Scribd
Upload
44 views15 pages

Chapter1 2020

Uploaded by

floyidtry
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
44 views15 pages

Chapter1 2020

Uploaded by

floyidtry
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 15

Chapter 1.

Introduction
• Data Security
o Computer Security – measures to protect data in a computer system and to thwart
hackers

o Communication Security – measures to protect data transmitted over a


communication channel.

o Network Security – measures to protect data during their transmission over a collection
of interconnected networks

o Internet Security – measures to protect data during their transmission over Internet

• Cryptography
o A study and practice of techniques to provide various services for data security,
such as confidentiality, authentication, data integrity, and non-repudiation.

o A cross discipline of mathematics, computer science, and computer engineering.

Data Security & Cryptography (2020F) Huapeng Wu @ U Windsor


1
Security Attacks, Services, and Mechanisms
1. Security attack is defined as any action that compromises the security of
information owned by an organization.
o i.e., eavesdropping, violation of data integrity, impersonating, violation of non-
repudiation

2. Security service is something that enhances the security of the data


processing systems and the information transfers of an organization.
o i.e., confidentiality, data integrity, user authentication, non-repudiation

3. Security measure/mechanism is designed to detect, prevent, or recover


from a security attack.
o i.e., encryption/decryption, hush function, digital signature
o Cryptography can provide most important and popular techniques for
encryption/decryption, hush function, digital signature

Data Security & Cryptography (2020F) Huapeng Wu @ U Windsor


2
Communication Security Violation Model

communication channel

Alice Eve Bob

• Suppose there are two users, Alice and Bob, conducting a secure
transmission over an insecure communication channel.
• A third party, Eve, who can access the communication channel, attempts
thwart the secure transmission between Alice and Bob.
o An insecure communication channel can be Internet, a wireless phone connection, etc.

Data Security & Cryptography (2020F) Huapeng Wu @ U Windsor


3
Security Violation: Scenario 1

Eavesdropping

A C B

• User A transmits a secret file to user B. User C, who is not


authorized to read the file, is able to capture a copy of the file
during transmission.
o Security attack: Eavesdropping
o Security service: Confidentiality
o Security measure: Encryption/decryption technique

Data Security & Cryptography (2020F) Huapeng Wu @ U Windsor


4
Security Violation: Scenario 2

Modifying

A C B

• User A transmits a secret file to user B. User C, who is not


authorized to change the file, is able to add/delete part of the
file during transmission.
o Security attack: Violation of data integrity
o Security service: Data integrity
o Security measure: Hash function

Data Security & Cryptography (2020F) Huapeng Wu @ U Windsor


5
Security Violation: Scenario 3

Impersonating

A C B

• User A transmits a secret file X to user B. User C constructs


file Y and replace the file X with Y during transmission, such
that User B receives file Y without knowing that it was not
from A.
o Security attack: Impersonating
o Security service: Authentication
o Security measure: Digital signature, en/decryption
Data Security & Cryptography (2020F) Huapeng Wu @ U Windsor
6
Security Violation: Scenario 4

A B

Denying what
s/he has done

• User A transmits a file X to user B. Later, however, A denies


that he has done the transmission.
o Security attack: Violation of non-repudiation
o Security service: Non-repudiation
o Security measure: Digital signature

Data Security & Cryptography (2020F) Huapeng Wu @ U Windsor


7
More Security Services

• Key Establishment: Alice would like to use AES to


send encrypted message to Bob. But how does Alice
give the secret key to Bob when she doesn’t have the
opportunity to meet him personally?
o Security Measures:
1. Diffie-Hellmann key exchange algorithm

2. Public key system

3. Through a trusted third party

Data Security & Cryptography (2020F) Huapeng Wu @ U Windsor


8
More Security Services

• Cloud security: Security for cloud computing where


cloud server/storage and end users are involved.
Security services:
1. Confidentiality for user data stored in the cloud

2. Confidentiality for user data processing in the cloud


➢ Homomorphic encryption

3. Searchable encryption
➢ How to search among encrypted data?

Data Security & Cryptography (2020F) Huapeng Wu @ U Windsor


9
More Security Services

• Post-quantum cryptography: Cryptography based


security services with resistance to quantum attacks.
o Many existing cryptographic systems will be compromised
when facing attacks launched from quantum computers.

o There is a need to investigate cryptographic technology


that will survive in the forthcoming quantum computer
age.

o Popular post-quantum cryptosystems, e.g., NTRU

Data Security & Cryptography (2020F) Huapeng Wu @ U Windsor


10
More Security Services

• Electronic cash: Credit cards and similar devices are


convenient but do not provide anonymity. Clearly a
form of electronic cash could be useful, at least to
some people. However, electronic entities can be
copied.
o Security Measures:
1. Electronic cash systems

Data Security & Cryptography (2020F) Huapeng Wu @ U Windsor


11
More Security Services

• Secure Protocols for Internet: We would like to have


secure transactions over Internet or Web.
o Security Measures:
1. IPsec (Internet Protocol Security)

2. SSL (Secure Socket Layer protocol) or TLS (Transport Layer


Security)

3. SHTTP (Secure Hypertext Transfer Protocol)

4. SET (Secure Electronic Transaction)

Data Security & Cryptography (2020F) Huapeng Wu @ U Windsor


12
Terminology
• Plaintext - the original message
• Ciphertext - the coded message
• Cipher - algorithm for transforming plaintext to ciphertext
• Key - info used in cipher known only to sender/receiver
• Encipher (encrypt) - converting plaintext to ciphertext
• Decipher (decrypt) - recovering plaintext from ciphertext

Data Security & Cryptography (2020F) Huapeng Wu @ U Windsor


13
Terminology
• Cryptography - study of encryption
principles/methods
• Cryptanalysis (codebreaking) - the study of
principles/ methods of deciphering ciphertext
without knowing key
• Cryptology - the field of both cryptography
and cryptanalysis
• Cryptosystem – Cryptography system
• Symmetric-key cryptography system –
encryption key and decryption key are the
same, or one can be derived from the other.
• Public-key cryptography system – encryption
key and decryption key are different and one
cannot be derived from the other.
• Brute-force attack – Try every possible key

Data Security & Cryptography (2020F) Huapeng Wu @ U Windsor


14
Model: Encryption and Decryption

Symmetric-key system: The two keys are the same or related.

Public-key system: The two keys are different.

Data Security & Cryptography (2020F) Huapeng Wu @ U Windsor


15

You might also like