SlideShare une entreprise Scribd logo

Network Security: Standards and Cryptography

Jack Davis
Jack Davis

The absolute minimum that every software developer absolutely, positively must know about network data security.

TechnologieFormation
1  sur  28
Network Security: Standards and Cryptography Jack Davis
The Absolute Minimum Every Software Developer Absolutely, Positively Must Know About Network Data Security (No Excuses!)
Too Frequent “ Bank of America says at least 1.2 million federal employee credit card accounts may be exposed to theft or hacking.” Time, Feb 25, 2005 “ 40M credit cards hacked Breach at third party payment processor affects 22 million Visa cards and 14 million MasterCards.” CNN Money, July 27, 2005 “ Data Losses Hit Four More Another day, another security breach: In the last 48 hours, Visa, Wachovia, Equifax, and the U.S. Department of Agriculture have joined a growing list ….” June 22, 2006 http://www.privacyrights.org/ar/ChronDataBreaches.htm
Technical Pillars of Data Security ,[object Object],[object Object],[object Object],[object Object],Data Integrity Information Protection ,[object Object],[object Object],[object Object],[object Object]
Data Integrity ,[object Object],[object Object],How can we know if data transferred across a network or stored on server hasn’t changed? Changes to data can occur either due to:
Data Integrity ,[object Object],[object Object],Checksums and CRCs Opps
Checksums and CRCs ,[object Object],[object Object],[object Object],[object Object],[object Object]
Two Types of “Hash” Functions ,[object Object],[object Object]
Cryptographic Hash Properties ,[object Object],One Way Unique Fixed Length ,[object Object],[object Object],[object Object],[object Object]
Cryptographic Hash Examples ,[object Object],[object Object],Zero-Length Data SHA1("The quick brown fox jumps over the bog.") = E66BEDD4 E0B96081 01F86FE8 4A9B91D2 A3EA0D14 // = 20 bytes (160 bits) // 'b' = x62 SHA1("The quick brown fox jumps over the cog.") = 68B51796 CB6A01AF FBECA374 56C72F83 76D67BF4 // = 20 bytes (160 bits) // 'c' = x63 1-bit change! Simple String “ Avalanche Effect”
Applications of Cryptographic Hashes ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Digital Signature using Cryptographic Hash ,[object Object],[object Object]
Common Cryptographic Hash Algorithms MD, Message Digest SHA, Secure Hash Algorithm Hash Algorithm Hash Size bits (bytes) Date Published Collisions (Cracked) MD4 128 (16) 1990 RFC1186  MD5 128 (16) 1992 RFC1321  SHA-0 160 (20) 1993  SHA-1 160 (20) 1995 RFC3174  SHA-256 256 (32) 2002 RFC4634 SHA-512 512 (64) 2002 RFC4634
Information Protection through Data Encryption ,[object Object],[object Object],[object Object],[object Object],Symmetric-Key Encryption Asymmetric-Key Encryption Common property of encryption: Encrypted message size = Clear-text message size (There’s no size penalty for encrypting data.)
Symmetric-Key Algorithms DES, Data Encryption Standard Triple-DES, DES applied three times (key 168 bits = 3 x 56 bits) FIPS, Federal Information Processing Standard AES, Advanced Encryption Standard (more secure, 6x faster than Triple-DES) NSA rates AES-128 for “SECRET”, AES-192 and AES-256 for “TOP SECRET”. Encryption Algorithm Key Size bits (bytes) Date Published Date Withdrawn DES 56 (7) 1976 FIPS46 1999 Triple-DES 168 (21) 1999 FIPS46-3 2005 AES 128, 192, 256 2001 FIPS197
The Problem with Symmetric-Key Encryption ,[object Object],[object Object]
Asymmetric-Key Encryption ,[object Object],[object Object],[object Object],*RSA, from last name initials of original inventors Ron Rivest, Adi Shamir, Len Adleman.
Asymmetric-Key Creation ,[object Object],[object Object]
Sending Encrypted Data ,[object Object],[object Object],[object Object]
Encrypting Digital Signatures ,[object Object],[object Object],[object Object]
Signing a Document versus Signing a Hash ,[object Object]
The Problem with Asymmetric-Key Encryption If Asymmetric-Key Encryption is so flexible, why bother with Symmetric-Key Encryption at all? ,[object Object],[object Object]
Combining Asymmetric and Symmetric Encryption ,[object Object],[object Object],Asymmetric Encrypt Symmetric Encrypt
PGP Encryption (Pretty Good Privacy) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],RFC2440, PGP is an open standard that can be used to encrypt and decrypt data for a wide variety of uses: PGP uses a combination of Symmetric-Key cryptography together with Asymmetric-Key cryptography that use public-keys stored on publicly accessible “key servers”.
Steps in PGP Encryption/Decryption ,[object Object],[object Object],[object Object],[object Object],[object Object],(Above operations are performed automatically within PGP.)
Transport Layer Security (TLS) & Secure Sockets Layer (SSL) Protocols ,[object Object],[object Object],[object Object],[object Object],Negotiation Asymmetric Encryption Symmetric Encryption ,[object Object],[object Object],[object Object]
Security Guidelines ,[object Object],[object Object],[object Object],[object Object],[object Object]
Pillars of Data Security ,[object Object],[object Object],Data Integrity Information Protection

