Data Security © Prof. Aiman Hanna Department of Computer Science Concordia University Montreal,...
45
Data Security Data Security © Prof. Aiman Hanna © Prof. Aiman Hanna Department of Computer Science Department of Computer Science Concordia University Concordia University Montreal, Canada Montreal, Canada
-
Upload
sabrina-booth -
Category
Documents
-
view
216 -
download
1
Transcript of Data Security © Prof. Aiman Hanna Department of Computer Science Concordia University Montreal,...
Data SecurityData Security
© Prof. Aiman Hanna© Prof. Aiman HannaDepartment of Computer Science Department of Computer Science
Concordia University Concordia University Montreal, CanadaMontreal, Canada
22
DD ata Security ata Security Ideal scenario: prevent any unauthorized person from Ideal scenario: prevent any unauthorized person from
intercepting/viewing what is being transferred intercepting/viewing what is being transferred
However, this may not be possibleHowever, this may not be possible
So, do not secure data; rather prevent unauthorized So, do not secure data; rather prevent unauthorized person from person from understandingunderstanding them them
EncryptionEncryption is used to achieve that is used to achieve that
33
EE rror Security rror Security Encrypted data can then be decrypted if the Encrypted data can then be decrypted if the encryption encryption
keykey and and methodmethod are known are known
If the encryption and decryption keys are the same, this If the encryption and decryption keys are the same, this is called is called symmetric key cryptosystemsymmetric key cryptosystem
Issues: Issues: • What happens if the key is compromised?What happens if the key is compromised?• What happens if the key and encryption methods became What happens if the key and encryption methods became
knownknown• What about authentication & authorizationWhat about authentication & authorization• What about viruses, worms, hacking and other threats What about viruses, worms, hacking and other threats
44
EE ncryption Algorithms ncryption Algorithms Privacy: Privacy: Prevent a third party from intercepting the information, and if Prevent a third party from intercepting the information, and if
intercepted from understanding itintercepted from understanding it
Encrypt the information, decryption is then necessary to understand it Encrypt the information, decryption is then necessary to understand it
Figure 7. 1 – Sending Unsecured Messages
55
EE ncryption Algorithms ncryption Algorithms PlaintextPlaintext: : The message before encryption The message before encryption CiphertextCiphertext: The encrypted message : The encrypted message
Figure 7. 2 – Sending Encrypted
Messages
66
EE ncryption Algorithms ncryption Algorithms Caesar CipherCaesar Cipher Replaces each character by another Replaces each character by another
ExampleExample: What is the plaintext of the following : What is the plaintext of the following ciphertext: ciphertext: • Yjq%mpqyu%yjgtg%vjg%tqcfu%yknn%ngcf%wu,%qpnaYjq%mpqyu%yjgtg%vjg%tqcfu%yknn%ngcf%wu,%qpna
%c%hqqn%yqwnf%uca%c%hqqn%yqwnf%uca
This is not so difficult to guess! Is it?This is not so difficult to guess! Is it?
