data security and encryption (cse348) 1. revision lectures 16-30 2
TRANSCRIPT
![Page 1: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/1.jpg)
Data Security and Encryption
(CSE348)
1
![Page 2: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/2.jpg)
Revision
Lectures 16-30
2
![Page 3: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/3.jpg)
RSA RSA is the best known, and by far the most widely
used general public key encryption algorithm
First published by Rivest, Shamir & Adleman of MIT in 1978 [RIVE78]
The Rivest-Shamir-Adleman (RSA) scheme has since that time ruled supreme as the most widely accepted
Implemented general-purpose approach to public-key encryption
3
![Page 4: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/4.jpg)
RSA
It is based on exponentiation in a finite (Galois) field over integers modulo a prime, using large integers (eg. 1024 bits)
Its security is due to the cost of factoring large numbers
4
![Page 5: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/5.jpg)
RSA By Rivest, Shamir & Adleman of MIT in 1977 Best known & widely used public-key scheme based on exponentiation in a finite (Galois) field over
integers modulo a prime nb. exponentiation takes O((log n)3) operations (easy)
Uses large integers (eg. 1024 bits) Security due to cost of factoring large numbers
nb. factorization takes O(e log n log log n) operations (hard)
5
![Page 6: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/6.jpg)
RSA En/decryption• The scheme developed by Rivest, Shamir, and
Adleman makes use of an expression with exponentials
• Plaintext is encrypted in blocks• with each block having a binary value less than some
number n• The actual RSA encryption and decryption
computations are each simply a single exponentiation mod (n)
6
![Page 7: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/7.jpg)
RSA En/decryption• Both sender and receiver must know the value of n• The sender knows the value of e, and only the
receiver knows the value of d• Thus, this is a public-key encryption algorithm with a
public key of PU = {e, n} and a private key of PR = {d, n}
• The message must be smaller than the modulus• The “magic” is in the choice of the modulus and
exponents which makes the system work
7
![Page 8: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/8.jpg)
RSA En/decryption
• To encrypt a message M the sender:– obtains public key of recipient PU={e,n} – computes: C = Me mod n, where 0≤M<n
• To decrypt the ciphertext C the owner:– uses their private key PR={d,n} – computes: M = Cd mod n
• The message M must be smaller than the modulus n (block if needed)
8
![Page 9: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/9.jpg)
Diffie-Hellman Key Exchange Public-key cryptography systems (PKCSs)
Begins with a description of one of the earliest and simplest PKCS
Diffie-Hellman key exchange
This first published public-key algorithm appeared in the seminal paper by Diffie and Hellman
9
![Page 10: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/10.jpg)
Diffie-Hellman Key Exchange That defined public-key cryptography [DIFF76b]
And is generally referred to as Diffie-Hellman key exchange
The concept had been previously described in a classified report in 1970 by Williamson (UK CESG)
And subsequently declassified in 1987, see [ELLI99]
10
![Page 11: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/11.jpg)
Diffie-Hellman Key Exchange The purpose of the algorithm is to enable two users
to securely exchange a key
That can then be used for subsequent encryption of messages
The algorithm itself is limited to the exchange of secret values
A number of commercial products employ this key exchange technique
11
![Page 12: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/12.jpg)
Diffie-Hellman Key Exchange
First public-key type scheme proposed
By Diffie & Hellman in 1976 along with the exposition of public key concepts now know that Williamson (UK CESG) secretly
proposed the concept in 1970
Practical method for public exchange of a secret key
Used in a number of commercial products
12
![Page 13: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/13.jpg)
Diffie-Hellman Key Exchange
The purpose of the algorithm is to enable two users to securely exchange a key
That can then be used for subsequent encryption of messages
The algorithm itself is limited to the exchange of secret values
Which depends on the value of the public/private keys of the participants
13
![Page 14: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/14.jpg)
Diffie-Hellman Key Exchange
Diffie-Hellman algorithm uses exponentiation in a finite (Galois) field (modulo a prime or a polynomial)
And depends for its effectiveness on the difficulty of computing discrete logarithms
14
![Page 15: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/15.jpg)
Diffie-Hellman Key Exchange
A public-key distribution scheme cannot be used to exchange an arbitrary message rather it can establish a common key known only to the two participants
Value of key depends on the participants and their private and public key information
15
![Page 16: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/16.jpg)
