system security: cryptography technologies cpe 261403 - operating systems
TRANSCRIPT
![Page 1: System Security: Cryptography Technologies CPE 261403 - Operating Systems](https://reader036.vdocuments.us/reader036/viewer/2022070410/56649efc5503460f94c10529/html5/thumbnails/1.jpg)
System Security:Cryptography Technologies
CPE 261403 - Operating Systemshttp://www.e-cpe.org/moodle
![Page 2: System Security: Cryptography Technologies CPE 261403 - Operating Systems](https://reader036.vdocuments.us/reader036/viewer/2022070410/56649efc5503460f94c10529/html5/thumbnails/2.jpg)
What does the fish mean?
![Page 3: System Security: Cryptography Technologies CPE 261403 - Operating Systems](https://reader036.vdocuments.us/reader036/viewer/2022070410/56649efc5503460f94c10529/html5/thumbnails/3.jpg)
Ichthys
![Page 4: System Security: Cryptography Technologies CPE 261403 - Operating Systems](https://reader036.vdocuments.us/reader036/viewer/2022070410/56649efc5503460f94c10529/html5/thumbnails/4.jpg)
![Page 5: System Security: Cryptography Technologies CPE 261403 - Operating Systems](https://reader036.vdocuments.us/reader036/viewer/2022070410/56649efc5503460f94c10529/html5/thumbnails/5.jpg)
User name / Password
![Page 6: System Security: Cryptography Technologies CPE 261403 - Operating Systems](https://reader036.vdocuments.us/reader036/viewer/2022070410/56649efc5503460f94c10529/html5/thumbnails/6.jpg)
Threat Ex: Wifi Packet Sniffers
![Page 7: System Security: Cryptography Technologies CPE 261403 - Operating Systems](https://reader036.vdocuments.us/reader036/viewer/2022070410/56649efc5503460f94c10529/html5/thumbnails/7.jpg)
Protection with Cryptography
![Page 8: System Security: Cryptography Technologies CPE 261403 - Operating Systems](https://reader036.vdocuments.us/reader036/viewer/2022070410/56649efc5503460f94c10529/html5/thumbnails/8.jpg)
Encryption and Decryption
Symmetric – Uses a shared key
Asymmetric – Added security with Public and Private keys
![Page 9: System Security: Cryptography Technologies CPE 261403 - Operating Systems](https://reader036.vdocuments.us/reader036/viewer/2022070410/56649efc5503460f94c10529/html5/thumbnails/9.jpg)
Symmetric Encryption
I LOVE YOU
Simple example: Add a constant to the ASCII value
J MPWF ZPVKey = 1
![Page 10: System Security: Cryptography Technologies CPE 261403 - Operating Systems](https://reader036.vdocuments.us/reader036/viewer/2022070410/56649efc5503460f94c10529/html5/thumbnails/10.jpg)
The EnigmaMachine German Encryption MachineFor WWI
![Page 11: System Security: Cryptography Technologies CPE 261403 - Operating Systems](https://reader036.vdocuments.us/reader036/viewer/2022070410/56649efc5503460f94c10529/html5/thumbnails/11.jpg)
![Page 12: System Security: Cryptography Technologies CPE 261403 - Operating Systems](https://reader036.vdocuments.us/reader036/viewer/2022070410/56649efc5503460f94c10529/html5/thumbnails/12.jpg)
Enigma was cracked by the Allies in WWIISome say this helped shortened WWII by two years
![Page 13: System Security: Cryptography Technologies CPE 261403 - Operating Systems](https://reader036.vdocuments.us/reader036/viewer/2022070410/56649efc5503460f94c10529/html5/thumbnails/13.jpg)
Some Examples Data Encryption Standard (DES)
56 bit key for every 64 bit value
Advanced Encryption Standard (AES) 256 bit key for every 128 bit value
RC4 As used in WEP (Wired Equivalent Privacy)
WPA, WPA2 (Wi-Fi Protected Access) 256 bit key
![Page 14: System Security: Cryptography Technologies CPE 261403 - Operating Systems](https://reader036.vdocuments.us/reader036/viewer/2022070410/56649efc5503460f94c10529/html5/thumbnails/14.jpg)
Asymmetric Encryption
![Page 15: System Security: Cryptography Technologies CPE 261403 - Operating Systems](https://reader036.vdocuments.us/reader036/viewer/2022070410/56649efc5503460f94c10529/html5/thumbnails/15.jpg)
Algorithm Example
Public Key = (kd, N)
Private Key = (ke, N)
N = p.q (where p, q are prime numbers) Pick kd that is < N Calculate ke where
ke.kd mod (p-1)(q-1) = 1
![Page 16: System Security: Cryptography Technologies CPE 261403 - Operating Systems](https://reader036.vdocuments.us/reader036/viewer/2022070410/56649efc5503460f94c10529/html5/thumbnails/16.jpg)
Example If p = 7 and q = 13 N = 7.13 = 91
Pick Kd = 5 Find Ke
Ke.5 mod (7-1)(13-1) = 1 Ke = 29
Public Key = (5, 91)Private Key = (29, 91)
