Enviar búsqueda
Cargar
Information Security Lesson 8 - Cryptography - Eric Vanderburg
•
Descargar como PPT, PDF
•
0 recomendaciones
•
1,663 vistas
Eric Vanderburg
Seguir
Information Security Lesson 8 - Cryptography - Eric Vanderburg
Leer menos
Leer más
Tecnología
Educación
Denunciar
Compartir
Denunciar
Compartir
1 de 22
Descargar ahora
Recomendados
Advanced encryption standard (aes) epul
Advanced encryption standard (aes) epul
Agate Studio
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
Kathirvel Ayyaswamy
Encryption Techniques
Encryption Techniques
Del Elson
Hybrid Cryptography with examples in Ruby and Go
Hybrid Cryptography with examples in Ruby and Go
Eleanor McHugh
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
Kathirvel Ayyaswamy
5 Cryptography Part1
5 Cryptography Part1
Alfred Ouyang
Aes (advance encryption standard)
Aes (advance encryption standard)
Sina Manavi
Class 17
Class 17
Dr. Ajith Sundaram
Recomendados
Advanced encryption standard (aes) epul
Advanced encryption standard (aes) epul
Agate Studio
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
Kathirvel Ayyaswamy
Encryption Techniques
Encryption Techniques
Del Elson
Hybrid Cryptography with examples in Ruby and Go
Hybrid Cryptography with examples in Ruby and Go
Eleanor McHugh
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
Kathirvel Ayyaswamy
5 Cryptography Part1
5 Cryptography Part1
Alfred Ouyang
Aes (advance encryption standard)
Aes (advance encryption standard)
Sina Manavi
Class 17
Class 17
Dr. Ajith Sundaram
Cryptography
Cryptography
JohnsonDaniel JohnsonDaniel
Encryption And Decryption Using AES Algorithm
Encryption And Decryption Using AES Algorithm
Ahmed Raza Shaikh
Pgp pretty good privacy
Pgp pretty good privacy
Pawan Arya
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
Kathirvel Ayyaswamy
CNIT 141: 6. Hash Functions
CNIT 141: 6. Hash Functions
Sam Bowne
CNIT 141 6. Hash Functions
CNIT 141 6. Hash Functions
Sam Bowne
CS6004 CYBER FORENSICS
CS6004 CYBER FORENSICS
Kathirvel Ayyaswamy
CISSP Certification Security Engineering-Part2
CISSP Certification Security Engineering-Part2
Hamed Moghaddam
501 ch 10 cryptography
501 ch 10 cryptography
Toyeeb Onimole
CS6004 CYBER FORENSICS
CS6004 CYBER FORENSICS
Kathirvel Ayyaswamy
Distribution of public keys and hmac
Distribution of public keys and hmac
anuragjagetiya
cryptography deepan fav subject
cryptography deepan fav subject
deepan v
Network Security
Network Security
Federal Urdu University
Wpa2 psk security measure
Wpa2 psk security measure
Shivam Singh
Encryption
Encryption
Naiyan Noor
Encryption algorithms
Encryption algorithms
trilokchandra prakash
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
Kathirvel Ayyaswamy
Basic cryptography
Basic cryptography
Perfect Training Center
CNIT 141: 6. Hash Functions
CNIT 141: 6. Hash Functions
Sam Bowne
Pgp1
Pgp1
Sanjeevsharma620
Cryptography
Cryptography
AnandKaGe
Substitution Cipher
Substitution Cipher
Agung Julisman
Más contenido relacionado
La actualidad más candente
Cryptography
Cryptography
JohnsonDaniel JohnsonDaniel
Encryption And Decryption Using AES Algorithm
Encryption And Decryption Using AES Algorithm
Ahmed Raza Shaikh
Pgp pretty good privacy
Pgp pretty good privacy
Pawan Arya
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
Kathirvel Ayyaswamy
CNIT 141: 6. Hash Functions
CNIT 141: 6. Hash Functions
Sam Bowne
CNIT 141 6. Hash Functions
CNIT 141 6. Hash Functions
Sam Bowne
CS6004 CYBER FORENSICS
CS6004 CYBER FORENSICS
Kathirvel Ayyaswamy
CISSP Certification Security Engineering-Part2
CISSP Certification Security Engineering-Part2
Hamed Moghaddam
501 ch 10 cryptography
501 ch 10 cryptography
Toyeeb Onimole
CS6004 CYBER FORENSICS
CS6004 CYBER FORENSICS
Kathirvel Ayyaswamy
Distribution of public keys and hmac
Distribution of public keys and hmac
anuragjagetiya
cryptography deepan fav subject
cryptography deepan fav subject
deepan v
Network Security
Network Security
Federal Urdu University
Wpa2 psk security measure
Wpa2 psk security measure
Shivam Singh
Encryption
Encryption
Naiyan Noor
Encryption algorithms
Encryption algorithms
trilokchandra prakash
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
Kathirvel Ayyaswamy
Basic cryptography
Basic cryptography
Perfect Training Center
CNIT 141: 6. Hash Functions
CNIT 141: 6. Hash Functions
Sam Bowne
Pgp1
Pgp1
Sanjeevsharma620
La actualidad más candente
