SlideShare a Scribd company logo

Lesson 2

Download as PPT, PDF
M
MLG College of Learning, Inc

Cryptography tools

Education
1 of 24
Principles of Information Security, Fifth Edition Chapter 8 Cryptography Lesson 2 – Cryptography Tools
Learning Objectives • Upon completion of this material, you should be able to: – Chronicle the most significant events and discoveries in the history of cryptology – Explain the basic principles of cryptography – Describe the operating principles of the most popular cryptographic tools – List and explicate the major protocols used for secure communications Principles of Information Security, Fifth Edition 2
Cryptographic Tools • Potential areas of use include: – Ability to conceal the contents of sensitive messages – Verify the contents of messages and the identities of their senders • Tools must embody cryptographic capabilities so that they can be applied to the everyday world of computing. Principles of Information Security, Fifth Edition 3
Public-Key Infrastructure (PKI) • Integrated system of software, encryption methodologies, protocols, legal agreements, and third-party services enabling users to communicate securely • PKI systems based on public-key cryptosystems • PKI protects information assets in several ways: – Authentication – Integrity – Privacy – Authorization – Nonrepudiation Principles of Information Security, Fifth Edition 4
Public-Key Infrastructure (PKI) (cont’d) • Typical PKI solution protects the transmission and reception of secure information by integrating: – A certificate authority (CA) – A registration authority (RA) – Certificate directories – Management protocols – Policies and procedures Principles of Information Security, Fifth Edition 5
Digital Signatures • Created in response to rising the need to verify information transferred via electronic systems • Asymmetric encryption processes used to create digital signatures • Nonrepudiation: the process that verifies the message was sent by the sender and thus cannot be refuted • Digital Signature Standard (DSS) Principles of Information Security, Fifth Edition 6
Digital Certificates • Electronic document/container file containing key value and identifying information about entity that controls key • Digital signature attached to certificate’s container file certifies file’s origin and integrity • Different client-server applications use different types of digital certificates to accomplish their assigned functions. • Distinguished name (DN): uniquely identifies a certificate entity Principles of Information Security, Fifth Edition 7
Principles of Information Security, Fifth Edition 8
Principles of Information Security, Fifth Edition 9
Principles of Information Security, Fifth Edition 10
Hybrid Cryptography Systems • Except with digital certificates, pure asymmetric key encryption is not widely used. • Asymmetric encryption is more often used with symmetric key encryption, as part of a hybrid system. • Diffie-Hellman Key Exchange method: – Most common hybrid system – Provides foundation for subsequent developments in public-key encryption Principles of Information Security, Fifth Edition 11
Principles of Information Security, Fifth Edition 12
Steganography • “Art of secret writing” • Has been used for centuries • Most popular modern version hides information within files that contain digital pictures or other images • Some applications hide messages in .bmp, .wav, .mp3, and .au files, as well as in unused space on CDs and DVDs Principles of Information Security, Fifth Edition 13
Protocols for Secure Communications • Most of the software currently used to protect the confidentiality of information are not true cryptosystems. • They are applications to which cryptographic protocols have been added. • Particularly true of Internet protocols • As the number of threats to the Internet grew, so did the need for additional security measures. Principles of Information Security, Fifth Edition 14
Securing Internet Communication with S-HTTP and SSL • Secure Sockets Layer (SSL) protocol: uses public key encryption to secure channel over public Internet • Secure Hypertext Transfer Protocol (S-HTTP): extended version of Hypertext Transfer Protocol; provides for encryption of individual messages between client and server across Internet • S-HTTP is the application of SSL over HTTP. – Allows encryption of information passing between computers through protected and secure virtual connection Principles of Information Security, Fifth Edition 15
Securing E-mail with S/MIME, PEM, and PGP • Secure Multipurpose Internet Mail Extensions (S/MIME): builds on Multipurpose Internet Mail Extensions (MIME) encoding format and uses digital signatures based on public-key cryptosystems • Privacy Enhanced Mail (PEM): proposed as standard to use 3DES symmetric key encryption and RSA for key exchanges and digital signatures • Pretty Good Privacy (PGP): uses IDEA Cipher for message encoding Principles of Information Security, Fifth Edition 16
Securing Web Transactions with SET, SSL, and S-HTTP • Secure Electronic Transactions (SET): developed by MasterCard and VISA in 1997 to protect against electronic payment fraud • Uses DES to encrypt credit card information transfers • Provides security for both Internet-based credit card transactions and credit card swipe systems in retail stores Principles of Information Security, Fifth Edition 17
Securing Wireless Networks with WEP and WPA • Wired Equivalent Privacy (WEP): early attempt to provide security with the 8002.11 network protocol • Wi-Fi Protected Access (WPA and WPA2): created to resolve issues with WEP • Next Generation Wireless Protocols: Robust Secure Networks (RSN), AES–Counter Mode CBC MAC Protocol (CCMP) • Bluetooth: can be exploited by anyone within approximately 30 foot range, unless suitable security controls are implemented Principles of Information Security, Fifth Edition 18
Principles of Information Security, Fifth Edition 19
Securing TCP/IP with IPSec and PGP • Internet Protocol Security (IPSec): an open-source protocol framework for security development within the TCP/IP family of protocol standards • IPSec uses several different cryptosystems. – Diffie-Hellman key exchange for deriving key material between peers on a public network – Public key cryptography for signing the Diffie- Hellman exchanges to guarantee identity – Bulk encryption algorithms for encrypting the data – Digital certificates signed by a certificate authority to act as digital ID cards Principles of Information Security, Fifth Edition 20
Principles of Information Security, Fifth Edition 21
Securing TCP/IP with IPSec and PGP (cont’d) • Pretty Good Privacy (PGP): hybrid cryptosystem designed in 1991 by Phil Zimmermann – Combined best available cryptographic algorithms to become open source de facto standard for encryption and authentication of e-mail and file storage applications. – Freeware and low-cost commercial PGP versions are available for many platforms. – PGP security solution provides six services: authentication by digital signatures, message encryption, compression, e-mail compatibility, segmentation, key management Principles of Information Security, Fifth Edition 22
Summary • Cryptography and encryption provide sophisticated approach to security. – Many security-related tools use embedded encryption technologies. – Encryption converts a message into a form that is unreadable by the unauthorized. • Many tools are available and can be classified as symmetric or asymmetric, each having advantages and special capabilities. Principles of Information Security, Fifth Edition 23
Summary (cont’d) • Strength of encryption tool is dependent on the key size but even more dependent on following good management practices. • Cryptography is used to secure most aspects of Internet and Web uses that require it, drawing on extensive set of protocols and tools designed for that purpose. Principles of Information Security, Fifth Edition 24

