SlideShare a Scribd company logo

Linux for Cybersecurity CYB110 - Unit 7.ppsx

Download as PPSX, PDF
B
BrenoMeister

Linux for Cybersecurity

Technology
1 of 19
Linux Encryption
Encryption Source: Encryption (July 28, 2023), Wikipedia. https://en.wikipedia.org/wiki/Encryption
Encryption • In cryptography, encryption is the process of encoding information. • Converts the original representation of the information, known as plaintext, into an alternative form known as “ciphertext”. • Ideally, only authorized parties can decipher a ciphertext back to plaintext and access the original information. • Encryption does not itself prevent interference but denies the intelligible content to a would-be interceptor. Source: Encryption (July 28, 2023), Wikipedia. https://en.wikipedia.org/wiki/Encryption
Encryption (2) Uses: • Secret communications • Protect “data at rest” • Digital rights management • Protect “data in transit” • Data erasure Types: • Diffie-Hellman key exchange • RSA (Rivest-Shamir-Adleman) • PGP (Pretty Good Privacy) Source: Encryption (July 28, 2023), Wikipedia. https://en.wikipedia.org/wiki/Encryption
Encryption (3) • Encryption scheme uses a “pseudo-random” encryption key generated by an algorithm. • Authorized recipients can easily decrypt the message with the key provided by the originator to recipients. • Modern encryption schemes use the concepts of public-key and symmetric-key. • Possible to decrypt the message without possessing the key but, for well-designed encryption schemes considerable computational resources and skills are required. Source: Encryption (July 28, 2023), Wikipedia. https://en.wikipedia.org/wiki/Encryption
Encryption (4) • As computing power continues to increase, computer encryption is constantly evolving. • DES (Data Encryption Standard) utilized a 56-bit key with 72 quadrillion possibilities (cracked in a day by EFF's DES cracker in 1999) • Modern standards often use stronger key sizes often 256, like AES (256-bit mode), TwoFish, ChaCha20-Ploy 1305, Serpent (configurable up to 512-bit). • Cipher suites utilizing a 128-bit or higher key, like AES (Advanced Encryption Standard), will not be able to be brute-forced due to the total amount of keys of three hundred and forty undecillion possibilities. • Option for cracking ciphers with high key size is to find vulnerabilities in the cipher itself, for example, RC4, a stream cipher used in WEP, cracked (2015). Source: Encryption (July 28, 2023), Wikipedia. https://en.wikipedia.org/wiki/Encryption
Encryption (5) • An important tool but not sufficient to ensure the security or privacy of sensitive information throughout its lifetime. • Most applications of encryption protect information only at rest or in transit, not during processing, such as by a cloud service for example. • With encryption of data-at-rest, adversaries have developed new types of attacks. • These include cryptographic attacks, stolen ciphertext attacks, attacks on encryption keys, insider attacks, data corruption or integrity attacks, data destruction attacks, and ransomware attacks. • Data fragmentation and active defense data protection technologies attempt to counter some of these attacks, by distributing, moving, or mutating ciphertext so it is more difficult to identify, steal, corrupt, or destroy. Source: Encryption (July 28, 2023), Wikipedia. https://en.wikipedia.org/wiki/Encryption
Introduction to Linux Encryption Overview of Linux Encryption: • Encryption is the process of securing sensitive data by converting it into an unreadable format. • Linux offers powerful encryption tools for data protection, communication security, and more. • Safeguards data from unauthorized access, ensuring confidentiality. • Protects data at rest and in transit. • Essential for compliance with privacy and security regulations.
Overview of dm-crypt/LUKS Definition: Linux Unified Key Setup (LUKS) is a disk encryption specification that allows multiple user keys (2004). • Key Features: • Full-disk encryption  Encrypt the root partition • Multiple key support  Allows users to add backup keys or passphrases (up to 8) • Data security at rest  Ensures that files are always stored on disk in an encrypted form Source: Linux Unified Key Setup (June 14, 2023), Wikipedia. https://en.wikipedia.org/wiki/Linux_Unified_Key_Setup
How dm-crypt/LUKS Works • Encrypts entire disk partitions. • Requires a passphrase or keyfile to unlock. • Uses symmetric key encryption algorithms. • Provides a secure storage layer for data.
Hands-On with dm-crypt/LUKS Lab Exercise: •Demonstrating the setup of dm-crypt/LUKS for full- disk encryption. •Exploring the process of unlocking and accessing encrypted volumes.
Overview of GnuPG (GPG) Definition: GNU Privacy Guard is an open-source encryption software for email and file encryption (1997). Key Features: • Uses OpenPGP  Widely used email encryption standard • File-level encryption  A form of disk encryption • Digital signatures  Used to validate authenticity and integrity • Public and private key pairs  Public key available to anyone, but private key available only to the owner Source: GNU Privacy Guard (August 26, 2023), Wikipedia. https://en.wikipedia.org/wiki/GNU_Privacy_Guard
How GnuPG (GPG) Works • Uses asymmetric key encryption for secure communication. • Encrypts and decrypts individual files or email messages. • Allows users to sign files with a digital signature to verify authenticity.
Hands-On with GnuPG (GPG) Lab Exercise: •Demonstrating file-level encryption using GnuPG (GPG). •Creating key pairs, encrypting files, and decrypting them.
Overview of OpenSSL • Definition: An open-source toolkit implementing the SSL and TLS protocols for secure communication. • Key Features: • SSL/TLS certificate generation and management  Generated through a trusted certificate authority (CA) or individual signed certificate • Secure socket layer for data encryption in network communication  Standard technology for securing an internet connection by encrypting data sent between a website or browser. Source: OpenVAS (September 22, 2023), Wikipedia. https://en.wikipedia.org/wiki/OpenVAS
How OpenSSL Works • Generates X.509 certificates for web servers and clients. • Provides secure connections using SSL/TLS encryption. • Enables secure web browsing, email, and other encrypted communications.
Hands-On with OpenSSL Lab Exercise: • Demonstrating SSL/TLS certificate generation using OpenSSL. • Managing certificates for web servers and securing web traffic.
Best Practices for Linux Encryption • Use strong, unique passwords and passphrases. • Regularly update encryption software and keys. • Implement multi-factor authentication for added security. • Encrypt data at rest and in transit.
Summary • Linux offers robust encryption tools for data protection and secure communication. • Understanding dm-crypt/LUKS, GnuPG (GPG), and OpenSSL is essential for cybersecurity professionals.

