Information Security & Cryptographic Principles. Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction

  • View
    217

  • Download
    1

Embed Size (px)

Text of Information Security & Cryptographic Principles. Infosec and Cryptography Subjects / Topics : 1....

  • Slide 1
  • Information Security & Cryptographic Principles
  • Slide 2
  • Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction to computer cryptography 2. Single key cryptographic algorithms 2. Single key cryptographic algorithms 3. Public key cryptographic algorithms 3. Public key cryptographic algorithms 4. Crypto Applications 4. Crypto Applications 5. Business Continuity 5. Business Continuity
  • Slide 3
  • Intranet Extranet Internet AliceBob There are Confidence and Trust Issues Basic Problem
  • Slide 4
  • Multiple Security Issues Privacy Integrity Authentication Non-repudiation Not sent not received Interception Spoofing Modification Proof of parties involved Claims
  • Slide 5
  • Information Security IntegrityAvailability Confidentiality
  • Slide 6
  • Security Services Integrity Information has not been altered Confidentiality Content hidden during transport Authentication Identity of originator confirmed Non-Repudiation Originator cannot repudiate transaction
  • Slide 7
  • Some confidential text (message) in clear (readable) form Data Confidentiality
  • Slide 8
  • Some confidential text (message) in clear (readable) form Someconfid entialtext essage) in clear E n c r y p t i o n Cryptography
  • Slide 9
  • Some confidential text (message) in clear (readable) form D e c r y p t i o n Someconfid entialtext essage) in clear Cryptography
  • Slide 10
  • Some confidential text (message) in clear (readable) form Someconfi Entialte essage) in clear Crypto Transformations
  • Slide 11
  • Some confidential text (message) in clear (readable) form Crypto Transformations Someconfi Entialte essage) in clear
  • Slide 12
  • Some confidential text (message) in clear (readable) form Crypto key Parameterization Someconfid entialtext essage) in clear Someconfid entialtext essage) in clear Someconfid entialtext essage) in clear Someconfid entialtext essage) in clear Someconfid entialtext essage) in clear Someconfid entialtext essage) in clear Someconfid entialtext essage) in clear Someconfi Entialte essage) in clear
  • Slide 13
  • Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction to computer cryptography 2. Single key cryptographic algorithms 2. Single key cryptographic algorithms 3. Public key cryptographic algorithms 3. Public key cryptographic algorithms 4. Crypto Applications 4. Crypto Applications 5. Business Continuity 5. Business Continuity
  • Slide 14
  • Some confidential text (message) in clear (readable) form Someconfid Entialtext essage) in clear E n c r y p t i o n D e c r y p t i o n Crypto key Single Key Crypto
  • Slide 15
  • How to design good cryptographic systems ? What does it mean good crypto system ? Design... ?
  • Slide 16
  • 1. Simple for users 1. Simple for users 2. Complicated for intruders 2. Complicated for intruders 3. Public algorithm 3. Public algorithm 4. Secret key 4. Secret key 5. Large number of combinations 5. Large number of combinations 6. Special properties 6. Special properties Principles
  • Slide 17
  • 1. AES 1. AES 2. IDEA 2. IDEA 3. Triple - DES 3. Triple - DES 4. RC-2 4. RC-2 5. RC-4 5. RC-4 6. Blowfish 6. Blowfish Other Symmetric Algorithms
  • Slide 18
  • Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction to computer cryptography 2. Single key cryptographic algorithms 2. Single key cryptographic algorithms 3. Public key cryptographic algorithms 3. Public key cryptographic algorithms 4. Crypto Applications 4. Crypto Applications 5. Business Continuity 5. Business Continuity
  • Slide 19
  • Some confidential text (message) in clear (readable) form Someconfi entialtext essage) in clear E n c r y p t i o n D e c r y p t i o n Crypto key Secret Key Systems
  • Slide 20
  • ? Key Exchange
  • Slide 21
  • Public Key Cryptography Some confidential text (message) in clear (readable) form Encryption Key 1 Key 2 Someconfi entialtext essage) in clear Decryption
  • Slide 22
  • Public Key Cryptography MSG Encryption Bob Public Bob tia Decryption MSG Alice Alice Public Bob PrivateAlice Private Digital Signature Authentication Non-Repudiation
