Lecture 17
Security
Introduction
Cryptography basics
Web Security and Vulnerabilities
Network SecurityTools
What is Network Security?
Network security comprises the measures a company takes to protect its computer
system, and it is a prime concern for every company that uses computers.
Compromised network security means a hacker or competitor may gain access to
critical or sensitive data, possibly resulting in data loss, or even complete destruction of
the system.
Appropriate network security is achieved when a user has to go through several layers
of security before being able to access the desired network.
The more layers the system has, the more secure it is.
http://www.wisegeek.com/what-is-network-security.htm
Cryptography
Encryption, decryption
Keys, lengths, and harness
Asymmetric key cryptography
Hash functions
Authentication
PKI and key management
Privacy
The Public Key Method
We generate a special pair of values (e,d). The plaintext message M is encrypted into
the cyphertext message C using modular exponentiation mod n.
e n
C Mmod
We decrypt C back into M by,
d n
M C mod
Before we look at how e and d are generated it is important to understand what is
happening in these two expressions. First of all modular exponentiation does not
involved raising a value to a power.
The possible values for C (and M) are between 0 and n-1. Converting a string of
characters the plaintext message into an integer is fairly straightforward. Once it is in
numeric form modular exponentiation produces a value equal to the remainder after
diving Me by n.
Computing the Key Pair (e,d)
Let's look at how to compute the values of e and d. We start with a pair of values p and
q that must be relatively prime (i.e. they have no common factors). These would
normally be very large but for the purposes of this example we will choose,
p = 47
q = 71
Now we need to find a value e such that the greatest common divisor between e and the
product of (p-1) times (q-1) is 1, or
gcd(e,(p-1)(q-1)) = 1.
Please don't ask why....thanks. The product of p*q will be the modulus n.
n = p*q = 3337
and so (p-1)(q-1) = 3220. We will choose e to be 79 since it is obvious that greatest
common denominator between 79 and 3220 is 1.
Now we Need a d to go with our e
79*d = 1 mod 3220
First use the regular Euclidean Algorithm to find gcd(79,3220). The answer must be
one - otherwise we can't be sure that a solution exists, so we proceed as follows:
3220 = 40*79 + 60
79 = 1*60 + 19
60 = 3*19 + 3
19 = 6*3 + 1
3 = 3*1 + 0
The last nonzero remainder is the gcd. Thus gcd(79,3220) = 1 (as expected). Now
write this gcd (one) as a linear combination of 19 and 3220 by working back up the tree
that we just created:
Thus 1019*79 - 25*3220 = 1 Now do "mod 3220" on both sides to
obtain:
1019*79 = 1 mod 3220
Thus d = 1019.
So the inverse of 79 mod 3220 is 1019. Another way of saying this is that 79*1019 will
be one more than a multiple of 3220.
Modular Exponentiation
procedure mod_exp (b: int, n = (ak-1ak-2 . . . a1a0)2, m : pos_int)
x:=1;
power := b mod m
for i in 0..k-1 loop
if ai = 1 then x := (x*power) mod m
power := (power*power) mod m
end loop
Example: Find 2644 mod 645
64410 = 10100001002
2644 mod 645 = (2512.2128.24) mod 645 = (2512 mod 645).(2128 mod 645).(24 mod 645)
=1
The Euclidean Totient
If p and q are prime, the number of values x in 0
What Information is returned by a Web Bug ?
The IP address of the computer that fetched the Web Bug
The URL of the page that the Web Bug is located on
The URL of the Web Bug image
The time the Web Bug was viewed
The type of browser that fetched the Web Bug image
A previously set cookie value
http://w2.eff.org/Privacy/Marketing/web_bug.html
Terminology & Information Sources
http://www.ssimail.com/Glossary.htm
http://www.sans.org/security-resources/glossary.php
http://csrc.nist.gov/publications/nistir/NISTIR-7298_Glossary_Key_Infor_Security_Terms.pdf
http://csrc.nist.gov/publications/
http://www.itl.nist.gov/fipspubs/
http://www.itl.nist.gov/fipspubs/by-num.htm
http://www.symantec.com/business/security_response/threatexplorer/
http://glossary.spamlaws.com/
http://www.ssimail.com/Glossary.htm