(20)
Cryptography
Cryptography
Encryption And Decryption Using AES Algorithm
Encryption And Decryption Using AES Algorithm
Pgp pretty good privacy
Pgp pretty good privacy
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
CNIT 141: 6. Hash Functions
CNIT 141: 6. Hash Functions
CNIT 141 6. Hash Functions
CNIT 141 6. Hash Functions
CS6004 CYBER FORENSICS
CS6004 CYBER FORENSICS
CISSP Certification Security Engineering-Part2
CISSP Certification Security Engineering-Part2
501 ch 10 cryptography
501 ch 10 cryptography
CS6004 CYBER FORENSICS
CS6004 CYBER FORENSICS
Distribution of public keys and hmac
Distribution of public keys and hmac
cryptography deepan fav subject
cryptography deepan fav subject
Network Security
Network Security
Wpa2 psk security measure
Wpa2 psk security measure
Encryption
Encryption
Encryption algorithms
Encryption algorithms
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
Basic cryptography
Basic cryptography
CNIT 141: 6. Hash Functions
CNIT 141: 6. Hash Functions
Pgp1
Pgp1
Destacado
Cryptography
Cryptography
AnandKaGe
Substitution Cipher
Substitution Cipher
Agung Julisman
Lesson 8 Encryption
Lesson 8 Encryption
Patrick John McGee
Network Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons Learned
amiable_indian
Cryptography
Cryptography
Sagar Janagonda
Encryption
Encryption
Nitin Parbhakar
Networking Standards And Protocols
Networking Standards And Protocols
Steven Cahill
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
Amazon Web Services
Cryptography.ppt
Cryptography.ppt
kusum sharma
Network protocols
Network protocols
Hemnath R.
Destacado
(10)
Cryptography
Cryptography
Substitution Cipher
Substitution Cipher
Lesson 8 Encryption
Lesson 8 Encryption
Network Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons Learned
Cryptography
Cryptography
Encryption
Encryption
Networking Standards And Protocols
Networking Standards And Protocols
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
Cryptography.ppt
Cryptography.ppt
Network protocols
Network protocols
Similar a Information Security Lesson 8 - Cryptography - Eric Vanderburg
Cryptography and Network Security
Cryptography and Network Security
Pa Van Tanku
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
ssuserd5e356
Basic Cryptography.pdf
Basic Cryptography.pdf
Setiya Nugroho
Encryption
Encryption
IGZ Software house
CISSP Prep: Ch 4. Security Engineering (Part 2)
CISSP Prep: Ch 4. Security Engineering (Part 2)
Sam Bowne
Chapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutan
newbie2019
Ch 12: Cryptography
Ch 12: Cryptography
Sam Bowne
Cryptology - The practice and study of hiding information
Cryptology - The practice and study of hiding information
Bitcoin Association of Australia
Encryption pres
Encryption pres
MereySovet
Security - ch3.pptx
Security - ch3.pptx
HabtamuHaileMichael2
CNIT 125 Ch 4. Security Engineering (Part 2)
CNIT 125 Ch 4. Security Engineering (Part 2)
Sam Bowne
Security - ch3.pptx
Security - ch3.pptx
GebrehanaAlemaw
Lesson 1
Lesson 1
MLG College of Learning, Inc
IS413 Topic 5.pptx
IS413 Topic 5.pptx
WarrenPhiri4
Network Security Topic 3 cryptography
Network Security Topic 3 cryptography
Khawar Nehal khawar.nehal@atrc.net.pk
Cryptography Lecture by Sam Bowne
Cryptography Lecture by Sam Bowne
SecurityTube.Net
Slidecast - Workshop
Slidecast - Workshop
Samant Khajuria
Ch12 Cryptography it-slideshares.blogspot.com
Ch12 Cryptography it-slideshares.blogspot.com
phanleson
Pretty good privacy
Pretty good privacy
Punnya Babu
CISSP - Chapter 3 - Cryptography
CISSP - Chapter 3 - Cryptography
Karthikeyan Dhayalan
Similar a Information Security Lesson 8 - Cryptography - Eric Vanderburg
(20)
Cryptography and Network Security
Cryptography and Network Security
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
Basic Cryptography.pdf
Basic Cryptography.pdf
Encryption
Encryption
CISSP Prep: Ch 4. Security Engineering (Part 2)
CISSP Prep: Ch 4. Security Engineering (Part 2)
Chapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutan
Ch 12: Cryptography
Ch 12: Cryptography
Cryptology - The practice and study of hiding information
Cryptology - The practice and study of hiding information
Encryption pres
Encryption pres
Security - ch3.pptx
Security - ch3.pptx
CNIT 125 Ch 4. Security Engineering (Part 2)
CNIT 125 Ch 4. Security Engineering (Part 2)
Security - ch3.pptx
Security - ch3.pptx
Lesson 1
Lesson 1