Recommended

Lesson 1
Lesson 1Lesson 1
Lesson 1MLG College of Learning, Inc
 
Lesson 3- Remote Access
Lesson 3- Remote AccessLesson 3- Remote Access
Lesson 3- Remote AccessMLG College of Learning, Inc
 
Lesson 2 - IDPS
Lesson 2 - IDPSLesson 2 - IDPS
Lesson 2 - IDPSMLG College of Learning, Inc
 
Lesson 2
Lesson 2Lesson 2
Lesson 2MLG College of Learning, Inc
 
Lessson 2 - Application Layer
Lessson 2 - Application LayerLessson 2 - Application Layer
Lessson 2 - Application LayerMLG College of Learning, Inc
 
Lesson 4
Lesson 4Lesson 4
Lesson 4MLG College of Learning, Inc
 
Information Assurance And Security - Chapter 1 - Lesson 1
Information Assurance And Security - Chapter 1 - Lesson 1Information Assurance And Security - Chapter 1 - Lesson 1
Information Assurance And Security - Chapter 1 - Lesson 1MLG College of Learning, Inc
 
Lesson 1- Intrusion Detection
Lesson 1- Intrusion DetectionLesson 1- Intrusion Detection
Lesson 1- Intrusion DetectionMLG College of Learning, Inc
 

Recommended

Lesson 1
Lesson 1Lesson 1
Lesson 1MLG College of Learning, Inc
 
Lesson 3- Remote Access
Lesson 3- Remote AccessLesson 3- Remote Access
Lesson 3- Remote AccessMLG College of Learning, Inc
 
