1 / 39

Information Security & Cryptographic Principles

Information Security & Cryptographic Principles. Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 2. Single key cryptographic algorithms 3. Public key cryptographic algorithms 4. Crypto Applications 5. Business Continuity.

elton
Télécharger la présentation

Information Security & Cryptographic Principles

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Information Security & Cryptographic Principles

  2. Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 2. Single key cryptographic algorithms 3. Public key cryptographic algorithms 4. Crypto Applications 5. Business Continuity

  3. IntranetExtranet Internet Bob Alice Basic Problem There are Confidence and Trust Issues …

  4. Multiple Security Issues Privacy Authentication Interception Spoofing Integrity Non-repudiation Not sent not received Claims Proof of parties involved Modification

  5. Information Security Confidentiality Integrity Availability

  6. Security Services Integrity Information has not been altered Confidentiality Content hidden during transport Authentication Identity of originator confirmed Non-Repudiation Originator cannot repudiate transaction

  7. Some confidential text (message) in clear (readable) form Data Confidentiality

  8. Cryptography Someconfid entialtext essage) in clear Some confidential text (message) in clear (readable) form E n c r y p t i o n

  9. Cryptography Someconfid entialtext essage) in clear Some confidential text (message) in clear (readable) form D e c r y p t i o n

  10. Some confidential text (message) in clear (readable) form Crypto Transformations • Someconfi • Entialte • essage) • in clear

  11. Some confidential text (message) in clear (readable) form Crypto Transformations • Someconfi • Entialte • essage) • in clear

  12. Someconfid entialtext essage) in clear Someconfid entialtext essage) in clear Someconfid entialtext essage) in clear Someconfid entialtext essage) in clear Someconfid entialtext essage) in clear Someconfid entialtext essage) in clear Someconfid entialtext essage) in clear Parameterization Some confidential text (message) in clear (readable) form • Someconfi • Entialte • essage) • in clear Crypto key

  13. Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 2. Single key cryptographic algorithms 3. Public key cryptographic algorithms 4. Crypto Applications 5. Business Continuity

  14. E n c r y p t i o n Someconfid Entialtext essage) in clear Some confidential text (message) in clear (readable) form D e c r y p t i o n Single Key Crypto Crypto key

  15. How to design good cryptographic systems ?What does it mean good crypto system ? Design . . . ?

  16. Principles 1. Simple for users 2. Complicated for intruders 3. Public algorithm 4. Secret key 5. Large number of combinations 6. Special properties

  17. Other Symmetric Algorithms 1. AES 2. IDEA 3. Triple - DES 4. RC-2 5. RC-4 6. Blowfish

  18. Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 2. Single key cryptographic algorithms 3. Public key cryptographic algorithms 4. Crypto Applications 5. Business Continuity

  19. E n c r y p t i o n D e c r y p t i o n Secret Key Systems Someconfi entialtext essage) in clear Some confidential text (message) in clear (readable) form Crypto key

  20. ? Key Exchange

  21. Public Key Cryptography Encryption Key 2 Some confidential text (message) in clear (readable) form Someconfi entialtext essage) in clear Key 1 Decryption

  22. Public Key Cryptography Bob Alice MSG tia Encryption Decryption MSG Bob Private Alice Private Bob Public Alice Public Digital Signature … Authentication … Non-Repudiation

  23. Public Key Cryptography Bob Alice MSG tia Encryption Decryption MSG Bob Private Alice Private Bob Public Alice Public Confidentiality

  24. Symmetric and Asymmetric Encryption • Symmetric: Faster than asymmetric, hard to break with large key, hard to distribute keys, too many keys required, cannot authenticate or provide non-repudiation. • Includes: DES, Triple DES, Blowfish, IDEA, RC4, RC5, RC6, AES

  25. Asymmetric cryptography: Better at key distribution, better scalability for large systems, can provide authentication and non-repudiation, slow, math intensive Includes: RSA, ECC, Diffie Hellman, El Gamal, DSA, Knapsack, PGP Symmetric and Asymmetric Encryption

  26. Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 2. Single key cryptographic algorithms 3. Public key cryptographic algorithms 4. Crypto Applications 5. Business Continuity

  27. Crypto Applications 1. Digital signature 2. Digital enveloping 3. Digital certificates 4. Secret key exchange

  28. Digital Signature A Digital Signature is a data item that vouches for the origin and the integrity of a Message Intranet Extranet Internet Alice Bob

  29. Digital Signature Message Message Digest Algorithm Digest Algorithm Hash Function Hash Function Digest Public Key Encryption Decryption Private Key Expected Digest Actual Digest Signature Signer Receiver Channel

  30. Digital Signature “Real Identity” of the Signer. Why should I trust what the Sender claims to be ? Moving towards PKI …

  31. Digital Certificate A Digital Certificate is a binding between an entity’s Public Key and one or more Attributes related to its Identity. The entity can be a Person, an Hardware Component, a Service, etc. • A Digital Certificate is issued (and signed) by someone : • Usually the issuer is a Trusted Third Party

  32. CERTIFICATE Digital Certificate Subject Issuer Subject Public Key Issuer Digital Signature

  33. Digital Certificate • How are Digital Certificates Issued? • Who is issuing them? • Why should I Trust the Certificate Issuer? • How can I check if a Certificate is valid? • How can I revoke a Certificate? • Who is revoking Certificates? Moving towards PKI …

  34. Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 2. Single key cryptographic algorithms 3. Public key cryptographic algorithms 4. Crypto Applications 5. Business Continuity

  35. Business Continuity and Disaster Recovery • Businesses are more susceptible to failure after a disaster • Goal • To minimize disaster aftermath and ensure resources, personnel, and business processes resume • By • Planning measures • Backing up data and hardware • Getting the right people in place • Requirements • Management support • Driving the project, top-down approach • Must understand value of investing in BCP • Returns can be priceless

  36. Business Continuity Steps • Steps • Develop the continuity planning policy statement • Conduct the business impact analysis (BIA) • Identify preventive controls • Develop recovery strategies • Develop the contingency plan • Test the plan and conduct training and exercises • Maintain the plan • Understanding the Organization

  37. Business Continuity Plan

  38. Business Impact AnalysisBIA • Considered a functional analysis • Team collects data in variety of ways • Maps out following characteristics: • Maximum tolerable downtime • Operational disruption and productivity • Financial considerations • Regulatory responsibilities • Reputation • Understand the variety of possible threats • Must go through all possible scenarios

  39. Questions

More Related