SlideShare a Scribd company logo

Chapter 8Secret and Public KeysChapter 8 OverviewManag.docx

Download as DOCX, PDF
B
bartholomeocoombs

Chapter 8 Secret and Public Keys Chapter 8 Overview Managing and using secret keys Wrapping techniques for secret keys Detecting errors and protecting file integrity Public-key cryptography and, briefly, quantum cryptography Public-key techniques for signing data and wrapping keys Public-key certificates The Key Management Challenges Instead of protecting a lot of secret data, we “only” need to protect (smaller) secret keys Three challenges Share keys with the right people Choose keys an attacker can't guess Handle keys so attackers can't intercept them or guess them Cryptonet = set of people or devices that all share the same secret key – transitive trust Rekeying – Changing “Old” Keys The more data we encrypt, the more vulnerable our keys become to cryptanalysis We rekey periodically to reduce the risk Cryptoperiod = a key's “safe” lifetime Typical recommendation: 2 years for a rarely used key Change a heavily used key as often as is practical A trade-off between performance and safety How Do We Distribute a Key? Person-to-person Safe, but inefficient Options Exchange keys verbally if memorized Exchange on paper We must now protect the paper! Exchange electronically – save this for later How do we prevent sniffing or interception? How do we prevent undesired copies? Crypto Keys in Text Format Practical for encrypting shared files Practical to exchange verbally or on paper Practical to memorize in some cases How do we convert a text phrase into bits? Digital encryption algorithms work on bits Keys are bits Passphrase as Key: Simple Case Passphrase as Key: Better Case Checklist for key handling Use either passwords or passphrases Allow really long passphrases Use the entropy of the entire passphrase Preserve entropy Erase the passphrase ASAP after use Let the user keep the passphrase available Don't put passphrase on the hard drive unless it's encrypted Suppress echo Permit echo if chosen by the user Use an internal key for only one file Key Strength Remember Chapter 6: A longer secret with a larger choice of characters = greater entropy Greater entropy = larger search space Larger search space = harder to attack Memorization trade-offs It's hard to remember unusual capitalizations, misspellings, or character substitutions Mississippi, mIssiss1ppi, missIss1ppi, … It may be easier to remember a longer phrase with conventional syntax The Reused Key Stream Problem Courtesy of Dr. Richard Smith Xor Removes the Duplicate Keystream Courtesy of Dr. Richard Smith The Duplicate Keystream Real-life examples Soviet spies reused one-time pad keystreams after World War II, and the US cracked many of the messages (the Venona Project) The PPTP encryption protocol reused a secret key, which yielded a duplicate keystream How to fix it Ensure that separate messages use separate keystreams = separate keys in stream ciphers Using a Nonce Key Wrapping: A Building Block Key Splitting – Simplified Wrapping Separation of.

