Documente Academic
Documente Profesional
Documente Cultură
Digital Signature
Not a digital signature
Digital Signature
Digital Signature
More Definitions
Unconditional security No matter how much computer power is available, the cipher cannot be broken since the ciphertext provides insufficient information to uniquely determine the corresponding plaintext Computational security Given limited computing resources (e.g time needed for calculations is greater than age of universe), the cipher cannot be broken
hash functions are important tools in cryptography for applications such as digital fingerprinting of messages, message authentication, and key derivation. arbitrary finite length into strings of fixed length.
function H of the form h=H(M) where M is a variable-length message and H(M) is the fixed-length hash value.
The purpose of a hash function is to
file,
signature applications, where a large file must be compressed in a secure manner before being signed (encrypted) with a private secret key under a public-key cryptosystem.
The purpose of a hash function is to
2.7 Cryptographic Hash Function and its requirements A hash function H must have the following properties:
H can be applied to a block of data of any size. H produces a fixed-length output. H(x) is relatively easy to compute for any x, making both hardware and software implementations practical.
2.7 Cryptographic Hash Function and its requirements A hash function H must have the following properties: For any given code m, it is computationally infeasible to find x such that H(x) = m. For any given block x, it is computationally infeasible to find y x with H(y) = H(x). It is computationally infeasible to find any pair (x, y) such that H(x) = H(y).
2.8 Steganography
Steganography serves to hide secret
messages in other messages, such that the secrets very existence is concealed. Generally the sender writes an innocuous message and then conceals a secret message on the same piece of paper.
2.8 Steganography
More
recently, people are hiding secret messages in graphic images. Replace the least significant bit of each byte of the image with the bits of the message. The graphical image wont change appreciablymost graphics standards specify more gradations of color than the human eye can noticeand the message can be stripped out at the receiving end.
or in mathematical notation. Its a standard operation on bits: ^0=0 ^1=1 ^0=1 ^1=0
0 0 1 1
Ongoing Communication
DS
Plaintext
Receiver
Sender Encrypts
Transmission
Receiver Decrypts
1. Hash
MD
3. Are they Equal?
MD
Critical Deception
Believes True Person is authenticated based on Impostors public key True Person, here is a message encrypted with your public key.
Digital Certificates
Digital certificates are electronic documents
that give the true partys name and public key Applicants claiming to be the true party have their authentication methods tested by this public key If they are not the true party, they cannot use the true partys private key and so will not be authenticated Digital certificates follow the X.509 Standard
digital signature and a digital certificate to give the public key needed to test the digital signature
Certificate Authority Digital Certificate: True Partys Public Key
Applicant DS Plaintext
Verifier
Certificate Authority PKI Server Create & Distribute (1) Private Key and (2) Digital Certificate
Verifier (Cheng)
Verifier (Brown)
Applicant (Lee)
Verifier (Cheng)
Applicant (Lee)
Verifier (Brown)
Example
Application-specific (for instance, passwords for a database program); Application (Proxy) Firewalls SSL (TLS), Packet Filter Firewalls IPsec, Packet Filter Firewalls Point-to-Point Tunneling Protocol (PPTP), Layer 2 Tunneling Protocol (L2TP) Physical locks on computers, Notebook Encryption
protection if one layers security fails Having security at multiple layers also slows processing on the device So provide protection in at least two layers but not in all layers
Need to make security proportional to risks Organizations face different risks Policies bring consistency Must be enforced. Training in the importance of security and in protection techniques Social engineering prevention training
Incident handling
Stopping the attack Restoring the system Prosecution Planning and practicing before the incident
Need to protect employee & customer privacy
Privacy
www.trustcenter.de/products/express/en/en.htm
( )
) (
) (
) (
) (outlook Express
) (Send