Lesson 2 - IDPS
Lesson 2 - IDPSLesson 2 - IDPS
Lesson 2 - IDPSMLG College of Learning, Inc
 
Lesson 2
Lesson 2Lesson 2
Lesson 2MLG College of Learning, Inc
 
Lessson 2 - Application Layer
Lessson 2 - Application LayerLessson 2 - Application Layer
Lessson 2 - Application LayerMLG College of Learning, Inc
 
Lesson 4
Lesson 4Lesson 4
Lesson 4MLG College of Learning, Inc
 
Information Assurance And Security - Chapter 1 - Lesson 1
Information Assurance And Security - Chapter 1 - Lesson 1Information Assurance And Security - Chapter 1 - Lesson 1
Information Assurance And Security - Chapter 1 - Lesson 1MLG College of Learning, Inc
 
Lesson 1- Intrusion Detection
Lesson 1- Intrusion DetectionLesson 1- Intrusion Detection
Lesson 1- Intrusion DetectionMLG College of Learning, Inc
 
Lesson 3
Lesson 3Lesson 3
Lesson 3MLG College of Learning, Inc
 
Lesson 1
Lesson 1Lesson 1
Lesson 1MLG College of Learning, Inc
 
Information Assurance And Security - Chapter 1 - Lesson 2
Information Assurance And Security - Chapter 1 - Lesson 2Information Assurance And Security - Chapter 1 - Lesson 2
Information Assurance And Security - Chapter 1 - Lesson 2MLG College of Learning, Inc
 
Smart city project's Information Security challenges
Smart city project's Information Security challenges Smart city project's Information Security challenges
Smart city project's Information Security challenges Behak Kangarloo
 
CompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentalsCompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentalsGanbayar Sukhbaatar
 
Lesson 3
Lesson 3Lesson 3
Lesson 3MLG College of Learning, Inc
 
Lesson 1 - Technical Controls
Lesson 1 - Technical ControlsLesson 1 - Technical Controls
Lesson 1 - Technical ControlsMLG College of Learning, Inc
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityJohn Ely Masculino
 
Lesson 1
Lesson 1Lesson 1
Lesson 1MLG College of Learning, Inc
 
Lesson 1
Lesson 1Lesson 1
Lesson 1MLG College of Learning, Inc
 
22 need-for-security
22 need-for-security22 need-for-security
22 need-for-securityAl Balqa Applied University
 
Lesson 2
Lesson 2Lesson 2
Lesson 2MLG College of Learning, Inc
 
Ise viii-information and network security [10 is835]-solution
Ise viii-information and network security [10 is835]-solutionIse viii-information and network security [10 is835]-solution
Ise viii-information and network security [10 is835]-solutionVivek Maurya
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityKumawat Dharmpal
 
Ppt.1
Ppt.1Ppt.1
Ppt.1veeresh35
 
Lesson 2
Lesson 2Lesson 2
Lesson 2MLG College of Learning, Inc
 
Ch01
Ch01Ch01
Ch01Joe Christensen
 
Lesson 3- Effectiveness of IDPS
Lesson 3- Effectiveness of IDPSLesson 3- Effectiveness of IDPS
Lesson 3- Effectiveness of IDPSMLG College of Learning, Inc
 
Network security chapter 1
Network security chapter 1Network security chapter 1
Network security chapter 1osama elfar
 
CNIT 123: Ch 1 Ethical Hacking Overview
CNIT 123: Ch 1 Ethical Hacking OverviewCNIT 123: Ch 1 Ethical Hacking Overview
CNIT 123: Ch 1 Ethical Hacking OverviewSam Bowne
 
Lesson 2 Cryptography tools
Lesson 2 Cryptography toolsLesson 2 Cryptography tools
Lesson 2 Cryptography toolsMLG College of Learning, Inc
 
Info security & crypto
Info security & cryptoInfo security & crypto
Info security & cryptoShehrevar Davierwala
 

