security & encryption thomas fenske & joseph minter
TRANSCRIPT
Security & Encryption
Thomas Fenske & Joseph Minter
Information Security
“Information Security is the preservation of secrecy and integrity in the storage
and transmission of information”.(Intelligence Encyclopedia)
Security Breach
1) Interception of messages
2) Theft of stored data
3) Information sabotage
4) Spoofing5) Denial of
service
Security is more important now than ever before due to an increase in electronic storage, processing, and transmission of information.
By typing in a user name and password, people can transfer money, shop, and manage financial accounts online.
Anybody who wants to protect their privacy and their identity have an interest in maintaining information security.
Computer hackers, government intelligence agencies, criminals, and rival businesses are some of the parties which might seek to breech information security.
The Patriot Act
The “Patriot Act” was passed through congress as a response to the attacks of 9/11.
This law allows for your personal records to be searched without your knowledge or consent, secret searches of your home and property without notice, and phone & computer wire taps.
The “Patriot ACT” is an acronym for Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism.
The most important tools for the preservation of information security and encryption.
Passwords can be as simple as 123, or as complex as 30 or more letters (capital and lower case) numbers and characters.
The more complex the more secure!!Because passwords can be simple, most people use short memorable passwords. They also tend to use the same password for multiple sites and institutions such as banks and credit card companies.
Security Sockets Layer
Security Sockets Layer or SSL is the leading internet security protocol.
SSL is used to do two things, validate the identity of a website, and create an encrypted connection when sending out personal information on the internet.
History of Encryption• Cryptography began thousands of years ago as basic coding sequences.
People would use general number sequences to describe words using a cipher of some kind.
Ex. 32-51-13-13-43= HELLO
1 2 3 4 5
1 A B C D E
2 F G H I/J
K
3 L M N O P
4 Q R S T U
5 V W X Y Z
Ciphering and Cryptography• A Cipher is secret
method of writing, as by transposition, such as a watermark, or substitution of letters to form a cryptic combination.
• Encryption is derived from Cryptography and goes all the way back to the BC era.
• In 1900 BC, Egyptians began substituting hieroglyphs within their form of writing.
Encryption before computers• Before Computers,
Encryption was primary used to keep classified information from being read by anyone who was not in the need to know.
• Some famous Encryption devices include: The Enigma Machine (Germany), Purple (Japan), Sigaba (US Enigma)
The Enigma Machine• The Enigma Machine used three Rotors at a time out of a possible five to encrypt the lettering sequence of the words typed.
• Each letter that was typed on the machine had a corresponding light that signified the encryption letter.
• Each separate branch of the German Military had a different Enigma Cipher machine.
Public Key Encryption• Using matched Public/private
key pairs• Anyone Can encrypt with the
public Key, but only one person with the private key can decrypt the message.
• Many companies use a public key encryption form including email clients and State Agencies.
• Determining public Key Encryption is simple. When loading a secure source a picture of a key will be shown in the bottom right corner of the browser being used as well as HTTPS://
Digital Signature Algorithm (DSA)
• Developed by the US Government in 1993
• Key Generation has two phases:– Choosing your algorithm function parameters
– Compute the Private and public keys for the user.
• DIS is a 128 Bit Block size. Meaning that the password used to encrypt the information is 120 random characters long with a 8 bit character fail-safe.
Hash Functions
• A Hash Function is an algorithm that turns plain text into a hash value.
• A hash value is the fixed-length result of a one way hash function.
• The value is used as a fingerprint of the computer that it was accessed from.
• One of the easiest objects that could be described as a hash function is a cookie.