Education
1 of 11
Chapter 8 Secret and Public Keys Chapter 8 Overview Managing and using secret keys Wrapping techniques for secret keys Detecting errors and protecting file integrity Public-key cryptography and, briefly, quantum cryptography Public-key techniques for signing data and wrapping keys Public-key certificates The Key Management Challenges Instead of protecting a lot of secret data, we “only” need to protect (smaller) secret keys Three challenges Share keys with the right people Choose keys an attacker can't guess Handle keys so attackers can't intercept them or guess them Cryptonet = set of people or devices that all share the same secret key – transitive trust Rekeying – Changing “Old” Keys The more data we encrypt, the more vulnerable our keys become to cryptanalysis We rekey periodically to reduce the risk Cryptoperiod = a key's “safe” lifetime Typical recommendation: 2 years for a rarely used key Change a heavily used key as often as is practical A trade-off between performance and safety
How Do We Distribute a Key? Person-to-person Safe, but inefficient Options Exchange keys verbally if memorized Exchange on paper We must now protect the paper! Exchange electronically – save this for later How do we prevent sniffing or interception? How do we prevent undesired copies? Crypto Keys in Text Format Practical for encrypting shared files Practical to exchange verbally or on paper Practical to memorize in some cases How do we convert a text phrase into bits? Digital encryption algorithms work on bits Keys are bits Passphrase as Key: Simple Case Passphrase as Key: Better Case Checklist for key handling Use either passwords or passphrases Allow really long passphrases Use the entropy of the entire passphrase Preserve entropy
Erase the passphrase ASAP after use Let the user keep the passphrase available Don't put passphrase on the hard drive unless it's encrypted Suppress echo Permit echo if chosen by the user Use an internal key for only one file Key Strength Remember Chapter 6: A longer secret with a larger choice of characters = greater entropy Greater entropy = larger search space Larger search space = harder to attack Memorization trade-offs It's hard to remember unusual capitalizations, misspellings, or character substitutions Mississippi, mIssiss1ppi, missIss1ppi, … It may be easier to remember a longer phrase with conventional syntax The Reused Key Stream Problem Courtesy of Dr. Richard Smith Xor Removes the Duplicate Keystream Courtesy of Dr. Richard Smith The Duplicate Keystream Real-life examples Soviet spies reused one-time pad keystreams after World War II, and the US cracked many of the messages (the Venona Project)
The PPTP encryption protocol reused a secret key, which yielded a duplicate keystream How to fix it Ensure that separate messages use separate keystreams = separate keys in stream ciphers Using a Nonce Key Wrapping: A Building Block Key Splitting – Simplified Wrapping Separation of Duty: A Principle Dividing up a task so that it requires two or more people to do it Reduces risks because a malicious worker will need the others to cooperate Business example: Dual signature checks One person writes the check and signs it, but a second person must approve it and sign Military example: Launching nuclear missiles Requires two separate individuals to verify the order and to cooperate in the launching DVD Key Handling Public-Key Cryptography
Techniques to share secret information without sharing a secret ahead of time Classic techniques named for their inventors: Diffie-Hellman (D-H) Constructs a shared secret from information shared in public Rivest-Shamir-Adleman (RSA) Encrypt data readable only by the recipient Verify that a particular sender encrypted (“signed”) a particular message Public and Private Keys Users don't need to share secret information, except temporarily. Create a shared secret key, use it for one transaction, and then discard it Reduces risk of cryptanalysis Public/private key belongs to a single entity Public keys can be shared with attackers Private keys are kept secret by the owner Solves many key distribution problems Introduces problems of its own Constructing a Key Pair Diffie-Hellman Secret Sharing Elliptic Curve Cryptography Similar to Diffie-Hellman Can calculate a shared secret Uses elliptic curve computations:
(y2 = x2 + ax + b)(mod p) Smaller key sizes for effective security Elliptic curve key is 2–3x larger than a secret key yielding a comparable search space Smaller keys = more efficient computation Quantum Theory and Cryptography Quantum key distribution Applies Heisenberg's Uncertainty Principle to detect eavesdropping Demonstrated using satellite communications Quantum cryptanalysis Schor's algorithm factors very large numbers A large quantum computer could attack current public-key crypto techniques Post-quantum crypto research seeks techniques to resist quantum computer-based attacks RSA for Encryption RSA In Practice Uses a single, simple calculation on extremely large integers: C = Mx mod N N = extremely large number made of 2 primes Public key e = a public value for exponent x Private key d = a secret value for exponent x M = data being encrypted or decrypted
C = result If we encrypt with “e” we must decrypt with “d” And vice versa Key Wrapping with RSA Attacking Public Key Crypto Security relies on very large prime numbers Efficient factoring = efficient attacks Public keys must be much longer than secret keys to achieve similar security Attacking RSA Decrypt a small plaintext with cube root of 3 Small private keys are especially vulnerable Timing of calculation indicates the key values Chosen ciphertext: trick user into applying crypto Data Integrity Does encryption protect data from change? Why or why not? How do we detect malicious changes to data? Detecting accidental changes What did we see in Chapter 5? Hash functions are similar to EDCs Bit Flipping Attack on Ciphertext Does this Protect the Data?
Birthday Attack on a Check Value Alternative: Encrypting a Hash Keyed Hash: More Efficient Public Keys and Digital Signatures Constructing an RSA Digital Signature Verifying an RSA Digital Signature The MITM or Bucket Brigade Attack Public-Key Certificates Interpreting Certificates Certificates are often created in relationship to other certificates
A corporation issues certificates to admins Admins issue certificates to end users A hierarchical structure is most common The “root” certificate is distributed widely Other certificates are verified against it “Web of trust” is an alternative based on personal trust in other certificate signers Authenticating Software Updates Assured Pipeline image2.jpg image3.jpg image4.jpg image5.jpg image6.jpg image7.jpg image8.jpg image9.jpg image10.jpg image11.jpg image12.jpg image13.jpg image14.jpg image15.jpg image16.jpg image17.jpg image18.jpg image19.jpg image20.jpg image21.jpg
image22.jpg image23.jpg image24.jpg image25.jpg image26.jpg image1.jpg Details: Using the course text, professional journal articles, or other reputable resources complete ONE of the following assignment options. Option 2: Answer ALL the following questions. · Explain the basic principle of separation of duty. · Discuss how cryptography/encryption can be used to implement separation of duty. Paper Requirements: · Format: Microsoft Word · Font: Arial, 12-Point, Double-Space (or equivalent) · Citation Style: APA or MLA (The point is to use a style that makes your document readable and give credit to the sources you used.) Length Requirements: · 2–3 pages · Coversheet · List of References Page.
Chapter 8Secret and Public KeysChapter 8 OverviewManag.docx