More Related Content

What's hot

Information Assurance And Security - Chapter 1 - Lesson 2
Information Assurance And Security - Chapter 1 - Lesson 2Information Assurance And Security - Chapter 1 - Lesson 2
Information Assurance And Security - Chapter 1 - Lesson 2MLG College of Learning, Inc
 
Smart city project's Information Security challenges
Smart city project's Information Security challenges Smart city project's Information Security challenges
Smart city project's Information Security challenges Behak Kangarloo
 
CompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentalsCompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentalsGanbayar Sukhbaatar
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityJohn Ely Masculino
 
Ise viii-information and network security [10 is835]-solution
Ise viii-information and network security [10 is835]-solutionIse viii-information and network security [10 is835]-solution
Ise viii-information and network security [10 is835]-solutionVivek Maurya
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityKumawat Dharmpal
 
Network security chapter 1
Network security chapter 1Network security chapter 1
Network security chapter 1osama elfar
 
CNIT 123: Ch 1 Ethical Hacking Overview
CNIT 123: Ch 1 Ethical Hacking OverviewCNIT 123: Ch 1 Ethical Hacking Overview
CNIT 123: Ch 1 Ethical Hacking OverviewSam Bowne
 

What's hot (20)

Lesson 3
Lesson 3Lesson 3
Lesson 3
 
Lesson 1
Lesson 1Lesson 1
Lesson 1
 
Information Assurance And Security - Chapter 1 - Lesson 2
Information Assurance And Security - Chapter 1 - Lesson 2Information Assurance And Security - Chapter 1 - Lesson 2
Information Assurance And Security - Chapter 1 - Lesson 2
 
Smart city project's Information Security challenges
Smart city project's Information Security challenges Smart city project's Information Security challenges
Smart city project's Information Security challenges
 
CompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentalsCompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentals
 
Lesson 3
Lesson 3Lesson 3
Lesson 3
 
Lesson 1 - Technical Controls
Lesson 1 - Technical ControlsLesson 1 - Technical Controls
Lesson 1 - Technical Controls
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network Security
 
Lesson 1
Lesson 1Lesson 1
Lesson 1
 
Lesson 1
Lesson 1Lesson 1
Lesson 1
 
22 need-for-security
22 need-for-security22 need-for-security
22 need-for-security
 
Lesson 2
Lesson 2Lesson 2
Lesson 2
 
Ise viii-information and network security [10 is835]-solution
Ise viii-information and network security [10 is835]-solutionIse viii-information and network security [10 is835]-solution
Ise viii-information and network security [10 is835]-solution
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
 
Ppt.1
Ppt.1Ppt.1
Ppt.1
 
Lesson 2
Lesson 2Lesson 2
Lesson 2
 
Ch01
Ch01Ch01
Ch01
 
Lesson 3- Effectiveness of IDPS
Lesson 3- Effectiveness of IDPSLesson 3- Effectiveness of IDPS
Lesson 3- Effectiveness of IDPS
 
Network security chapter 1
Network security chapter 1Network security chapter 1
Network security chapter 1
 
CNIT 123: Ch 1 Ethical Hacking Overview
CNIT 123: Ch 1 Ethical Hacking OverviewCNIT 123: Ch 1 Ethical Hacking Overview
CNIT 123: Ch 1 Ethical Hacking Overview
 

Similar to Lesson 2

18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network SecurityKathirvel Ayyaswamy
 
Chapter 5 Presentation
Chapter 5 PresentationChapter 5 Presentation
Chapter 5 PresentationAmy McMullin
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
M.FLORENCE DAYANA/electronic mail security.pdf
M.FLORENCE DAYANA/electronic mail security.pdfM.FLORENCE DAYANA/electronic mail security.pdf
M.FLORENCE DAYANA/electronic mail security.pdfDr.Florence Dayana
 
Integrating Anonymous Credentials with eIDs for Privacy-respecting Online Au...
Integrating Anonymous Credentials with eIDs for Privacy-respecting Online Au...Integrating Anonymous Credentials with eIDs for Privacy-respecting Online Au...
Integrating Anonymous Credentials with eIDs for Privacy-respecting Online Au...Ioannis Krontiris
 
