CSCU Module 04 Data

1 CopyrightbyEC-CouncilAllRightsReserved.ReproductionisStrictlyProhibited.
Data Encryption
Simplifying Security.
Module 4

Roughly40percentofITworkersbelievetheycouldholdanemployersnetworkhostage evenafterleavingthecompany bywithholdingorhidingencryptionkeys,accordingtoarecentsurveyof500ITsecurityspecialists.
Thestudy,releasedMonday,May23,alsorevealedthatathirdofsurveyrespondentswereconfidentthattheirknowledgeandaccesstoencryptionkeysandcertificatescouldbringacompanytoahaltwithlittleeffort.ConductedinApril2011,thesurveywassanctionedbyVenafi,anetworkkeyandencryptionprovider.
40PercentofITWorkersCouldHoldEmployerNetworksHostage,SurveyFinds
Itsashamethatsomanypeoplehavebeensoldencryptionbutnotthemeansorknowledgetomanageit,saidJeffHudson,CEOofVenafi,inastatement.ITdepartmentsmusttrackwherethekeysareandmonitorandmanagewhohasaccesstothem....Itsnolongerrocketscience.Yetrecent,costlybreachesatSony,Epsilonandelsewherereinforcetheneedforbothmoreencryptionandeffectivemanagement.
http://www.govtech.com
May23,2011

Module Objectives
CommonTerminologies
WhatIsEncryption?
ObjectivesofEncryption
TypesofEncryption
EncryptionStandards
Symmetricvs.AsymmetricEncryption
UsageofEncryption
DigitalCertificates
WorkingofDigitalCertificates
DigitalSignature
HowDigitalSignatureWorks?
CryptographyTools

Module Flow
Encryption TypesofEncryptionEncryptionStandards
DigitalCertificates
DigitalSignature
CryptographyTools

5
Cipher TextCiphertextisencryptedandunreadable untilitisdecryptedtoplaintextwithakey
Encryption KeyAnencryptionkeyisapieceofinformationthatisusedtoencrypt anddecrypt data
Common Terminologies
PlaintextPlaintextorcleartext isunencryptedreadabletext

What Is Encryption?
Plaintext(Morpheus)Bob Alice
Encryptionistheprocessofconvertingdataintoaciphertextthatcannotbeunderstoodbytheunauthorizedpeople
Toreadanencryptedfile,youmusthaveaccess toasecretkeyorpasswordthatenablesyoutodecryptit
Encryptionisusedtoprotectsensitiveinformation duringtransmissionandstorage
EncryptedDATAisreceivedbyAlice
Alicereceivestheplaindataafterdecryption
EncryptedDATA(3*.,[email protected]!w9)

DataIntegrity
Authentication
Nonrepudiation
Thereceiverofamessagecancheckwhetherthemessagewasmodifiedduringtransmission,eitheraccidentallyordeliberately
Thereceiverofamessagecanverifytheoriginofthemessage
Nootherusershouldbeabletosendamessagetotherecipientastheoriginalsender(dataoriginauthentication)
Thesenderofamessagecannotdeny thathe/shehassentthemessage
Objectives of Encryption

Usage of EncryptionIthelpstosafelystoresensitiveinformationonacomputerorexternalstoragemedia
Encryptionisusedtoprotectusercredentials suchasusernameandpasswords
Encryptionprovidesassurance ofasendersidentity
Itisalsousedasaresourceforwebbasedinformationexchangetoprotectimportantinformation suchascreditcardnumbers
Encryptionprovidesasecuremedium foruserstoconnecttotheirfriendsoremployeesnetworkfromoutsideofthehomeoroffice
Itprovidesahigherleveloftrust whenreceivingfilesfromotherusersbyensuringthatthesourceandcontentsofthemessagearetrusted

Module Flow
DigitalCertificates
DigitalSignature
CryptographyTools

Types of EncryptionSymmetricEncryptionSymmetricencryption(secretkey,sharedkey,andprivatekey)usesthesamekeyforencryptionanddecryption
AsymmetricEncryptionAsymmetricencryption(publickey)usesdifferentencryptionkeysforencryptionanddecryption.Thesekeysareknownaspublicandprivatekeys
HashFunction
Hashfunction(messagedigestsoronewayencryption)usesnokeyforencryptionanddecryption
DearJohn,ThisismyA/Cnumber7974392830
GuuihifhofnkbifkfnnfkNklclmlm#^*&(*)_(_
Encryption Decryption
Plaintext PlaintextCiphertext
SymmetricEncryption
AsymmetricEncryption
GuuihifhofnkbifkfnnfkNklclmlm#^*&(*)_(_
Plaintext Ciphertext Plaintext
Encryption Decryption
Hashfunction
Plaintext Ciphertext
Hashfunction

Symmetric vs. Asymmetric Encryption
SymmetricEncryption AsymmetricEncryption
Symmetricencryptionusesonlyonekeyforbothencryptionanddecryption
Thekeycannotbeshared freely
Symmetricencryptionrequiresthatboththesenderandthereceiverknowthesecretkey
Usingsymmetricencryption,datacanbe encryptedfaster
Thisalgorithmislesscomplexandfaster
Symmetricencryptionensuresconfidentialityandintegrity
AsymmetricEncryptionusesapublickeyforencryptionandaprivatekey fordecryption
Inasymmetricencryption,thepublickeycanbefreelyshared,whicheliminatestheriskofcompromisingthesecretkey
TheencryptionprocessusingAsymmetricEncryptionisslowerandmorecomplex
Asymmetricencryptionensuresconfidentiality,integrity,authentication,andnonrepudiation