Recommended

Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI Technology
Sylvain Maret
 
Cryptography
CryptographyCryptography
Cryptography
amiable_indian
 
6. cryptography
6. cryptography6. cryptography
6. cryptography
7wounders
 
A comparative study of symmetric key algorithm des, aes and blowfish for vide...
A comparative study of symmetric key algorithm des, aes and blowfish for vide...A comparative study of symmetric key algorithm des, aes and blowfish for vide...
A comparative study of symmetric key algorithm des, aes and blowfish for vide...
pankaj kumari
 
Cryptography Lecture by Sam Bowne
Cryptography Lecture by Sam BowneCryptography Lecture by Sam Bowne
Cryptography Lecture by Sam Bowne
SecurityTube.Net
 
Ch12 Cryptography it-slideshares.blogspot.com
Ch12 Cryptography it-slideshares.blogspot.comCh12 Cryptography it-slideshares.blogspot.com
Ch12 Cryptography it-slideshares.blogspot.com
phanleson
 
Data encryption
Data encryptionData encryption
Data encryption
Balvant Biradar
 
Encryption Primer por Cathy Nolan
Encryption Primer por Cathy NolanEncryption Primer por Cathy Nolan
Encryption Primer por Cathy Nolan
Joao Galdino Mello de Souza
 

Recommended

Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI Technology
Sylvain Maret
 
Cryptography
CryptographyCryptography
Cryptography
amiable_indian
 
6. cryptography
6. cryptography6. cryptography
6. cryptography
7wounders
 
A comparative study of symmetric key algorithm des, aes and blowfish for vide...
A comparative study of symmetric key algorithm des, aes and blowfish for vide...A comparative study of symmetric key algorithm des, aes and blowfish for vide...
A comparative study of symmetric key algorithm des, aes and blowfish for vide...
pankaj kumari
 
Cryptography Lecture by Sam Bowne
Cryptography Lecture by Sam BowneCryptography Lecture by Sam Bowne
Cryptography Lecture by Sam Bowne
SecurityTube.Net
 
Ch12 Cryptography it-slideshares.blogspot.com
Ch12 Cryptography it-slideshares.blogspot.comCh12 Cryptography it-slideshares.blogspot.com
Ch12 Cryptography it-slideshares.blogspot.com
phanleson
 
Data encryption
Data encryptionData encryption
Data encryption
Balvant Biradar
 
Encryption Primer por Cathy Nolan
Encryption Primer por Cathy NolanEncryption Primer por Cathy Nolan
Encryption Primer por Cathy Nolan
Joao Galdino Mello de Souza
 
Ch12 Encryption
Ch12 EncryptionCh12 Encryption
Ch12 Encryption
phanleson
 
Ch11 Basic Cryptography
Ch11 Basic CryptographyCh11 Basic Cryptography
Ch11 Basic Cryptography
Information Technology
 
paper9.pdf
paper9.pdfpaper9.pdf
paper9.pdf
aminasouyah
 
sheet2.pdf
sheet2.pdfsheet2.pdf
sheet2.pdf
aminasouyah
 
doc2.pdf
doc2.pdfdoc2.pdf
doc2.pdf
aminasouyah
 
paper2.pdf
paper2.pdfpaper2.pdf
paper2.pdf
aminasouyah
 
lecture1.pdf
lecture1.pdflecture1.pdf
lecture1.pdf
aminasouyah
 
Java Crypto
Java CryptoJava Crypto
Java Crypto
phanleson
 
Cryptography Intro
Cryptography IntroCryptography Intro
Cryptography Intro
Christopher Martin
 