Diffie-Hellman Key Exchange
Based on exponentiation in a finite (Galois) field (modulo a prime or a polynomial) - easy
Security relies on the difficulty of computing discrete logarithms (similar to factoring) – hard
16
![Page 17: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/17.jpg)
Man-in-the-Middle Attack Darth prepares by creating two private / public keys
Alice transmits her public key to Bob
Darth intercepts this and transmits his first public key to Bob
Darth also calculates a shared key with Alice
Bob receives the public key and calculates the shared key (with Darth instead of Alice)
17
![Page 18: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/18.jpg)
Man-in-the-Middle Attack Bob transmits his public key to Alice
Darth intercepts this and transmits his second public key to Alice
Darth calculates a shared key with Bob
Alice receives the key and calculates the shared key (with Darth instead of Bob)
Darth can then intercept, decrypt, re-encrypt, forward all messages between Alice & Bob
18
![Page 19: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/19.jpg)
ElGamal Cryptography
In 1984, T. Elgamal announced a public-key scheme based on discrete logarithms
Closely related to the Diffie-Hellman technique [ELGA84, ELGA85]
The ElGamal cryptosystem is used in some form in a number of standards
Including the digital signature standard (DSS) and the S/MIME email standard
19
![Page 20: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/20.jpg)
ElGamal Cryptography
As with Diffie-Hellman, the global elements of ElGamal are a prime number q and a
Which is a primitive root of q
20
![Page 21: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/21.jpg)
ElGamal Cryptography
User A generates a private/public key pair as shown
The security of ElGamal is based on the difficulty of computing discrete logarithms
To recover either x given y, or k given K
21
![Page 22: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/22.jpg)
ElGamal Cryptography
Public-key cryptosystem related to D-H
Uses exponentiation in a finite field
With security based difficulty of computing discrete logarithms, as in D-H
Each user (eg. A) generates their key chooses a secret key (number): 1 < xA < q-1 compute their public key: yA = axA mod q
22
![Page 23: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/23.jpg)
ElGamal Message Exchange Any user B that has access to A's public key can
encrypt a message as shown
These steps correspond to Figure 9.1a in that Alice generates a public/private key pair
Bob encrypts using Alice's public key; and Alice decrypts using her private key
See text for details of why these steps result in M being recovered
23
![Page 24: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/24.jpg)
ElGamal Message Exchange
24
![Page 25: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/25.jpg)
ElGamal Message Exchange K functions as a one-time key, used to encrypt and
decrypt the message
If a message must be broken up into blocks and sent as a sequence of encrypted blocks, a unique value of k should be used for each block
If k is used for more than one block, knowledge of one block m of the message enables the user to compute other blocks
25
![Page 26: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/26.jpg)
ElGamal Message Exchange The basic idea with El Gamal encryption is to choose
a random key, protect it
Then use it to scramble the message by multiplying the message with it
Two bits of info have to be sent: the first to recover this temporary key
The second the actual scrambled message
26
![Page 27: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/27.jpg)
ElGamal Message Exchange See that El Gamal encryption involves 1 modulo
exponentiation
And a multiplication (vs 1 exponentiation for RSA)
27
![Page 28: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/28.jpg)
Hash Function
• have considered:– hash functions• uses, requirements, security
– hash functions based on block ciphers– SHA-1, SHA-2, SHA-3
28
![Page 29: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/29.jpg)
Hash Functions
• Condenses arbitrary message to fixed sizeh = H(M)
• Usually assume hash function is public• Hash used to detect changes to message• Want a cryptographic hash function– computationally infeasible to find data mapping to
specific hash (one-way property)– computationally infeasible to find two data to same
hash (collision-free property)29
![Page 30: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/30.jpg)
Cryptographic Hash Function
30
![Page 31: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/31.jpg)
Secure Hash Algorithm
• SHA originally designed by NIST & NSA in 1993• was revised in 1995 as SHA-1• US standard for use with DSA signature scheme – standard is FIPS 180-1 1995, also Internet RFC3174– nb. the algorithm is SHA, the standard is SHS
• Based on design of MD4 with key differences • Produces 160-bit hash values • Recent 2005 results on security of SHA-1 have raised
concerns on its use in future applications
31
![Page 32: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/32.jpg)
SHA Versions
SHA-1 SHA-224 SHA-256 SHA-384 SHA-512
Message digest size 160 224 256 384 512
