Submit Search
Upload
Network Security
•
Download as PPT, PDF
•
0 likes
•
492 views
Reem Alattas
Follow
This presentation covers introduction to security, cryptography, and security in action.
Read less
Read more
Education
Report
Share
Report
Share
1 of 61
Download now
Recommended
Network Security
Network Security
Ramasubbu .P
Network Security
Network Security
hj43us
A Survey Report on DDOS Attacking Tools, Detection and Prevention Mechanisms
A Survey Report on DDOS Attacking Tools, Detection and Prevention Mechanisms
IRJET Journal
DDoS-bdNOG
DDoS-bdNOG
Zobair Khan
Chapter 09
Chapter 09
Google
Network Security & Attacks
Network Security & Attacks
Netwax Lab
Communication Security
Communication Security
Axis Communications
Op Sy 03 Ch 61
Op Sy 03 Ch 61
Google
Recommended
Network Security
Network Security
Ramasubbu .P
Network Security
Network Security
hj43us
A Survey Report on DDOS Attacking Tools, Detection and Prevention Mechanisms
A Survey Report on DDOS Attacking Tools, Detection and Prevention Mechanisms
IRJET Journal
DDoS-bdNOG
DDoS-bdNOG
Zobair Khan
Chapter 09
Chapter 09
Google
Network Security & Attacks
Network Security & Attacks
Netwax Lab
Communication Security
Communication Security
Axis Communications
Op Sy 03 Ch 61
Op Sy 03 Ch 61
Google
DDoS Attack
DDoS Attack
Gopi Krishnan S
Network intrusi detection system
Network intrusi detection system
Duwinowo NT
DDoS attacks
DDoS attacks
Ch Anas Irshad
Mca5042 cryptography and network security (1)
Mca5042 cryptography and network security (1)
smumbahelp
DDoS ATTACKS
DDoS ATTACKS
Anil Antony
HARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWARE
HARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWARE
VLSICS Design
Security attacks
Security attacks
Tejaswi Potluri
Ch03 Network and Computer Attacks
Ch03 Network and Computer Attacks
phanleson
Beating ips 34137
Beating ips 34137
Spiros Fraganastasis
Network Security
Network Security
MAJU
chapter 7.pptx
chapter 7.pptx
MelkamtseganewTigabi1
Network security-1195284736736860-4
Network security-1195284736736860-4
nayamat32
Network security and cryptography
Network security and cryptography
Pavithra renu
Network security
Network security
Hasham Nabeel
Ijtra150171
Ijtra150171
International Journal of Technical Research & Application
Bt0088 cryptography and network security1
Bt0088 cryptography and network security1
Techglyphs
OSCh19
OSCh19
Joe Christensen
OS_Ch19
OS_Ch19
Supriya Shrivastava
Ch19 OS
Ch19 OS
C.U
Sunanda cryptography ppt
Sunanda cryptography ppt
Soma Subbama
Nt1310 Unit 6 Powerpoint
Nt1310 Unit 6 Powerpoint
Janet Robinson
Performance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish Algorithms
ijtsrd
More Related Content
What's hot
DDoS Attack
DDoS Attack
Gopi Krishnan S
Network intrusi detection system
Network intrusi detection system
Duwinowo NT
DDoS attacks
DDoS attacks
Ch Anas Irshad
Mca5042 cryptography and network security (1)
Mca5042 cryptography and network security (1)
smumbahelp
DDoS ATTACKS
DDoS ATTACKS
Anil Antony
HARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWARE
HARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWARE
VLSICS Design
Security attacks
Security attacks
Tejaswi Potluri
Ch03 Network and Computer Attacks
Ch03 Network and Computer Attacks
phanleson
Beating ips 34137
Beating ips 34137
Spiros Fraganastasis
What's hot
(9)
DDoS Attack
DDoS Attack
Network intrusi detection system
Network intrusi detection system
DDoS attacks
DDoS attacks
Mca5042 cryptography and network security (1)
Mca5042 cryptography and network security (1)
DDoS ATTACKS
DDoS ATTACKS
HARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWARE
HARDWARE SECURITY IN CASE OF SCAN-BASED ATTACK ON CRYPTO-HARDWARE
Security attacks
Security attacks
Ch03 Network and Computer Attacks
Ch03 Network and Computer Attacks
Beating ips 34137
Beating ips 34137
Similar to Network Security
Network Security
Network Security
MAJU
chapter 7.pptx
chapter 7.pptx
MelkamtseganewTigabi1
Network security-1195284736736860-4
Network security-1195284736736860-4
nayamat32
Network security and cryptography
Network security and cryptography
Pavithra renu
Network security
