IT Questions

Anonymous
timer Asked: Oct 16th, 2018
account_balance_wallet $9.99

Question Description

hello,

everything in the file

thank you


ffffffffffffffffffaaaaaaaaaaaaaaaaaaaaaaaaaaaa

Unformatted Attachment Preview

Principles of Information Security Sixth Edition Chapter 8 Cryptography Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Learning Objectives • Upon completion of this material, you should be able to: – Chronicle the most significant events and discoveries in the history of cryptology – Explain the basic principles of cryptography – Describe the operating principles of the most popular cryptographic tools – List and explain the major protocols used for secure communications Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Introduction • Cryptology: the field of science that encompasses cryptography and cryptanalysis. • Cryptanalysis: the process of obtaining the plaintext message from a ciphertext message without knowing the keys used to perform the encryption. • Cryptography: the process of making and using codes to secure information. Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Foundations of Cryptology • Cryptology has an extensive and multicultural history. • All popular Web browsers use built-in encryption features for secure e-commerce applications. • Restrictions on the export of cryptosystems began after World War II. Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Terminology (1 of 2) • • • • • • • • Algorithm Bit stream cipher Block cipher Cipher or cryptosystem Ciphertext/Cryptogram Code Decipher Decrypt Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Terminology (2 of 2) • • • • • • • • Encipher Encrypt Key/Cryptovariable Keyspace Link encryption Plaintext/Cleartext Steganography Work factor Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Cipher Methods • Plaintext can be encrypted through: – Bit stream: each plaintext bit is transformed into a cipher bit one bit at a time. – Block cipher: message is divided into blocks (e.g., sets of 8- or 16-bit blocks), and each is transformed into encrypted block of cipher bits using algorithm and key. Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Substitution Cipher • Substitutes or exchanges one value for another • Monoalphabetic substitution: only incorporates a single alphabet in the encryption process • Polyalphabetic substitution: incorporates two or more alphabets in the encryption process • Vigenère cipher: advanced type of substitution cipher that uses a simple polyalphabetic code; made up of 26 distinct cipher alphabets Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Table 8-2 The Vigenere square Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Transposition Cipher • Also known as a permutation cipher; involves simply rearranging the values within a block based on an established pattern. • Can be done at the bit level or at the byte (character) level. • To make the encryption even stronger, the keys and block sizes can be increased to 128 bits or more. Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Exclusive OR (XOR) • A function within Boolean algebra used as an encryption function in which two bits are compared. – If the two bits are identical, the result is a binary 0. – If the two bits are not identical, the result is a binary 1. • Very simple to implement and simple to break; should not be used by itself when organization is transmitting/storing sensitive data. Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Table 8-3 XOR Table First bit Second bit result 0 0 0 0 1 1 1 0 1 1 1 0 Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Table 8-3 Example XOR Encryption Text value Binary value CAT as bits 010000110100000101010100 VVV as key 010101100101011001010110 Cipher 000101010001011100000010 Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Vernam Cipher • A cryptographic technique developed at AT&T and known as the “one-time pad.” • This cipher uses a set of characters for encryption operations only one time and then discards it. • To perform: – The pad values are added to numeric values that represent the plaintext that needs to be encrypted – Each character of the plaintext is turned into a number and a pad value for that position is added – The resulting sum for that character is then converted back to a ciphertext letter for transmission – If the sum of the two values exceeds 26, then 26 is subtracted from the total Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Book-Based Ciphers • Uses text from a predetermined book as a key to decrypt a message. • Book cipher: ciphertext consists of a list of codes representing page, line, and word numbers of plaintext word. • Running key cipher: uses a book for passing the key to cipher similar to Vigenère cipher; sender provides encrypted message with sequence of numbers from predetermined book to be used as an indicator block. • Template cipher: involves use of hidden message in book, letter, or other message; requires page with specific number of holes cut into it. Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Hash Functions • Mathematical algorithms that create a message summary or digest to confirm message identity and integrity • Convert variable-length messages into a single fixedlength value • Message authentication code (MAC) may be attached to a message • Used in password verification systems to store passwords and confirm the identity of the user Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Figure 8-4 Various hash values Source: SlavaSoft HashCalc. Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Cryptographic Algorithms • Often grouped into two broad categories, symmetric and asymmetric. • Today’s popular cryptosystems use a combination of both symmetric and asymmetric algorithms. • Symmetric and asymmetric algorithms are distinguished by the types of keys used for encryption and decryption operations. Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Symmetric Encryption (1 of 2) • A cryptographic method in which the same algorithm and “secret” are used both to encipher and decipher the message; also known as private-key encryption. • Can be programmed into fast computing algorithms and executed quickly. • Both sender and receiver must possess the same secret key. • If either copy of the key is compromised, an intermediate can decrypt and read messages without sender/receiver knowledge. Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Symmetric Encryption Encryption (2 of 2) • Data Encryption Standard (DES): one of the most popular symmetric encryption cryptosystems. – 64-bit block size; 56-bit key • Triple DES (3DES): created to provide security far beyond DES. – Advanced Encryption Standard (AES): developed to replace both DES and 3DES ▪ Adopted by NIST in November 2001 as the federal standard for encrypting non-classified information Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Figure 8-5 Example of symmetric encryption Rachel at ABC corp. generates a secret key. She must somehow get it to Alex at XYZ corp. out of band. Once Alex has it, Rachel can use it to encrypt messages, and Alex can use it to decrypt and read them. Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Asymmetric Encryption • A cryptographic method that incorporates mathematical operations involving two different keys (commonly known as the public key and the private key) to encipher or decipher a message. • Either key can be used to encrypt a message, but then the other key is required to decrypt it. • Also known as public-key encryption. • Uses two different but mathematically related keys – Either key can encrypt or decrypt a message – If Key A encrypts a message, only Key B can decrypt – Greatest value when one key serves as a private key and the other serves as a public key • RSA algorithm was the first public-key encryption algorithm developed/published for commercial use. Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Figure 8-6 Example of asymmetric encryption Alex at XYZ corp. wants to send a message to Rachel at ABC corp. Rachel stores her public key where it can be accessed by anyone. Alex retrieves Rachel’s key and uses it to create ciphertext that can be decrypted only by Rachel’s private key, which only she has. To respond, Rachel gets Alex’s public key to encrypt her message. Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Encryption Key Size • When deploying ciphers, the size of the cryptovariable or key is very important. • The strength of many encryption applications and cryptosystems is measured by key size. • For cryptosystems, the security of encrypted data is not dependent on keeping the encrypting algorithm secret. • Cryptosystem security depends on keeping some or all of elements of cryptovariable(s) or key(s) secret. Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Table 8-5 Encryption key power (1 of 3) • • It is estimated that to crack an encryption key using a brute force attack, a computer needs to perform a maximum of 2^k operations (2k guesses), where k is the number of bits in the key. In reality, the average estimated time to crack is half that time. The estimated average time to crack is based on a 2015-era PC with an Intel i7-6700k Quad core CPU performing 207.23 Dhrystone GIPS (billion instructions per second) at 4.0 GHz** Key Length (Bits) Maximum Number of Operations (Guesses) Maximum Time to Crack Estimated Average Time to Crack 16 65,536 0.0000003 seconds 0.00000016 seconds 24 16,777,216 0.00008 seconds 0.00004 seconds 32 4,294,967,296 0.02 seconds 0.01 seconds 56 7.E+16 4.02 days 2.01 days 64 2.E+19 42.93 years 21.47 years 128 3.E+38 19,005,227,625,557,100, 000,000 years 9,502,613,812,778,540, 000,000 years Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Table 