1 / 11

LIS508 last lecture: Cryptography & Security

LIS508 last lecture: Cryptography & Security. Thomas Krichel 2002-12-16. Internet security. On the Internet, every stream of communication that anyone sends can, in principle, be read by anyone else. Assess to the physical wire is all that it takes. How to establish secure communication?.

jdipasquale
Download Presentation

LIS508 last lecture: Cryptography & Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. LIS508 last lecture: Cryptography & Security Thomas Krichel 2002-12-16

  2. Internet security • On the Internet, every stream of communication that anyone sends can, in principle, be read by anyone else. • Assess to the physical wire is all that it takes. • How to establish secure communication?

  3. Introduction • A subject with a very colorful history. • In the past cryptography mainly used by military, diplomatic corps, diarists and lovers. • For the military, difficulty of encryption in the battlefield was main problem. • Original data, called “plaintext” is transformed by a function parameterized by a “key”, to get “cyphertext”.

  4. cryptanalysis • The art of finding the way to get from the cyphertext to the plain text is called cryptanalysis. We assume that the cryptanalyst knows the general method, but does not know the key. • Cryptanalysts one of three types of problems • cyphertext only • known plaintext • chosen plaintext

  5. Tradition encryptation methods • Substitution ciphers keep letters in the same position but replace each letter of the alphabet with another. • Transposition ciphers keep each letter as it is but shovels the letters around. • We need some redundant data in the cyphertext in order to deter active intruders from generating bogus message • but the more redundant data in the plain text makes it easier for passive intruders. • Main problem: keeping the key secret.

  6. Diffie and Hellman (1978) • Let P be the plaintext, C be the cyphertext. E() is the encryption key and D() is the decryption key. • Then we have public key cryptography if • 1. D(E(P))=P • 2. D() can not be broken by chosen plaintext attack. • 3. Knowing E() will give you no clue about D(). • E() can then be made public and is referred to as the public key, D() is the private key. • It is possible to find key pairs that have these properties.

  7. Authentication • I want to securely login to a host machine. • I send the hast an encrypted message ``hey, I am Thomas, my public key is 7ni820g=0...'' • Machine then knows how to send me messages that other people can not decode. • But it can not be sure that it was me who sent the message. An intruder may have done that since me public key is public. • This problem is solved by challenge/response

  8. challenge/response • To find out if I am the person that I claim to be, the machine encodes a random number, and challenges me to decode that number. • If my software can decode the challenge, I must be the person whom I claim I am. • My software and the host will agree on a session key to use to encrypt all communication. • Thus the communication is encoded using simple cryptography because that is less intensive.

  9. General Security • Always log off. • Choose secure password, for example through concatenating the first letters of a phrase: ig!,&w • Never use telnet and ftp to a private account, use secure methods only. • Disable all services that you do not use.

  10. General security • Disable booting from floppy disks. • You can change boot sequence in the bios settings. • On different machines use different passwords. • You can set a bios password. • Keep regular backups.

  11. http://openlib.org/home/krichel Thank you for your attention!

More Related