![Page 17: System Security: Cryptography Technologies CPE 261403 - Operating Systems](https://reader036.vdocuments.us/reader036/viewer/2022070410/56649efc5503460f94c10529/html5/thumbnails/17.jpg)
Encrypting and Decrypting
Encrypt message = (input ^ ke ) mod N Decrypt message = (input ^ kd) mod N
If we want to send the number 69
Encrypted message = 69 ^ 5 mod 91 = 62
Decrypted message = 62 ^ 29 mod 91 = 69
*Note: number must < N
![Page 18: System Security: Cryptography Technologies CPE 261403 - Operating Systems](https://reader036.vdocuments.us/reader036/viewer/2022070410/56649efc5503460f94c10529/html5/thumbnails/18.jpg)
Notes
In reality p and q can be 512 bits each
![Page 19: System Security: Cryptography Technologies CPE 261403 - Operating Systems](https://reader036.vdocuments.us/reader036/viewer/2022070410/56649efc5503460f94c10529/html5/thumbnails/19.jpg)
Case Study:SSL (Secure Socket Layer Protocol)
![Page 20: System Security: Cryptography Technologies CPE 261403 - Operating Systems](https://reader036.vdocuments.us/reader036/viewer/2022070410/56649efc5503460f94c10529/html5/thumbnails/20.jpg)
An Online Bank Example
BrowserSCBServer
Request Secure Connection (HTTPS)
Sends a Public Key
Encrypt & Send Login/Password
Is there a problem with this method?Yes. A fake web site can also send a public key
![Page 21: System Security: Cryptography Technologies CPE 261403 - Operating Systems](https://reader036.vdocuments.us/reader036/viewer/2022070410/56649efc5503460f94c10529/html5/thumbnails/21.jpg)
SSL Certificate Verification
BrowserSCBServer
Request SSL
Sends key + Certificate
Verify
![Page 22: System Security: Cryptography Technologies CPE 261403 - Operating Systems](https://reader036.vdocuments.us/reader036/viewer/2022070410/56649efc5503460f94c10529/html5/thumbnails/22.jpg)
SSL Protocol
BrowserSCBServer
Request SSL
Sends key + Certificate
Verify
Encrypt + send user/password
Ok. Now the client can send secure info to the server.But how can the bank send secure information to the client?
![Page 23: System Security: Cryptography Technologies CPE 261403 - Operating Systems](https://reader036.vdocuments.us/reader036/viewer/2022070410/56649efc5503460f94c10529/html5/thumbnails/23.jpg)
SSL Protocol
BrowserSCBServer
Request SSL
Sends key + Certificate
Verify
Sends client’s public key
Do we need to verify the Server’s second response?Yes. But now it is easier.
Data encrypted with client’s public key
![Page 24: System Security: Cryptography Technologies CPE 261403 - Operating Systems](https://reader036.vdocuments.us/reader036/viewer/2022070410/56649efc5503460f94c10529/html5/thumbnails/24.jpg)
SSL Protocol
BrowserSCBServer
Request SSL
Sends key + Certificate
Verify
Sends client’s public key
If the client can de-crypt the data with the server’s public keyIt verifies that data is sent from the server.
Data encrypted with client’s public key
Encrypt with server’s private key
![Page 25: System Security: Cryptography Technologies CPE 261403 - Operating Systems](https://reader036.vdocuments.us/reader036/viewer/2022070410/56649efc5503460f94c10529/html5/thumbnails/25.jpg)
BrowserSCBServer
SSL Protocol
Data encrypted with client’s public key
Encrypt with server’s private key
Double encryption is too much work. Can we optimize?
![Page 26: System Security: Cryptography Technologies CPE 261403 - Operating Systems](https://reader036.vdocuments.us/reader036/viewer/2022070410/56649efc5503460f94c10529/html5/thumbnails/26.jpg)
Browser withNew (pub/pri) keys Server with
New (pub/pri) keys
SSL Protocol
Send a new public key
Encrypt with server’s private key
Yes. The server can send a new set of keys for future use
Secure Data
Secure Data
Encrypt with the new public key
Encrypt with the new private key
Encrypt with the client’s public key
![Page 27: System Security: Cryptography Technologies CPE 261403 - Operating Systems](https://reader036.vdocuments.us/reader036/viewer/2022070410/56649efc5503460f94c10529/html5/thumbnails/27.jpg)
Summary
BrowserSCBServer
Request SSL
Sends key + Certificate
Verify
Sends client’s public key
Send new pub key
Secure Data
Secure Data
![Page 28: System Security: Cryptography Technologies CPE 261403 - Operating Systems](https://reader036.vdocuments.us/reader036/viewer/2022070410/56649efc5503460f94c10529/html5/thumbnails/28.jpg)
Encryption is a cat & mouse game
Encryption is becoming more complex (64bits, 128bits, …, 512bits, …, ?)
Relies on Mathematical Models. Can be cracked.
Never fully trust that your data is safe with encryption