SlideShare une entreprise Scribd logo

Cryptography And Secure Systems

Invisibits
Invisibits

The document discusses what it means for a system to be secure and how cryptography is used to build trust in systems. It defines security goals like confidentiality, integrity, authentication, and non-repudiation. It explains how cryptographic techniques like encryption, hashing, digital signatures, and certificates can provide these security properties. Finally, it stresses that the security of a system depends on the strength of the underlying cryptographic tools and protocols used.

Technologie
1  sur  23
Télécharger pour lire hors ligne
12/8/2015 AppCrypto Team
What does it mean a system to be secure?
It boils down to the trust you place on the system! Guru Trust on the system How secure is the system
You decide to safeguard your valuable assets like hardly used gold jewelries in a bank instead of keeping them in your house. Guru You are placing more trust on the bank’s ability to safeguard your valuable asset than your own house. You learn this fact by experience – you friends valuable assets kept at home got robbed. None of your friends have had any bad experience with the bank safeguarding their assets.
Secure systems are built to satisfy the following security goals. Guru Integrity Availability Confidentiality Authentication Non- repudiation
We will not discuss availability in this presentation as cryptography is not generally used to assure availability (i.e. the service is available whenever you need it)Guru Denial of Service (DoS) attacks disrupts the available it of a service.
Can I trust the system not to show my sensitive data to any unauthorized parties? Guru Can I trust the system not to modify my data by any unauthorized parties? Can I trust the system not to allow to impersonate me to the system? Can I trust the system to hold each individual accountable of their actions? Confidentiality Integrity Authentication Non-repudiation
Confidentiality Integrity Authentication Non-repudiation Cryptography Can’t read! Can’t modify! Can’t impersonate! Can’t deny doing!
Trust sounds intuitive, but how do I objectively measure trust?
What does it mean a system to be secure?
Guru The measure of trust (how secure your system) depends on who you are trying to protect against. We call it the attack model. An Attack model captures the capabilities, collisions and intentions of adversaries. An adversary is a bad user who want to break the security of your system.
Guru In order to demonstrate trust in the system under the given attack model We need to prove the security of the cryptographic protocols under that attack model. A cryptographic protocol secure under one attack model (e.g. attacker can see one message) may not be secure under more stronger attack model (e.g. attacker can see many messages).
Guru Usually, most of us will be using time tested and proven cryptographic primitives such as ciphers, message authentication codes, digital signatures. We will be constructing new protocols using these primitives. However, we need to make sure that our protocols are secure under the chosen attack model. A cryptographic protocol built using secure cryptographic primitives may not necessarily be secure if not built right.
Adversary Capabilities Intentions In cryptography, we assume that attackers have limited computational power. In other words, they are computationally bounded. There could be passive attackers or active attackers. Passive attackers simply listens to your messages whereas much more powerful active attacks modify your messages. Collisions Multiple adversaries may collude together to break a cryptographic protocol.
Let’s look at the security goals that are directly tied to cryptography mentioned earlier. Guru
Confidentiality Can’t read! Ciphertext (C)EncryptPlaintext (M) Plaintext(M)DecryptCiphertext(C) Use cipher. The message to be encrypted is called “plaintext” The encrypted message is called “ciphertext”
Ciphers Symmetric ciphers Asymmetric ciphers Also called “Symmetric Key Cryptosystems” Also called “Public Key Cryptosystems” Alice Bob Alice and Bob share the same key. Alice Bob Alice and Bob do not share the same key.Public key & Private key pair
Roughly speaking, a cipher is secure if it is hard to obtain plaintext from the ciphertext without knowing the key used.Guru In a cipher, only the key is secret; everything else (encryption algorithm, decryption algorithm) is public. Alice Bob Messages exchanged in a TLS protocol are encrypted using a symmetric cipher.
Integrity Can’t modify! Cryptographic Hashing Algorithm Document Key Secure Hash Alice Bob Messages exchanged in a TLS protocol are hashed using a keyed hash algorithm. Send the hash along with the document to the receiver. Receiver can compute the hash and compare to verify. Message Hash Use hashing.
Authentication Can’t impersonate! Use hashing, Public Key Ciphers (certificates). Three ways to authenticate Use what you have (e.g. key, badge, certificates) Use what you know (e.g. passwords, PINs) Use what you are (e.g. fingerprints, iris)
Password authentication (Server: am I talking to Alice?) Alice Server (www.example.com) Hash pwd Salt Password Certificate based authentication (Alice: Am I taking to example.com?) Alice Server (www.example.com) Example.com certificate Example.com certificate Check if the certificate is signed by a trusted root authority. Check if the new hash matches the stored one.
Transfer $1M to Bob Non-repudiation Can’t deny doing! Use Public Key Ciphers (digital signatures). Alice Public key Private key Transfer $1M to Bob Digitally signed using Alice’s private key Alice cannot later deny that she did not order bank to transfer as it has her digital signature on it (only she can produce that signature) Verify signature using Alice’s public key
The security of a system boils down to the trust. Cryptography is a tool that we can use to build trust in security services (confidentiality, integrity, authentication and non-repudiation) and in turn in systems build using these security services. If the foundation of your house (cryptographic tools used) is not strong, your house (software system) will collapse! Guru