8-5 Encryption key power (2 of 3) Key Length (Bits) 256 512 Maximum Number of Operations (Guesses) Maximum Time to Crack Estimated Average Time to Crack 1.E+77 6,467,143,840,295,770, 000,000,000,000,000, 000,000,000,000,000, 000,000,000,000,000 years 3,233, 571,920,147,890,000, 000,000,000,000,000, 000,000,000,000,000, 000,000,000,000 years 1.E+154 748,844,096, 666,088,000,000,000,000, 000,000,000,000,000,000, 000,000,000,000,000,000, 000,000,000,000,000,000, 000,000,000,000,000,000, 000,000,000,000,000,000, 000,000,000,000,000,000, 000 years 374,422,048, 333,044,000,000,000,000, 000,000,000,000,000,000, 000,000,000,000,000,000, 000,000,000,000,000,000, 000,000,000,000,000,000, 000,000,000,000,000,000, 000,000,000,000,000,000, 000 years Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Table 8-5 Encryption key power (3 of 3) **Note: The authors acknowledge that this benchmark is based on a very specific application test and that the results are not generalizable. However, these calculations are shown to illustrate the relative difference between key length strength rather than to accurately depict time to crack. Even using the much more conservative TechSpot 7-zip benchmark, which clocked this CPU at 25,120 MIPS (or 25.12 GIPS), the estimated average time to crack would only be approximately 8.25 times slower than the numbers shown, resulting in an average time to crack of 16.6 days, as opposed to the 2.01 days shown above for a 56-bit key length. Some new 2016-era CPUs are approximately twice as fast as the version shown here on the 7-zip benchmarks, but they do not include Dhrystone benchmarks (such as the Intel Core i7-6950X with 10 cores/20 threads). Source: www.techspot.com/review/1187-intel-core-i7-6950x-broadwelle/page4.html. Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Cryptographic Tools • Potential areas of use include: – Ability to conceal the contents of sensitive messages – Verify the contents of messages and the identities of their senders • Tools must embody cryptographic capabilities so that they can be applied to the everyday world of computing. Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Public-Key Infrastructure (PKI) (1 of 2) • Integrated system of software, encryption methodologies, protocols, legal agreements, and thirdparty services enabling users to communicate securely • PKI systems based on public-key cryptosystems • PKI protects information assets in several ways: – – – – – Authentication Integrity Privacy Authorization Nonrepudiation Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Public-Key Infrastructure (PKI) (2 of 2) • Typical PKI solution protects the transmission and reception of secure information by integrating: – – – – – A certificate authority (CA) A registration authority (RA) Certificate directories Management protocols Policies and procedures Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Digital Signatures • Created in response to rising the need to verify information transferred via electronic systems. • Asymmetric encryption processes used to create digital signatures. • Nonrepudiation: the process that verifies the message was sent by the sender and thus cannot be refuted. • Digital Signature Standard (DSS) is the NIST standard for digital signature algorithm usage by federal information systems. DSS is based on a variant of the ElGamal signature scheme. Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Digital Certificates • Electronic document/container file containing key value and identifying information about entity that controls key. • Digital signature attached to certificate’s container file certifies file’s origin and integrity. • Different client-server applications use different types of digital certificates to accomplish their assigned functions. • Distinguished name (DN): uniquely identifies a certificate entity. Copyright © 2018 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Figure 8-7 Digital signature i ...
Purchase answer to see full attachment

Tutor Answer

agneta
School: UC Berkeley

...

flag Report DMCA
Review

Anonymous
Top quality work from this guy! I'll be back!

Similar Questions
Related Tags

Brown University





1271 Tutors

California Institute of Technology




2131 Tutors

Carnegie Mellon University




982 Tutors

Columbia University





1256 Tutors

Dartmouth University





2113 Tutors

Emory University





2279 Tutors

Harvard University





599 Tutors

Massachusetts Institute of Technology



2319 Tutors

New York University





1645 Tutors

Notre Dam University





1911 Tutors

Oklahoma University





2122 Tutors

Pennsylvania State University





932 Tutors

Princeton University





1211 Tutors

Stanford University





983 Tutors

University of California





1282 Tutors

Oxford University





123 Tutors

Yale University





2325 Tutors