Secrity project keyvan
Secrity project keyvanSecrity project keyvan
Secrity project keyvanitrraincity
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
Protecting Sensitive Data (and be PCI Compliant too!)
Protecting Sensitive Data (and be PCI Compliant too!)Protecting Sensitive Data (and be PCI Compliant too!)
Protecting Sensitive Data (and be PCI Compliant too!)Security Innovation
 
Homomorphic Encryption: Unveiling secrets without exposing them
Homomorphic Encryption: Unveiling secrets without exposing themHomomorphic Encryption: Unveiling secrets without exposing them
Homomorphic Encryption: Unveiling secrets without exposing themMuhammedYaseen39
 
Cscu module 04 data encryption
Cscu module 04 data encryptionCscu module 04 data encryption
Cscu module 04 data encryptionAlireza Ghahrood
 
Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...IOSR Journals
 

Similar to Lesson 2 (20)

Lesson 2 Cryptography tools
Lesson 2 Cryptography toolsLesson 2 Cryptography tools
Lesson 2 Cryptography tools
 
Info security & crypto
Info security & cryptoInfo security & crypto
Info security & crypto
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
 
Chapter 5 Presentation
Chapter 5 PresentationChapter 5 Presentation
Chapter 5 Presentation
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
 
M.FLORENCE DAYANA/electronic mail security.pdf
M.FLORENCE DAYANA/electronic mail security.pdfM.FLORENCE DAYANA/electronic mail security.pdf
M.FLORENCE DAYANA/electronic mail security.pdf
 
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail SecurityCRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
 
Integrating Anonymous Credentials with eIDs for Privacy-respecting Online Au...
Integrating Anonymous Credentials with eIDs for Privacy-respecting Online Au...Integrating Anonymous Credentials with eIDs for Privacy-respecting Online Au...
Integrating Anonymous Credentials with eIDs for Privacy-respecting Online Au...
 
Electronic mail security
Electronic mail securityElectronic mail security
Electronic mail security
 
Secrity project keyvan
Secrity project keyvanSecrity project keyvan
Secrity project keyvan
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
 
Protecting Sensitive Data (and be PCI Compliant too!)
Protecting Sensitive Data (and be PCI Compliant too!)Protecting Sensitive Data (and be PCI Compliant too!)
Protecting Sensitive Data (and be PCI Compliant too!)
 
Network Security CS2
Network Security CS2Network Security CS2
Network Security CS2
 
Homomorphic Encryption: Unveiling secrets without exposing them
Homomorphic Encryption: Unveiling secrets without exposing themHomomorphic Encryption: Unveiling secrets without exposing them
Homomorphic Encryption: Unveiling secrets without exposing them
 
Encryption in Cryptography
Encryption in CryptographyEncryption in Cryptography
Encryption in Cryptography
 
Encryption
EncryptionEncryption
Encryption
 
network security
network securitynetwork security
network security
 
Sw2
Sw2Sw2
Sw2
 
Cscu module 04 data encryption
Cscu module 04 data encryptionCscu module 04 data encryption
Cscu module 04 data encryption
 
Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...
 

More from MLG College of Learning, Inc

More from MLG College of Learning, Inc (20)