Recommandé

Cryptography
CryptographyCryptography
CryptographyDipti Sakpal
 
Encryption
Encryption Encryption
Encryption Adnan Malak
 
Cryptography
CryptographyCryptography
CryptographyMilap Oza
 
Cryptography by gaurav singh
Cryptography by gaurav singhCryptography by gaurav singh
Cryptography by gaurav singhGaurav Singh
 
Workshop on Cryptography - Frequency Analysis (basic)
Workshop on Cryptography - Frequency Analysis (basic)Workshop on Cryptography - Frequency Analysis (basic)
Workshop on Cryptography - Frequency Analysis (basic)Andrea Tino
 
Password policies
Password policiesPassword policies
Password policiesAri Elias-Bachrach
 
Session6-Protecct Sensetive Data
Session6-Protecct Sensetive DataSession6-Protecct Sensetive Data
Session6-Protecct Sensetive Datazakieh alizadeh
 
Cryptography
CryptographyCryptography
CryptographyJasim Jas
 

Recommandé

Cryptography
CryptographyCryptography
CryptographyDipti Sakpal
 
Encryption
Encryption Encryption
Encryption Adnan Malak
 
Cryptography
CryptographyCryptography
CryptographyMilap Oza
 
Cryptography by gaurav singh
Cryptography by gaurav singhCryptography by gaurav singh
Cryptography by gaurav singhGaurav Singh
 
Workshop on Cryptography - Frequency Analysis (basic)
Workshop on Cryptography - Frequency Analysis (basic)Workshop on Cryptography - Frequency Analysis (basic)
Workshop on Cryptography - Frequency Analysis (basic)Andrea Tino
 
Password policies
Password policiesPassword policies
Password policiesAri Elias-Bachrach
 
Session6-Protecct Sensetive Data
Session6-Protecct Sensetive DataSession6-Protecct Sensetive Data
Session6-Protecct Sensetive Datazakieh alizadeh
 
Cryptography
CryptographyCryptography
CryptographyJasim Jas
 
Cyber public key cryptography
Cyber public key cryptographyCyber public key cryptography
Cyber public key cryptographyGopika Babu
 
Data encryption
Data encryptionData encryption
Data encryptionAman Jain
 
The ultimate privacy guide
The ultimate privacy guideThe ultimate privacy guide
The ultimate privacy guideJD Liners
 
Applied Cryptography
Applied CryptographyApplied Cryptography
Applied CryptographyMarcelo Martins
 
Whatisdigitalsignature
WhatisdigitalsignatureWhatisdigitalsignature
WhatisdigitalsignatureKishankant Yadav
 
Honeywords
HoneywordsHoneywords
HoneywordsPratiksha Kale
 
E-mail and Encryption
E-mail and EncryptionE-mail and Encryption
E-mail and Encryptionhey4ndr3w
 
