Post on 27-Dec-2015
Cryptography and Network Security 1
Information Security Principles
(ESGD4222)Eng. Mohanned M. Dawoud
Cryptography and Network Security 2
Textbook
Cryptography and Network Security: Principles and Practice; By William Stallings, Fourth Edition
Cryptography and Network Security 3
Grading and Others
Grading Homework 20% Mid Term 25% Report & Presentation 15% Final exam 40%
Cryptography and Network Security 4
Topics
Introduction Number Theory Traditional Methods: secret key system Modern Methods: Public Key System Digital Signature and others Internet Security: DoS, DDoS Other topics:
secret sharing, zero-knowledge proof, bit commitment, oblivious transfer,…
Cryptography and Network Security 5
Organization
Chapters Introduction Number Theory Conventional Encryption Block Ciphers Public Key System Key Management Hash Function and Digital Signature Identification Secret Sharing Pseudo-random number Generation Email Security Internet Security Others
Cryptography and Network Security 7
Introduction
The art of war teaches us not on the likelihood of the enemy’s not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable.
--The art of War, Sun Tzu
Cryptography and Network Security 8
Cryptography
Cryptography (from Greek kryptós, "hidden", and gráphein, "to write") is, traditionally, the study of means of converting information from its normal, comprehensible form into an incomprehensible format, rendering it unreadable without secret knowledge — the art of encryption.
Past: Cryptography helped ensure secrecy in important communications, such as those of spies, military leaders, and diplomats.
Cryptography and Network Security 9
Crypto-graphy, -analysis, -logy
The study of how to circumvent the use of cryptography is called cryptanalysis, or codebreaking.
Cryptography and cryptanalysis are sometimes grouped together under the umbrella term cryptology, encompassing the entire subject.
In practice, "cryptography" is also often used to refer to the field as a whole; crypto is an informal abbreviation.
Cryptography and Network Security 10
Approaches to Secure Communication Steganography
“covered writing” hides the existence of a message
Cryptography “hidden writing” hide the meaning of a message
Cryptography and Network Security 12
Network Security Model
Trusted Third Party
principal principal
Security transformation
Security transformation
attacker
Cryptography and Network Security 13
Attacks, Services and Mechanisms
Security Attacks Action compromises the information security Could be passive or active attacks
Security Services Actions that can prevent, detect such attacks. Such as authentication, identification, encryption, signature, secret
sharing and so on.
Security mechanism The ways to provide such services Detect, prevent and recover from a security attack
Cryptography and Network Security 14
Attacks
Passive attacks Interception
Release of message contents Traffic analysis
Active attacks Interruption, modification, fabrication
Masquerade Replay Modification Denial of service
Cryptography and Network Security 16
Attack: Interruption
Cut wire lines,Jam wireless
signals,Drop packets,
Cryptography and Network Security 20
Attacks, Services and Mechanisms
Security Attacks Action compromises the information security Could be passive or active attacks
Security Services Actions that can prevent, detect such attacks. Such as authentication, identification, encryption, signature, secret
sharing and so on.
Security mechanism The ways to provide such services Detect, prevent and recover from a security attack
Cryptography and Network Security 21
Important Services of Security Confidentiality, also known as secrecy:
only an authorized recipient should be able to extract the contents of the message from its encrypted form. Otherwise, it should not be possible to obtain any significant information about the message contents.
Integrity: the recipient should be able to determine if the message has
been altered during transmission.
Authentication: the recipient should be able to identify the sender, and verify
that the purported sender actually did send the message.
Non-repudiation: the sender should not be able to deny sending the message.