Once some characters are guessed, the rest like the TV Once some characters are guessed, the rest like the TV show show Wheel of FortuneWheel of Fortune
77
EE ncryption Algorithms ncryption Algorithms Polyalphabetic CipherPolyalphabetic Cipher Plaintext characters are not always replaced with the same Plaintext characters are not always replaced with the same
ciphertext character ciphertext character
For example, replace each character depending on character For example, replace each character depending on character sequence as well as its position in the messagesequence as well as its position in the message
for (int i=0; i < length of P; i++)for (int i=0; i < length of P; i++)
C[i] = P[i] + K + (i mod 3)C[i] = P[i] + K + (i mod 3)
If K=10, then 10 is added to characters in position 0, 3, 6, …; If K=10, then 10 is added to characters in position 0, 3, 6, …; and 11 is added for those in positions 1, 4, 7; and 12 is added for and 11 is added for those in positions 1, 4, 7; and 12 is added for those in 2, 5, 8those in 2, 5, 8
88
EE ncryption Algorithms ncryption Algorithms Polyalphabetic CipherPolyalphabetic Cipher ExampleExample: THEMTHENTHEY will be : THEMTHENTHEY will be
UJHNVKFPWIG\UJHNVKFPWIG\
THE is encrypted into UJH, VKF, and WIGTHE is encrypted into UJH, VKF, and WIG
Repetition is fewer but still there Repetition is fewer but still there
A professionalA professional thief may still be able to break-inthief may still be able to break-in
99
EE ncryption Algorithms ncryption Algorithms Transposition CipherTransposition Cipher Rearrange the plaintext characters into a 2-D array and Rearrange the plaintext characters into a 2-D array and
sends columns based on a specific permutationsends columns based on a specific permutation Problem: character frequencies are preserved Problem: character frequencies are preserved ExampleExample: FOLLOW THE YELLOW BRICK ROAD: FOLLOW THE YELLOW BRICK ROAD
• if pif p11=2, p=2, p22=4, p=4, p33=3, p=3, p44=1, p=1, pmm=5 then the encrypted msg is:=5 then the encrypted msg is:
O YWCALHLB LTE KDFW OIOOELRR O YWCALHLB LTE KDFW OIOOELRR
COLUMNSCOLUMNS
11 22 33 44 55
FF OO LL LL OO
WW TT HH EE
YY EE LL LL
OO WW BB RR
II CC KK RR
OO AA DD
1010
EE ncryption Algorithms ncryption Algorithms Bit-Level CipheringBit-Level Ciphering Not all transmissions are over charactersNot all transmissions are over characters
Creates a key (a bit string) secretly and randomly Creates a key (a bit string) secretly and randomly
Divides the message into substrings of the same length as the Divides the message into substrings of the same length as the keykey
XOR all substrings with the key and transmit the resultXOR all substrings with the key and transmit the result
Decryption in that case is not a reverse operation; rather a Decryption in that case is not a reverse operation; rather a repetition of the encryption operation repetition of the encryption operation
1111
EE ncryption Algorithms ncryption Algorithms Bit-Level CipheringBit-Level Ciphering Key length is sensitive here. Why?Key length is sensitive here. Why?
Example: Example:
Figure 7. 3 – Encryption Using XOR Bit Operation
1212
EE ncryption Algorithms ncryption Algorithms Bit-Level CipheringBit-Level Ciphering Advantages: Advantages:
• Key is used once, so comparisons to other cipher texts is not Key is used once, so comparisons to other cipher texts is not possible, so code is unbreakable without trying all possible possible, so code is unbreakable without trying all possible decryption keys decryption keys
Such unbreakable ciphers are also called Such unbreakable ciphers are also called one-time padsone-time pads
Disadvantages: Disadvantages: • Keys, sometimes large ones, must be communicated to the Keys, sometimes large ones, must be communicated to the
receiverreceiver• Keys are used only once! Keys are used only once!
1313
EE ncryption Algorithms ncryption Algorithms Data Encryption Standards (DES) Data Encryption Standards (DES) Widely used as encryption standard Widely used as encryption standard
Divides messages into 64-bit blocks and encrypts each oneDivides messages into 64-bit blocks and encrypts each one
8 bits are used for error detection, so the key used is 56-bit 8 bits are used for error detection, so the key used is 56-bit
Employs complex steps including transposition, XOR, Employs complex steps including transposition, XOR, substitutions, and otherssubstitutions, and others
In general, DES has a total of 19 steps, where the output of each In general, DES has a total of 19 steps, where the output of each step is the input of the following one step is the input of the following one
1414
EE ncryption Algorithms ncryption Algorithms Data Encryption Standards (DES)Data Encryption Standards (DES)
Figure 7. 4 – Outline of DES
1515
EE ncryptionncryption
AlgorithmAlgorithm
s s Data Encryption Data Encryption
Standards (DES)Standards (DES)
Figure 7. 5 – One of the 16 Steps
of DES
1616
EE ncryption Algorithms ncryption Algorithms Data Encryption Standards (DES) Data Encryption Standards (DES) DES can operate in several modes including:DES can operate in several modes including:
• ECB – ECB – Electronic CodebookElectronic Codebook• CBC – CBC – Cipher Block ChainingCipher Block Chaining
With ECB, if the original string has similar 64-bit blocks, then With ECB, if the original string has similar 64-bit blocks, then the cipher of these blocks is consequently the samethe cipher of these blocks is consequently the same
This is not good since patterns are possible This is not good since patterns are possible
CBC disrupts this pattern by performing an XOR between the CBC disrupts this pattern by performing an XOR between the block and the previous encrypted block before encrypting the block and the previous encrypted block before encrypting the new block new block
The 1The 1stst XOR is performed with an XOR is performed with an initialization vectorinitialization vector
1717
EE ncryption Algorithms ncryption Algorithms Data Encryption Standards (DES) – CBC ModeData Encryption Standards (DES) – CBC Mode
Figure 7. 6 – CBC Mode of DES Encryption
1818
EE ncryption Algorithms ncryption Algorithms Data Encryption Standards (DES) Data Encryption Standards (DES) How good is DES?How good is DES?
