* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Crypto in data security
Survey
Document related concepts
Computer and network surveillance wikipedia , lookup
Computer security wikipedia , lookup
Cyber-security regulation wikipedia , lookup
Quantum key distribution wikipedia , lookup
Mobile security wikipedia , lookup
Web of trust wikipedia , lookup
Information privacy law wikipedia , lookup
Information security wikipedia , lookup
Block cipher wikipedia , lookup
Diffie–Hellman key exchange wikipedia , lookup
Medical privacy wikipedia , lookup
Social engineering (security) wikipedia , lookup
Cybercrime countermeasures wikipedia , lookup
One-time pad wikipedia , lookup
Post-quantum cryptography wikipedia , lookup
Cryptanalysis wikipedia , lookup
Transcript
CRYPTO IN INFORMATION SECURITY ELMIRA EBRAHIMI, NAZANIN BAYATI, MONA PORBIDEI, SHAGHAYEGH ARABNIA TEACHER:MS.RAEISIAN FALL2015 SHARIATY TECHNICAL COLLEGE 1 INTRODUCTION • Developing in computer network • Secure data???? • Crypto via key • The Roman Empire • Most users, especially "encrypt information, Governments and military users 3 INFORMATION SECURITY • The protection of information and information systems from unauthorized activities • reach out, Disclosure, read, copy or record, manipulate, change, wreck. 4 INFORMATION SECURITY • Significant impact on the privacy of information security • Fields can work: • Securing networks and Infrastructure • securing applications and data bases • security testing • auditing and information systems program review • Planning the continuation of trade and reviews of electronic crimes, etc. 5 BASE CONCEPTS • As the definition of information security, privacy, integrity means and availability information from unauthorized individuals 6 • "Availability" • "integrity“ • "Confidentiality" 7 AVAILABILITY • The information should be when needed by authorized persons are available 8 INTEGRITY • Integrity means that the data will prevent unauthorized change detection and change the information in the event of unauthorized tampering 9 CONFIDENTIALITY • means that prevent information disclosure to unauthorized • • • individuals In credit card, card number is encrypted Privacy breach Like s.o. look at your data or send your data by mobile 10 ACCESS CONTROL • To secure information • Limited to authorized people • Higher secure higher mechanism • Mechanism use authorization 11 AUTHORIZATION • What u are? • What u have? • What u know? 12 • Science of Encryption • Encryption • Decryption 13 SCIENCE OF ENCRYPTION • The science of codes and passwords • Need to prove the identity of the sender and the recipient • The message In the meantime • Should not change the content of the message to make sure 14 ENCRYPTION • The operational • initial data • using an algorithm and a key • becomes a non-understandable text • no access to key, access to information from the encrypted text is impossible 15 DECRYPTION • A device or program • that encrypted data returns to the first State • The change of non-readable codes to text readable 16 APPLICATIONS OF CRYPTOGRAPHY • Credit card information • The issue of membership in the forums • Private information • Details of the personal information • Sensitive information in an organization • Information relating to bank accounts 17 CRYPTO • Cryptography making “secret codes” • Cryptanalysis breaking “secret codes” • Crypto all of the above (and more) Definitions of cryptography (plaintext) (Ciphertext) (key) ALGORITHMS • Basic assumption • The system is completely known to the attacker • Only the key is secret • That is, crypto algorithms are not secret • This is known as Kerckhoffs’ Principle • Why do we make this assumption? History SIMPLE SUBSTITUTION • Plaintext HELLO GUYS • Key: Plaintext ab c d e f g h i j k l mn o p q r s t u v w x y z Ciphertext D E F G H I J K L MN O P Q R S T U VWX Y Z A B C Ciphertext: Khoor Jxbv Shift by 3 CAESAR’S CIPHER http://enigma.louisedade.co.uk/howitworks.html DOUBLE TRANSPOSITION One-time Pad: Encryption e=000 h=001 i=010 k=011 l=100 r=101 s=110 t=111 TAXONOMY OF CRYPTOGRAPHY • Symmetric Key • • Same key for encryption and decryption Two types: Stream ciphers _ like a one-time pad, Block ciphers • Public Key (or asymmetric crypto) • Two keys, one for encryption (public), and one for decryption (private) • Also, digital signatures nothing comparable in symmetric key crypto • Hash algorithms • Sometimes viewed as “one way” crypto SYMMETRIC KEY CRYPTO STREAM CIPHERS • Once upon a time, the king of crypto • Today, not as popular as block ciphers • A5/1 • Based on shift registers • Used in GSM mobile phone system A5/1 X x0 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 x13 x14 x15 x16 x17 x18 Y y0 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 y13 y14 y15 y16 y17 y18 y19 y20 y21 Z z0 z1 z2 z3 z4 z5 z6 z7 z8 z9 z10 z11 z12 z13 z14 z15 z16 z17 z18 z19 z20 z21 z22 maj(x8, y10, z10) BLOCK CIPHERS • Plaintext and ciphertext consist of fixed-sized blocks • Ciphertext obtained from plaintext by iterating a round function • Input to round function consists of key and the output of previous round • Usually implemented in software • Data Encryption Standard(DES) • Advanced Encryption Standard(AES) PUBLIC KEY CRYPTOGRAPHY • Two keys • Sender uses recipient’s public key to encrypt • Recipient uses private key to decrypt • Based on “trap door one way function” • RSA is the gold standard in public key crypto HASH FUNCTION • Crypto hash function h(x) must provide • Compression output length is small • Efficiency h(x) easy to compute for any x • One-way given a value y it is infeasible to find an x such that h(x) = y VISUAL CRYPTOGRAPHY If a pixel is white, randomly choose a or b for Alice’s/Bob’s shares If a pixel is black, randomly choose c or d no info from one share • منابع http://wikipedia.org/wiki/(computer_security) www.irannetbook.com Wikipedia hit.mums.ac.ir www.sarzaminDownload.com www.certcc.ir Question ?? THANKS FOR LISTENING