Bt0088 cryptography and network security1
Bt0088 cryptography and network security1Bt0088 cryptography and network security1
Bt0088 cryptography and network security1
Techglyphs
 
Cryptography - An Overview
Cryptography - An OverviewCryptography - An Overview
Cryptography - An Overview
ppd1961
 
Overview of cryptography
Overview of cryptographyOverview of cryptography
Overview of cryptography
Roshan Chaudhary
 
Security pre
Security preSecurity pre
Security pre
missstevenson01
 
Encryption by fastech
Encryption by fastechEncryption by fastech
Encryption by fastech
Abdulafeez Fasasi
 
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptx
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptxSecret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptx
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptx
jibonjibon5
 
Data encryption algorithm(edit)
Data encryption algorithm(edit)Data encryption algorithm(edit)
Data encryption algorithm(edit)
Hussain Almohammadi
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
IJERD Editor
 
Basic Cryptography unit 4 CSS
Basic Cryptography unit 4 CSSBasic Cryptography unit 4 CSS
Basic Cryptography unit 4 CSS
SURBHI SAROHA
 
Key distribution code.ppt
Key distribution code.pptKey distribution code.ppt
Key distribution code.ppt
Prabhat Kumar
 
Discussion Question Contrast file encryption and volume encryptio.docx
Discussion Question Contrast file encryption and volume encryptio.docxDiscussion Question Contrast file encryption and volume encryptio.docx
Discussion Question Contrast file encryption and volume encryptio.docx
JeniceStuckeyoo
 
CompetencyAnalyze how human resource standards and practices.docx
CompetencyAnalyze how human resource standards and practices.docxCompetencyAnalyze how human resource standards and practices.docx
CompetencyAnalyze how human resource standards and practices.docx
bartholomeocoombs
 
CompetencyAnalyze financial statements to assess performance.docx
CompetencyAnalyze financial statements to assess performance.docxCompetencyAnalyze financial statements to assess performance.docx
CompetencyAnalyze financial statements to assess performance.docx
bartholomeocoombs
 

More Related Content

Similar to Chapter 8Secret and Public KeysChapter 8 OverviewManag.docx

Ch12 Encryption
Ch12 EncryptionCh12 Encryption
Ch12 Encryption
phanleson
 
Ch11 Basic Cryptography
Ch11 Basic CryptographyCh11 Basic Cryptography
Ch11 Basic Cryptography
Information Technology
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
IJERD Editor
 
Discussion Question Contrast file encryption and volume encryptio.docx
Discussion Question Contrast file encryption and volume encryptio.docxDiscussion Question Contrast file encryption and volume encryptio.docx
Discussion Question Contrast file encryption and volume encryptio.docx
JeniceStuckeyoo
 

Similar to Chapter 8Secret and Public KeysChapter 8 OverviewManag.docx (20)

Ch12 Encryption
Ch12 EncryptionCh12 Encryption
Ch12 Encryption
 
Ch11 Basic Cryptography
Ch11 Basic CryptographyCh11 Basic Cryptography
Ch11 Basic Cryptography
 
paper9.pdf
paper9.pdfpaper9.pdf
paper9.pdf
 
sheet2.pdf
sheet2.pdfsheet2.pdf
sheet2.pdf
 
doc2.pdf
doc2.pdfdoc2.pdf
doc2.pdf
 
paper2.pdf
paper2.pdfpaper2.pdf
paper2.pdf
 
lecture1.pdf
lecture1.pdflecture1.pdf
lecture1.pdf
 
Java Crypto
Java CryptoJava Crypto
Java Crypto
 
Cryptography Intro
Cryptography IntroCryptography Intro
Cryptography Intro
 
Bt0088 cryptography and network security1
Bt0088 cryptography and network security1Bt0088 cryptography and network security1
Bt0088 cryptography and network security1
 
Cryptography - An Overview
Cryptography - An OverviewCryptography - An Overview
Cryptography - An Overview
 
Overview of cryptography
Overview of cryptographyOverview of cryptography
Overview of cryptography
 
Security pre
Security preSecurity pre
Security pre
 
Encryption by fastech
Encryption by fastechEncryption by fastech
Encryption by fastech
 
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptx
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptxSecret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptx
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptx
 
Data encryption algorithm(edit)
Data encryption algorithm(edit)Data encryption algorithm(edit)
Data encryption algorithm(edit)
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
 