• Unless the key is knows it is very difficult to breakUnless the key is knows it is very difficult to break• Brute ForceBrute Force attack is a method where all possible keys are attempted attack is a method where all possible keys are attempted• 56-bit key 56-bit key 2 25656 ≈ 7.2 x 10 ≈ 7.2 x 101616 possible keys possible keys
For many years, researchers tried to break DES without successFor many years, researchers tried to break DES without success
In 1998, the Electronic Frontier Foundation built a DES Cracker, a specially In 1998, the Electronic Frontier Foundation built a DES Cracker, a specially designed computer, at a trivial cost of 250,000$ designed computer, at a trivial cost of 250,000$ • http://www.eff.org/Privacy/Crypto/Crypto_misc/DESCracker/http://www.eff.org/Privacy/Crypto/Crypto_misc/DESCracker/
That event rendered DES obsolete That event rendered DES obsolete
A key of 128 bits could provide a reasonable solutionA key of 128 bits could provide a reasonable solution • 22128128 ≈ 3 x 10 ≈ 3 x 103838 possible keys possible keys• A system that tries 1 billion keys / microsecond would still take about 9.5 x 10A system that tries 1 billion keys / microsecond would still take about 9.5 x 101515
years to resolve all keys years to resolve all keys
1919
EE ncryption Algorithms ncryption Algorithms Triple DESTriple DES Provides an alternative to DESProvides an alternative to DES
Encrypts data 3 times Encrypts data 3 times
For example, suppose EFor example, suppose EKK(M) and D(M) and DKK(M) are DES encryption and decryption (M) are DES encryption and decryption using a a key K, triple DES is calculated as using a a key K, triple DES is calculated as
EEK3K3(D(DK2K2(E(EK1K1(M)))(M)))
Triple DES uses 168-bit key, and proved to be solid Triple DES uses 168-bit key, and proved to be solid
Relatively slow; 3 times of DESRelatively slow; 3 times of DES
Another alternative to DES & Triple DES is the Advanced Encryption Another alternative to DES & Triple DES is the Advanced Encryption Standard (Standard (AESAES), which uses Rijndael algorithm with 128, 192, or 256 bits ), which uses Rijndael algorithm with 128, 192, or 256 bits keykey
2020
EE ncryption Algorithms ncryption Algorithms The Clipper Chip Using The Skipjack Algorithm The Clipper Chip Using The Skipjack Algorithm
In 1993, the Clinton’s administration announced the Clipper Chip, a government-designed and -In 1993, the Clinton’s administration announced the Clipper Chip, a government-designed and -built encryption computer chip that can publicly be usedbuilt encryption computer chip that can publicly be used
Figure 7. 10 – Clipper Chip Encryption
2121
EE ncryption Algorithms ncryption Algorithms The Clipper Chip Using The Skipjack AlgorithmThe Clipper Chip Using The Skipjack Algorithm The project was motivated by 2 major concerns:The project was motivated by 2 major concerns:
• Allow privacy over telephones, faxes & computers to transmit sensitive Allow privacy over telephones, faxes & computers to transmit sensitive information information
• Allow law enforcement officials to obtain any information when the sensitive Allow law enforcement officials to obtain any information when the sensitive information correspond to illegal activitiesinformation correspond to illegal activities
Although both concerns make sense, the project created a lot of controversy:Although both concerns make sense, the project created a lot of controversy:• The project was created by NSA with no input from private sectorThe project was created by NSA with no input from private sector• The encryption method used was the Skipjack algorithm, which is classified, and The encryption method used was the Skipjack algorithm, which is classified, and
so it cannot be subject to sufficient testing like othersso it cannot be subject to sufficient testing like others• The Computer Security Act, passed by Congress in 1987, limits NSA’s role in The Computer Security Act, passed by Congress in 1987, limits NSA’s role in
the development of standardsthe development of standards• Wiretapping, a common tool for monitoring communication, would become Wiretapping, a common tool for monitoring communication, would become
useless when the chip is utilized useless when the chip is utilized
The FBI & other law enforcement agencies argued the inclusion of a feature The FBI & other law enforcement agencies argued the inclusion of a feature in the chip that would allow them to determine the encryption key and hence in the chip that would allow them to determine the encryption key and hence decode the encrypted information decode the encrypted information
2222
