive where system encryption is or was used) ... If you use TrueCrypt on other platform than Windows, click here. ...
Read more

What is encryption? - Definition from WhatIs.com

Encryption is the conversion of data into a form, called a ciphertext, that cannot be easily understood by unauthorized people. Decryption is the process ...
Read more

What is Encryption? Webopedia Definition

The translation of data into a secret code. Encryption is the most effective way to achieve data security.
Read more

Advanced Encryption Standard – Wikipedia

Der Advanced Encryption Standard (AES) ist eine Blockchiffre, die als Nachfolger für DES im Oktober 2000 vom National Institute of Standards and ...
Read more

Top E-Mail Gateway zur SSL Verschlüsselung | NoSpamProxy

NoSpamProxy Encryption - das E-Mail Verschlüsselungs Gateway auf Microsoft Server. Perfekt integriert, zentral und einfach. Und ohne Zertifikate auf Clients.
Read more