70 likes | 176 Views
Computer Security: Problem. The Problem: Billions in Losses Outright theft Online scams Viruses / Worms Actual damage Actions to avoid damage Denial of Service Etc. Possible Traps (Public Systems ! ! ! ) Trojan Horse Onlooker Cameras. Computer Security: Defenses. Passwords
E N D
Computer Security: Problem • The Problem: Billions in Losses • Outright theft • Online scams • Viruses / Worms • Actual damage • Actions to avoid damage • Denial of Service • Etc. • Possible Traps (Public Systems ! ! ! ) • Trojan Horse • Onlooker • Cameras
Computer Security: Defenses • Passwords • Using Secure Passwords • Keeping them Secure • Encryption • Simple (Classical Encryption – Pre-Computer) • Strong (Modern – Computer Based) • Good Practices • Like all fields, doing something stupid … • Tradeoffs • Is the cure worse than the disease? • Long Live Common Sense!
Good Passwords and Cracking • Briefcase (style) Combination Locks • Brute force methods: Try allcombinations • Number of wheels • Number of position per wheel • Time per trial • How long does it take? • Contrast to BRUTE brute force method (Always Consider!) • Password on a computer • + More possibilities per “wheel” • + More “wheels” (often up to user) • - Computer based cracking faster! • - Dictionary attacks • Picking a good UNIX password
Classical Encryption • When passwords fail, encryption can be fallback • Also provides extra level of difficulty • Security vs. Privacy • Many levels of encryption sophistication: Go through some of them • Single Alphabetic Substitution • Caesar: L FDPH, L VDZ, L FRQTXHUHG • Magic decoder ring? • Cryptoquote • Cracking single alphabetic substitution • Character frequency -- ETAONIRSH • (Length of text)
Classical Encryption: Single Alphabet I F O J L K F J N D C E L N P N C X N D J L D V F F O J I D M R N J L U J F O V R M I F J M R F C M R S L K F C M S C N C M, D C N Q C D M S F C, K F C K N S P N E S C B S U N J M X, D C E E N E S K D M N E M F M R N G J F G F L S M S F C M R D M D B B A N C D J N K J N D M N E N H O D B. -- D B S C K F B C A 1 H 1 O 4 V 2 B 6 I 3 P 2 W 0 C 16 J 11 Q 1 X 2 D 14 K 7 R 6 Y 0 E 7 L 6 S 10 Z 0 F 15 M 15 T 0 G 2 N 18 U 2
Classical Encryption • Polyalphabetic Substitution • The Vignere Cypher • The Babbit Solution • How many alphabets used? • digraph frequency “th” • Several Single-Alphabet problems • Cypher Reuse ! • Bigger pool of data • Patterns become obvious • One Time Pads • Can be Absolutely Secure • Computers and Random Number Generators ?!
Classical Encryption • The Key Exchange Problem • Threats • Using your “secure” channel • A padlock analogy • Diffie, Hellman, and Merkle solution