PC111.Lesson2
PC111.Lesson2PC111.Lesson2
PC111.Lesson2
 
PC111.Lesson1
PC111.Lesson1PC111.Lesson1
PC111.Lesson1
 
PC111-lesson1.pptx
PC111-lesson1.pptxPC111-lesson1.pptx
PC111-lesson1.pptx
 
PC LEESOON 6.pptx
PC LEESOON 6.pptxPC LEESOON 6.pptx
PC LEESOON 6.pptx
 
PC 106 PPT-09.pptx
PC 106 PPT-09.pptxPC 106 PPT-09.pptx
PC 106 PPT-09.pptx
 
PC 106 PPT-07
PC 106 PPT-07PC 106 PPT-07
PC 106 PPT-07
 
PC 106 PPT-01
PC 106 PPT-01PC 106 PPT-01
PC 106 PPT-01
 
PC 106 PPT-06
PC 106 PPT-06PC 106 PPT-06
PC 106 PPT-06
 
PC 106 PPT-05
PC 106 PPT-05PC 106 PPT-05
PC 106 PPT-05
 
PC 106 Slide 04
PC 106 Slide 04PC 106 Slide 04
PC 106 Slide 04
 
PC 106 Slide no.02
PC 106 Slide no.02PC 106 Slide no.02
PC 106 Slide no.02
 
pc-106-slide-3
pc-106-slide-3pc-106-slide-3
pc-106-slide-3
 
PC 106 Slide 2
PC 106 Slide 2PC 106 Slide 2
PC 106 Slide 2
 
PC 106 Slide 1.pptx
PC 106 Slide 1.pptxPC 106 Slide 1.pptx
PC 106 Slide 1.pptx
 
Db2 characteristics of db ms
Db2 characteristics of db msDb2 characteristics of db ms
Db2 characteristics of db ms
 
Db1 introduction
Db1 introductionDb1 introduction
Db1 introduction
 
Lesson 3.2
Lesson 3.2Lesson 3.2
Lesson 3.2
 
Lesson 3.1
Lesson 3.1Lesson 3.1
Lesson 3.1
 
Lesson 1.6
Lesson 1.6Lesson 1.6
Lesson 1.6
 
Lesson 3.2
Lesson 3.2Lesson 3.2
Lesson 3.2
 

Recently uploaded

Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991RKavithamani
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppCeline George
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Sakshi Ghasle
 

Recently uploaded (20)

Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website App
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application )
 

