team 6 decrypting encryption jeffrey vordick, charles sheefel, and shyam rasaily
TRANSCRIPT
Team 6 Decrypting Encryption
Jeffrey Vordick, Charles Sheefel, and Shyam Rasaily
Encryption
Encryption (!@#$%^&)• Convert data into scramble data (cipher text)
• Information privacyAssurances• Data not modified• Viewed by intended recipient • Received at intended destination
Encryption
KeyEncryption
Key Encryption• Random string of character
Key Encryption
Private and Public Key Encryption
Private Key Encryption Private Key
YoAlice
#dasf^&*
#dasf^&*
YoAlice
Encrypt DecryptBOBBOB ALICE
Private Key Private Key
Private Key Encryption
Public Key EncryptionUse two Keys• Private key• Public Key
Public Key Encryption
Public Key Encryption Public Key
YoAlice
#dasf^&*
#dasf^&*
YoAlice
Encrypt DecryptBOBBOB ALICE
Public Key Private Key
Public Key Encryption
PGP (Pretty Good Privacy)
Raw file Sign file with private key
Encrypt file with public key
Encrypted and signed file
Decrypt file with private key
Verify signature with public key
Pretty Good Privacy
SSL (Secure Sockets Layer)
Secure Socket Layer
SSH (Secure Shell)
Secure Shell
• Commonly used for remote access like VPN
Public keys are placed on the computers that should allow access.
(So its more like a lock)
Private key allows access to computers locked with the public keys
SCP(Secure CoPy)
&
SFTP(Secure File Transfer Protocol)
• Extension of OpenSSH• Replaces insecure FTP• Uses TCP Port 22• Included on UNIX, Linux, and Macintosh OS X operating systems
Below is a conversion between lsu’s server and my MAC Charless-MacBook-Pro:~ csheefel3$ scp [email protected]:geog2250 testThe authenticity of host 'lsu.edu (130.39.253.217)' can't be established.RSA key fingerprint is 52:fd:fa:74:40:a7:c4:03:8f:04:7b:78:c8:ea:e8:68.Are you sure you want to continue connecting (yes/no)? yesWarning: Permanently added 'lsu.edu,130.39.253.217' (RSA) to the list of known hosts.\033[H\033[2JNOTICE: This is the Louisiana State University computer system, which may beaccessed and used only by authorized persons. LSU reserves the right to reviewand/or monitor system transactions for compliance with its policies and/orapplicable law. Upon reasonable cause, LSU may disclose such transactions toauthorized persons for official purposes, including criminal and otherinvestigations, and permit the monitoring of system transactions by lawenforcement agencies. Access or use of this computer system by any person,whether authorized or unauthorized, constitutes consent to these [email protected]'s password:
SCP (Secure CoPy)
• Using SCP• Ideal for quick transfer of single files. • Syntax is similar to the Unix copy command.
For demonstration purposes, we'll use two computers (Kari’s desktop and CEBALab001) with the usernames Kari and kwaltersscp path/to/file [email protected]:path/to/destination
If Kari wanted to transfer the a file called example.txt from Kari’s home directory on Kari’s desktop to Kari’s home directory on CEBALab001, the command might look like this:scp /home/Kari/example.txt [email protected]:/home/kwalters/
If Kari wanted to transfer a file from CEBALab001 to Kari’s desktop, she could type something like this:scp [email protected]:/home/kwalters/example.txt /home/Kari/
If Kari needed to copy an entire directory, Kari would need to use the recursive flag, like this:scp -r Karidirectory [email protected]:/home/kwalters/
SCP (Secure CoPy)
• Uses Propriety SSH• Connects like FTP• Not as widely supported• Five main commands: ls, get, put, cd, and
lcd.• Designed by IETF• Used to transport multiple files• Latest Version 6*
SFTP (Secure File Transfer Protocol)
IPSec(Internet Protocol Security)
• Operates at Network Layer• Adds information to headers of IP packets• Designed by IETF• Works on any TCP/IP Transmission• Native IPv6 Standard• Authentication
1. Phase 1 Key Management: IKE on port 5002. Phase 2 Encryption: AH and ESP
IPSec (Internet Protocol Security)
VPN concentrator• Establish VPN Connection• Authenticates VPN Clients• Location: edge of private network
IPSec (Internet Protocol Security)
• Modes1. Transport Mode- Encapsulated Header Intact 2. Tunnel Mode – New Encapsulated Header
IPSec (Internet Protocol Security)
Any Questions?