Message size < 264 < 264 < 264 < 2128 < 2128
Block size 512 512 512 1024 1024
Word size 32 32 32 64 64
Number of steps 80 64 64 80 80
32
![Page 33: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/33.jpg)
SHA-3• SHA-1 not yet "broken”– but similar to broken MD5 & SHA-0– so considered insecure
• SHA-2 (esp. SHA-512) seems secure– shares same structure and mathematical
operations as predecessors so have concern• NIST announced in 2007 a competition for the SHA-3
next gen NIST hash function– goal to have in place by 2012 but not fixed
33
![Page 34: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/34.jpg)
SHA-3 Requirements
• Replace SHA-2 with SHA-3 in any use– so use same hash sizes
• Preserve the online nature of SHA-2– so must process small blocks (512 / 1024 bits)
• Evaluation criteria– security close to theoretical max for hash sizes– cost in time & memory – characteristics: such as flexibility & simplicity
34
![Page 35: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/35.jpg)
Message Authentication
• Message authentication is concerned with: – protecting the integrity of a message – validating identity of originator – non-repudiation of origin (dispute resolution)
• Will consider the security requirements• Then three alternative functions used:– hash function– message encryption– message authentication code (MAC)
35
![Page 36: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/36.jpg)
Message Security Requirements
• disclosure• traffic analysis• masquerade• content modification• sequence modification• timing modification• source repudiation• destination repudiation
36
![Page 37: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/37.jpg)
Message Authentication
• have considered:– message authentication requirements– message authentication using encryption– MACs– HMAC authentication using a hash function– CMAC authentication using a block cipher– Pseudorandom Number Generation (PRNG) using
Hash Functions and MACs
37
![Page 38: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/38.jpg)
Digital Signatures
• Have looked at message authentication – but does not address issues of lack of trust
• Digital signatures provide the ability to: – verify author, date & time of signature– authenticate message contents – be verified by third parties to resolve disputes
• Hence include authentication function with additional capabilities
38
![Page 39: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/39.jpg)
Digital Signature Model
39
![Page 40: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/40.jpg)
Digital Signature Model
40
Stallings Figure 13.1 is a generic model of the process of making and using digital signatures
Bob can sign a message using a digital signature generation algorithm
The inputs to the algorithm are the message and Bob's private key
![Page 41: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/41.jpg)
Digital Signature Model
41
Any other user, say Alice, can verify the signature using a verification algorithm
Whose inputs are the message, the signature, and Bob's public key
![Page 42: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/42.jpg)
Attacks and Forgeries• Attacks– key-only attack– known message attack– generic chosen message attack– directed chosen message attack– adaptive chosen message attack
• Break success levels– total break– selective forgery– existential forgery
42
![Page 43: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/43.jpg)
Digital Signature Requirements
Must depend on the message signed Must use information unique to sender
to prevent both forgery and denial Must be relatively easy to produce Must be relatively easy to recognize & verify Be computationally infeasible to forge
with new message for existing digital signaturewith fraudulent digital signature for given message
Be practical save digital signature in storage
43
![Page 44: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/44.jpg)
Digital Signatures
• have discussed:– digital signatures– ElGamal & Schnorr signature schemes– digital signature algorithm and standard
44
![Page 45: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/45.jpg)
Key Management and Distribution• Topics of cryptographic key management / key
distribution are complex – cryptographic, protocol, & management issues
• Symmetric schemes require both parties to share a common secret key
• Public key schemes require parties to acquire valid public keys
• Have concerns with doing both45
![Page 46: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/46.jpg)
Key Distribution
For symmetric encryption to work
Two parties to an exchange must share the same key
That key must be protected from access by others
Furthermore, frequent key changes are usually desirable to limit the amount of data compromised if an attacker learns the key
46
![Page 47: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/47.jpg)
Key Distribution
This is one of the most critical areas in security systems
On many occasions systems have been broken
Not because of a poor encryption algorithm
But because of poor key selection or management
It is absolutely critical to get this right!
