Encryption and SecurityEncryption and Security

Dylan Anderson

Michael Huffman

Julie Rothacher

Dylan Anderson

Michael Huffman

Julie Rothacher

EncryptionEncryption

• is the obscuring of information to make it unreadable without special knowledge, sometimes referred a scrambling

• now used in protecting many kinds of systems, such as the Internet e-commerce, mobile telephone networks, and bank automatic teller machines

• is the obscuring of information to make it unreadable without special knowledge, sometimes referred a scrambling

• now used in protecting many kinds of systems, such as the Internet e-commerce, mobile telephone networks, and bank automatic teller machines

Encryption Secrecy/Privacy

Encryption Secrecy/Privacy

• other techniques are still needed to make communications secure, particularly to verify the integrity and authenticity of a message• Message authentication code (MAC)• Digital signatures• Antother consideration is protection against traffic analysis

• other techniques are still needed to make communications secure, particularly to verify the integrity and authenticity of a message• Message authentication code (MAC)• Digital signatures• Antother consideration is protection against traffic analysis

Encryption or Software

Encryption or Software

• code obfuscation is also used in software copy protection against reverse engineering, unauthorized application analysis cracks and software piracy used in different encryption or obfuscation software

• code obfuscation is also used in software copy protection against reverse engineering, unauthorized application analysis cracks and software piracy used in different encryption or obfuscation software

Encryption SystemsEncryption Systems

• Computer encryption is based on the science of crytograph, which has been used throughout history.

• Most computers encryption systems belong in one of two categories:• Symmetirc-key encryption• Public-key encryption

• Computer encryption is based on the science of crytograph, which has been used throughout history.

• Most computers encryption systems belong in one of two categories:• Symmetirc-key encryption• Public-key encryption

Symmetric KeySymmetric Key

• each computer has a secret key (code) that it can use to encrypt a packet of information before it is sent over the network to another computer.

• each computer has a secret key (code) that it can use to encrypt a packet of information before it is sent over the network to another computer.

Public KeyPublic Key

• uses a combination of a private key and a public key.

• uses a combination of a private key and a public key.

Public Key:

Secure Sockets Layer (SSL)

Public Key:

Secure Sockets Layer (SSL)

• is a popular implementation of public-key encryption

• SSL is an Internet security rotocol used by Internet browsers and web servers to transmit sensitive information.

• It’s had become part of TLS

• is a popular implementation of public-key encryption

• SSL is an Internet security rotocol used by Internet browsers and web servers to transmit sensitive information.

• It’s had become part of TLS

Transport Layer Security (TLS)

Transport Layer Security (TLS)

• an overall security protocol • In your browser, you can tell when you are using a secure protocol, such as TLS, in a couple of different ways:• The “http: in the address line is replaced with “https”

• A small padlock in the status bar at the top of the browser window

• an overall security protocol • In your browser, you can tell when you are using a secure protocol, such as TLS, in a couple of different ways:• The “http: in the address line is replaced with “https”

• A small padlock in the status bar at the top of the browser window

Hashing AlgorithmsHashing Algorithms

• The key in public-key encryption is based on a hash value.

• This is a value that is computed from the base input number using a hashing algorithm.

• The hash value is a summary of the original value.

• It is nearly impossible to derive the original input number without knowing the data used to create the hash value.

• The key in public-key encryption is based on a hash value.

• This is a value that is computed from the base input number using a hashing algorithm.

• The hash value is a summary of the original value.

• It is nearly impossible to derive the original input number without knowing the data used to create the hash value.

AuthenticationAuthentication

• is used to verify that the information comes from a trusted source.

• If information is “authentic,” you know who created it and you know that it has not been altered in any way since that person created it.

• There are several ways to authenticat a person or information on a computer

• is used to verify that the information comes from a trusted source.

• If information is “authentic,” you know who created it and you know that it has not been altered in any way since that person created it.

• There are several ways to authenticat a person or information on a computer

Ways to authenticate

Ways to authenticate

• Password• The use of a user name and password provides the most common form of authentication

• Pass cards• These cards can range from a simple cad with a magnetic strip, similar to a credit card, to sophisticated smart cards that have an embedded computer chip

• Digital signatures• A digital signature is basicllly a way to ensure that an electonic document (e0mail, spreadsheet, text file) is authentic.

• Password• The use of a user name and password provides the most common form of authentication

• Pass cards• These cards can range from a simple cad with a magnetic strip, similar to a credit card, to sophisticated smart cards that have an embedded computer chip

• Digital signatures• A digital signature is basicllly a way to ensure that an electonic document (e0mail, spreadsheet, text file) is authentic.

Digital Signature Algorithm (DSA)

Digital Signature Algorithm (DSA)

• is a type of public-key encryption method that Digital Signatures are based on.

• DSS is the format for digital signatures that has been endorsed by the U.S. government.

• DSA algorithm consists of a private-key, known only by the originator of the document (the signer), and a public-key which has four parts.

• is a type of public-key encryption method that Digital Signatures are based on.

• DSS is the format for digital signatures that has been endorsed by the U.S. government.

• DSA algorithm consists of a private-key, known only by the originator of the document (the signer), and a public-key which has four parts.

Checking for Corruption

Checking for Corruption

• Another secure-computing need is ensure that the data has not been corrupted during transmission or encryption.

• A popular ways to do this are Checksum

• Another secure-computing need is ensure that the data has not been corrupted during transmission or encryption.

• A popular ways to do this are Checksum

ChecksumChecksum

• is probably one of the oldest methods of ensuring that data is correct

• provides a form of authentication because an invalid checksum suggest that the sata has been compromised in some fashion.

• is probably one of the oldest methods of ensuring that data is correct

• provides a form of authentication because an invalid checksum suggest that the sata has been compromised in some fashion.

Source:Source:

• http://computer.howstuffworks.com/encryption.4.htm

• Notice the “http” not “https”…not a Secure Sockets Layer (SSL)

• http://computer.howstuffworks.com/encryption.4.htm

• Notice the “http” not “https”…not a Secure Sockets Layer (SSL)