Network security
Hasham Nabeel
Ijtra150171
Ijtra150171
International Journal of Technical Research & Application
Bt0088 cryptography and network security1
Bt0088 cryptography and network security1
Techglyphs
OSCh19
OSCh19
Joe Christensen
OS_Ch19
OS_Ch19
Supriya Shrivastava
Ch19 OS
Ch19 OS
C.U
Sunanda cryptography ppt
Sunanda cryptography ppt
Soma Subbama
Nt1310 Unit 6 Powerpoint
Nt1310 Unit 6 Powerpoint
Janet Robinson
Performance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish Algorithms
ijtsrd
DES- Data Encryption Standard
DES- Data Encryption Standard
IRJET Journal
Authentication in Smart Grid
Authentication in Smart Grid
Sherif Abdelfattah
The Security Of Information Security
The Security Of Information Security
Rachel Phillips
Security A to Z: Glossary of the most important terms
Security A to Z: Glossary of the most important terms
F-Secure Corporation
Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01
Saif Kassim
Unit 7 : Network Security
Unit 7 : Network Security
Chandan Gupta Bhagat
Network security
Network security
Mahmoud Abdeen
Similar to Network Security
(20)
Network Security
Network Security
chapter 7.pptx
chapter 7.pptx
Network security-1195284736736860-4
Network security-1195284736736860-4
Network security and cryptography
Network security and cryptography
Network security
Network security
Ijtra150171
Ijtra150171
Bt0088 cryptography and network security1
Bt0088 cryptography and network security1
OSCh19
OSCh19
OS_Ch19
OS_Ch19
Ch19 OS
Ch19 OS
Sunanda cryptography ppt
Sunanda cryptography ppt
Nt1310 Unit 6 Powerpoint
Nt1310 Unit 6 Powerpoint
Performance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish Algorithms
DES- Data Encryption Standard
DES- Data Encryption Standard
Authentication in Smart Grid
Authentication in Smart Grid
The Security Of Information Security
The Security Of Information Security
Security A to Z: Glossary of the most important terms
Security A to Z: Glossary of the most important terms
Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01
Unit 7 : Network Security
Unit 7 : Network Security
Network security
Network security
More from Reem Alattas
Rumble Lights Pitch Deck
Rumble Lights Pitch Deck
Reem Alattas
NASA Datanauts Water Cooler Chat: Autonomous Design of Modular Robots
NASA Datanauts Water Cooler Chat: Autonomous Design of Modular Robots
Reem Alattas
She looks just like me 2017
She looks just like me 2017
Reem Alattas
Nasa Datanauts Water Cooler Chat: Robotics for Space Exploration
Nasa Datanauts Water Cooler Chat: Robotics for Space Exploration
Reem Alattas
Nasa Datanauts Water Cooler Chat: Evolutionary Robots for Space Exploration
Nasa Datanauts Water Cooler Chat: Evolutionary Robots for Space Exploration
Reem Alattas
She Looks Just Like Me 2017
She Looks Just Like Me 2017
Reem Alattas
Tran helmet pitch
Tran helmet pitch
Reem Alattas
Evolutionary Algorithms
Evolutionary Algorithms
Reem Alattas
Evolutionary Robotics
Evolutionary Robotics
Reem Alattas
Create a Need
Create a Need
Reem Alattas
Enhancing input on and above the interactive surface
Enhancing input on and above the interactive surface
Reem Alattas
Skinput: Appropriating the Body as an Input Surface
Skinput: Appropriating the Body as an Input Surface
Reem Alattas
XML - EXtensible Markup Language
XML - EXtensible Markup Language
Reem Alattas
Dynamic HTML Event Model
Dynamic HTML Event Model
Reem Alattas
PHP Scripting
PHP Scripting
Reem Alattas
DHTML - Dynamic HTML
DHTML - Dynamic HTML
Reem Alattas
JavaScript Objects
JavaScript Objects
Reem Alattas
Linear Search & Binary Search
Linear Search & Binary Search
Reem Alattas
JavaScript Arrays
JavaScript Arrays
Reem Alattas
JavaScript Functions
JavaScript Functions
Reem Alattas
More from Reem Alattas
(20)
Rumble Lights Pitch Deck
Rumble Lights Pitch Deck
NASA Datanauts Water Cooler Chat: Autonomous Design of Modular Robots
NASA Datanauts Water Cooler Chat: Autonomous Design of Modular Robots
She looks just like me 2017
She looks just like me 2017
Nasa Datanauts Water Cooler Chat: Robotics for Space Exploration
Nasa Datanauts Water Cooler Chat: Robotics for Space Exploration
