The Secure Environment - PowerPoint PPT Presentation

About This Presentation
Title:

The Secure Environment

Description:

(c) Login rejected after name and password typed. Authentication Using Passwords ... number of login tries. A database of all logins. Simple login name/password ... – PowerPoint PPT presentation

Number of Views:30
Avg rating:3.0/5.0
Slides: 32
Provided by: mrasites
Category:

less

Transcript and Presenter's Notes

Title: The Secure Environment


1
The Secure Environment

2
The Secure Environment

Security goals (C.I.A.) and threats
3
Intruders
  • Common Categories
  • Casual prying by nontechnical users
  • Snooping by insiders
  • Determined attempt to make money
  • Commercial or military espionage
  • Others (such as cyber wars)

4
Basics of Cryptography
5
Network Is NOT Secure
A
D
B
C
6
Encrypt Your Information
A
D
B
C
7
Data Encryption Process
Plaintext
Plaintext
Ciphertext
Decryption
Encryption
Network
8
Two Types of Cryptography
9
Conventional two-way Cryptography
10
Conventional two-way Cryptography
  • Substitution Cipher
  • Caesar Cipher
  • Playfair Cipher
  • Etc.

11
Conventional two-way Cryptography Problems
A
D
B
C
12
Public Key Cryptography
Public
Private
13
Public Key Cryptography Advantages
Private key A
A
Private key D
D
Public key A Public key B Public key C Public key
D
Private key B
B
Private key C
C
14
PKI Certification Authority
  • What is a certificate? Why do we need
    Certification Authorities (CA) or trusted third
    party?

A certificate is a digitally signed statement by
a CA that provides independent confirmation of an
attribute claimed by a person proffering a
digital signature. More formally, a certificate
is a computer-based record which (1) identifies
the CA issuing it, (2) names, identifies, or
describes an attribute of the subscriber, (3)
contains the subscriber's public key, and (4) is
digitally signed by the CA issuing it.
15
Trapdoor function
Public Key Cryptography Some Roads Are One-Way
Easy
N5
Difficulty
N1/5
Trapdoor characteristics (1) It is easy to
compute f(x) from x. (2) Computation of x from
f(x) is likely to be intractable.
16
An Example Encryption
EB(p)
DB(EB(p)) p
Network
User A
User B
A encrypts message p using Bs public key
B decrypts the ciphertext using its own private
key
17
Another Example Digital Signature
EA(DB(EB(DA(p)))) EA(DA(p)) p
EB(DA(p))
Network
User B
User A
A signs message p using its own private key and
encrypts it using Bs public key
B decrypts the ciphertext using its own private
key and verifies it using As public key
18
Hash functions
. . . .. .
Message Digest
Hash
  • The basic requirements for a cryptographic hash
    function H(x) are as follows.
  • The input can be of any length.
  • The output has a fixed length.
  • H(x) is relatively easy to compute for any given
    x.
  • H(x) is one-way.
  • H(x) is collision-free.

19
More on Digital Signature
. . . .. .
Message Digest
Hash
Sign (decrypt) Using Private Key
. . . ..
Append
Signature
Signature
20
More on Digital Signature
. . . ..
Message Digest
Hash
Verify (Encrypt operation) Using Public Key
Message Digest
Signature
21
User Authentication
22
User Authentication
  • Basic Principles. Authentication must identify
  • Something the user knows
  • Something the user has
  • Something the user is
  • This is done before user can use the system

23
Authentication Using Passwords
Note be careful when failed several times.
(a) A successful login (b) Login rejected after
name entered (c) Login rejected after name and
password typed
24
Authentication Using Passwords
  • How a cracker broke into LBL (source
    A.S.Tanenbaum Modern Operating System course
    materials)
  • a U.S. Dept. of Energy research lab

25
Login Spoofing
Login
Login
(b) Phony login screen
(a) Correct login screen
26
Authentication Using Passwords
,
,
,
,
Password
Salt
  • The use of salt to defeat precomputation of
    encrypted passwords

27
Authentication Using a Physical Object
  • Magnetic cards
  • magnetic stripe cards
  • chip cards stored value cards, smart cards

28
Authentication Using Biometrics
A device for measuring finger length.
29
Countermeasures
  • Limiting times when someone can log in
  • Automatic callback at number prespecified
  • Limited number of login tries
  • A database of all logins
  • Simple login name/password as a trap
  • security personnel notified when attacker bites

30
Secure Communications Over Insecure Channels
  • R. C. Merkles Puzzle
  • secure Communications over Insecure Channels
  • Communications of the ACM, 1978, Vol. 21, No. 4.

31
One-way Hash Chain and TESLA
  • Adrian Perrig, Ran Canetti, Dawn Song, and J. D.
    Tygar. Efficient and secure source authentication
    for multicast. In Network and Distributed System
    Security Symposium, NDSS '01, February 2001.
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "The Secure Environment" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!