Chapter 1 Data Storage(1) Yonsei University 1 st Semester, 2015 Sanghyun Park.
Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.
-
Upload
helen-alexander -
Category
Documents
-
view
222 -
download
3
Transcript of Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.
![Page 1: Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649eec5503460f94bfdb0e/html5/thumbnails/1.jpg)
Chapter 16Security
Introduction to CS
1st Semester, 2012 Sanghyun Park
![Page 2: Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649eec5503460f94bfdb0e/html5/thumbnails/2.jpg)
Outline Introduction Aspects of Security Privacy Digital Signature
![Page 3: Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649eec5503460f94bfdb0e/html5/thumbnails/3.jpg)
Introduction With the growth of the ______, more and more data are
being exchanged, and those data need to be _______
For example, when we shop on the Internet, we expect that the information we send to the vendor is kept secret
Also, when we receive a message, we sometimes need to ___________ the sender
In this chapter, we touch on the subject of security
There are four aspects of security
![Page 4: Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649eec5503460f94bfdb0e/html5/thumbnails/4.jpg)
Aspects of Security (1/2)
Security
Privacy Authentication Integrity Nonrepudiation
![Page 5: Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649eec5503460f94bfdb0e/html5/thumbnails/5.jpg)
Aspects of Security (2/2) Privacy: Only the ______ and the ________ are able to
understand the contents of the message
Authentication: The receiver needs to be sure of the sender’s _______
Integrity: The contents of the message need to be _________ during transmission
Nonrepudiation: A system needs to prove that the sender _______ sent the message
![Page 6: Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649eec5503460f94bfdb0e/html5/thumbnails/6.jpg)
Privacy Privacy can be achieved using ________________
methods
The data are encrypted at the sender site and decrypted at the receiver site
Two categories of encryption/decryption methods in use today are _______ key and _______ key
![Page 7: Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649eec5503460f94bfdb0e/html5/thumbnails/7.jpg)
Privacy with Secret Key Encryption The simplest way to encrypt data is to use a _____ key The sender uses this key and an ________ algorithm to
encrypt data; the receiver uses the _____ key and the corresponding algorithm to decrypt the data
The _____ key is used in encryption and decryption However, the encryption and decryption algorithms are
the _______ of each other
![Page 8: Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649eec5503460f94bfdb0e/html5/thumbnails/8.jpg)
Data Encryption Standard (DES) (1/2)
We use very sophisticated encryption algorithm; the most common is called data encryption standard (DES)
DES encrypts and decrypts at the ___ level The data are first transformed into a string of ___, and
then broken into _______ of 64 bits Each segment is then encrypted using a 56-bit key
![Page 9: Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649eec5503460f94bfdb0e/html5/thumbnails/9.jpg)
Data Encryption Standard (DES) (2/2)
The secret key algorithms are very _______;they take less time to encrypt or decrypt compared with the ______ key algorithms
Therefore they are very good candidates for ____ messages
Each pair of users must have a secret key
The _________ of the keys between two parties can be difficult
![Page 10: Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649eec5503460f94bfdb0e/html5/thumbnails/10.jpg)
Privacy with Public Key Encryption There are two keys: a private key and a public key The private key is kept by the _______ The public key is announced to the ______ When user A wants to send a message to user B,A uses the _____ key of B to encrypt the message;When the message is received by B,B uses its _______ key to decrypt the message
![Page 11: Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649eec5503460f94bfdb0e/html5/thumbnails/11.jpg)
RSA: Basic Idea The most common public-key algorithm is named after its
inventors, Rivest-Shamir-Adleman (RSA) encryption The private key is a pair of numbers (N, d);
the public key is also a pair of numbers (N, e) The sender uses the following algorithm to encrypt the
message: C = _________ The receiver uses the following algorithm to decrypt the
message: P = _________ A major concept of the RSA algorithm is the use of very
______ numbers for d and e In practice, the trial-and-error approach to breaking the
code takes a _____ time (e.g. several months) even with the fastest computers available today
![Page 12: Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649eec5503460f94bfdb0e/html5/thumbnails/12.jpg)
RSA: Example
![Page 13: Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649eec5503460f94bfdb0e/html5/thumbnails/13.jpg)
RSA: Choosing Public and Private Keys
One question is how to choose the three numbers N, d, and e for encryption and decryption to work
The inventors of the RSA algorithm mathematically proved that using the following procedure guarantees that the algorithm will work Choose two large ______ numbers, p and q Compute N = p x q Choose e (less than N) such that e and (p-1)(q-1) are relative