47
![Page 48: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/48.jpg)
Key Distribution
Symmetric schemes require both parties to share a common secret key
Issue is how to securely distribute this key
Whilst protecting it from others
Frequent key changes can be desirable
Often secure system failure due to a break in the key distribution scheme
48
![Page 49: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/49.jpg)
Key Distribution
Given parties A and B have various key distribution alternatives:
1. A can select key and physically deliver to B2. third party can select & deliver key to A & B3. if A & B have communicated previously can use
previous key to encrypt a new key4. if A & B have secure communications with a
third party C, C can relay key between A & B
49
![Page 50: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/50.jpg)
Key Distribution The strength of any cryptographic system thus
depends on the key distribution technique
For two parties A and B, key distribution can be achieved in a number of ways:
Physical delivery (1 & 2) is simplest
But only applicable when there is personal contact between recipient and key issuer
50
![Page 51: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/51.jpg)
Key Distribution This is fine for link encryption where devices & keys
occur in pairs
But does not scale as number of parties who wish to communicate grows
3 is mostly based on 1 or 2 occurring first, and also suffers that if an attacker ever succeeds in gaining access to one key
51
![Page 52: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/52.jpg)
Key Distribution Then all subsequent keys will be revealed
A third party, whom all parties trust, can be used as a trusted intermediary
To mediate the establishment of secure communications between them (4)
Must trust intermediary not to abuse the knowledge of all session keys
52
![Page 53: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/53.jpg)
Key Distribution
As number of parties grow
Some variant of 4 is only practical solution to the huge growth in number of keys potentially needed
53
![Page 54: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/54.jpg)
Key Management and Distribution
• have considered:– symmetric key distribution using symmetric
encryption– symmetric key distribution using public-key
encryption– distribution of public keys• announcement, directory, authority, CA
– X.509 authentication and certificates
54
![Page 55: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/55.jpg)
User Authentication
• This chapter examines some of the authentication functions that have been developed to support network-based use authentication
• User authentication is the fundamental building block and the primary line of defense
• User authentication is the basis for most types of access control and for user accountability
55
![Page 56: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/56.jpg)
User Authentication
• RFC 2828 defines user authentication as the process of verifying an identity claimed by or for a system entity
• An authentication process consists of two steps:• Identification step• Verification step
56
![Page 57: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/57.jpg)
User Authentication
• Identification step: Presenting an identifier to the security system
• Identifiers should be assigned carefully
• Because authenticated identities are the basis for other security services
• Such as access control service
57
![Page 58: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/58.jpg)
User Authentication
• Verification step: Presenting or generating authentication information
• That corroborates the binding between the entity and the identifier
58
![Page 59: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/59.jpg)
User Authentication
• In essence, identification is the means by which a user provides a claimed identity to the system
• User authentication is the means of establishing the validity of the claim
• User authentication is distinct from message authentication
59
![Page 60: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/60.jpg)
User Authentication
Fundamental security building blockbasis of access control & user accountability
Process of verifying an identity claimed by or for a system entity
Has two steps:identification - specify identifierverification - bind entity (person) and identifier
Distinct from message authentication
60
![Page 61: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/61.jpg)
Means of User Authentication Four means of authenticating user's identity Based one something the individual
knows - e.g. password, PIN possesses - e.g. key, token, smartcard is (static biometrics) - e.g. fingerprint, retina does (dynamic biometrics) - e.g. voice, sign
Can use alone or combined All can provide user authentication All have issues
61
![Page 62: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/62.jpg)
Kerberos
Trusted key server system from MIT Provides centralised private-key third-party