Recommended

Info security & crypto
Info security & cryptoInfo security & crypto
Info security & cryptoShehrevar Davierwala
 
Enhancing lan using cryptography and other modules
Enhancing lan using cryptography and other modulesEnhancing lan using cryptography and other modules
Enhancing lan using cryptography and other modulesMurali Krishna
 
Cryptography
CryptographyCryptography
CryptographySourabh Badve
 
JPJ1408 Key-Aggregate Cryptosystem for Scalable Data Sharing in Cloud Storage
JPJ1408 Key-Aggregate Cryptosystem for Scalable Data Sharing in Cloud StorageJPJ1408 Key-Aggregate Cryptosystem for Scalable Data Sharing in Cloud Storage
JPJ1408 Key-Aggregate Cryptosystem for Scalable Data Sharing in Cloud Storagechennaijp
 
SECRY - Secure file storage on cloud using hybrid cryptography
SECRY - Secure file storage on cloud using hybrid cryptographySECRY - Secure file storage on cloud using hybrid cryptography
SECRY - Secure file storage on cloud using hybrid cryptographyALIN BABU
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
Data encryption
Data encryptionData encryption
Data encryptionBalvant Biradar
 
Cryto Party at CCU
Cryto Party at CCUCryto Party at CCU
Cryto Party at CCUJose L. Quiñones-Borrero
 

Recommended

Info security & crypto
Info security & cryptoInfo security & crypto
Info security & cryptoShehrevar Davierwala
 
Enhancing lan using cryptography and other modules
Enhancing lan using cryptography and other modulesEnhancing lan using cryptography and other modules
Enhancing lan using cryptography and other modulesMurali Krishna
 
Cryptography
CryptographyCryptography
CryptographySourabh Badve
 
JPJ1408 Key-Aggregate Cryptosystem for Scalable Data Sharing in Cloud Storage
JPJ1408 Key-Aggregate Cryptosystem for Scalable Data Sharing in Cloud StorageJPJ1408 Key-Aggregate Cryptosystem for Scalable Data Sharing in Cloud Storage
JPJ1408 Key-Aggregate Cryptosystem for Scalable Data Sharing in Cloud Storagechennaijp
 