Recommandé

Computer System Security (UNIT IV) For AKTU Lucknow
Computer System Security (UNIT IV) For AKTU LucknowComputer System Security (UNIT IV) For AKTU Lucknow
Computer System Security (UNIT IV) For AKTU LucknowBrijesh Vishwakarma
 
Hash Function
Hash FunctionHash Function
Hash Functionstalin rijal
 
Network security cryptographic hash function
Network security cryptographic hash functionNetwork security cryptographic hash function
Network security cryptographic hash functionMijanur Rahman Milon
 
Information and data security cryptographic hash functions
Information and data security cryptographic hash functionsInformation and data security cryptographic hash functions
Information and data security cryptographic hash functionsMazin Alwaaly
 
Digital signature
Digital signatureDigital signature
Digital signatureSadhana28
 
Cryptography
CryptographyCryptography
CryptographyRohan04
 
Distribution of public keys and hmac
Distribution of public keys and hmacDistribution of public keys and hmac
Distribution of public keys and hmacanuragjagetiya
 
Hash
HashHash
HashTazo Al
 

Recommandé

Computer System Security (UNIT IV) For AKTU Lucknow
Computer System Security (UNIT IV) For AKTU LucknowComputer System Security (UNIT IV) For AKTU Lucknow
Computer System Security (UNIT IV) For AKTU LucknowBrijesh Vishwakarma
 
Hash Function
Hash FunctionHash Function
Hash Functionstalin rijal
 
Network security cryptographic hash function
Network security cryptographic hash functionNetwork security cryptographic hash function
Network security cryptographic hash functionMijanur Rahman Milon
 
Information and data security cryptographic hash functions
Information and data security cryptographic hash functionsInformation and data security cryptographic hash functions
Information and data security cryptographic hash functionsMazin Alwaaly
 
Digital signature
Digital signatureDigital signature
Digital signatureSadhana28
 
Cryptography
CryptographyCryptography
CryptographyRohan04
 
Distribution of public keys and hmac
Distribution of public keys and hmacDistribution of public keys and hmac
Distribution of public keys and hmacanuragjagetiya
 
Hash
HashHash
HashTazo Al
 
Hashing Algorithm: MD5
Hashing Algorithm: MD5Hashing Algorithm: MD5
Hashing Algorithm: MD5ijsrd.com
 
Cryptography - Simplified - Hash Functions
Cryptography - Simplified - Hash FunctionsCryptography - Simplified - Hash Functions
Cryptography - Simplified - Hash FunctionsAbdul Manaf Vellakodath
 