authentication in a distributed network allows users access to services distributed
through network without needing to trust all workstations rather all trust a central authentication server
Two versions in use: 4 & 5
62
![Page 63: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/63.jpg)
Kerberos Requirements
• Its first report identified requirements as:– secure– reliable– transparent– scalable
• implemented using an authentication protocol based on Needham-Schroeder
63
![Page 64: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/64.jpg)
Kerberos Requirements
• In a more open environment, in which network connections to other machines are supported
• An approach that requires the user to prove his or her identity for each service invoked
• And also require that servers prove their identity to clients, is needed to protect user information and resources housed at the server
64
![Page 65: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/65.jpg)
User Authentication
have considered: remote user authentication issues authentication using symmetric encryption the Kerberos trusted key server system authentication using asymmetric encryption federated identity management
65
![Page 66: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/66.jpg)
Wireless Network Security
• have considered:– IEEE 802.11 Wireless LANs• protocol overview and security
– Wireless Application Protocol (WAP)• protocol overview
– Wireless Transport Layer Security (WTLS)
66
![Page 67: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/67.jpg)
IEEE 802.11
• IEEE 802 committee for LAN standards• IEEE 802.11 formed in 1990’s– charter to develop a protocol & transmission
specifications for wireless LANs (WLANs)• since then demand for WLANs, at different
frequencies and data rates, has exploded• hence seen ever-expanding list of standards
issued
67
![Page 68: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/68.jpg)
Email Security
• Email is one of the most widely used and regarded network services
• Currently message contents are not secure – may be inspected either in transit – or by suitably privileged users on destination
system
68
![Page 69: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/69.jpg)
Email Security Enhancements
• Confidentiality– protection from disclosure
• Authentication– of sender of message
• Message integrity– protection from modification
• Non-repudiation of origin– protection from denial by sender
69
![Page 70: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/70.jpg)
Pretty Good Privacy (PGP)
• The Pretty Good Privacy (PGP) secure email program, is a remarkable phenomenon
• Has grown explosively and is now widely used
• Largely the effort of a single person, Phil Zimmermann
• Who selected the best available crypto algorithms to use & integrated them into a single program
70
![Page 71: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/71.jpg)
Pretty Good Privacy (PGP)
• PGP provides a confidentiality and authentication service that can be used for electronic mail and file storage applications
• It runs on a wide range of systems, in both free & commercial versions
71
![Page 72: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/72.jpg)
Pretty Good Privacy (PGP)
• Widely used de facto secure email
• Developed by Phil Zimmermann
• Selected best available crypto algos to use
• Integrated into a single program
• On Unix, PC, Macintosh and other systems
• Originally free, now also have commercial versions available
72
![Page 73: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/73.jpg)
S/MIME Messages
• S/MIME secures a MIME entity with a signature, encryption, or both
• forming a MIME wrapped PKCS object• have a range of content-types:– enveloped data– signed data– clear-signed data– registration request– certificate only message
73
![Page 74: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/74.jpg)
Electronic Mail Security
• have considered:– secure email– PGP– S/MIME– domain-keys identified email
74
![Page 75: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/75.jpg)
IP Security• The Internet community has developed application-
specific security mechanisms in a number of application areas
• That includes electronic mail (S/MIME, PGP), client/server (Kerberos)
• Web access (Secure Sockets Layer), and others
75
![Page 76: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/76.jpg)
IP Security• However users have some security concerns that cut
across protocol layers
• By implementing security at the IP level, an organization can ensure secure networking, not only for applications
• That have security mechanisms but also for the many security-ignorant applications
76
![Page 77: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/77.jpg)
IP Security
• Have a range of application specific security mechanisms– eg. S/MIME, PGP, Kerberos, SSL/HTTPS
• However there are security concerns that cut across protocol layers