  • Slide 23
  • Public Key Cryptography MSG Encryption Bob Public Bob tia Decryption MSG Alice Alice Public Bob PrivateAlice Private Confidentiality
  • Slide 24
  • m m Symmetric: Faster than asymmetric, hard to break with large key, hard to distribute keys, too many keys required, cannot authenticate or provide non- repudiation. m m Includes: DES, Triple DES, Blowfish, IDEA, RC4, RC5, RC6, AES Symmetric and Asymmetric Encryption
  • Slide 25
  • m m Asymmetric cryptography: Better at key distribution, better scalability for large systems, can provide authentication and non-repudiation, slow, math intensive m m Includes: RSA, ECC, Diffie Hellman, El Gamal, DSA, Knapsack, PGP Symmetric and Asymmetric Encryption
  • Slide 26
  • Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction to computer cryptography 2. Single key cryptographic algorithms 2. Single key cryptographic algorithms 3. Public key cryptographic algorithms 3. Public key cryptographic algorithms 4. Crypto Applications 4. Crypto Applications 5. Business Continuity 5. Business Continuity
  • Slide 27
  • 1. Digital signature 2. Digital enveloping 3. Digital certificates 4. Secret key exchange Crypto Applications
  • Slide 28
  • A Digital Signature is a data item A Digital Signature is a data item that vouches for the origin and that vouches for the origin and the integrity of a Message the integrity of a Message Intranet Extrane t Internet Alice Bob Digital Signature
  • Slide 29
  • Hash Function Message Signature Private Key Encryption Digest Message Decryption Public Key ExpectedDigestActualDigest Hash Function SignerReceiver Channel DigestAlgorithm DigestAlgorithm Digital Signature
  • Slide 30
  • Real Identity of the Signer. Why should I trust what the Sender claims to be ? be ? Moving towards PKI Digital Signature
  • Slide 31
  • A Digital Certificate is a binding between an entitys Public Key and one or more Attributes related to its Identity. The entity The entity can be a Person, an Hardware Component, a Service, etc. A Digital Certificate A Digital Certificate is issued (and signed) by someone : Usually the issuer is a Trusted Third Party Digital Certificate
  • Slide 32
  • CERTIFICATE Issuer Subject Issuer Digital Signature Subject Public Key Digital Certificate
  • Slide 33
  • How are Digital Certificates Issued? How are Digital Certificates Issued? Who is issuing them? Who is issuing them? Why should I Trust the Certificate Issuer? Why should I Trust the Certificate Issuer? How can I check if a Certificate is valid? How can I check if a Certificate is valid? How can I revoke a Certificate? How can I revoke a Certificate? Who is revoking Certificates? Who is revoking Certificates? Moving towards PKI Digital Certificate
  • Slide 34
  • Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction to computer cryptography 2. Single key cryptographic algorithms 2. Single key cryptographic algorithms 3. Public key cryptographic algorithms 3. Public key cryptographic algorithms 4. Crypto Applications 4. Crypto Applications 5. Business Continuity 5. Business Continuity
  • Slide 35
  • Business Continuity and Disaster Recovery m m Businesses are more susceptible to failure after a disaster m m Goal To minimize disaster aftermath and ensure resources, personnel, and business processes resume m m By Planning measures Backing up data and hardware Getting the right people in place m m Requirements Management support Driving the project, top-down approach Must understand value of investing in BCP Returns can be priceless
  • Slide 36
  • Business Continuity Steps m m Steps Develop the continuity planning policy statement Conduct the business impact analysis (BIA) Identify preventive controls Develop recovery strategies Develop the contingency plan Test the plan and conduct training and exercises Maintain the plan m m Understanding the Organization
  • Slide 37
  • Business Continuity Plan
  • Slide 38
  • Business Impact Analysis BIA Considered a functional analysis Team collects data in variety of ways Maps out following characteristics: Maximum tolerable downtime Operational disruption and productivity Financial considerations Regulatory responsibilities Reputation Understand the variety of possible threats Must go through all possible scenarios
  • Slide 39
  • Questions