Nasa Datanauts Water Cooler Chat: Evolutionary Robots for Space Exploration
Nasa Datanauts Water Cooler Chat: Evolutionary Robots for Space Exploration
She Looks Just Like Me 2017
She Looks Just Like Me 2017
Tran helmet pitch
Tran helmet pitch
Evolutionary Algorithms
Evolutionary Algorithms
Evolutionary Robotics
Evolutionary Robotics
Create a Need
Create a Need
Enhancing input on and above the interactive surface
Enhancing input on and above the interactive surface
Skinput: Appropriating the Body as an Input Surface
Skinput: Appropriating the Body as an Input Surface
XML - EXtensible Markup Language
XML - EXtensible Markup Language
Dynamic HTML Event Model
Dynamic HTML Event Model
PHP Scripting
PHP Scripting
DHTML - Dynamic HTML
DHTML - Dynamic HTML
JavaScript Objects
JavaScript Objects
Linear Search & Binary Search
Linear Search & Binary Search
JavaScript Arrays
JavaScript Arrays
JavaScript Functions
JavaScript Functions
Recently uploaded
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
iammrhaywood
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
eniolaolutunde
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
nomboosow
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
Sayali Powar
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
InMediaRes1
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
GeoBlogs
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docx
PoojaSen20
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
Maestría en Comunicación Digital Interactiva - UNR
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdf
akmcokerachita
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
GaneshChakor2
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Celine George
mini mental status format.docx
mini mental status format.docx
PoojaSen20
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application )
Sakshi Ghasle
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Sapana Sha
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
iammrhaywood
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
OH TEIK BIN
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
David Douglas School District
9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953056974 Low Rate Call Girls In Saket, Delhi NCR
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
dawncurless
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
VS Mahajan Coaching Centre
Recently uploaded
(20)
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docx
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdf
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
mini mental status format.docx
mini mental status format.docx
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application )
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Network Security
1.
Arab Open University 2nd Semester,
2006-2007 M301 Unit 6.1 Network Security reem.attas@arabou.org.sa
2.
Reem AlAttas ©
2 Topic Road Map Introduction to security Cryptography Security in action
3.
Reem AlAttas ©
3 Introduction to Security There is a need to protect a computing system and its resources from unauthorized access by those who seek to gain some advantage. They are intruders who try to read, change or delete the data that is stored, processed or passed around a computing system.
4.
Reem AlAttas ©
4 Examples of Intruders Hackers who test their skills against the security measures of a system for their personal pleasure. Competitors who may try to gain access to commercial secret information. Fraudsters who try to obtain financial gain from the owner of the system or some third party.
5.
Reem AlAttas ©
5 Computer Security Concerned with the detection and prevention of unauthorized actions by users of a computer system.
6.
Reem AlAttas ©
6 With a … Stand-alone computer you could affect security by physical means (put the computer in a room and guard the room). Distributed computing system, there is the possibility of someone being able to intercept users’ communications. Passive interception (just listening to the communications). Active interception (listening and retransmitting the messages with or without changes).
7.