Module Flow
DigitalCertificates
DigitalSignature
CryptographyTools

Encryption Standards
DataEncryptionStandard(DES)
AdvancedEncryptionStandard(AES)
DataEncryptionStandard(DES)isthenameoftheFederalinformationProcessingStandard(FIPS)463,whichdescribesthedataencryptionalgorithm(DEA)
TheDEAisasymmetriccryptosystemoriginallydesignedforimplementationinhardware
DEAisalsousedforsingleuserencryption,suchastostorefilesonaharddiskinencryptedform
AdvancedEncryptionStandard(AES)isasymmetrickeyencryptionstandardadoptedbytheU.S.government
Ithasa128bit blocksize,withkeysizesof128,192and256bits,respectively,forAES128,AES192andAES256

Module Flow
DigitalCertificates
DigitalSignature
CryptographyTools

Digital Certificates
Detailsofownerspublickey
DigitalsignatureoftheCA(issuer)
Serialnumberofdigitalsignature
Ownersname
Expirationdateofpublickey
NameoftheCertificateAuthority(CA)whoissuedthedigitalcertificate
Adigitalcertificateisanelectroniccardthatprovidescredentialinformationwhileperformingonlinetransactions
Itactsasanelectroniccounterparttoadrivers license,passport,ormembershipcardandverifiestheidentityofallusersinvolvedinonlinetransactions
Adigitalcertificategenerallycontains:

PrivateKey
PublicKey Validationofelectronicsignature Inquiresaboutpublickeycertificate
validitytovalidationauthority
DeterminedResult
PublicKeyCertificate
Messageinpublickeycertificatesignedwithdigitalsignature
User
PublicKeyCertificate
UpdatesInformation
UserAppliesforCertificate
RegistrationAuthority(RA)
RequestforIssuingCertificate
ValidationAuthority(VA)
CertificationAuthority(CA)
How Digital Certificates Work

Module Flow
DigitalCertificates
DigitalSignature
CryptographyTools

Digital SignatureDigitalsignatureimplementsasymmetriccryptographytosimulatethesecuritypropertiesofasignatureindigital,ratherthanwrittenform
Digitalsignatureschemesinvolvetwoencryptionkeys:aprivatekeyforsigningthemessageandapublickeyforverifyingsignatures
Digitalstandardsfollowtheopenstandards astheyarenottiedtoanindividualormanufacturer
Itisoftenusedtoimplementelectronicsignatures andcanbeusedbyanytypeofmessage
Itisindependentofthesignature verificationbetweenthesenderandthereceiver

How Digital Signature Works
SIGN
SEAL
DELIVER
ACCEPT
OPEN
VERIFY
Encryptmessageusingonetimesymmetrickey
EncryptthesymmetrickeyusingrecipientsPUBLICkey
Mailelectronicenvelopestotherecipient
ConfidentialInformation
Rehash the message and compare it with the hash value attached with the mail
RecipientdecryptonetimesymmetrickeyusinghisP

CSCU Module 04 Data

Text of CSCU Module 04 Data

CSCU Brochure New 2012

Transform CSCU 2020

CSCU Module 13 Securing Mobile · PDF filethe Malicious Mobile Threats Report 2010/2011 released May 11. The ... Module Objectives Mobile Device Security Mobile Phone Services

CSCU Module 05 Data Backup and Disaster

Cscu module 04 data encryption

UNCLASSIFIED EhhhhhhhlhhhhE EhhhhmhohhhiE . 04(. NOTICE This document is ... Input Module--DEGADISIN 19 2. ... FOR CsCU i, Downwind Dispersion , %" Figure 1.1. Schematic diagram of

RFP CSCU-1809 - · PDF fileREQUEST FOR PROPOSALS RFP CSCU-1809 Virtual Net Metering Beneficial Credits Power Purchase Agreement for Connecticut State Colleges & Universities (CSCU)

Cscu module 12 information security and legal compliance

CSCU Module 12 Information Security and Legal · PDF fileTitle: Microsoft PowerPoint - CSCU Module 12 Information Security and Legal Compliance.pptx Author: Raj Created Date: 5/17/2012

CSCU Module 11 Security on Social Networking Sites.pdf

CSCU Research Layout 1 4/23/19 9:26 AM Page 1more.southernct.edu/wp-content/uploads/2019/04/cscu-faculty-research... · PDF fileThe proportions were determined using the American

10 CSCU Newsletter-A CSCU Newsletter-A

CSCU Module 04 Data Encryption - Mercu Buana UniversityTitle: Microsoft PowerPoint - CSCU Module 04 Data Author: Raj Created Date: 5/17/2012 5:40:26 PMfasilkom.mercubuana.ac.id/wp-content/uploads/2017/... ·

ECC-CSCU Certificate

State of Connecticut - CSCU

CSCU Biochemistry Transfer Pathway - ct Pathway Documents.2018.pdf CSCU Biochemistry Transfer Pathway

Cscu power point

CSCU Module 10 Social Engineering and Identity Theft.pdf

CSCU Module 13 Securing Mobile

Cscu module 05 data backup and disaster recovery

Cscu module 10 social engineering and identity theft

CSCU Module 05 Data Backup and Disaster · PDF fileData Backup and Disaster Recovery SimplifyingSecurity. Module 5. ... Module Objectives Data Backup What Files to Backup and How Often?

Certified Secure Computer User (CSCU) · PDF fileAFRALTI Certified Secure Computer User Certified Secure Computer User (CSCU) AFRALTI (CSCU) Essential Security for Knowledge Workers

Cscu module 06 internet security

CSCU Module 12 Information Security and Legal

2016SFDK CSCU Event flyer

CSCU 411 Software Engineering

CSCU Module 06 Internet

CSCU Module 09 Securing Email

Cscu module 09 securing email communications