Survey of Hybrid Encryption Algorithm for Mobile Communication
Survey of Hybrid Encryption Algorithm for Mobile CommunicationSurvey of Hybrid Encryption Algorithm for Mobile Communication
Survey of Hybrid Encryption Algorithm for Mobile Communicationijsrd.com
 
Hash Function & Analysis
Hash Function & AnalysisHash Function & Analysis
Hash Function & AnalysisPawandeep Kaur
 
Blind Signature Scheme
Blind Signature SchemeBlind Signature Scheme
Blind Signature SchemeKelum Senanayake
 
Information and network security 38 birthday attacks and security of hash fun...
Information and network security 38 birthday attacks and security of hash fun...Information and network security 38 birthday attacks and security of hash fun...
Information and network security 38 birthday attacks and security of hash fun...Vaibhav Khanna
 
Encryption
EncryptionEncryption
EncryptionJernej Virag
 
Electronic Signature
Electronic SignatureElectronic Signature
Electronic SignatureJoon Young Park
 
5. message authentication and hash function
5. message authentication and hash function5. message authentication and hash function
5. message authentication and hash functionChirag Patel
 
Message Authentication: MAC, Hashes
Message Authentication: MAC, HashesMessage Authentication: MAC, Hashes
Message Authentication: MAC, HashesShafaan Khaliq Bhatti
 
White Paper on Cryptography
White Paper on Cryptography White Paper on Cryptography
White Paper on Cryptography Durgesh Malviya
 
Cryptography and Message Authentication NS3
Cryptography and Message Authentication NS3Cryptography and Message Authentication NS3
Cryptography and Message Authentication NS3koolkampus
 
Digital signature
Digital signatureDigital signature
Digital signatureCoders Hub
 
Hash crypto
Hash cryptoHash crypto
Hash cryptoHarry Potter
 
6.hash mac
6.hash mac6.hash mac
6.hash macVirendrakumar Dhotre
 
Cryptographic hash function md5
Cryptographic hash function md5Cryptographic hash function md5
Cryptographic hash function md5Khulna University, Khulna, Bangladesh
 
Hash Function
Hash FunctionHash Function
Hash FunctionSiddharth Srivastava
 
How does cryptography work? by Jeroen Ooms
How does cryptography work? by Jeroen OomsHow does cryptography work? by Jeroen Ooms
How does cryptography work? by Jeroen OomsAjay Ohri
 
7 Software Development Security
7 Software Development Security7 Software Development Security
7 Software Development SecurityAlfred Ouyang
 
Network security
Network securityNetwork security
Network securityDhaval Kaneria
 
Proyecto
ProyectoProyecto
ProyectoJøsue Ħumbertø Burtøn
 
Just For Kids Game
Just For Kids GameJust For Kids Game
Just For Kids GameAndreea Alina Deloiu
 

Contenu connexe

Tendances

Hashing Algorithm: MD5
Hashing Algorithm: MD5Hashing Algorithm: MD5
Hashing Algorithm: MD5ijsrd.com
 
Cryptography - Simplified - Hash Functions
Cryptography - Simplified - Hash FunctionsCryptography - Simplified - Hash Functions
Cryptography - Simplified - Hash FunctionsAbdul Manaf Vellakodath
 
Survey of Hybrid Encryption Algorithm for Mobile Communication
Survey of Hybrid Encryption Algorithm for Mobile CommunicationSurvey of Hybrid Encryption Algorithm for Mobile Communication
Survey of Hybrid Encryption Algorithm for Mobile Communicationijsrd.com
 
Hash Function & Analysis
Hash Function & AnalysisHash Function & Analysis
Hash Function & AnalysisPawandeep Kaur
 
Information and network security 38 birthday attacks and security of hash fun...
Information and network security 38 birthday attacks and security of hash fun...Information and network security 38 birthday attacks and security of hash fun...
Information and network security 38 birthday attacks and security of hash fun...Vaibhav Khanna
 