Reem AlAttas ©
7 Intentions of Intruders Disclosure (of confidential information) or the unauthorized release of information. Modification (integrity) or the unauthorized alteration of data (information). Denial of use or service where there is some denial of network service to its authorized (legitimate) users. Repudiation where you (a legitimate user) claim that you did not send or receive a particular message.
8.
Reem AlAttas ©
8 Forms of Attacks Virus. Worm. Trojan Horse.
9.
Reem AlAttas ©
9 Virus A fragment of code embedded in a legitimate program or file. As the name implies, a virus can wreak havoc in a computing system when the program that contains it is executed. Viruses are usually transferred by users obtaining copies of virus-infected programs or files.
10.
Reem AlAttas ©
10 Worm A program that can exploit weaknesses in an operating system to generate copies of itself in order to use up local resources.
11.
Reem AlAttas ©
11 Trojan Horse A program which appears to the user to be a program for doing one legitimate task, but has a side effect similar to a virus or performs some other illegitimate function such as transmitting a user’s password to an unauthorized party (usually the author of the Trojan horse program).
12.
Reem AlAttas ©
12 Solutions Load and execute only from reliable sources. A good virus checker that checks not only executable files but ‘data’ files that contain executable components. Ensure that all valuable data is backed up so that in the event of a problem the loss can be minimized. Ensure the virus checker is kept up to date.
13.
Reem AlAttas ©
13 Security Services 1. Protection relates to the controlled access to the resources within a computing system by its users. 2. Security is about the prevention of unauthorized access to a computing system and possible malicious alteration or destruction of resources (e.g. data).
14.
Reem AlAttas ©
14 … Security Services 3. Authentication: Origin or one-way authentication is the ability to identify the sender of a message. Peer or two-way authentication is the ability for two communicating parties to identify each other to their mutual satisfaction namely.
15.
Reem AlAttas ©
15 … Security Services 4. Secrecy is a feature that usually comes to mind when you consider security. 5. Confidentiality: Data confidentiality is to protect against unauthorized disclosure of the contents of messages traveling through the network. Traffic confidentiality is to protect against the disclosure of the origin, destination, volume and also the existence of messages traveling through the network.
16.
Reem AlAttas ©
16 … Security Services 6. Non-repudiation: used to counter those who deny that they are the originators of certain messages. non-repudiation of origin is the ability to convince a third party of the identity of the origin of a message in order to prevent the sender from denying the source of that message. non-repudiation of receipt is the ability to convince a third party of the identity of the destination of a message in order to prevent the intended recipient from denying the arrival of that message.
17.
Reem AlAttas ©
17 … Security Services 7. Integrity service used to protect messages (or data) from the threat of modification by an unauthorized user. 8. Security Admin accountable for every action or event that affects the security of a distributed computing system. Accountability: How is the audit trail kept? How do those responsible keep records of access and change? Authorization: Who has responsibility? For what do they have responsibility? How can that responsibility be delegated?
18.
Reem AlAttas ©
18 Security Firewalls A firewall is a device placed between an organization’s networks (distributed computing system) and the rest of the world, in order to prevent intrusion from outside the organization.
19.
Reem AlAttas ©
19 Looking for Intruders Threat monitoring: a security administrator checks for any suspicious patterns of activity that might indicate the presence and activities of an intruder. Audit logging: which logs significant activities on a network. You can use an audit log to determine where and how an intruder entered the system; then you attempt to assess the amount of damage.
20.
Reem AlAttas ©
20 Topic Road Map Introduction to security Cryptography Security in action
21.
Reem AlAttas ©
21 Cryptography The science of devising codes and ciphers.
22.
Reem AlAttas ©
22 The Encryption-Decryption Model Showing an Intruder
23.
Reem AlAttas ©
23 Fundamental Assumptions in Cryptography 1. The general method of encryption/decryption is well known, since it is impractical to change the method every time it is compromised. 2. Privacy is achieved with the key. The length of the key usually determines the difficulty in breaking the cipher and is a design issue.
24.
Reem AlAttas ©
24 N-grams For the purpose of cryptography we may treat the plaintext as: single letters 1-grams. double letters 2-grams. multiple letters m-grams.
