security 0 the secure environment. security 1 the secure environment security goals (c.i.a.) and...
TRANSCRIPT
![Page 1: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/1.jpg)
Security 1
The Secure Environment
![Page 2: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/2.jpg)
Security 2
The Secure Environment
Security goals (C.I.A.) and threats
![Page 3: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/3.jpg)
Security 3
Common Categories
1. Casual prying by nontechnical users
2. Snooping by insiders
3. Determined attempt to make money
4. Commercial or military espionage
5. Others (such as cyber wars)
Intruders
![Page 4: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/4.jpg)
Security 4
Basics of Cryptography
![Page 5: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/5.jpg)
Security 5
Network Is NOT Secure
A
B
C
D
ABC ABCABC
ABCABC
![Page 6: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/6.jpg)
Security 6
A
B
C
D
~!@ ~!@~!@
~!@~!@
Encrypt Your Information
![Page 7: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/7.jpg)
Security 7
Data Encryption Process
Encryption Decryption
Plaintext PlaintextCiphertext
Network
KEY KEY
![Page 8: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/8.jpg)
Security 8
(a) Conventional two-way Cryptography
Encryption Decryption
Plaintext PlaintextCiphertext
Network
KEY
Encryption Decryption
Plaintext PlaintextCiphertext
Network
(b) Public Key Cryptography
KEY1 KEY2
Two Types of Cryptography
![Page 9: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/9.jpg)
Security 9
Conventional two-way Cryptography
Encryption Decryption
Plaintext PlaintextCiphertext
Network
KEY
treaty impossible wuhdwb lpsrvvleoh treaty impossible
abcdefghijklmnopqrstuvwxyzdefghijklmnopqrstuvwxyzabc
Encryption: ci=E(pi) = pi + 3Decryption: pi=D(ci) = ci - 3
KEY:Caesar Cipher
![Page 10: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/10.jpg)
Security 10
Conventional two-way Cryptography
Substitution Cipher•Caesar Cipher•Playfair Cipher•Etc.
![Page 11: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/11.jpg)
Security 11
Conventional two-way Cryptography: Problems
A
B
C
D
![Page 12: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/12.jpg)
Security 12
Public Key Cryptography
Encryption Decryption
Plaintext PlaintextCiphertext
Network
KEY1 KEY2
PublicPrivate
![Page 13: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/13.jpg)
Security 13
Public Key Cryptography: Advantages
A
B
C
D
Private key A
Private key B
Private key D
Private key C
Public key APublic key BPublic key CPublic key D
![Page 14: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/14.jpg)
Security 14
PKI: Certification Authority
What is a certificate? Why do we need Certification Authorities (CA) or trusted third party?
A certificate is a digitally signed statement by a CA that provides independent confirmation of an attribute claimed by a person proffering a digital signature. More formally, a certificate is a computer-based record which: (1) identifies the CA issuing it, (2) names, identifies, or describes an attribute of the subscriber, (3) contains the subscriber's public key, and (4) is digitally signed by the CA issuing it.
![Page 15: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/15.jpg)
Security 15
Trapdoor function
Public Key Cryptography:Some Roads Are One-Way
Easy
Difficulty
N5
N1/5
Prime1 * Prime2 = Composite
Composite = Prime1 * Prime2
Trapdoor characteristics: (1) It is easy to compute f(x) from x.(2) Computation of x from f(x) is likely to be intractable.
![Page 16: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/16.jpg)
Security 16
An Example : Encryption
EB(p) DB(EB(p)) = p
Network
User A User B
A encrypts message p using B’s public key
B decrypts the ciphertext using its own private key
![Page 17: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/17.jpg)
Security 17
Another Example : Digital Signature
EB(DA(p))EA(DB(EB(DA(p)))) =
EA(DA(p)) = p
Network
User A User B
A signs message p using its own private key and encrypts it using B’s public key
B decrypts the ciphertext using its own private key and verifies it using A’s public key
![Page 18: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/18.jpg)
Security 18
Hash functions
……….……….……….………..……….………
HashMessageDigest
The basic requirements for a cryptographic hash function H(x) are as follows.
•The input can be of any length. •The output has a fixed length. •H(x) is relatively easy to compute for any given x. •H(x) is one-way. •H(x) is collision-free.
![Page 19: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/19.jpg)
Security 19
More on Digital Signature……….……….……….………..……….………
HashMessageDigest
Signature
Sign (decrypt)Using Private Key
……….……….……….………..
Signature
Append
![Page 20: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/20.jpg)
Security 20
More on Digital Signature
HashMessageDigest
Verify (Encrypt operation)Using Public Key
……….……….……….………..
SignatureMessageDigest
![Page 21: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/21.jpg)
Security 21
User Authentication
![Page 22: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/22.jpg)
Security 22
Basic Principles. Authentication must identify:
1. Something the user knows
2. Something the user has
3. Something the user is
This is done before user can use the system
User Authentication
![Page 23: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/23.jpg)
Security 23
(a) A successful login
(b) Login rejected after name entered
(c) Login rejected after name and password typed
Authentication Using Passwords
Note: be careful when failed several times.
![Page 24: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/24.jpg)
Security 24
Authentication Using Passwords
How a cracker broke into LBL (source: A.S.Tanenbaum “Modern Operating System” course materials)
• a U.S. Dept. of Energy research lab
![Page 25: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/25.jpg)
Security 25
Login Spoofing
% Login: % Login:
(a) Correct login screen (b) Phony login screen
![Page 26: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/26.jpg)
Security 26
Authentication Using Passwords
The use of salt to defeat precomputation of encrypted passwords
Salt Password
,
,
,
,
![Page 27: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/27.jpg)
Security 27
Authentication Using a Physical Object
Magnetic cards
• magnetic stripe cards
• chip cards: stored value cards, smart cards
![Page 28: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/28.jpg)
Security 28
Authentication Using Biometrics
A device for measuring finger length.
![Page 29: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/29.jpg)
Security 29
Countermeasures
•Limiting times when someone can log in
•Automatic callback at number prespecified
•Limited number of login tries
•A database of all logins
•Simple login name/password as a trap
• security personnel notified when attacker bites
![Page 30: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/30.jpg)
Security 30
Secure Communications Over Insecure Channels
R. C. Merkle’s Puzzle
“secure Communications over Insecure Channels”
Communications of the ACM, 1978, Vol. 21, No. 4.
![Page 31: Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats](https://reader036.vdocuments.mx/reader036/viewer/2022062322/56649e915503460f94b96c6b/html5/thumbnails/31.jpg)
Security 31
One-way Hash Chain and TESLA•Adrian Perrig, Ran Canetti, Dawn Song, and J. D. Tygar. Efficient and secure source authentication for multicast. In Network and Distributed System Security Symposium, NDSS '01, February 2001.