Basic Cryptography unit 4 CSS
Basic Cryptography unit 4 CSSBasic Cryptography unit 4 CSS
Basic Cryptography unit 4 CSS
 
Key distribution code.ppt
Key distribution code.pptKey distribution code.ppt
Key distribution code.ppt
 
Discussion Question Contrast file encryption and volume encryptio.docx
Discussion Question Contrast file encryption and volume encryptio.docxDiscussion Question Contrast file encryption and volume encryptio.docx
Discussion Question Contrast file encryption and volume encryptio.docx
 

More from bartholomeocoombs

CompetencyAnalyze how human resource standards and practices.docx
CompetencyAnalyze how human resource standards and practices.docxCompetencyAnalyze how human resource standards and practices.docx
CompetencyAnalyze how human resource standards and practices.docx
bartholomeocoombs
 
CompetencyAnalyze financial statements to assess performance.docx
CompetencyAnalyze financial statements to assess performance.docxCompetencyAnalyze financial statements to assess performance.docx
CompetencyAnalyze financial statements to assess performance.docx
bartholomeocoombs
 
CompetencyAnalyze ethical and legal dilemmas that healthcare.docx
CompetencyAnalyze ethical and legal dilemmas that healthcare.docxCompetencyAnalyze ethical and legal dilemmas that healthcare.docx
CompetencyAnalyze ethical and legal dilemmas that healthcare.docx
bartholomeocoombs
 
CompetencyAnalyze ethical and legal dilemmas that healthcare wor.docx
CompetencyAnalyze ethical and legal dilemmas that healthcare wor.docxCompetencyAnalyze ethical and legal dilemmas that healthcare wor.docx
CompetencyAnalyze ethical and legal dilemmas that healthcare wor.docx
bartholomeocoombs
 
CompetencyAnalyze collaboration tools to support organizatio.docx
CompetencyAnalyze collaboration tools to support organizatio.docxCompetencyAnalyze collaboration tools to support organizatio.docx
CompetencyAnalyze collaboration tools to support organizatio.docx
bartholomeocoombs
 
Competency Checklist and Professional Development Resources .docx
Competency Checklist and Professional Development Resources .docxCompetency Checklist and Professional Development Resources .docx
Competency Checklist and Professional Development Resources .docx
bartholomeocoombs
 
Competency 2 Examine the organizational behavior within busines.docx
Competency 2 Examine the organizational behavior within busines.docxCompetency 2 Examine the organizational behavior within busines.docx
Competency 2 Examine the organizational behavior within busines.docx
bartholomeocoombs
 
CompetenciesEvaluate the challenges and benefits of employ.docx
CompetenciesEvaluate the challenges and benefits of employ.docxCompetenciesEvaluate the challenges and benefits of employ.docx
CompetenciesEvaluate the challenges and benefits of employ.docx
bartholomeocoombs
 
CompetenciesDescribe the supply chain management principle.docx
CompetenciesDescribe the supply chain management principle.docxCompetenciesDescribe the supply chain management principle.docx
CompetenciesDescribe the supply chain management principle.docx
bartholomeocoombs
 
CompetenciesABCDF1.1 Create oral, written, or visual .docx
CompetenciesABCDF1.1 Create oral, written, or visual .docxCompetenciesABCDF1.1 Create oral, written, or visual .docx
CompetenciesABCDF1.1 Create oral, written, or visual .docx
bartholomeocoombs
 
COMPETENCIES734.3.4 Healthcare Utilization and Finance.docx
COMPETENCIES734.3.4 Healthcare Utilization and Finance.docxCOMPETENCIES734.3.4 Healthcare Utilization and Finance.docx
COMPETENCIES734.3.4 Healthcare Utilization and Finance.docx
bartholomeocoombs
 
Competences, Learning Theories and MOOCsRecent Developments.docx
Competences, Learning Theories and MOOCsRecent Developments.docxCompetences, Learning Theories and MOOCsRecent Developments.docx
Competences, Learning Theories and MOOCsRecent Developments.docx
bartholomeocoombs
 
Compensation  & Benefits Class 700 words with referencesA stra.docx
Compensation  & Benefits Class 700 words with referencesA stra.docxCompensation  & Benefits Class 700 words with referencesA stra.docx
Compensation  & Benefits Class 700 words with referencesA stra.docx
bartholomeocoombs
 