SECRY - Secure file storage on cloud using hybrid cryptography
SECRY - Secure file storage on cloud using hybrid cryptographySECRY - Secure file storage on cloud using hybrid cryptography
SECRY - Secure file storage on cloud using hybrid cryptographyALIN BABU
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
Data encryption
Data encryptionData encryption
Data encryptionBalvant Biradar
 
Cryto Party at CCU
Cryto Party at CCUCryto Party at CCU
Cryto Party at CCUJose L. Quiñones-Borrero
 
Chapter 08
Chapter 08Chapter 08
Chapter 08cclay3
 
The Time-Consuming Task Of Preparing A Data Set For...
The Time-Consuming Task Of Preparing A Data Set For...The Time-Consuming Task Of Preparing A Data Set For...
The Time-Consuming Task Of Preparing A Data Set For...Kimberly Thomas
 
Cryptography
CryptographyCryptography
CryptographyMuhammad Shoaib Saleem
 
Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017FRSecure
 
Protecting Sensitive Data (and be PCI Compliant too!)
Protecting Sensitive Data (and be PCI Compliant too!)Protecting Sensitive Data (and be PCI Compliant too!)
Protecting Sensitive Data (and be PCI Compliant too!)Security Innovation
 
Cryptography Final Presentation.pptx
Cryptography Final Presentation.pptxCryptography Final Presentation.pptx
Cryptography Final Presentation.pptxGaneshBagul8
 
Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...IOSR Journals
 
L017136269
L017136269L017136269
L017136269IOSR Journals
 
Analysis of Cryptographic Algorithms for Network Security
Analysis of Cryptographic Algorithms for Network SecurityAnalysis of Cryptographic Algorithms for Network Security
Analysis of Cryptographic Algorithms for Network SecurityEditor IJCATR
 
Lesson 1
Lesson 1Lesson 1
Lesson 1MLG College of Learning, Inc
 
Psdot 12 a secure erasure code-based cloud storage
Psdot 12 a secure erasure code-based cloud storagePsdot 12 a secure erasure code-based cloud storage
Psdot 12 a secure erasure code-based cloud storageZTech Proje
 
SECURITY BASED ISSUES IN VIEW OF CLOUD BASED STORAGE SYSTEM
SECURITY BASED ISSUES IN VIEW OF CLOUD BASED STORAGE SYSTEMSECURITY BASED ISSUES IN VIEW OF CLOUD BASED STORAGE SYSTEM
SECURITY BASED ISSUES IN VIEW OF CLOUD BASED STORAGE SYSTEMJournal For Research
 
Implement a novel symmetric block
Implement a novel symmetric blockImplement a novel symmetric block
Implement a novel symmetric blockijcisjournal
 
s117
s117s117
s117s1170034
 
key-aggregate cryptosystem for scalable data sharing in cloud storage
key-aggregate cryptosystem for scalable data sharing in cloud storagekey-aggregate cryptosystem for scalable data sharing in cloud storage
key-aggregate cryptosystem for scalable data sharing in cloud storageswathi78
 
A Review Paper on Secure authentication and data sharing in cloud storage usi...
A Review Paper on Secure authentication and data sharing in cloud storage usi...A Review Paper on Secure authentication and data sharing in cloud storage usi...
A Review Paper on Secure authentication and data sharing in cloud storage usi...ijsrd.com
 
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHM
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHMIMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHM
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHMijcisjournal
 
A Robust Cryptographic System using Neighborhood-Generated Keys
A Robust Cryptographic System using Neighborhood-Generated KeysA Robust Cryptographic System using Neighborhood-Generated Keys
A Robust Cryptographic System using Neighborhood-Generated KeysIJORCS
 
A Robust Cryptographic System using Neighborhood-Generated Keys
A Robust Cryptographic System using Neighborhood-Generated KeysA Robust Cryptographic System using Neighborhood-Generated Keys
A Robust Cryptographic System using Neighborhood-Generated KeysIJORCS
 
Implementation of De-Duplication Algorithm
Implementation of De-Duplication AlgorithmImplementation of De-Duplication Algorithm
Implementation of De-Duplication AlgorithmIRJET Journal
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDubai Multi Commodity Centre
 

More Related Content

Similar to Linux for Cybersecurity CYB110 - Unit 7.ppsx

Chapter 08
Chapter 08Chapter 08
Chapter 08cclay3
 
The Time-Consuming Task Of Preparing A Data Set For...
The Time-Consuming Task Of Preparing A Data Set For...The Time-Consuming Task Of Preparing A Data Set For...
The Time-Consuming Task Of Preparing A Data Set For...Kimberly Thomas
 
Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017FRSecure
 
Protecting Sensitive Data (and be PCI Compliant too!)
Protecting Sensitive Data (and be PCI Compliant too!)Protecting Sensitive Data (and be PCI Compliant too!)
Protecting Sensitive Data (and be PCI Compliant too!)Security Innovation
 
Cryptography Final Presentation.pptx
Cryptography Final Presentation.pptxCryptography Final Presentation.pptx
Cryptography Final Presentation.pptxGaneshBagul8
 
Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...IOSR Journals
 
Analysis of Cryptographic Algorithms for Network Security
Analysis of Cryptographic Algorithms for Network SecurityAnalysis of Cryptographic Algorithms for Network Security
Analysis of Cryptographic Algorithms for Network SecurityEditor IJCATR
 
Psdot 12 a secure erasure code-based cloud storage
Psdot 12 a secure erasure code-based cloud storagePsdot 12 a secure erasure code-based cloud storage
Psdot 12 a secure erasure code-based cloud storageZTech Proje
 
SECURITY BASED ISSUES IN VIEW OF CLOUD BASED STORAGE SYSTEM
SECURITY BASED ISSUES IN VIEW OF CLOUD BASED STORAGE SYSTEMSECURITY BASED ISSUES IN VIEW OF CLOUD BASED STORAGE SYSTEM
SECURITY BASED ISSUES IN VIEW OF CLOUD BASED STORAGE SYSTEMJournal For Research
 
Implement a novel symmetric block
Implement a novel symmetric blockImplement a novel symmetric block
Implement a novel symmetric blockijcisjournal
 
key-aggregate cryptosystem for scalable data sharing in cloud storage
key-aggregate cryptosystem for scalable data sharing in cloud storagekey-aggregate cryptosystem for scalable data sharing in cloud storage
key-aggregate cryptosystem for scalable data sharing in cloud storageswathi78
 
A Review Paper on Secure authentication and data sharing in cloud storage usi...
A Review Paper on Secure authentication and data sharing in cloud storage usi...A Review Paper on Secure authentication and data sharing in cloud storage usi...
A Review Paper on Secure authentication and data sharing in cloud storage usi...ijsrd.com
 
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHM
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHMIMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHM
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHMijcisjournal
 
A Robust Cryptographic System using Neighborhood-Generated Keys
A Robust Cryptographic System using Neighborhood-Generated KeysA Robust Cryptographic System using Neighborhood-Generated Keys
A Robust Cryptographic System using Neighborhood-Generated KeysIJORCS
 
A Robust Cryptographic System using Neighborhood-Generated Keys
A Robust Cryptographic System using Neighborhood-Generated KeysA Robust Cryptographic System using Neighborhood-Generated Keys
A Robust Cryptographic System using Neighborhood-Generated KeysIJORCS
 
Implementation of De-Duplication Algorithm
Implementation of De-Duplication AlgorithmImplementation of De-Duplication Algorithm
Implementation of De-Duplication AlgorithmIRJET Journal
 

Similar to Linux for Cybersecurity CYB110 - Unit 7.ppsx (20)

Chapter 08
Chapter 08Chapter 08
Chapter 08
 
The Time-Consuming Task Of Preparing A Data Set For...
The Time-Consuming Task Of Preparing A Data Set For...The Time-Consuming Task Of Preparing A Data Set For...
The Time-Consuming Task Of Preparing A Data Set For...
 
Cryptography
CryptographyCryptography
Cryptography
 
Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017
 
Protecting Sensitive Data (and be PCI Compliant too!)
Protecting Sensitive Data (and be PCI Compliant too!)Protecting Sensitive Data (and be PCI Compliant too!)
Protecting Sensitive Data (and be PCI Compliant too!)
 
Cryptography Final Presentation.pptx
Cryptography Final Presentation.pptxCryptography Final Presentation.pptx
Cryptography Final Presentation.pptx
 
Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...Comparison of Various Encryption Algorithms and Techniques for improving secu...
Comparison of Various Encryption Algorithms and Techniques for improving secu...
 