25.
Reem AlAttas ©
25 N-grams and Alphabets For 1-grams the alphabet might be thus: A B C D E F G H … 2-grams: AA BB CC DD EE FF GG HH … Ex. SECRET /S/E/C/R/E/T/ /SE/CR/ET/
26.
Reem AlAttas ©
26 Work Factor A measure of the number of computer operations (or computations) required to break a code or cipher. The time taken also depends on the speed of the machine(s) used and the number of machines.
27.
Reem AlAttas ©
27 Cryptanalysis The science (and art) of gaining information from ciphertext.
28.
Reem AlAttas ©
28 Substitution A simple mapping between the original plaintext and the resulting ciphertext. Julius Caesar used a shift of 3, a becomes d. b becomes e. y becomes b. z becomes c.
29.
Reem AlAttas ©
29 Vigenère Table A method of encryption which involves using a table to decide upon the new character.
30.
Reem AlAttas ©
30 ROT-13 Key 13 of the Vigenère table is used to encipher the plain text. It is used to hide email or newsgroup postings from immediate view.
31.
Reem AlAttas ©
31 Code Word The ‘code word’ is written under the first letters of the alphabet (repeated letters are omitted). The remaining letters of the alphabet are written in order to complete the table. The plaintext is encoded with this table and then shifted using a Vigenère table as before.
32.
Reem AlAttas ©
32 Example …
33.
Reem AlAttas ©
33 Improvements to Substitution Ciphers One improvement to the use of single- character substitution ciphers or 1-grams is to use more characters, i.e. n-grams.
34.
Reem AlAttas ©
34 Transposition Ciphers Shuffle the plaintext so that the ciphertext represents a reordering or transposition of the original plaintext. Form a table of m rows and n columns (a matrix). We begin the encryption of a message by filling the table one row at a time. Then, you produce the ciphertext by joining the columns in a given sequence, which becomes the key.
35.
Reem AlAttas ©
35 Example Plaintext: ‘SEND ME SEVEN HUNDRED POUNDS TOMORROW’. Key: 13572468. Ciphertext: svetnnpmmuursddoeedodhooennrersw
36.
Reem AlAttas ©
36 Mono-alphabetic Codes An n-gram from plaintext will always be enciphered to a particular n-gram in the ciphertext. Ex. SECRET lwgjwm
37.
Reem AlAttas ©
37 Poly-alphabetic Codes The substitution varies with the location of the n-gram in the text. Ex. one-time pad scheme. This code is theoretically unbreakable.
38.
Reem AlAttas ©
38 One-time Pad Code 1. Changing each letter in the plaintext to its corresponding number. For example, the letters A and B are changed to the numbers 0 and 1 respectively. 2. To each letter value you add a number from your onetime pad in the same position. 3. The addition is done modulo 26. 4. The number stream is then either sent as it is or converted back to letters with 0 being A, 1 being B, etc.
39.
Reem AlAttas ©
39 Example Plaintext: ‘TESTMESSAGE’. One-time pad values: 3, 19, 21, 4, 7, 22, 17, 25, 3, 11, 3.
40.
Reem AlAttas ©
40 Enigma German Enigma machine which was used in the Second World War.
41.
Reem AlAttas ©
41 Secret Key Encryption DES: Data Encryption Standard.
42.
Reem AlAttas ©
42 DES Methods such as DES rely upon keeping the identity of the key a secret to prevent intrusion. The DES is symmetric in that both sender and receiver share a common key that only they know.
43.
Reem AlAttas ©
43 Public Key Encryption Each user has a pair of keys such that one is kept private and the other is in the public domain alongside the user’s identity. The private and public keys are different. The private key cannot be derived from the public key.
44.
Reem AlAttas ©
44 PKE
45.
Reem AlAttas ©
45 RSA The Rivest Shamir Adleman (RSA) algorithm is one of the most common public key mechanisms, for which there are a number of both software and hardware implementations.
46.
Reem AlAttas ©
46 Topic Road Map Introduction to security Cryptography Security in action
47.
