Lec3

avatar
Created by
Rica

Cards (54)

  • Career Computer criminal
    Understands the targets of computer crime, often begins as a computer professional who engages in computer crime.Criminals seldom change fields from arson, murder, or auto theft to computing; more often, criminals begin as computer professionals who engage in computer crime, finding the prospects and payoff good.
  • Ways terrorists use computers
    • Targets of attack (denial-of-service attacks, web site defacements)
    • Propaganda vehicles (web sites, web logs, e-mail lists)
    • Methods of attack (to launch offensive attacks)
  • Encryption
    Provides secrecy for data, the most powerful tool in providing computer security
  • Software Controls
    • Programs must be secure enough to exclude outside attack, developed and maintained so one can be confident of their dependability
  • Methods of Defense
    • Hardware Controls
    • Policies
    • Cryptography
  • Cryptography
    Secret writing, the strongest tool for controlling against many kinds of security threats
  • Cryptography
    Rooted in higher mathematics: group and field theory, computational complexity, real analysis, probability and statistics
  • Substitution Ciphers
    A mono alphabetic cipher or simple substitution, where each letter is translated to the letter a fixed number of places after it in the alphabet
  • Caesar cipher
    A substitution cipher where each letter is translated to the letter 3 places after it in the alphabet
  • Cryptanalysis of Substitution Ciphers
    Techniques for breaking substitution ciphers using short words, words with repeated patterns, and common initial and final letters
  • Cryptographer's Dilemma
    Short messages give the cryptanalyst little to work with, so short messages are fairly secure with even simple encryption
  • One-time pad
    A perfect cipher where a large, nonrepeating set of keys is written on sheets of paper, glued together into a pad
  • Vernam cipher
    An encryption method using an arbitrarily long nonrepeating sequence of numbers combined with the plaintext
  • Book Ciphers
    Using any book, piece of music, or other object whose structure can be analyzed as a source of "random" numbers
  • Characteristics of "Good" Encryption Algorithms
    • Amount of secrecy needed should determine the amount of labour appropriate
    • Set of keys and enciphering algorithm should be free from complexity
    • Implementation should be simple
    • Errors in ciphering should not propagate
    • Size of ciphertext should be no larger than the size of the plaintext
  • Symmetric Encryption Systems
    Require one "secret" key used for both encryption and decryption, with the problem of key distribution
  • Asymmetric Encryption Systems
    Require two keys, one public key for encryption and one private key for decryption
  • Stream Ciphers
    Convert one symbol of plaintext immediately into a symbol of ciphertext, with transformation depending on the plaintext symbol, the key, and the algorithm
  • Block Ciphers
    Encrypt a group of plaintext symbols as one block
  • Data Encryption
    A method of converting data from a readable format (plaintext) into an unreadable, encoded format (ciphertext)
  • Data Encryption Standard (DES)
    A now-outdated symmetric encryption algorithm using a 56-bit encryption key and encrypting data in blocks of 64 bits
  • Triple DES
    A symmetric encryption algorithm using three individual keys with 56 bits each, for a total key length of 168 bits
  • RSA
    A popular public-key (asymmetric) encryption algorithm using a pair of keys: a public key for encryption and a private key for decryption
  • Blowfish
    A symmetric cipher that splits messages into blocks of 64 bits and encrypts them one at a time
  • Twofish
    A symmetric cipher leveraging keys up to 256 bits in length, considered fast and effective
  • Advanced Encryption Standard (AES)
    The current standard accepted by the U.S. Government and other organizations, a symmetrical block cipher algorithm that takes plain text in blocks of 128 bits and converts them to ciphertext using keys of 128, 192, and 256 bits
  • Elliptic Curve Cryptography (ECC)
    A key-based technique for encrypting data, focusing on pairs of public and private keys for decryption and encryption
  • How AES works
    1. Substitution of the bytes
    2. Shifting the rows
    3. Mixing the columns
    4. Adding the round key
  • Public key encryption
    A method of encrypting data with two different keys, making one of the keys (the public key) available for anyone to use
  • Encryption
    The process of taking plain text and scrambling it into an unreadable format (ciphertext) to protect the confidentiality of digital data
  • Symmetric encryption
    Uses a single password to encrypt and decrypt data
  • Asymmetric encryption
    Uses two keys, a public key for encryption and a private key for decryption
  • Data Encryption Standard (DES)
    A low-level encryption standard established by the U.S. government in 1977, now considered obsolete
  • Triple DES
    Runs DES encryption three times to strengthen the original DES standard
  • RSA
    A strong and popular algorithm for encryption, using a key length that makes it widely used for secure data transmission
  • Advanced Encryption Standard (AES)
    The U.S. government standard as of 2002, used worldwide
  • Twofish
    Considered one of the fastest encryption algorithms, free for anyone to use, used in hardware and software
  • Internet privacy concerns are real
  • Hacking is big business, with cybercrime run by multinational outfits
  • Regulations like HIPAA demand the use of encryption to protect sensitive information