5. message authentication and hash function
5. message authentication and hash function5. message authentication and hash function
5. message authentication and hash functionChirag Patel
 
White Paper on Cryptography
White Paper on Cryptography White Paper on Cryptography
White Paper on Cryptography Durgesh Malviya
 
Cryptography and Message Authentication NS3
Cryptography and Message Authentication NS3Cryptography and Message Authentication NS3
Cryptography and Message Authentication NS3koolkampus
 
Digital signature
Digital signatureDigital signature
Digital signatureCoders Hub
 
How does cryptography work? by Jeroen Ooms
How does cryptography work? by Jeroen OomsHow does cryptography work? by Jeroen Ooms
How does cryptography work? by Jeroen OomsAjay Ohri
 

Tendances (18)

Hashing Algorithm: MD5
Hashing Algorithm: MD5Hashing Algorithm: MD5
Hashing Algorithm: MD5
 
Cryptography - Simplified - Hash Functions
Cryptography - Simplified - Hash FunctionsCryptography - Simplified - Hash Functions
Cryptography - Simplified - Hash Functions
 
Survey of Hybrid Encryption Algorithm for Mobile Communication
Survey of Hybrid Encryption Algorithm for Mobile CommunicationSurvey of Hybrid Encryption Algorithm for Mobile Communication
Survey of Hybrid Encryption Algorithm for Mobile Communication
 
Hash Function & Analysis
Hash Function & AnalysisHash Function & Analysis
Hash Function & Analysis
 
Blind Signature Scheme
Blind Signature SchemeBlind Signature Scheme
Blind Signature Scheme
 
Information and network security 38 birthday attacks and security of hash fun...
Information and network security 38 birthday attacks and security of hash fun...Information and network security 38 birthday attacks and security of hash fun...
Information and network security 38 birthday attacks and security of hash fun...
 
Encryption
EncryptionEncryption
Encryption
 
Electronic Signature
Electronic SignatureElectronic Signature
Electronic Signature
 
5. message authentication and hash function
5. message authentication and hash function5. message authentication and hash function
5. message authentication and hash function
 
Message Authentication: MAC, Hashes
Message Authentication: MAC, HashesMessage Authentication: MAC, Hashes
Message Authentication: MAC, Hashes
 
White Paper on Cryptography
White Paper on Cryptography White Paper on Cryptography
White Paper on Cryptography
 
Cryptography and Message Authentication NS3
Cryptography and Message Authentication NS3Cryptography and Message Authentication NS3
Cryptography and Message Authentication NS3
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Hash crypto
Hash cryptoHash crypto
Hash crypto
 
6.hash mac
6.hash mac6.hash mac
6.hash mac
 
Cryptographic hash function md5
Cryptographic hash function md5Cryptographic hash function md5
Cryptographic hash function md5
 
Hash Function
Hash FunctionHash Function
Hash Function
 
How does cryptography work? by Jeroen Ooms
How does cryptography work? by Jeroen OomsHow does cryptography work? by Jeroen Ooms
How does cryptography work? by Jeroen Ooms
 

En vedette

7 Software Development Security
7 Software Development Security7 Software Development Security
7 Software Development SecurityAlfred Ouyang
 
Grammar simply
Grammar simplyGrammar simply
Grammar simplyGian Putra
 
07 marzo 2011_sensi_feto
07 marzo 2011_sensi_feto07 marzo 2011_sensi_feto
07 marzo 2011_sensi_fetoCarmen Giordano
 
07 spazio associazioni_nati_per_leggere
07 spazio associazioni_nati_per_leggere07 spazio associazioni_nati_per_leggere
07 spazio associazioni_nati_per_leggereCarmen Giordano
 
09 spazio associazioni_aibws
09 spazio associazioni_aibws09 spazio associazioni_aibws
09 spazio associazioni_aibwsCarmen Giordano
 
Evaluation question 1[1]
Evaluation question 1[1]Evaluation question 1[1]
Evaluation question 1[1]melvCooalge
 