Reem AlAttas ©
47 Key Distribution Problem The distribution of the secret keys in DES is a problem. Solution: use public key cryptography to distribute secret key in a public key encrypted message.
48.
Reem AlAttas ©
48 Authentication Problem How we could be sure the public key we had for a particular individual was really from that individual and that it was not a fake key placed there by an intruder? Solution: encrypt the message with the private key. So, it can be decrypted by the public key. The encrypted message can be read by anybody who has your public key (no secrecy).
49.
Reem AlAttas ©
49 The Whole Problem What is needed is a way of associating the identity of individuals (and corporations) with the public key and having a reliable way of distributing this information? Solution: digital certificates and certifying authorities.
50.
Reem AlAttas ©
50 Digital Certificates and Certifying Authorities An example of a digital signature is a digital certificate, an encrypted message containing your name, your public key and other information too. Your digital signature will have been encrypted by a Certifying Authority (CA) using their private key. If the recipient of your message trusts the CA and has the CA’s public key, they will decrypt the digital certificate and, on seeing your name, will believe that the message has been sent by you. The recipient can then decrypt your message using your public key, helpfully enclosed in the digital certificate. For the whole process to work, you must have registered your public key with the CA in order to receive a digital certificate from them.
51.
Reem AlAttas ©
51 Root Certificates The digital certificates for CAs that contain the CA’s public key and allow you to read digital certificates.
52.
Reem AlAttas ©
52 Digital Certificates Format
53.
Reem AlAttas ©
53 Types of Digital Certificate Class 1 is issued to individuals to identify themselves for email and web site access. Class 2 is usually used for code signing. Class 3 is used for secure web servers.
54.
Reem AlAttas ©
54 Message Digest A technique to ensure that a message has been received in its entirety and has not been changed either maliciously or by accident during transmission. A message digest ensures integrity of the message.
55.
Reem AlAttas ©
55 Algorithms for Message Digests SHA (Secure Hashing Algorithm) produced by NSA (National Security Agency). MD5 (Message Digest (algorithm 5)) by Ron Rivest.
56.
Reem AlAttas ©
56 To Sign a Message Digitally Compute the message digest by hashing. The message digest is then encrypted using the sender’s private key. The original message (unencrypted) plus the encrypted digest are transmitted together. The recipient separates the message and encrypted digest. A new digest is generated from the message using the same hashing algorithm and compared with the decrypted digest which was received with the message. If they are both the same you can conclude that the message came from the sender whose public key you used to decrypt the digest (authentication) and also that the message was not changed en route (integrity).
57.
Reem AlAttas ©
57 Secure Socket Layer (SSL) A way of sending secure information such as credit card details from a web browser to a web site. The secure link is established using the following handshake process: 1. The browser requests a page which is ‘secure’. 2. The web server offers the browser the option to go into secure mode. 3. The browser accepts the offer to go secure. 4. The web server sends its digital certificate. 5. The browser checks that the digital certificate sent is valid (i.e. that the dates are valid, that the issuing CA is trustworthy and that the domain name of the server matches the certificate) and extracts the server’s public key.
58.
Reem AlAttas ©
58 ..SSL 6. The browser generates a secret key (a session key) for use in this session with this web server. The session key is encrypted using the web server’s public key and is sent to the web server. Subsequent pages are now sent securely and the browser goes into secure mode. Browser page requests are also securely sent and so are the data on any forms in the pages sent. 7. The web server now sends subsequent pages encrypted with the session key that is supplied. (This might be an order form.) The browser indicates that a secure session is in progress: often using a lock symbol. 8. The browser sends its response to the web server encrypted with the DES session key. (This is the completed information on the form). 9. Steps 7 and 8 are repeated for any further secure transmissions of pages and data. 10. When the browser requests a non-secure page, the secure link is terminated and the lock symbol is removed from the browser window.
59.
Reem AlAttas ©
59 Code Signing A digital certificate must be obtained by the software developer prior to code signing. Code signing digital certificates are issued as class 3 certificates to software developer companies.
60.
TMA6 – Q1
61.
Thank You!
Editor's Notes
Hence, in a distributed computing system, security becomes a major issue.
Download now