• Would like security implemented by the network for all applications
77
![Page 78: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/78.jpg)
IP Security• IP-level security encompasses three functional areas:
• Authentication, confidentiality, and key management
• The authentication mechanism assures that a received packet was transmitted by the party identified as the source in the packet header
• And that the packet has not been altered in transit
78
![Page 79: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/79.jpg)
IP Security• The confidentiality facility enables communicating
nodes to encrypt messages to prevent eavesdropping by third parties
• The key management facility is concerned with the secure exchange of keys
• IPSec provides the capability to secure communications across a LAN, across private and public WANs, and across the Internet
79
![Page 80: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/80.jpg)
IP Security• In 1994, the Internet Architecture Board (IAB) issued
a report titled "Security in the Internet Architecture" (RFC 1636)
• The report stated the general consensus that the Internet needs more and better security
• They identified key areas for security mechanisms
80
![Page 81: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/81.jpg)
IP Security• To provide security, the IAB included authentication
and encryption as necessary security features in the next-generation IP
• Which has been issued as IPv6
• Fortunately, these security capabilities were designed to be usable both with the current IPv4 and the future IPv6
81
![Page 82: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/82.jpg)
IP Security• general IP Security mechanisms• provides– authentication– confidentiality– key management
• applicable to use over LANs, across public & private WANs, & for the Internet
• need identified in 1994 report– need authentication, encryption in IPv4 & IPv6
82
![Page 83: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/83.jpg)
IP Security
• have considered:– IPSec security framework– IPSec security policy– ESP– combining security associations– internet key exchange– cryptographic suites used
83
![Page 84: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/84.jpg)
Intruders• A significant security problem for networked systems
is hostile
• Or at least unwanted, trespass being unauthorized login or use of a system, by local or remote users; or by software such as a virus, worm, or Trojan horse
• One of the two most publicized threats to security is the intruder (or hacker or cracker)
84
![Page 85: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/85.jpg)
Intruders• Which Anderson identified three classes of:
• Masquerader: An individual who is not authorized to use the computer (outsider)
• Misfeasor: A legitimate user who accesses unauthorized data, programs, or resources (insider)
85
![Page 86: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/86.jpg)
Intruders• Clandestine user: An individual who seizes
supervisory control of the system and uses this control to avoid auditing and access controls or to suppress audit collection (either)
86
![Page 87: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/87.jpg)
Intruders
• Intruder attacks range from the benign (nonthreatening)
• Simply exploring net to see what is there
• To the serious (who attempt to read privileged data, perform unauthorized modifications, or disrupt system)
87
![Page 88: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/88.jpg)
Intruders• Significant issue for networked systems is hostile or
unwanted access• Either via network or local• Can identify classes of intruders:– masquerader– misfeasor– clandestine user
• Varying levels of competence
88
![Page 89: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/89.jpg)
Intruders• The intruder threat has been well publicized,
particularly because of the famous “Wily Hacker” incident of 1986–1987, documented by Cliff Stoll
• Intruder attacks range from the benign to the serious
• At the benign end of the scale, there are many people who simply wish to explore internets and see what is out there
89
![Page 90: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/90.jpg)
Intruders• At the serious end are individuals who are
attempting to read privileged data
• Perform unauthorized modifications to data, or disrupt the system
• One of the results of the growing awareness of the intruder problem has been the establishment of a number of computer emergency response teams (CERTs)
90
![Page 91: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/91.jpg)
Intruders• These cooperative ventures collect information about
system vulnerabilities
• And disseminate it to systems managers
• The techniques and behavior patterns of intruders are constantly shifting
91
![Page 92: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/92.jpg)
Intruders• To exploit newly discovered weaknesses and to
evade detection and countermeasures