EE ncryption Algorithms ncryption Algorithms The Clipper Chip Using The Skipjack Algorithm The Clipper Chip Using The Skipjack Algorithm Each chip has the following information:Each chip has the following information:
• KK: 80-bit session key, needed for wiretapping : 80-bit session key, needed for wiretapping
• FF: 80-bit family key for a group of chips, : 80-bit family key for a group of chips,
• NN: 30-bit serial # unique to chip, : 30-bit serial # unique to chip,
• SS: 80-bit secret key unique to chip known to law-enforcement officials: 80-bit secret key unique to chip known to law-enforcement officials
Figure 7. 11 – Determining The Encryption Key
2323
KK ey Distribution & ey Distribution & Protection Protection All the major encryption methods depends on a All the major encryption methods depends on a secretsecret key key
If the key is compromised, the algorithm If the key is compromised, the algorithm maymay hence become hence become uselessuseless
How do sender and receiver exchange keys securely prior How do sender and receiver exchange keys securely prior to the session?to the session?
• Shamir’s methodShamir’s method • Diffie-Hellman key exchangeDiffie-Hellman key exchange
2424
KK ey Distribution & ey Distribution & Protection Protection Shamir’s methodShamir’s method
Can be used if the information is so sensitive that no single Can be used if the information is so sensitive that no single person can be trusted to send or receive itperson can be trusted to send or receive it
In such case, instead of keeping the key at one location, break it In such case, instead of keeping the key at one location, break it
into different piecesinto different pieces
Shamir’s method does not actually break the key itself; rather Shamir’s method does not actually break the key itself; rather • Uses polynomial p(x)= aUses polynomial p(x)= a00+a+a11x+ax+a22xx22+…+a+…+ak-1k-1xxk-1 k-1
• Each person is given a unique point (xEach person is given a unique point (x ii, y, yii))• P(x) can be calculated by communicating only those unique pointsP(x) can be calculated by communicating only those unique points• One of the coefficients ‘aOne of the coefficients ‘aii’ is key’ is key
2525
KK ey Distribution & ey Distribution & Protection Protection Deffie-Hellman Key ExchangeDeffie-Hellman Key Exchange
Sender chooses a value x and keeps it secret; receiver chooses a Sender chooses a value x and keeps it secret; receiver chooses a value y and keeps it secret value y and keeps it secret
The sender and receiver can them calculate the keyThe sender and receiver can them calculate the key
Figure 7.12 – Diffie-Hellman Key Exchange
2626
KK ey Distribution & ey Distribution & Protection Protection Deffie-Hellman Key ExchangeDeffie-Hellman Key Exchange
Disadvantages: Disadvantages: • Both n and g must be very large (perhaps a thousand bits), in order to make it Both n and g must be very large (perhaps a thousand bits), in order to make it
difficult to determine the keydifficult to determine the key
• Susceptible to the Susceptible to the Man-in-the-middle attackMan-in-the-middle attack
An intruder may intercept An intruder may intercept ggxx modulo n modulo n from from AA and forward it to and forward it to BB as as ggx’x’ modulo n modulo n
The intruder then The intruder then intercepts intercepts ggyy modulo n modulo n from from BB and forward it to and forward it to AA as as ggy’y’ modulo n modulo n
As far as A and B are concerned, all is fine. The intruder then uses As far as A and B are concerned, all is fine. The intruder then uses ggxy’ xy’ modulo nmodulo n to to communicate Both A and B believe with A and communicate Both A and B believe with A and ggyx’yx’ modulo n modulo n to communicate with B to communicate with B
Both A and B believe that they are communicating with each other while in reality, Both A and B believe that they are communicating with each other while in reality, each of them is communicating with the intruder which decrypt the messages, then re-each of them is communicating with the intruder which decrypt the messages, then re-encrypting them and send them to the other side encrypting them and send them to the other side
2727
PP ublic Key Encryption ublic Key Encryption Reasonable assumption: If you know the encryption algorithm Reasonable assumption: If you know the encryption algorithm
and the key then you can decryptand the key then you can decrypt
A fact: In real life, not every reasonable thing holds trueA fact: In real life, not every reasonable thing holds true
The idea here is to have the encryption algorithm known, and The idea here is to have the encryption algorithm known, and have the key have the key publicpublic (known to the entire world)! (known to the entire world)!
