49 lines
3.2 KiB
Markdown
49 lines
3.2 KiB
Markdown
Lecture Topic:
|
|
Security & Cryptographic Tools
|
|
|
|
# Security
|
|
Prevention: Ideally, no attack can be performed. The use of encryption, prevent unauthorised access, to prevent the loss of confidentiality of the system
|
|
|
|
Detection: If we cannot prevent, we should at least detect them. The use of intrusion detection systems, like firewalls, to log unauthorised access to system is important. An example of this would be denial of service detection so we can fall to a more available system
|
|
|
|
Something 1
|
|
|
|
Something 2
|
|
|
|
Assurance and Evaluation
|
|
|
|
Assurance is the degree of confidence that a system meets the needs of the system being protected, like if the design meets the requirements and the implementation meets the specifications of the design.
|
|
|
|
Evaluation is the examination of the security system, either through testing (pen testing) by internal teams or external teams, or analysis through of use of mathematical methods. A pillar of this area of work is the use of standard evaluation criteria that can be applied to any security system
|
|
|
|
# Cryptographic Tools
|
|
Recap: Information is the most valuable business resource. If this data is private or confidential, we must protect it. It needs to be protected while in motion and at rest
|
|
|
|
## Symmetric Encryption
|
|
Conventional single key encryption example:
|
|
Plaintext input is fed into an algorithm (for example DES) and encrypted with a single key. The output is then transferred. On the other side the same key is used to decrypt the data back to the same input text.
|
|
|
|
The five ingredients of symmetric encryption:
|
|
- Plaintext: The input
|
|
- Encryption algorithm: It performs substitutions and transformations to the plaintext
|
|
- Secret key: It determines what the encryption algorithm does to the plaintext
|
|
- Cipher text: This is the scrambled (meaningless) message that the algorithm outputs based on the secret key
|
|
- Decryption algorithm: This is the encryption algorithm run in reverse. It requires the secret key as an input, as well as the plaintext. It extracts the original plaintext from the cipher text
|
|
Strong Symmetric Encryption:
|
|
- Assume the opponent knows the encryption algorithm, without knowing the key
|
|
- The target should not be able toe get the plaintext or the secret key, even if a number of cipher texts are known by the opponent
|
|
|
|
Approaches to attacking symmetric encryption
|
|
- Cryptanalysis: Tries to analyze the algorithm, with maybe some guesses about what the plaintext contains, and maybe some sample pairs of plaintext-ciphertext pairs. The attacker tried to deduce the original plaintext or secret key used.
|
|
- Brute force: Try every possible key until something that makes sense is obtained. On average, half the number of total keys need to be tried in order to achieve success.
|
|
## Cryptographic Systems Classification:
|
|
The types of operations used by algorithms:
|
|
- Substitution
|
|
- Transposition
|
|
An simple an unsecure example would be a Caesar cipher, which uses solely transposition and has basically no key. An example of the key for a Caesar cipher would be 13, for ROT13, an application of the Caesar cipher
|
|
|
|
The number of keys used to encryption
|
|
- Symmetric, single-key, secret-key, conventional encryption
|
|
- Asymmetric, two-key, public-key encryption
|
|
|