IS413 Topic 5.pptx
IS413 Topic 5.pptx
Network Security Topic 3 cryptography
Network Security Topic 3 cryptography
Cryptography Lecture by Sam Bowne
Cryptography Lecture by Sam Bowne
Slidecast - Workshop
Slidecast - Workshop
Ch12 Cryptography it-slideshares.blogspot.com
Ch12 Cryptography it-slideshares.blogspot.com
Pretty good privacy
Pretty good privacy
CISSP - Chapter 3 - Cryptography
CISSP - Chapter 3 - Cryptography
Más de Eric Vanderburg
GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT Symposium
Eric Vanderburg
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should Have
Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Eric Vanderburg
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Eric Vanderburg
Mobile Forensics and Cybersecurity
Mobile Forensics and Cybersecurity
Eric Vanderburg
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
Eric Vanderburg
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware Threat
Eric Vanderburg
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s Position
Eric Vanderburg
Principles of technology management
Principles of technology management
Eric Vanderburg
Japanese railway technology
Japanese railway technology
Eric Vanderburg
Evaluating japanese technological competitiveness
Evaluating japanese technological competitiveness
Eric Vanderburg
Japanese current and future technology management challenges
Japanese current and future technology management challenges
Eric Vanderburg
Technology management in Japan: Robotics
Technology management in Japan: Robotics
Eric Vanderburg
Incident response table top exercises
Incident response table top exercises
Eric Vanderburg
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
Eric Vanderburg
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance Challenges
Eric Vanderburg
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and Threats
Eric Vanderburg
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric Vanderburg
Eric Vanderburg
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric Vanderburg
Eric Vanderburg
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric Vanderburg
Eric Vanderburg
Más de Eric Vanderburg
(20)
GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT Symposium
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should Have
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Mobile Forensics and Cybersecurity
Mobile Forensics and Cybersecurity
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware Threat
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s Position
Principles of technology management
Principles of technology management
Japanese railway technology
Japanese railway technology
Evaluating japanese technological competitiveness
Evaluating japanese technological competitiveness
Japanese current and future technology management challenges
Japanese current and future technology management challenges
Technology management in Japan: Robotics
Technology management in Japan: Robotics
Incident response table top exercises
Incident response table top exercises
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance Challenges
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and Threats
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric Vanderburg
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric Vanderburg
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric Vanderburg
Último
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
The Digital Insurer
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
sudhanshuwaghmare1
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
Rustici Software
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
debabhi2
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
Andrey Devyatkin
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
apidays
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
Zilliz
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
apidays
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
apidays
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
lior mazor
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
apidays
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
apidays
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
wesley chun
Último
(20)
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
Information Security Lesson 8 - Cryptography - Eric Vanderburg
1.