L017136269
L017136269L017136269
L017136269
 
Analysis of Cryptographic Algorithms for Network Security
Analysis of Cryptographic Algorithms for Network SecurityAnalysis of Cryptographic Algorithms for Network Security
Analysis of Cryptographic Algorithms for Network Security
 
Lesson 1
Lesson 1Lesson 1
Lesson 1
 
Psdot 12 a secure erasure code-based cloud storage
Psdot 12 a secure erasure code-based cloud storagePsdot 12 a secure erasure code-based cloud storage
Psdot 12 a secure erasure code-based cloud storage
 
SECURITY BASED ISSUES IN VIEW OF CLOUD BASED STORAGE SYSTEM
SECURITY BASED ISSUES IN VIEW OF CLOUD BASED STORAGE SYSTEMSECURITY BASED ISSUES IN VIEW OF CLOUD BASED STORAGE SYSTEM
SECURITY BASED ISSUES IN VIEW OF CLOUD BASED STORAGE SYSTEM
 
Implement a novel symmetric block
Implement a novel symmetric blockImplement a novel symmetric block
Implement a novel symmetric block
 
s117
s117s117
s117
 
key-aggregate cryptosystem for scalable data sharing in cloud storage
key-aggregate cryptosystem for scalable data sharing in cloud storagekey-aggregate cryptosystem for scalable data sharing in cloud storage
key-aggregate cryptosystem for scalable data sharing in cloud storage
 
A Review Paper on Secure authentication and data sharing in cloud storage usi...
A Review Paper on Secure authentication and data sharing in cloud storage usi...A Review Paper on Secure authentication and data sharing in cloud storage usi...
A Review Paper on Secure authentication and data sharing in cloud storage usi...
 
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHM
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHMIMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHM
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHM
 
A Robust Cryptographic System using Neighborhood-Generated Keys
A Robust Cryptographic System using Neighborhood-Generated KeysA Robust Cryptographic System using Neighborhood-Generated Keys
A Robust Cryptographic System using Neighborhood-Generated Keys
 
A Robust Cryptographic System using Neighborhood-Generated Keys
A Robust Cryptographic System using Neighborhood-Generated KeysA Robust Cryptographic System using Neighborhood-Generated Keys
A Robust Cryptographic System using Neighborhood-Generated Keys
 
Implementation of De-Duplication Algorithm
Implementation of De-Duplication AlgorithmImplementation of De-Duplication Algorithm
Implementation of De-Duplication Algorithm
 

Recently uploaded

Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 

Recently uploaded (20)

Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 

Linux for Cybersecurity CYB110 - Unit 7.ppsx

  • 2. Encryption Source: Encryption (July 28, 2023), Wikipedia. https://en.wikipedia.org/wiki/Encryption
  • 3. Encryption • In cryptography, encryption is the process of encoding information. • Converts the original representation of the information, known as plaintext, into an alternative form known as “ciphertext”. • Ideally, only authorized parties can decipher a ciphertext back to plaintext and access the original information. • Encryption does not itself prevent interference but denies the intelligible content to a would-be interceptor. Source: Encryption (July 28, 2023), Wikipedia. https://en.wikipedia.org/wiki/Encryption
  • 4. Encryption (2) Uses: • Secret communications • Protect “data at rest” • Digital rights management • Protect “data in transit” • Data erasure Types: • Diffie-Hellman key exchange • RSA (Rivest-Shamir-Adleman) • PGP (Pretty Good Privacy) Source: Encryption (July 28, 2023), Wikipedia. https://en.wikipedia.org/wiki/Encryption
  • 5. Encryption (3) • Encryption scheme uses a “pseudo-random” encryption key generated by an algorithm. • Authorized recipients can easily decrypt the message with the key provided by the originator to recipients. • Modern encryption schemes use the concepts of public-key and symmetric-key. • Possible to decrypt the message without possessing the key but, for well-designed encryption schemes considerable computational resources and skills are required. Source: Encryption (July 28, 2023), Wikipedia. https://en.wikipedia.org/wiki/Encryption
  • 6. Encryption (4) • As computing power continues to increase, computer encryption is constantly evolving. • DES (Data Encryption Standard) utilized a 56-bit key with 72 quadrillion possibilities (cracked in a day by EFF's DES cracker in 1999) • Modern standards often use stronger key sizes often 256, like AES (256-bit mode), TwoFish, ChaCha20-Ploy 1305, Serpent (configurable up to 512-bit). • Cipher suites utilizing a 128-bit or higher key, like AES (Advanced Encryption Standard), will not be able to be brute-forced due to the total amount of keys of three hundred and forty undecillion possibilities. • Option for cracking ciphers with high key size is to find vulnerabilities in the cipher itself, for example, RC4, a stream cipher used in WEP, cracked (2015). Source: Encryption (July 28, 2023), Wikipedia. https://en.wikipedia.org/wiki/Encryption
  • 7. Encryption (5) • An important tool but not sufficient to ensure the security or privacy of sensitive information throughout its lifetime. • Most applications of encryption protect information only at rest or in transit, not during processing, such as by a cloud service for example. • With encryption of data-at-rest, adversaries have developed new types of attacks. • These include cryptographic attacks, stolen ciphertext attacks, attacks on encryption keys, insider attacks, data corruption or integrity attacks, data destruction attacks, and ransomware attacks. • Data fragmentation and active defense data protection technologies attempt to counter some of these attacks, by distributing, moving, or mutating ciphertext so it is more difficult to identify, steal, corrupt, or destroy. Source: Encryption (July 28, 2023), Wikipedia. https://en.wikipedia.org/wiki/Encryption
  • 8. Introduction to Linux Encryption Overview of Linux Encryption: • Encryption is the process of securing sensitive data by converting it into an unreadable format. • Linux offers powerful encryption tools for data protection, communication security, and more. • Safeguards data from unauthorized access, ensuring confidentiality. • Protects data at rest and in transit. • Essential for compliance with privacy and security regulations.
  • 9. Overview of dm-crypt/LUKS Definition: Linux Unified Key Setup (LUKS) is a disk encryption specification that allows multiple user keys (2004). • Key Features: • Full-disk encryption  Encrypt the root partition • Multiple key support  Allows users to add backup keys or passphrases (up to 8) • Data security at rest  Ensures that files are always stored on disk in an encrypted form Source: Linux Unified Key Setup (June 14, 2023), Wikipedia. https://en.wikipedia.org/wiki/Linux_Unified_Key_Setup
  • 10. How dm-crypt/LUKS Works • Encrypts entire disk partitions. • Requires a passphrase or keyfile to unlock. • Uses symmetric key encryption algorithms. • Provides a secure storage layer for data.
  • 11. Hands-On with dm-crypt/LUKS Lab Exercise: •Demonstrating the setup of dm-crypt/LUKS for full- disk encryption. •Exploring the process of unlocking and accessing encrypted volumes.
  • 12. Overview of GnuPG (GPG) Definition: GNU Privacy Guard is an open-source encryption software for email and file encryption (1997). Key Features: • Uses OpenPGP  Widely used email encryption standard • File-level encryption  A form of disk encryption • Digital signatures  Used to validate authenticity and integrity • Public and private key pairs  Public key available to anyone, but private key available only to the owner Source: GNU Privacy Guard (August 26, 2023), Wikipedia. https://en.wikipedia.org/wiki/GNU_Privacy_Guard
  • 13. How GnuPG (GPG) Works • Uses asymmetric key encryption for secure communication. • Encrypts and decrypts individual files or email messages. • Allows users to sign files with a digital signature to verify authenticity.
  • 14. Hands-On with GnuPG (GPG) Lab Exercise: •Demonstrating file-level encryption using GnuPG (GPG). •Creating key pairs, encrypting files, and decrypting them.
  • 15. Overview of OpenSSL • Definition: An open-source toolkit implementing the SSL and TLS protocols for secure communication. • Key Features: • SSL/TLS certificate generation and management  Generated through a trusted certificate authority (CA) or individual signed certificate • Secure socket layer for data encryption in network communication  Standard technology for securing an internet connection by encrypting data sent between a website or browser. Source: OpenVAS (September 22, 2023), Wikipedia. https://en.wikipedia.org/wiki/OpenVAS
  • 16. How OpenSSL Works • Generates X.509 certificates for web servers and clients. • Provides secure connections using SSL/TLS encryption. • Enables secure web browsing, email, and other encrypted communications.
  • 17. Hands-On with OpenSSL Lab Exercise: • Demonstrating SSL/TLS certificate generation using OpenSSL. • Managing certificates for web servers and securing web traffic.
  • 18. Best Practices for Linux Encryption • Use strong, unique passwords and passphrases. • Regularly update encryption software and keys. • Implement multi-factor authentication for added security. • Encrypt data at rest and in transit.
  • 19. Summary • Linux offers robust encryption tools for data protection and secure communication. • Understanding dm-crypt/LUKS, GnuPG (GPG), and OpenSSL is essential for cybersecurity professionals.