• Even so, intruders typically follow one of a number of recognizable behavior patterns
• And these patterns typically differ from those of ordinary users
92
![Page 93: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/93.jpg)
Intruders• Clearly a growing publicized problem– from “Wily Hacker” in 1986/87– to clearly escalating CERT stats
• Range – benign: explore, still costs resources– serious: access/modify data, disrupt system
• Led to the development of CERTs• Intruder techniques & behavior patterns constantly
shifting, have common features
93
![Page 94: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/94.jpg)
Examples of Intrusion
• Performing a remote root compromise of an e-mail server
• Defacing a Web server
• Guessing and cracking passwords
• Copying a database containing credit card numbers
• Viewing sensitive data, including payroll records and medical information, without authorization
94
![Page 95: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/95.jpg)
Examples of Intrusion
• Running a packet sniffer on a workstation to capture usernames and passwords
• Using a permission error on an anonymous FTP server to distribute pirated software and music files
• Dialing into an unsecured modem and gaining internal network access
95
![Page 96: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/96.jpg)
Examples of Intrusion
• Posing as an executive, calling the help desk, resetting the executive’s e-mail password, and learning the new password
• Using an unattended, logged-in workstation without permission
96
![Page 97: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/97.jpg)
Intruders
• have considered:– problem of intrusion, behavior and techniques– intrusion detection (statistical & rule-based)– password management
97
![Page 98: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/98.jpg)
Viruses and Other Malicious Content
• Computer viruses have got a lot of publicity • One of a family of malicious software • Effects usually obvious • Have figured in news reports, fiction, movies• Getting more attention than deserve • Are a concern though
98
![Page 99: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/99.jpg)
Malicious Software
99
![Page 100: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/100.jpg)
Malicious Software• The terminology used for malicious software
presents problems
• Because of a lack of universal agreement on all terms and because of overlap
• Stallings Table 21.1, and this diagram from 3/e, provide a useful taxonomy
100
![Page 101: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/101.jpg)
Malicious Software• It can be divided into two categories: those that
need a host program (being a program fragment eg virus)
• Those that are independent programs (eg worm)
• Alternatively one can also differentiate between those software threats that do not replicate (are activated by a trigger)
• Those that do (producing copies of themselves)
101
![Page 102: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/102.jpg)
Malicious Software
• have considered:– various malicious programs– trapdoor, logic bomb, trojan horse, zombie– viruses– worms– distributed denial of service attacks
102
![Page 103: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/103.jpg)
What is a Firewall?
• A firewall is inserted between the premises network and the Internet
• To establish a controlled link and to erect an outer security wall or perimeter
• Forming a single choke point where security and audit can be imposed
103
![Page 104: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/104.jpg)
What is a Firewall?
A firewall:1.defines a single choke point that keeps unauthorized
users out of the protected network
• Prohibits potentially vulnerable services from entering or leaving the network
• and provides protection from various kinds of IP spoofing and routing attacks
104
![Page 105: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/105.jpg)
What is a Firewall?
2. Provides a location for monitoring security-related events
3. A convenient platform for several Internet functions that are not security related
• such as NAT and Internet usage audits or logs
105
![Page 106: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/106.jpg)
What is a Firewall?
4. A firewall can serve as the platform for IPSec to implement virtual private networks
• The firewall itself must be immune to penetration
• since it will be a target of attack
106
![Page 107: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/107.jpg)
What is a Firewall?• A choke point of control and monitoring • Interconnects networks with differing trust• Imposes restrictions on network services– only authorized traffic is allowed
• Auditing and controlling access– can implement alarms for abnormal behavior
• Provide NAT & usage monitoring• Implement VPNs using IPSec• Must be immune to penetration
107
![Page 108: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/108.jpg)
What is a Firewall?
