Security Mechanisms(X800) Encipherment - algorithmic/mathematical conversion Digital Signature appending a secret signature Access control Data Integrity Authentication Exchange Traffic Padding -appending extra chars to foil traffic analySis techniques Routing Control-selection of secure routeds through the network Notarization-use a trused 3rd party(like a notary public) 16
16 Security Mechanisms (X.800) • Encipherment – algorithmic/mathematical conversion • Digital Signature – appending a secret signature • Access Control - • Data Integrity • Authentication Exchange • Traffic Padding – appending extra chars to foil traffic analysis techniques • Routing Control – selection of secure routeds through the network • Notarization – use a trused 3rd party (like a notary public)
Other Security Mechanisms(non X800 Trusted functionalit That which is perceived to be true by some criteria (policy) Security label The marking of (bound to) a resource that names or designates the security attributes of the resource Event detection Intrusion detection Detection of specific hacks(detector hardware) Too many log in attempt Security audit trail Logging of all system events Security Recovery Recovery based on requests from security mechanisms 7 and/or event handling
17 Other Security Mechanisms(non X.800) • Trusted Functionality – That which is perceived to be true by some criteria (policy) • Security Label – The marking of (bound to) a resource that names or designates the security attributes of the resource • Event Detection – Intrusion detection – Detection of specific hacks (detector hardware) – Too many log in attempts • Security Audit Trail – Logging of all system events • Security Recovery – Recovery based on requests from security mechanisms and/or event handling
The Compromises of securit There is no absolute security! Race between attackers and defenders ■ Constant innovation Well-funded, capable determined attacker succeed ● Costs Punishment Relative to target's value Hard at a distance Users' inconvenience No internationa Users' acceptance legislation Poor domestic e Detection legislation Rarely possible in real time Perceived"unethical" Works mostly for Freedom of expression old threats Intang bili 18
18 The Compromises of Security • There is no absolute security! ➢ Race between attackers and defenders ▪ Constant innovation ▪ Well-funded, capable, determined attacker succeed • Costs ➢ Relative to target’s value ➢ Users’ inconvenience ➢ Users’ acceptance • Detection ➢ Rarely possible in real time ➢ Works mostly for old threats • Punishment ➢ Hard at a distance ▪ No international legislation ▪ Poor domestic legislation ➢ Perceived “unethical” ▪ Freedom of expression ▪ Intangibility
Information security and cryptography Cryptography is the study of mathematical techniques related to aspects of information securI ° Cryptographic goals Confidentiality Data integrity Authentication Non-repudiation
19 Information security and cryptography • Cryptography is the study of mathematical techniques related to aspects of information security • Cryptographic goals – Confidentiality – Data integrity – Authentication – Non-repudiation – ……………
Cryptographical Building Blocks Secure Network Protocols Data Privacy Authentication Integrity Repudiation MACS Challenge Smart Digital Encryption MICs Response Cards Signatures Symmetric Key Message Secret IVs Nonces Public Key Cryptography Digests Keys crypt tography Block Stream Hash Pseudo Random Elliptic DH Ciphers Ciphers Functions Random Sources Curves RSA 20