Compensation, Benefits, Reward & Recognition Plan for V..docx
Compensation, Benefits, Reward & Recognition Plan for V..docxCompensation, Benefits, Reward & Recognition Plan for V..docx
Compensation, Benefits, Reward & Recognition Plan for V..docx
bartholomeocoombs
 
Compensation Strategy for Knowledge WorkersTo prepare for this a.docx
Compensation Strategy for Knowledge WorkersTo prepare for this a.docxCompensation Strategy for Knowledge WorkersTo prepare for this a.docx
Compensation Strategy for Knowledge WorkersTo prepare for this a.docx
bartholomeocoombs
 

More from bartholomeocoombs (20)

CompetencyAnalyze how human resource standards and practices.docx
CompetencyAnalyze how human resource standards and practices.docxCompetencyAnalyze how human resource standards and practices.docx
CompetencyAnalyze how human resource standards and practices.docx
 
CompetencyAnalyze financial statements to assess performance.docx
CompetencyAnalyze financial statements to assess performance.docxCompetencyAnalyze financial statements to assess performance.docx
CompetencyAnalyze financial statements to assess performance.docx
 
CompetencyAnalyze ethical and legal dilemmas that healthcare.docx
CompetencyAnalyze ethical and legal dilemmas that healthcare.docxCompetencyAnalyze ethical and legal dilemmas that healthcare.docx
CompetencyAnalyze ethical and legal dilemmas that healthcare.docx
 
CompetencyAnalyze ethical and legal dilemmas that healthcare wor.docx
CompetencyAnalyze ethical and legal dilemmas that healthcare wor.docxCompetencyAnalyze ethical and legal dilemmas that healthcare wor.docx
CompetencyAnalyze ethical and legal dilemmas that healthcare wor.docx
 
CompetencyAnalyze collaboration tools to support organizatio.docx
CompetencyAnalyze collaboration tools to support organizatio.docxCompetencyAnalyze collaboration tools to support organizatio.docx
CompetencyAnalyze collaboration tools to support organizatio.docx
 
Competency Checklist and Professional Development Resources .docx
Competency Checklist and Professional Development Resources .docxCompetency Checklist and Professional Development Resources .docx
Competency Checklist and Professional Development Resources .docx
 
Competency 6 Enagage with Communities and Organizations (3 hrs) (1 .docx
Competency 6 Enagage with Communities and Organizations (3 hrs) (1 .docxCompetency 6 Enagage with Communities and Organizations (3 hrs) (1 .docx
Competency 6 Enagage with Communities and Organizations (3 hrs) (1 .docx
 
Competency 2 Examine the organizational behavior within busines.docx
Competency 2 Examine the organizational behavior within busines.docxCompetency 2 Examine the organizational behavior within busines.docx
Competency 2 Examine the organizational behavior within busines.docx
 
CompetenciesEvaluate the challenges and benefits of employ.docx
CompetenciesEvaluate the challenges and benefits of employ.docxCompetenciesEvaluate the challenges and benefits of employ.docx
CompetenciesEvaluate the challenges and benefits of employ.docx
 
CompetenciesDescribe the supply chain management principle.docx
CompetenciesDescribe the supply chain management principle.docxCompetenciesDescribe the supply chain management principle.docx
CompetenciesDescribe the supply chain management principle.docx
 
CompetenciesABCDF1.1 Create oral, written, or visual .docx
CompetenciesABCDF1.1 Create oral, written, or visual .docxCompetenciesABCDF1.1 Create oral, written, or visual .docx
CompetenciesABCDF1.1 Create oral, written, or visual .docx
 
COMPETENCIES734.3.4 Healthcare Utilization and Finance.docx
COMPETENCIES734.3.4 Healthcare Utilization and Finance.docxCOMPETENCIES734.3.4 Healthcare Utilization and Finance.docx
COMPETENCIES734.3.4 Healthcare Utilization and Finance.docx
 
Competencies and KnowledgeWhat competencies were you able to dev.docx
Competencies and KnowledgeWhat competencies were you able to dev.docxCompetencies and KnowledgeWhat competencies were you able to dev.docx
Competencies and KnowledgeWhat competencies were you able to dev.docx
 
Competencies and KnowledgeThis assignment has 2 parts.docx
Competencies and KnowledgeThis assignment has 2 parts.docxCompetencies and KnowledgeThis assignment has 2 parts.docx
Competencies and KnowledgeThis assignment has 2 parts.docx
 