Lesson 2

  • 1. Principles of Information Security, Fifth Edition Chapter 8 Cryptography Lesson 2 – Cryptography Tools
  • 2. Learning Objectives • Upon completion of this material, you should be able to: – Chronicle the most significant events and discoveries in the history of cryptology – Explain the basic principles of cryptography – Describe the operating principles of the most popular cryptographic tools – List and explicate the major protocols used for secure communications Principles of Information Security, Fifth Edition 2
  • 3. Cryptographic Tools • Potential areas of use include: – Ability to conceal the contents of sensitive messages – Verify the contents of messages and the identities of their senders • Tools must embody cryptographic capabilities so that they can be applied to the everyday world of computing. Principles of Information Security, Fifth Edition 3
  • 4. Public-Key Infrastructure (PKI) • Integrated system of software, encryption methodologies, protocols, legal agreements, and third-party services enabling users to communicate securely • PKI systems based on public-key cryptosystems • PKI protects information assets in several ways: – Authentication – Integrity – Privacy – Authorization – Nonrepudiation Principles of Information Security, Fifth Edition 4
  • 5. Public-Key Infrastructure (PKI) (cont’d) • Typical PKI solution protects the transmission and reception of secure information by integrating: – A certificate authority (CA) – A registration authority (RA) – Certificate directories – Management protocols – Policies and procedures Principles of Information Security, Fifth Edition 5
  • 6. Digital Signatures • Created in response to rising the need to verify information transferred via electronic systems • Asymmetric encryption processes used to create digital signatures • Nonrepudiation: the process that verifies the message was sent by the sender and thus cannot be refuted • Digital Signature Standard (DSS) Principles of Information Security, Fifth Edition 6
  • 7. Digital Certificates • Electronic document/container file containing key value and identifying information about entity that controls key • Digital signature attached to certificate’s container file certifies file’s origin and integrity • Different client-server applications use different types of digital certificates to accomplish their assigned functions. • Distinguished name (DN): uniquely identifies a certificate entity Principles of Information Security, Fifth Edition 7
  • 8. Principles of Information Security, Fifth Edition 8
  • 9. Principles of Information Security, Fifth Edition 9
  • 10. Principles of Information Security, Fifth Edition 10
  • 11. Hybrid Cryptography Systems • Except with digital certificates, pure asymmetric key encryption is not widely used. • Asymmetric encryption is more often used with symmetric key encryption, as part of a hybrid system. • Diffie-Hellman Key Exchange method: – Most common hybrid system – Provides foundation for subsequent developments in public-key encryption Principles of Information Security, Fifth Edition 11
  • 12. Principles of Information Security, Fifth Edition 12
  • 13. Steganography • “Art of secret writing” • Has been used for centuries • Most popular modern version hides information within files that contain digital pictures or other images • Some applications hide messages in .bmp, .wav, .mp3, and .au files, as well as in unused space on CDs and DVDs Principles of Information Security, Fifth Edition 13
  • 14. Protocols for Secure Communications • Most of the software currently used to protect the confidentiality of information are not true cryptosystems. • They are applications to which cryptographic protocols have been added. • Particularly true of Internet protocols • As the number of threats to the Internet grew, so did the need for additional security measures. Principles of Information Security, Fifth Edition 14
  • 15. Securing Internet Communication with S-HTTP and SSL • Secure Sockets Layer (SSL) protocol: uses public key encryption to secure channel over public Internet • Secure Hypertext Transfer Protocol (S-HTTP): extended version of Hypertext Transfer Protocol; provides for encryption of individual messages between client and server across Internet • S-HTTP is the application of SSL over HTTP. – Allows encryption of information passing between computers through protected and secure virtual connection Principles of Information Security, Fifth Edition 15
  • 16. Securing E-mail with S/MIME, PEM, and PGP • Secure Multipurpose Internet Mail Extensions (S/MIME): builds on Multipurpose Internet Mail Extensions (MIME) encoding format and uses digital signatures based on public-key cryptosystems • Privacy Enhanced Mail (PEM): proposed as standard to use 3DES symmetric key encryption and RSA for key exchanges and digital signatures • Pretty Good Privacy (PGP): uses IDEA Cipher for message encoding Principles of Information Security, Fifth Edition 16
  • 17. Securing Web Transactions with SET, SSL, and S-HTTP • Secure Electronic Transactions (SET): developed by MasterCard and VISA in 1997 to protect against electronic payment fraud • Uses DES to encrypt credit card information transfers • Provides security for both Internet-based credit card transactions and credit card swipe systems in retail stores Principles of Information Security, Fifth Edition 17
  • 18. Securing Wireless Networks with WEP and WPA • Wired Equivalent Privacy (WEP): early attempt to provide security with the 8002.11 network protocol • Wi-Fi Protected Access (WPA and WPA2): created to resolve issues with WEP • Next Generation Wireless Protocols: Robust Secure Networks (RSN), AES–Counter Mode CBC MAC Protocol (CCMP) • Bluetooth: can be exploited by anyone within approximately 30 foot range, unless suitable security controls are implemented Principles of Information Security, Fifth Edition 18
  • 19. Principles of Information Security, Fifth Edition 19
  • 20. Securing TCP/IP with IPSec and PGP • Internet Protocol Security (IPSec): an open-source protocol framework for security development within the TCP/IP family of protocol standards • IPSec uses several different cryptosystems. – Diffie-Hellman key exchange for deriving key material between peers on a public network – Public key cryptography for signing the Diffie- Hellman exchanges to guarantee identity – Bulk encryption algorithms for encrypting the data – Digital certificates signed by a certificate authority to act as digital ID cards Principles of Information Security, Fifth Edition 20
  • 21. Principles of Information Security, Fifth Edition 21
  • 22. Securing TCP/IP with IPSec and PGP (cont’d) • Pretty Good Privacy (PGP): hybrid cryptosystem designed in 1991 by Phil Zimmermann – Combined best available cryptographic algorithms to become open source de facto standard for encryption and authentication of e-mail and file storage applications. – Freeware and low-cost commercial PGP versions are available for many platforms. – PGP security solution provides six services: authentication by digital signatures, message encryption, compression, e-mail compatibility, segmentation, key management Principles of Information Security, Fifth Edition 22
  • 23. Summary • Cryptography and encryption provide sophisticated approach to security. – Many security-related tools use embedded encryption technologies. – Encryption converts a message into a form that is unreadable by the unauthorized. • Many tools are available and can be classified as symmetric or asymmetric, each having advantages and special capabilities. Principles of Information Security, Fifth Edition 23
  • 24. Summary (cont’d) • Strength of encryption tool is dependent on the key size but even more dependent on following good management practices. • Cryptography is used to secure most aspects of Internet and Web uses that require it, drawing on extensive set of protocols and tools designed for that purpose. Principles of Information Security, Fifth Edition 24