108
![Page 109: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/109.jpg)
What is a Firewall?
109
• Stallings Figure 22.1a illustrates the general model of firewall use on the security perimeter
• As a choke point for traffic between the external less-trusted Internet and the internal more trusted private network
![Page 110: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/110.jpg)
Firewall Limitations• Cannot protect from attacks bypassing it– eg sneaker net, utility modems, trusted
organisations, trusted services (eg SSL/SSH)• Cannot protect against internal threats– eg dissatisfied or colluding employees
• Cannot protect against access via WLAN– if improperly secured against external use
• Cannot protect against malware imported via laptop, PDA, storage infected outside
110
![Page 111: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/111.jpg)
Firewalls
• have considered:– firewalls– types of firewalls• packet-filter, stateful inspection, application proxy,
circuit-level– basing• bastion, host, personal
– location and configurations• DMZ, VPN, distributed, topologies
111
![Page 112: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/112.jpg)
Cybercrime / Computer Crime
• Computer crime, or cybercrime, is a term used broadly to describe criminal activity
• In which computers or computer networks are a tool, a target, or a place of criminal activity
• These categories are not exclusive and many activities can be characterized as falling in one or more categories
112
![Page 113: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/113.jpg)
Cybercrime / Computer Crime
• The term cybercrime has a connotation of the use of networks specifically, whereas computer crime may or may not involve networks
• The U.S. Department of Justice categorizes computer crime based on the role that the computer plays in the criminal activity, as follows:
113
![Page 114: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/114.jpg)
Cybercrime / Computer Crime
• Computers as targets: to acquire information stored on that computer system
• To control the target system without authorization or payment (theft of service)
• Or to alter the integrity of data or interfere with the availability of the computer or server
114
![Page 115: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/115.jpg)
Cybercrime / Computer Crime
• Computers as storage devices: as a passive storage medium
• e.g. for stolen password lists, credit card, calling card numbers, proprietary corporate information, pornographic image files, or "warez" (pirated commercial software)
115
![Page 116: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/116.jpg)
Cybercrime / Computer Crime
• Computers as communications tools: often traditional crimes committed online
• Examples include the illegal sale of prescription drugs, controlled substances, alcohol, and guns; fraud; and gambling
116
![Page 117: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/117.jpg)
Cybercrime / Computer Crime
• A more specific list of crimes is defined in the international Convention on Cybercrime and shown in Table 18.1, in the text
• Yet another categorization is used in the CERT 2006 annual E-crime Survey, the results of which are shown in Table 23.2
117
![Page 118: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/118.jpg)
Cybercrime / Computer Crime
• “Criminal activity in which computers or computer networks are a tool, a target, or a place of criminal activity”
• Categorize based on computer’s role:– as target– as storage device– as communications tool
• More comprehensive categorization seen in Cybercrime Convention, Computer Crime Surveys
118
![Page 119: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/119.jpg)
Cybercrime and Computer Crime
• reviewed a range of topics:– cybercrime and computer crime– intellectual property issues
119
![Page 120: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/120.jpg)
Privacy• Overlaps with computer security• Have dramatic increase in scale of info
collected and stored– motivated by law enforcement, national security,
economic incentives• But individuals increasingly aware of access
and use of personal / private info• Concerns on extent of privacy compromise
have seen a range of responses
120
![Page 121: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/121.jpg)
Privacy and Ethical Aspects
• reviewed a range of topics:– privacy – ethical issues
121
![Page 122: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/122.jpg)
Revision
Lectures 16-30
122
![Page 123: Data Security and Encryption (CSE348) 1. Revision Lectures 16-30 2](https://reader036.vdocuments.us/reader036/viewer/2022062801/56649e6a5503460f94b68165/html5/thumbnails/123.jpg)
Best of Luck