Yet, have only the receiver capable of decrypting the messageYet, have only the receiver capable of decrypting the message
Each receiver has some secret knowledge, for example a private Each receiver has some secret knowledge, for example a private key, that is necessary to decrypt the message key, that is necessary to decrypt the message
Such systems are called Such systems are called Public Key CryptosystemsPublic Key Cryptosystems
2828
PP ublic Key Encryption ublic Key Encryption
Figure 7. 13 – Multiple Senders Using The Same Encryption Method
2929
PP ublic Key Encryption ublic Key Encryption Examples of Examples of Public Key CryptosystemsPublic Key Cryptosystems include:include:
• RSA AlgorithmRSA Algorithm
• Digital SignaturesDigital Signatures
• Pretty Good Privacy (PGP)Pretty Good Privacy (PGP)
• Authentication & Message DigestAuthentication & Message Digest
3030
PP ublic Key Encryption ublic Key Encryption RSA AlgorithmRSA Algorithm Designed by Rivest, Shamir and AdlemanDesigned by Rivest, Shamir and Adleman
Based on mathematical operations over very large Based on mathematical operations over very large numbersnumbers
ciphertext is surprisingly easy to calculate and very ciphertext is surprisingly easy to calculate and very difficult to break even if the key is knowdifficult to break even if the key is know
The idea here is to have the encryption algorithm The idea here is to have the encryption algorithm known, and the key is known known, and the key is known
3131
PP ublic Key Encryption ublic Key Encryption RSA AlgorithmRSA Algorithm Illustrative example: Assume messages have only uppercase characters Illustrative example: Assume messages have only uppercase characters 1.1. Assign simple code to each character, for example, 1 to 26Assign simple code to each character, for example, 1 to 26
2. 2. Choose Choose pp & & qq prime numbers prime numbers nn = p * q = p * qBoth p & q are secrets and known to the receiverBoth p & q are secrets and known to the receiver
For example n = 11 * 7For example n = 11 * 7
3. 3. Find a number Find a number kk that is relatively prime to (p -1) * (q -1), in this example 60 that is relatively prime to (p -1) * (q -1), in this example 60 This k is the encryption key. In this example, k can be 7This k is the encryption key. In this example, k can be 7
4. 4. Divide the message into components; each with a many characters to avoid Divide the message into components; each with a many characters to avoid repetition. In this example however assume each component has one character.repetition. In this example however assume each component has one character.For example, if the message is “HELLO” For example, if the message is “HELLO” Component are H, E, L, L & O Component are H, E, L, L & O
5. 5. Concatenate the binary codes of each character in a component and find the integer Concatenate the binary codes of each character in a component and find the integer value of the result. value of the result. In our example, the integers of the components will be: 8, 5, 12, 12 & 15In our example, the integers of the components will be: 8, 5, 12, 12 & 15
3232
PP ublic Key Encryption ublic Key Encryption RSA AlgorithmRSA Algorithm Illustrative example (Continues …) Illustrative example (Continues …)
6.6. Encrypt the message by raising each number to the power of Encrypt the message by raising each number to the power of k k thenthen modulo modulo nn. .
in our example, that is:in our example, that is:
8877 modulo 77; 5 modulo 77; 577 modulo 77; 12 modulo 77; 1277 modulo 77; 12 modulo 77; 1277 modulo 77; 15 modulo 77; 1577 modulo 77 modulo 77
The results compose the encrypted message The results compose the encrypted message
in our example, the encrypted message 57, 47, 12, 12, 71in our example, the encrypted message 57, 47, 12, 12, 71
Now when the receiver gets this encrypted message, how can it decrypt it? Now when the receiver gets this encrypted message, how can it decrypt it?