_______ (having no common factor other than 1) Choose d such that (e x d) mod [(p-1)(q-1)] is equal to ___
![Page 14: Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649eec5503460f94bfdb0e/html5/thumbnails/14.jpg)
Privacy Using The Combination (1/2)
We can combine the advantage of the secret key algorithm (_________) and the advantage of the public key algorithm (easy ___________ of keys)
The procedure is as follows: The sender chooses a ______ key; this secret key is called the
one-session key; it is used only _____ The sender uses the ______ key of the receiver to encrypt the
secret key and sends the encrypted secret key to the receiver The receiver uses the _______ key to decrypt the secret key The sender uses the ______ key to encrypt the actual message
![Page 15: Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649eec5503460f94bfdb0e/html5/thumbnails/15.jpg)
Privacy Using The Combination (2/2)
![Page 16: Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649eec5503460f94bfdb0e/html5/thumbnails/16.jpg)
Digital Signature The other three aspects of security
(integrity, authentication, and nonrepudiation) can be achieved using the ______ of a document by its ______
Digital signature is a digital code that can be attached to an electronically transmitted message and that uniquely _______ the sender
Digital signature must be _________
Digital signature can be done in two ways: signing the ______ document or signing a ______ of the document
![Page 17: Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649eec5503460f94bfdb0e/html5/thumbnails/17.jpg)
Signing The Whole Document (1/3) We can use _____ key encryption to sign the whole
document
The sender uses his ______ key (not the public key of the receiver) to encrypt the message
The receiver uses the _____ key of the sender (not his private key) to decrypt the message
The private key is used for encryption and the public key is used for decryption
![Page 18: Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649eec5503460f94bfdb0e/html5/thumbnails/18.jpg)
Signing The Whole Document (2/3)
This method does not provide ______; anybody can use the ______ key of the sender to read the message.We need another level of encryption
![Page 19: Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649eec5503460f94bfdb0e/html5/thumbnails/19.jpg)
Signing The Whole Document (3/3) The integrity of the message is preserved because,
if an intruder intercepts and changes the message,the decrypted message would be _________
The message can be authenticated because,if an intruder sends a message encrypted by his own private key, the message is then not decrypted correctlyby the public key of the _____ author
Although the sender can deny sending the message,he must reveal (in court) his private key.If we encrypt and decrypt the ________ message,we get the _____ message
![Page 20: Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649eec5503460f94bfdb0e/html5/thumbnails/20.jpg)
Signing The Digest It is very ________ to use public key encryption to sign
the whole document
To make the process more efficient,we can let the sender sign a _______ of the document
The sender makes a _________ of the documentand signs it (encrypts it with his private key)
The receiver then checks the signature of the miniature (decrypts it with the sender’s _______ key)
![Page 21: Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649eec5503460f94bfdb0e/html5/thumbnails/21.jpg)
Creating a Digest of The Message
Use a _____ function to create a digest of the message The digest is of fixed size (usually 128 bits) The two most common hash functions are Message
Digest 5 (MD5) and Secure Hash Algorithm 1 (SHA-1) The hash function has two properties to succeed
Hashing should be _________ Hashing should be _________
![Page 22: Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649eec5503460f94bfdb0e/html5/thumbnails/22.jpg)
Sender Site After the digest has been created,
it is encrypted (signed) using the sender’s ______ key The encrypted digest is ______ to the original message
and sent to the receiver
![Page 23: Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649eec5503460f94bfdb0e/html5/thumbnails/23.jpg)
Receiver Site (1/2) ________ the message and the encrypted digest
Apply the same hash function to the message to create a ______ digest
Decrypt the _______ digest using the public key of the sender
It the two digests are the _____, it is obvious that all three aspects of security are _________
![Page 24: Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649eec5503460f94bfdb0e/html5/thumbnails/24.jpg)
Receiver Site (2/2)
![Page 25: Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649eec5503460f94bfdb0e/html5/thumbnails/25.jpg)
Three Aspects of Security UnderThe Method of Signing The Digest
If the received message creates a ______ of the digest,the message has not been changed
The digest comes from the true sender,so the message also comes from the true sender
The sender cannot deny the message because he cannot deny the digest; the only message that can create that digest is the received message
This method does not provide ______;We need another level of encryption