Competencies and KnowledgeThis assignment has 2 partsWhat.docx
Competencies and KnowledgeThis assignment has 2 partsWhat.docxCompetencies and KnowledgeThis assignment has 2 partsWhat.docx
Competencies and KnowledgeThis assignment has 2 partsWhat.docx
 
Competences, Learning Theories and MOOCsRecent Developments.docx
Competences, Learning Theories and MOOCsRecent Developments.docxCompetences, Learning Theories and MOOCsRecent Developments.docx
Competences, Learning Theories and MOOCsRecent Developments.docx
 
Compensation  & Benefits Class 700 words with referencesA stra.docx
Compensation  & Benefits Class 700 words with referencesA stra.docxCompensation  & Benefits Class 700 words with referencesA stra.docx
Compensation  & Benefits Class 700 words with referencesA stra.docx
 
Compensation, Benefits, Reward & Recognition Plan for V..docx
Compensation, Benefits, Reward & Recognition Plan for V..docxCompensation, Benefits, Reward & Recognition Plan for V..docx
Compensation, Benefits, Reward & Recognition Plan for V..docx
 
Compete the following tablesTheoryKey figuresKey concepts o.docx
Compete the following tablesTheoryKey figuresKey concepts o.docxCompete the following tablesTheoryKey figuresKey concepts o.docx
Compete the following tablesTheoryKey figuresKey concepts o.docx
 
Compensation Strategy for Knowledge WorkersTo prepare for this a.docx
Compensation Strategy for Knowledge WorkersTo prepare for this a.docxCompensation Strategy for Knowledge WorkersTo prepare for this a.docx
Compensation Strategy for Knowledge WorkersTo prepare for this a.docx
 

Recently uploaded

Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
ZurliaSoop
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
heathfieldcps1
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
KarakKing
 

Recently uploaded (20)

Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 
SOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning PresentationSOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning Presentation
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdf
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the Classroom
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and Modifications
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
 
FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - English
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptxSKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
 