Advanced-farm-management-software-farmNXT
Advanced-farm-management-software-farmNXTAdvanced-farm-management-software-farmNXT
Advanced-farm-management-software-farmNXTRazvan Maximiuc
 
09 maggio 2011_come_mangiano_bambini
09 maggio 2011_come_mangiano_bambini09 maggio 2011_come_mangiano_bambini
09 maggio 2011_come_mangiano_bambiniCarmen Giordano
 
08 aprile 2011_accudimento_mondo
08 aprile 2011_accudimento_mondo08 aprile 2011_accudimento_mondo
08 aprile 2011_accudimento_mondoCarmen Giordano
 
My seven questions
My seven questionsMy seven questions
My seven questionsfatzbaby
 
Agile Project Management with Scrum (Jack Davis)
Agile Project Management with Scrum (Jack Davis)Agile Project Management with Scrum (Jack Davis)
Agile Project Management with Scrum (Jack Davis)Jack Davis
 
13 spazio associazione_bambiniincorso
13 spazio associazione_bambiniincorso13 spazio associazione_bambiniincorso
13 spazio associazione_bambiniincorsoCarmen Giordano
 

En vedette (20)

7 Software Development Security
7 Software Development Security7 Software Development Security
7 Software Development Security
 
Network security
Network securityNetwork security
Network security
 
Proyecto
ProyectoProyecto
Proyecto
 
Just For Kids Game
Just For Kids GameJust For Kids Game
Just For Kids Game
 
Grammar simply
Grammar simplyGrammar simply
Grammar simply
 
07 marzo 2011_sensi_feto
07 marzo 2011_sensi_feto07 marzo 2011_sensi_feto
07 marzo 2011_sensi_feto
 
07 spazio associazioni_nati_per_leggere
07 spazio associazioni_nati_per_leggere07 spazio associazioni_nati_per_leggere
07 spazio associazioni_nati_per_leggere
 
09 spazio associazioni_aibws
09 spazio associazioni_aibws09 spazio associazioni_aibws
09 spazio associazioni_aibws
 
Evaluation question 1[1]
Evaluation question 1[1]Evaluation question 1[1]
Evaluation question 1[1]
 
Advanced-farm-management-software-farmNXT
Advanced-farm-management-software-farmNXTAdvanced-farm-management-software-farmNXT
Advanced-farm-management-software-farmNXT
 
09 maggio 2011_come_mangiano_bambini
09 maggio 2011_come_mangiano_bambini09 maggio 2011_come_mangiano_bambini
09 maggio 2011_come_mangiano_bambini
 
08 aprile 2011_accudimento_mondo
08 aprile 2011_accudimento_mondo08 aprile 2011_accudimento_mondo
08 aprile 2011_accudimento_mondo
 
Naturally diamond
Naturally diamondNaturally diamond
Naturally diamond
 
09 maggio 2011_split
09 maggio 2011_split09 maggio 2011_split
09 maggio 2011_split
 
My seven questions
My seven questionsMy seven questions
My seven questions
 
Spring integration
Spring integrationSpring integration
Spring integration
 
Just For Kids Game
Just For Kids GameJust For Kids Game
Just For Kids Game
 
Just For Kids Game
Just For Kids GameJust For Kids Game
Just For Kids Game
 
Agile Project Management with Scrum (Jack Davis)
Agile Project Management with Scrum (Jack Davis)Agile Project Management with Scrum (Jack Davis)
Agile Project Management with Scrum (Jack Davis)
 
13 spazio associazione_bambiniincorso
13 spazio associazione_bambiniincorso13 spazio associazione_bambiniincorso
13 spazio associazione_bambiniincorso
 

Similaire à Network Security: Standards and Cryptography

Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to CryptographySeema Goel
 
Overview Of Cryptography
Overview Of CryptographyOverview Of Cryptography
Overview Of CryptographyManjarul Hoque
 
Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI TechnologySylvain Maret
 
6. cryptography
6. cryptography6. cryptography
6. cryptography7wounders
 
[Wroclaw #8] TLS all the things!
[Wroclaw #8] TLS all the things![Wroclaw #8] TLS all the things!
[Wroclaw #8] TLS all the things!OWASP
 
Dnssec tutorial-crypto-defs
Dnssec tutorial-crypto-defsDnssec tutorial-crypto-defs
Dnssec tutorial-crypto-defsAFRINIC
 
An Understanding And Perspectives of END TO END ENCRYPTION (4).pdf
An Understanding And Perspectives of END TO END ENCRYPTION (4).pdfAn Understanding And Perspectives of END TO END ENCRYPTION (4).pdf
An Understanding And Perspectives of END TO END ENCRYPTION (4).pdfKailasS9
 
Seminar on Encryption and Authenticity
Seminar on Encryption and AuthenticitySeminar on Encryption and Authenticity
Seminar on Encryption and AuthenticityHardik Manocha
 
Pertemuan 4 information hiding (cryptography)
Pertemuan 4 information hiding (cryptography)Pertemuan 4 information hiding (cryptography)
Pertemuan 4 information hiding (cryptography)newbie2019
 
Cryptography Lecture by Sam Bowne
Cryptography Lecture by Sam BowneCryptography Lecture by Sam Bowne
Cryptography Lecture by Sam BowneSecurityTube.Net
 
Pertemuan 4 information hiding (cryptography)
Pertemuan 4 information hiding (cryptography)Pertemuan 4 information hiding (cryptography)
Pertemuan 4 information hiding (cryptography)newbie2019
 

Similaire à Network Security: Standards and Cryptography (20)

How encryption works
How encryption worksHow encryption works
How encryption works
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
 
Overview Of Cryptography
Overview Of CryptographyOverview Of Cryptography
Overview Of Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI Technology
 
6. cryptography
6. cryptography6. cryptography
6. cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Encryption
EncryptionEncryption
Encryption
 
Cryptography
CryptographyCryptography
Cryptography
 
Security pre
Security preSecurity pre
Security pre
 
Data encryption
Data encryptionData encryption
Data encryption
 
[Wroclaw #8] TLS all the things!
[Wroclaw #8] TLS all the things![Wroclaw #8] TLS all the things!
[Wroclaw #8] TLS all the things!
 
Dnssec tutorial-crypto-defs
Dnssec tutorial-crypto-defsDnssec tutorial-crypto-defs
Dnssec tutorial-crypto-defs
 
An Understanding And Perspectives of END TO END ENCRYPTION (4).pdf
An Understanding And Perspectives of END TO END ENCRYPTION (4).pdfAn Understanding And Perspectives of END TO END ENCRYPTION (4).pdf
An Understanding And Perspectives of END TO END ENCRYPTION (4).pdf
 
Seminar on Encryption and Authenticity
Seminar on Encryption and AuthenticitySeminar on Encryption and Authenticity
Seminar on Encryption and Authenticity
 
Ch11 Basic Cryptography
Ch11 Basic CryptographyCh11 Basic Cryptography
Ch11 Basic Cryptography
 
Information Security
Information SecurityInformation Security
Information Security
 
Pertemuan 4 information hiding (cryptography)
Pertemuan 4 information hiding (cryptography)Pertemuan 4 information hiding (cryptography)
Pertemuan 4 information hiding (cryptography)
 
Cryptography Lecture by Sam Bowne
Cryptography Lecture by Sam BowneCryptography Lecture by Sam Bowne
Cryptography Lecture by Sam Bowne
 
Pertemuan 4 information hiding (cryptography)
Pertemuan 4 information hiding (cryptography)Pertemuan 4 information hiding (cryptography)
Pertemuan 4 information hiding (cryptography)
 

Dernier

TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 

Dernier (20)

DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 

Network Security: Standards and Cryptography

  • 1. Network Security: Standards and Cryptography Jack Davis
  • 2. The Absolute Minimum Every Software Developer Absolutely, Positively Must Know About Network Data Security (No Excuses!)
  • 3. Too Frequent “ Bank of America says at least 1.2 million federal employee credit card accounts may be exposed to theft or hacking.” Time, Feb 25, 2005 “ 40M credit cards hacked Breach at third party payment processor affects 22 million Visa cards and 14 million MasterCards.” CNN Money, July 27, 2005 “ Data Losses Hit Four More Another day, another security breach: In the last 48 hours, Visa, Wachovia, Equifax, and the U.S. Department of Agriculture have joined a growing list ….” June 22, 2006 http://www.privacyrights.org/ar/ChronDataBreaches.htm
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13. Common Cryptographic Hash Algorithms MD, Message Digest SHA, Secure Hash Algorithm Hash Algorithm Hash Size bits (bytes) Date Published Collisions (Cracked) MD4 128 (16) 1990 RFC1186  MD5 128 (16) 1992 RFC1321  SHA-0 160 (20) 1993  SHA-1 160 (20) 1995 RFC3174  SHA-256 256 (32) 2002 RFC4634 SHA-512 512 (64) 2002 RFC4634
  • 14.
  • 15. Symmetric-Key Algorithms DES, Data Encryption Standard Triple-DES, DES applied three times (key 168 bits = 3 x 56 bits) FIPS, Federal Information Processing Standard AES, Advanced Encryption Standard (more secure, 6x faster than Triple-DES) NSA rates AES-128 for “SECRET”, AES-192 and AES-256 for “TOP SECRET”. Encryption Algorithm Key Size bits (bytes) Date Published Date Withdrawn DES 56 (7) 1976 FIPS46 1999 Triple-DES 168 (21) 1999 FIPS46-3 2005 AES 128, 192, 256 2001 FIPS197
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.
  • 26.
  • 27.
  • 28.

Notes de l'éditeur

  1. Under Windows in C#, the RSA andRSACryptoServiceProvider classes provide key-pair creation and RSA encryption/decryption functionality. Symmetric encryption is supported through the DES, TripleDES, AES classes In Windows, the “sn –k <filename>” can be used to create key pairs, or programmatically through the RSA and RSACryptoProvider classes.
  2. Under Windows in C#, the RSA andRSACryptoServiceProvider classes provide key-pair creation and RSA encryption/decryption functionality. Symmetric encryption is supported through the DES, TripleDES, AES classes In Windows, the “sn –k <filename>” can be used to create key pairs, or programmatically through the RSA and RSACryptoProvider classes.
  3. Under Windows in C#, the RSA andRSACryptoServiceProvider classes provide key-pair creation and RSA encryption/decryption functionality. Symmetric encryption is supported through the DES, TripleDES, AES classes In Windows, the “sn –k <filename>” can be used to create key pairs, or programmatically through the RSA and RSACryptoProvider classes.
  4. Under Windows in C#, the RSA andRSACryptoServiceProvider classes provide key-pair creation and RSA encryption/decryption functionality. Symmetric encryption is supported through the DES, TripleDES, AES classes In Windows, the “sn –k <filename>” can be used to create key pairs, or programmatically through the RSA and RSACryptoProvider classes.
  5. Under Windows in C#, the RSA andRSACryptoServiceProvider classes provide key-pair creation and RSA encryption/decryption functionality. Symmetric encryption is supported through the DES, TripleDES, AES classes In Windows, the “sn –k <filename>” can be used to create key pairs, or programmatically through the RSA and RSACryptoProvider classes.
  6. “ Shared-Key” aka “session-key” The use of symmetric together asymmetric encryption is beneficial since symmetric encryption being 1000+ times faster than asymmetric encryption.
  7. “ Shared-Key” aka “session-key” The use of symmetric together asymmetric encryption is beneficial since symmetric encryption being 1000+ times faster than asymmetric encryption.