Information Security Chapter 8 Cryptography Information
Security © 2006 Eric Vanderburg
2.
Terminology • Cryptography –
transforming information so that it is secure when stored or transmitted. • Steganography – Hiding data inside another file • Encryption – changing data so that it cannot be read • Decryption – changing a message back so it can be read • Algorithm – the mathematical formula used for encryption • Key – value used by an algorithm to encrypt and decrypt Information Security © 2006 Eric Vanderburg
3.
Terminology • Weak key
– A key that can easily be determined • Plaintext (cleartext) – Unencrypted data • Cypher – algorithm tool used for encryption and decryption • Cyphertext – encrypted data Information Security © 2006 Eric Vanderburg
4.
Cryptography Uses • Non-repudiation
– someone cannot deny that they did an action (sending an email) • Confidentiality - encryption • Authentication – verify individuals • Integrity – hashes • Access Control – limited to those who possess the key or token Information Security © 2006 Eric Vanderburg
5.
Hashing • One-way hash
– create cyphertext from plaintext. It cannot be decrypted. It is used for integrity. • Passwords stored on machines and devices are usually hashed – Windows: Store passwords using reversible encryption • Checksum – looks at 1’s and 0’s in a byte and adds a 1 or 0 to the end. – Even parity – if the number of 1’s is odd, add a 1, if not add a 0 – Odd parity – if the number of 1’s is odd, add a 0, if not add a 1 Information Security © 2006 Eric Vanderburg
6.
Secure Hashes • Collision
- hashing algorithms should not be able to produce two identical hashes from different messages • You cannot predict what the hash will be for a message • The hash cannot be reversed • Hashing algorithms can be public but still produce secure hashes • Hashes are all the same size no matter what size the message is Information Security © 2006 Eric Vanderburg
7.
Message Digest (MD) •
Hashing algorithm • MD2 – turns plaintext into a 128 bit hash – Padding is used to make the plaintext it 128 if it is less than 128. – 16 byte checksum is attached – Created in 1989 for Intel processors that processed 16 bits at a time • MD4 - turns plaintext into a 128 bit hash – Pads plaintext to 512 bits instead of 128 – Many collisions – not secure. Less than a minute for a collision to occur Information Security © 2006 Eric Vanderburg
8.
Message Digest (MD) •
MD5 - turns plaintext into a 128 bit hash. Also pads to 512 bits – Splits the data into 4 32 bit sections and compresses the result. – The compression is considered slightly weak Information Security © 2006 Eric Vanderburg
9.
SHA (Secure Hash
Algorithm) • Creates a 160 bit hash of messages padded to 512 bits • Invented in 1993 by the NSA (National Security Agency) • Best hash to use Information Security © 2006 Eric Vanderburg
10.
Symmetric Encryption • Single
key used for encryption and decryption • Private Key Cryptography • Stream cipher – one character is processed at a time – Fast on short messages – Easier to exploit because they are more predictable – Substitution – one letter is replaced by something else • Monoalphabetic – one to one • Homoalphabetic – one character is mapped to many ciphertext characters Information Security © 2006 Eric Vanderburg
11.
Symmetric Encryption • Transposition
Cipher – rearranges characters • All symmetric ciphers combine the plaintext and cipher stream together in the end to form the ciphertext. The process uses a binary XOR (different = 1, same = 0) • 0011011 • 0101001 • 0110010 Information Security © 2006 Eric Vanderburg
12.
Symmetric Encryption • Block
cipher – works on 8-16 bytes (a block) at a time – Better for encrypting longer messages – Harder to break because an 8-16 byte block is more unique than a single character Information Security © 2006 Eric Vanderburg
13.
Symmetric Algorithms • Iteration
– running data through an algorithm – each iteration is called a round • DES (Data Encryption Standard) – Developed by IBM called Lucifer in 128 bit length. – NSA adopted it in the early 70’s but shortened the length to 56 bits – Block cipher – 56 bit because the 64 bit parity is not used so 1 bit per byte is lost. – 64 bits of plaintext is iterated 16 times – Uses weak keys, can be broken in about 3 hours Information Security © 2006 Eric Vanderburg
14.
