Bài giảng Cryptography - TS. Lê Nhật Duy

Chia sẻ: Sơn Nam | Ngày: | Loại File: PDF | Số trang:223

Thêm vào BST

Báo xấu

50
lượt xem 2
download

Download Vui lòng tải xuống để xem tài liệu đầy đủ

Bài giảng "Cryptography" cung cấp cho người đọc các kiến thức: Overview, symmetric ciphers, asymmetric ciphersciphers, cryptographic data integrity algorithms, mutual trust. Mời các bạn cùng tham khảo nội dung chi tiết.

Chủ đề:

Bình luận(0) Đăng nhập để gửi bình luận!

Lưu

Nội dung Text: Bài giảng Cryptography - TS. Lê Nhật Duy

  TS. Lê Nhật Duy
 Lê Nhật Duy, PhD.  Blog: https://Lnduy.wordpress.com  Email: Ln.duy@mail.ru 2
 Reference books  Subject introduction  Examination  Rules 3
 Giáo trình chính:  Stallings W., Cryptography and Network Security. Principles and Practice, 5th edition, Prentice Hall, 2010  Tài liệu tham khảo:  Rick Lehtinen, Computer Security Basics, 2006, O'Reilly Publishing  Emmett Dulaney, CompTIA Security+ Deluxe Study Guide, Wiley Publishing, 2009 4
1. OVERVIEW 2. SYMMETRIC CIPHERS 2.1. Classical Encryption Techniques 2.2. Block Ciphers And The Data Encryption Standard 2.3. Basic Concepts In Number Theory And Finite Fields 2.4. Advanced Encryption Standard 2.5. Block Cipher Operation 2.6. Pseudorandom number generation and stream ciphers 5
3. ASYMMETRIC CIPHERS 3.1. Introduction To Number Theory 3.2. Public-key Cryptography and RSA 3.3. Other Public-key Cryptosystems 4. CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS 4.1. Cryptographic Hash Functions 4.2. Message Authentication Codes 4.3. Digital Signatures 5. MUTUAL TRUST 5.1. Key Management And Distribution 5.2. User Authentication 6
 Mid-term  Assignments  Final test 7
 … 8
 
1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network Security 2
 The Open Systems Interconnection (OSI) security architecture provides a systematic framework for defining security attacks, mechanisms, and services.  Security attacks are classified as either passive attacks, which include unauthorized reading of a message of file and traffic analysis or active attacks, such as modification of messages or files, and denial of service.  A security mechanism is any process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack. Examples of mechanisms are encryption algorithms, digital signatures, and authentication protocols.  Security services include authentication, access control, data confidentiality, data integrity, nonrepudiation, and availability. 3
 COMPUTER SECURITY: The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications).  This definition introduces three key objectives that are at the heart of computer security:  Confidentiality  Integrity  Availability 4
 Confidentiality: Data confidentiality, Privacy  Integrity: Data integrity, System integrity  Availability. CIA triad (Figure 1.1) 5
 Although the use of the CIA triad to define security objectives is well established, some in the security field feel that additional concepts are needed to present a complete picture. Two of the most commonly mentioned are as follows:  Authenticity: The property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, a message, or message originator. This means verifying that users are who they say they are and that each input arriving at the system came from a trusted source 6
 Accountability: The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity. This supports nonrepudiation, deterrence, fault isolation, intrusion detection and prevention, and after-action recovery and legal action. Because truly secure systems are not yet an achievable goal, we must be able to trace a security breach to a responsible party. Systems must keep records of their activities to permit later forensic analysis to trace security breaches or to aid in transaction disputes. 7
 Threats and Attacks (RFC 2828)  Threat: A potential for violation of security, which exists when there is a circumstance, capability, action, or event that could breach security and cause harm. That is, a threat is a possible danger that might exploit a vulnerability.  Attack: An assault on system security that derives from an intelligent threat; that is, an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system. 8
 Security attack: Any action that compromises the security of information owned by an organization.  Security mechanism: A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack.  Security service: A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization. The services are intended to counter security attacks, and they make use of one or more security mechanisms to provide the service. 9
 Passive Attacks: Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal of the opponent is to obtain information that is being transmitted. Two types of passive attacks are the release of message contents and traffic analysis. 10
11
12