Chapter 8Secret and Public KeysChapter 8 OverviewManag.docx

  • 1. Chapter 8 Secret and Public Keys Chapter 8 Overview Managing and using secret keys Wrapping techniques for secret keys Detecting errors and protecting file integrity Public-key cryptography and, briefly, quantum cryptography Public-key techniques for signing data and wrapping keys Public-key certificates The Key Management Challenges Instead of protecting a lot of secret data, we “only” need to protect (smaller) secret keys Three challenges Share keys with the right people Choose keys an attacker can't guess Handle keys so attackers can't intercept them or guess them Cryptonet = set of people or devices that all share the same secret key – transitive trust Rekeying – Changing “Old” Keys The more data we encrypt, the more vulnerable our keys become to cryptanalysis We rekey periodically to reduce the risk Cryptoperiod = a key's “safe” lifetime Typical recommendation: 2 years for a rarely used key Change a heavily used key as often as is practical A trade-off between performance and safety
  • 2. How Do We Distribute a Key? Person-to-person Safe, but inefficient Options Exchange keys verbally if memorized Exchange on paper We must now protect the paper! Exchange electronically – save this for later How do we prevent sniffing or interception? How do we prevent undesired copies? Crypto Keys in Text Format Practical for encrypting shared files Practical to exchange verbally or on paper Practical to memorize in some cases How do we convert a text phrase into bits? Digital encryption algorithms work on bits Keys are bits Passphrase as Key: Simple Case Passphrase as Key: Better Case Checklist for key handling Use either passwords or passphrases Allow really long passphrases Use the entropy of the entire passphrase Preserve entropy
  • 3. Erase the passphrase ASAP after use Let the user keep the passphrase available Don't put passphrase on the hard drive unless it's encrypted Suppress echo Permit echo if chosen by the user Use an internal key for only one file Key Strength Remember Chapter 6: A longer secret with a larger choice of characters = greater entropy Greater entropy = larger search space Larger search space = harder to attack Memorization trade-offs It's hard to remember unusual capitalizations, misspellings, or character substitutions Mississippi, mIssiss1ppi, missIss1ppi, … It may be easier to remember a longer phrase with conventional syntax The Reused Key Stream Problem Courtesy of Dr. Richard Smith Xor Removes the Duplicate Keystream Courtesy of Dr. Richard Smith The Duplicate Keystream Real-life examples Soviet spies reused one-time pad keystreams after World War II, and the US cracked many of the messages (the Venona Project)
  • 4. The PPTP encryption protocol reused a secret key, which yielded a duplicate keystream How to fix it Ensure that separate messages use separate keystreams = separate keys in stream ciphers Using a Nonce Key Wrapping: A Building Block Key Splitting – Simplified Wrapping Separation of Duty: A Principle Dividing up a task so that it requires two or more people to do it Reduces risks because a malicious worker will need the others to cooperate Business example: Dual signature checks One person writes the check and signs it, but a second person must approve it and sign Military example: Launching nuclear missiles Requires two separate individuals to verify the order and to cooperate in the launching DVD Key Handling Public-Key Cryptography
  • 5. Techniques to share secret information without sharing a secret ahead of time Classic techniques named for their inventors: Diffie-Hellman (D-H) Constructs a shared secret from information shared in public Rivest-Shamir-Adleman (RSA) Encrypt data readable only by the recipient Verify that a particular sender encrypted (“signed”) a particular message Public and Private Keys Users don't need to share secret information, except temporarily. Create a shared secret key, use it for one transaction, and then discard it Reduces risk of cryptanalysis Public/private key belongs to a single entity Public keys can be shared with attackers Private keys are kept secret by the owner Solves many key distribution problems Introduces problems of its own Constructing a Key Pair Diffie-Hellman Secret Sharing Elliptic Curve Cryptography Similar to Diffie-Hellman Can calculate a shared secret Uses elliptic curve computations:
  • 6. (y2 = x2 + ax + b)(mod p) Smaller key sizes for effective security Elliptic curve key is 2–3x larger than a secret key yielding a comparable search space Smaller keys = more efficient computation Quantum Theory and Cryptography Quantum key distribution Applies Heisenberg's Uncertainty Principle to detect eavesdropping Demonstrated using satellite communications Quantum cryptanalysis Schor's algorithm factors very large numbers A large quantum computer could attack current public-key crypto techniques Post-quantum crypto research seeks techniques to resist quantum computer-based attacks RSA for Encryption RSA In Practice Uses a single, simple calculation on extremely large integers: C = Mx mod N N = extremely large number made of 2 primes Public key e = a public value for exponent x Private key d = a secret value for exponent x M = data being encrypted or decrypted
  • 7. C = result If we encrypt with “e” we must decrypt with “d” And vice versa Key Wrapping with RSA Attacking Public Key Crypto Security relies on very large prime numbers Efficient factoring = efficient attacks Public keys must be much longer than secret keys to achieve similar security Attacking RSA Decrypt a small plaintext with cube root of 3 Small private keys are especially vulnerable Timing of calculation indicates the key values Chosen ciphertext: trick user into applying crypto Data Integrity Does encryption protect data from change? Why or why not? How do we detect malicious changes to data? Detecting accidental changes What did we see in Chapter 5? Hash functions are similar to EDCs Bit Flipping Attack on Ciphertext Does this Protect the Data?
  • 8. Birthday Attack on a Check Value Alternative: Encrypting a Hash Keyed Hash: More Efficient Public Keys and Digital Signatures Constructing an RSA Digital Signature Verifying an RSA Digital Signature The MITM or Bucket Brigade Attack Public-Key Certificates Interpreting Certificates Certificates are often created in relationship to other certificates
  • 9. A corporation issues certificates to admins Admins issue certificates to end users A hierarchical structure is most common The “root” certificate is distributed widely Other certificates are verified against it “Web of trust” is an alternative based on personal trust in other certificate signers Authenticating Software Updates Assured Pipeline image2.jpg image3.jpg image4.jpg image5.jpg image6.jpg image7.jpg image8.jpg image9.jpg image10.jpg image11.jpg image12.jpg image13.jpg image14.jpg image15.jpg image16.jpg image17.jpg image18.jpg image19.jpg image20.jpg image21.jpg
  • 10. image22.jpg image23.jpg image24.jpg image25.jpg image26.jpg image1.jpg Details: Using the course text, professional journal articles, or other reputable resources complete ONE of the following assignment options. Option 2: Answer ALL the following questions. · Explain the basic principle of separation of duty. · Discuss how cryptography/encryption can be used to implement separation of duty. Paper Requirements: · Format: Microsoft Word · Font: Arial, 12-Point, Double-Space (or equivalent) · Citation Style: APA or MLA (The point is to use a style that makes your document readable and give credit to the sources you used.) Length Requirements: · 2–3 pages · Coversheet · List of References Page.