Symmetric Algorithms • DES
Modes – ECB (Electronic Code Book) – block cipher that encrypts 64 bit portions of plaintext individually – CBC (Cipher Block Chaining) – links the blocks together to vary the output – more secure than ECB – CFB (Cipher Feedback) – The output of the first round is used as the pattern for the next. Most secure DES mode but very slow. – OFB (Output feedback) – adds the results of rounds together with the plaintext in each iteration • 3DES (Triple DES) – 3 DES iterations (3x16 = 48) – Uses same weak keys as DES – Must use different keys for the iterations for it to be better than DES at all. – Takes much longer than DES Information Security © 2006 Eric Vanderburg
15.
Symmetric Algorithms • AES
(Advanced Encryption Standard) – – – – Replaced DES in 2000 Rinjdael algorithm Block cipher Can work with different key sizes • 128 bit – 9 rounds • 192 bit – 11 rounds • 256 bit – 13 rounds – Each round performs substitution, transposition, and then multiplication – So far, AES is secure • Blowfish – Block cipher, 64 bit blocks – Key length from 32-448 bits – So far, blowfish is secure Information Security © 2006 Eric Vanderburg
16.
Symmetric Algorithms • IDEA
(International Data Encryption Algorithm) – – – – – Created in early 90’s in Europe 8 rounds 128 bit key Block cipher that works with 64 bit data slices Used in PGP • RC (Rivest Cipher) – RC1 and 3 not released – RC2 – block cipher, 40 bit key, works with 64 bit data slices, created first for lotus, 18 rounds – RC4 – steam cipher, 128 bit key, used in WEP & SSL, weak keys – RC5 – block cipher, works with different key lengths, 12 rounds – RC6 – block cipher, 128, 192, and 256 bit keys, 20 rounds (finalist for AES) Information Security © 2006 Eric Vanderburg
17.
Asymmetric Encryption • Public
Key Cryptography • Solves the problem of key management • Public Key – everyone knows, use for encryption • Private Key – you know, use for decryption and signing • Small key sizes can be broken • A good key size is 1,536 bits Information Security © 2006 Eric Vanderburg
18.
Asymmetric Algorithms • RSA
(Rivest Shamir Adleman) – – – – Most common algorithm Uses prime numbers Slower Used by S/MIME & SSL • Diffie Hellman – Used in IPSec and SSH • Elliptic Curve Cryptography – Uses a mathematical curve where two points intersect the curve and then a third point on the curve – A new algorithm so it has not been tested much Information Security © 2006 Eric Vanderburg
19.
Algorithm Overview Hashing Symmetric
Asymmetric MD 2, 4, 5 DES RSA SHA 3DES Diffie-Hellman AES Elliptic Curve Blowfish RC 2,4,5,6 IDEA Information Security © 2006 Eric Vanderburg
20.
Digital Signature • • 1. 2. 3. 4. Proves identity
and integrity Non-repudiation Create a hash of a message Encrypt hash with private key Receiver receives the message Receiver decrypts the hash with the sender’s public key knowing the message came from them. 5. Receiver hashes the message and compares the hash with the hash contained in the message. If they match, the message was not changed or corrupted in transit. Information Security © 2006 Eric Vanderburg
21.
Implementations • PGP (Pretty
Good Privacy) – – – – Encrypts email messages Uses asymmetric cryptography GPG (GNU Privacy Guard) – free PGP program PGP Desktop 9.0 (works with many other programs and also AOL Instant Messenger, Apple iChat and Trillian. • EFS (Encrypting File System) – Encrypt documents or folders on an NTFS volume. – Uses a private key associated with a user and the recovery agent • PAM (Pluggable Authentication Modules) – Modules written for PAM will work with many different authentication methods that PAM supports. – Used on UNIX machines • CFS (Cryptographic File System) – Linux file encryption method using DES and 3DES Information Security © 2006 Eric Vanderburg
22.
Acronyms • • • • • • • • • • • • • AES, Advanced Encryption
Standard CFS, Crypographic File System DES, Data Encryption Standard EFS, Encrypting File System GPG, GNU Privacy Guard IDEA, International Data Encryption Algorithm MD, Message Digest PAM, Pluggable Authentication Module PGP, Pretty Good Privacy RC, Rivest Cipher RSA, Rivest Shamir Adleman SHA, Secure Hash Algorithm 3DES, Triple Data Encryption Standard Information Security © 2006 Eric Vanderburg
Descargar ahora