3333
PP ublic Key Encryption ublic Key Encryption RSA AlgorithmRSA Algorithm Illustrative example (Continues …) Illustrative example (Continues …)
• How can the receiver decrypt the message?How can the receiver decrypt the message?
1.1. Find a value k’ such that Find a value k’ such that [(k * k’) – 1] modulo [(p – 1) * (q – 1)] = 0[(k * k’) – 1] modulo [(p – 1) * (q – 1)] = 0in other words, (k * k’) – 1 is evenly divisible by (p – 1) * (q – 1)in other words, (k * k’) – 1 is evenly divisible by (p – 1) * (q – 1)
The value of The value of k’k’ is the decryption key is the decryption key
In our example, k’ can be 43 since (43 * 7) – 1 = 300 divides 60In our example, k’ can be 43 since (43 * 7) – 1 = 300 divides 60
2. Raise each number of the encrypted message by k’ then do modulo n2. Raise each number of the encrypted message by k’ then do modulo nIn our example, that will be: In our example, that will be:
57574343 modulo 77; 47 modulo 77; 474343 modulo 77; 12 modulo 77; 124343 modulo 77; modulo 77;
12124343 modulo 77; 71 modulo 77; 714343 modulo 77 modulo 77 that results in 8, 5, 12, 12 and 15, which are the original numbers that results in 8, 5, 12, 12 and 15, which are the original numbers
3434
PP ublic Key Encryption ublic Key Encryption RSA AlgorithmRSA Algorithm How secure is RSA?How secure is RSA?
• Encryption algorithm requires k & nEncryption algorithm requires k & n• Decryption requires k’ & nDecryption requires k’ & n• Interception of a message would reveal both k & nInterception of a message would reveal both k & n
So, the question is how easy can So, the question is how easy can k’k’ be calculated/obtained? be calculated/obtained?K’ is chosen based on: K’ is chosen based on: [(k * k’) – 1] modulo [(p – 1) * (q – 1)] = 0[(k * k’) – 1] modulo [(p – 1) * (q – 1)] = 0
If p & q are guessed then k’ is obtainedIf p & q are guessed then k’ is obtained n = p * q, and n is known!n = p * q, and n is known! It does not look so difficult then; does it? It does not look so difficult then; does it?
p & q are very big numbers that n is usually more than 200 digitsp & q are very big numbers that n is usually more than 200 digits It is very difficult to guess (factor in fact) p & q from nIt is very difficult to guess (factor in fact) p & q from n Factoring an RSA 2048-bit number worth 200,000$ prize Factoring an RSA 2048-bit number worth 200,000$ prize (as of July 25, 2006) (as of July 25, 2006)
http://www.rsasecurity.com/rsalabs/challenges/factoring/numbers.htmlhttp://www.rsasecurity.com/rsalabs/challenges/factoring/numbers.html
3535
PP ublic Key Encryption ublic Key Encryption Digital SignaturesDigital Signatures Used for authentication purposesUsed for authentication purposes
Figure 7. 14 – Sender Denying Sending a Message
3636
PP ublic Key Encryption ublic Key Encryption Digital SignaturesDigital Signatures The sender has an encryption key The sender has an encryption key k’k’ and the receiver has a decryption key and the receiver has a decryption key j’j’; ;
both k’ and j’ are private keys while k & j are public keys both k’ and j’ are private keys while k & j are public keys
The sender is hence the only one that can sends an authenticated message The sender is hence the only one that can sends an authenticated message
Figure 7. 15 – Sending a Message Using a Digital Signature
3737
PP ublic Key Encryption ublic Key Encryption Authentication vs AuthorizationAuthentication vs Authorization Authorization: make sure that the information is not accessed by an unauthorized Authorization: make sure that the information is not accessed by an unauthorized
entity/person entity/person
Authentication: make sure that the identity of the sender is as it supposed to be and Authentication: make sure that the identity of the sender is as it supposed to be and that the message is received without alternation that the message is received without alternation
Figure 7. 16 – Authenticating a Document
3838
PP ublic Key Encryption ublic Key Encryption Authentication & Message DigestAuthentication & Message Digest The hash function used, also referred to as message digestThe hash function used, also referred to as message digest