Introduction to python for cybersecurity pythonminna
Introduction to python for cybersecurity pythonminnaIntroduction to python for cybersecurity pythonminna
Introduction to python for cybersecurity pythonminnaTopeAbdulgafar
 
Information Cryptography Security
Information Cryptography SecurityInformation Cryptography Security
Information Cryptography SecurityAchmad Solichin
 
CAN BLOCKCHAIN PRIVATE KEY BE HACKED?
CAN BLOCKCHAIN PRIVATE KEY BE HACKED?CAN BLOCKCHAIN PRIVATE KEY BE HACKED?
CAN BLOCKCHAIN PRIVATE KEY BE HACKED?Blockchain Council
 
How Hashing Algorithms Work
How Hashing Algorithms WorkHow Hashing Algorithms Work
How Hashing Algorithms WorkCheapSSLsecurity
 
How software should get done
How software should get doneHow software should get done
How software should get doneosmanehmad
 
Introduction to SmartCards - Michael Perlov
Introduction to SmartCards - Michael PerlovIntroduction to SmartCards - Michael Perlov
Introduction to SmartCards - Michael PerlovFilipe Mello
 
How to explain bitcoin to your mother
How to explain bitcoin to your motherHow to explain bitcoin to your mother
How to explain bitcoin to your motherPhilippe Camacho, Ph.D.
 
Study on Bitcoin
Study on Bitcoin Study on Bitcoin
Study on Bitcoin Dhanith Krishna
 
Secure payment systems
Secure payment systemsSecure payment systems
Secure payment systemsAbdulaziz Mohd
 
Electronic Payment Systems (EPS)
Electronic Payment Systems (EPS)Electronic Payment Systems (EPS)
Electronic Payment Systems (EPS)Sahan Walpitagamage
 
Electronic payment system
Electronic payment systemElectronic payment system
Electronic payment systempankhadi
 
Electronic Payment System
Electronic Payment SystemElectronic Payment System
Electronic Payment SystemRitesh Goyal
 
The electronic payment systems
The electronic payment systemsThe electronic payment systems
The electronic payment systemsVishal Singh
 
Introduction to bitcoin
Introduction to bitcoinIntroduction to bitcoin
Introduction to bitcoinWolf McNally
 
Authentication and session v4
Authentication and session v4Authentication and session v4
Authentication and session v4skimil
 

Contenu connexe

Tendances

Cyber public key cryptography
Cyber public key cryptographyCyber public key cryptography
Cyber public key cryptographyGopika Babu
 
Data encryption
Data encryptionData encryption
Data encryptionAman Jain
 
The ultimate privacy guide
The ultimate privacy guideThe ultimate privacy guide
The ultimate privacy guideJD Liners
 
E-mail and Encryption
E-mail and EncryptionE-mail and Encryption
E-mail and Encryptionhey4ndr3w
 
Introduction to python for cybersecurity pythonminna
Introduction to python for cybersecurity pythonminnaIntroduction to python for cybersecurity pythonminna
Introduction to python for cybersecurity pythonminnaTopeAbdulgafar
 
Information Cryptography Security
Information Cryptography SecurityInformation Cryptography Security
Information Cryptography SecurityAchmad Solichin
 
CAN BLOCKCHAIN PRIVATE KEY BE HACKED?
CAN BLOCKCHAIN PRIVATE KEY BE HACKED?CAN BLOCKCHAIN PRIVATE KEY BE HACKED?
CAN BLOCKCHAIN PRIVATE KEY BE HACKED?Blockchain Council
 
How Hashing Algorithms Work
How Hashing Algorithms WorkHow Hashing Algorithms Work
How Hashing Algorithms WorkCheapSSLsecurity
 

Tendances (11)

Cyber public key cryptography
Cyber public key cryptographyCyber public key cryptography
Cyber public key cryptography
 
Data encryption
Data encryptionData encryption
Data encryption
 
The ultimate privacy guide
The ultimate privacy guideThe ultimate privacy guide
The ultimate privacy guide
 