The hash function must be strong enough so that it is difficult to The hash function must be strong enough so that it is difficult to find two different M1 & M2 where H(M1) = H(M2) find two different M1 & M2 where H(M1) = H(M2)
Authentication: make sure that the identity of the sender is as it Authentication: make sure that the identity of the sender is as it supposed to be and that the message is received without supposed to be and that the message is received without alternation alternation
Major existing hash functions include:Major existing hash functions include:• MD5MD5• SHA-1SHA-1 (Secure Hash Algorithm) (Secure Hash Algorithm)
3939
PP ublic Key Encryption ublic Key Encryption Pretty Good Privacy (PGP)Pretty Good Privacy (PGP) A freeware mainly used for email security, using A freeware mainly used for email security, using
public key encryption, authentication, digital public key encryption, authentication, digital signatures, and compressionsignatures, and compression
Figure 7. 17 – Accessing PGP Facilities from Within Microsoft Outlook
4040
PP ublic Key Encryption ublic Key Encryption Pretty Good Privacy (PGP)Pretty Good Privacy (PGP)
Figure 7. 18 – Using PGP to Authenticate a Message Created in MS-Outlook
4141
TT ransport Layer Security & ransport Layer Security & Server Authentication Server Authentication
Security is necessary when purchasing, accessing bank account, …etc over a Security is necessary when purchasing, accessing bank account, …etc over a network, such as the Internetnetwork, such as the Internet
Many questions arise: Many questions arise: • Will the site keep your private information secureWill the site keep your private information secure• How can you be sure that the site is legitimate How can you be sure that the site is legitimate • How can you be sure that the sent information will not be seen by someone else? How can you be sure that the sent information will not be seen by someone else?
Is encryption always possible in such cases? Is encryption always possible in such cases?
The answer to these questions lie in protocols such as:The answer to these questions lie in protocols such as:• SSL – SSL – Secure Socket LayerSecure Socket Layer• TSL – TSL – Transport Layer Security Transport Layer Security
as well as the use of security certificates, such asas well as the use of security certificates, such as X.509 CertificateX.509 Certificate
4242
T T ransport Layer Security & Server ransport Layer Security & Server
AuthenticationAuthentication Transport Layer Security (TSL)Transport Layer Security (TSL) Both TSL & SSL lie between the Application Layer (where HTTP runs for example) and the transport layer Both TSL & SSL lie between the Application Layer (where HTTP runs for example) and the transport layer
They perform two major functions:They perform two major functions:• Encryption of information Encryption of information • Authentication of server so that users can assume that the server is what is claim to be Authentication of server so that users can assume that the server is what is claim to be
X.509X.509 provides enough details to conclude whether or not the site is known and it is as it claims to be provides enough details to conclude whether or not the site is known and it is as it claims to be
Figure 7.19 – Transport Layer
Security
4343
FF irewalls irewalls Once a machine is connected to the network it is visible and Once a machine is connected to the network it is visible and
subject to attacks subject to attacks
Each computer in the network has an IP address, so attempts to Each computer in the network has an IP address, so attempts to attack is feasible attack is feasible
Firewalls are designed to reduce the possibilities of such attacksFirewalls are designed to reduce the possibilities of such attacks
A firewall examines all passed traffic and look for possible A firewall examines all passed traffic and look for possible threats threats
Anything that is detected as a threat is denied passage Anything that is detected as a threat is denied passage
4444
FF irewalls irewalls Packet Filtering Packet Filtering
Figure 7. 24 – Packet Filtering
4545
FF irewalls irewalls Application-Level Gateway (Application-Level Gateway (Proxy ServerProxy Server))
Figure 7. 25 – Firewall Designs