Applied Cryptography
Applied CryptographyApplied Cryptography
Applied Cryptography
 
Whatisdigitalsignature
WhatisdigitalsignatureWhatisdigitalsignature
Whatisdigitalsignature
 
Honeywords
HoneywordsHoneywords
Honeywords
 
E-mail and Encryption
E-mail and EncryptionE-mail and Encryption
E-mail and Encryption
 
Introduction to python for cybersecurity pythonminna
Introduction to python for cybersecurity pythonminnaIntroduction to python for cybersecurity pythonminna
Introduction to python for cybersecurity pythonminna
 
Information Cryptography Security
Information Cryptography SecurityInformation Cryptography Security
Information Cryptography Security
 
CAN BLOCKCHAIN PRIVATE KEY BE HACKED?
CAN BLOCKCHAIN PRIVATE KEY BE HACKED?CAN BLOCKCHAIN PRIVATE KEY BE HACKED?
CAN BLOCKCHAIN PRIVATE KEY BE HACKED?
 
How Hashing Algorithms Work
How Hashing Algorithms WorkHow Hashing Algorithms Work
How Hashing Algorithms Work
 

En vedette

How software should get done
How software should get doneHow software should get done
How software should get doneosmanehmad
 
Introduction to SmartCards - Michael Perlov
Introduction to SmartCards - Michael PerlovIntroduction to SmartCards - Michael Perlov
Introduction to SmartCards - Michael PerlovFilipe Mello
 
Secure payment systems
Secure payment systemsSecure payment systems
Secure payment systemsAbdulaziz Mohd
 
Electronic Payment Systems (EPS)
Electronic Payment Systems (EPS)Electronic Payment Systems (EPS)
Electronic Payment Systems (EPS)Sahan Walpitagamage
 
Electronic payment system
Electronic payment systemElectronic payment system
Electronic payment systempankhadi
 
Electronic Payment System
Electronic Payment SystemElectronic Payment System
Electronic Payment SystemRitesh Goyal
 
The electronic payment systems
The electronic payment systemsThe electronic payment systems
The electronic payment systemsVishal Singh
 
Introduction to bitcoin
Introduction to bitcoinIntroduction to bitcoin
Introduction to bitcoinWolf McNally
 

En vedette (10)

How software should get done
How software should get doneHow software should get done
How software should get done
 
Introduction to SmartCards - Michael Perlov
Introduction to SmartCards - Michael PerlovIntroduction to SmartCards - Michael Perlov
Introduction to SmartCards - Michael Perlov
 
How to explain bitcoin to your mother
How to explain bitcoin to your motherHow to explain bitcoin to your mother
How to explain bitcoin to your mother
 
Study on Bitcoin
Study on Bitcoin Study on Bitcoin
Study on Bitcoin
 
Secure payment systems
Secure payment systemsSecure payment systems
Secure payment systems
 
Electronic Payment Systems (EPS)
Electronic Payment Systems (EPS)Electronic Payment Systems (EPS)
Electronic Payment Systems (EPS)
 
Electronic payment system
Electronic payment systemElectronic payment system
Electronic payment system
 
Electronic Payment System
Electronic Payment SystemElectronic Payment System
Electronic Payment System
 
The electronic payment systems
The electronic payment systemsThe electronic payment systems
The electronic payment systems
 
Introduction to bitcoin
Introduction to bitcoinIntroduction to bitcoin
Introduction to bitcoin
 

Similaire à Cryptography And Secure Systems

Authentication and session v4
Authentication and session v4Authentication and session v4
Authentication and session v4skimil
 
In responding to your peers’ posts, assess your peers’ recommendatio.docx
In responding to your peers’ posts, assess your peers’ recommendatio.docxIn responding to your peers’ posts, assess your peers’ recommendatio.docx
In responding to your peers’ posts, assess your peers’ recommendatio.docxmecklenburgstrelitzh
 
Identity On The Internet
Identity On The InternetIdentity On The Internet
Identity On The InternetJon Spriggs
 
Improving Password Based Security
Improving Password Based SecurityImproving Password Based Security
Improving Password Based SecurityRare Input
 
Password Strength Policy Query
Password Strength Policy QueryPassword Strength Policy Query
Password Strength Policy QueryGloria Stoilova
 
Domain 9 of CEH Cryptography.pptx
Domain 9 of CEH Cryptography.pptxDomain 9 of CEH Cryptography.pptx
Domain 9 of CEH Cryptography.pptxInfosectrain3
 
Enterprise Cloud Security - Concepts Mash-up
Enterprise Cloud Security - Concepts Mash-upEnterprise Cloud Security - Concepts Mash-up
Enterprise Cloud Security - Concepts Mash-upDileep Kalidindi
 
Information-Security-Lecture-8.pptx
Information-Security-Lecture-8.pptxInformation-Security-Lecture-8.pptx
Information-Security-Lecture-8.pptxanbersattar
 

Similaire à Cryptography And Secure Systems (20)

Authentication and session v4
Authentication and session v4Authentication and session v4
Authentication and session v4
 
In responding to your peers’ posts, assess your peers’ recommendatio.docx
In responding to your peers’ posts, assess your peers’ recommendatio.docxIn responding to your peers’ posts, assess your peers’ recommendatio.docx
In responding to your peers’ posts, assess your peers’ recommendatio.docx
 
Encryption by fastech
Encryption by fastechEncryption by fastech
Encryption by fastech
 
Getting authentication right
Getting authentication rightGetting authentication right
Getting authentication right
 
Identity On The Internet
Identity On The InternetIdentity On The Internet
Identity On The Internet
 
Password Cracking
Password CrackingPassword Cracking
Password Cracking
 
ISDD Security Precautions
ISDD Security PrecautionsISDD Security Precautions
ISDD Security Precautions
 
Improving Password Based Security
Improving Password Based SecurityImproving Password Based Security
Improving Password Based Security
 
Password Strength Policy Query
Password Strength Policy QueryPassword Strength Policy Query
Password Strength Policy Query
 
Domain 9 of CEH Cryptography.pptx
Domain 9 of CEH Cryptography.pptxDomain 9 of CEH Cryptography.pptx
Domain 9 of CEH Cryptography.pptx
 
Overview of cryptography
Overview of cryptographyOverview of cryptography
Overview of cryptography
 
Public Vs. Private Keys
Public Vs. Private KeysPublic Vs. Private Keys
Public Vs. Private Keys
 
paper9.pdf
paper9.pdfpaper9.pdf
paper9.pdf
 
sheet2.pdf
sheet2.pdfsheet2.pdf
sheet2.pdf
 
doc2.pdf
doc2.pdfdoc2.pdf
doc2.pdf
 
paper2.pdf
paper2.pdfpaper2.pdf
paper2.pdf
 
lecture1.pdf
lecture1.pdflecture1.pdf
lecture1.pdf
 
Crypto
CryptoCrypto
Crypto
 
Enterprise Cloud Security - Concepts Mash-up
Enterprise Cloud Security - Concepts Mash-upEnterprise Cloud Security - Concepts Mash-up
Enterprise Cloud Security - Concepts Mash-up
 
Information-Security-Lecture-8.pptx
Information-Security-Lecture-8.pptxInformation-Security-Lecture-8.pptx
Information-Security-Lecture-8.pptx
 

Dernier

Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 

Dernier (20)

Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 

Cryptography And Secure Systems

  • 2. What does it mean a system to be secure?
  • 3. It boils down to the trust you place on the system! Guru Trust on the system How secure is the system
  • 4. You decide to safeguard your valuable assets like hardly used gold jewelries in a bank instead of keeping them in your house. Guru You are placing more trust on the bank’s ability to safeguard your valuable asset than your own house. You learn this fact by experience – you friends valuable assets kept at home got robbed. None of your friends have had any bad experience with the bank safeguarding their assets.
  • 5. Secure systems are built to satisfy the following security goals. Guru Integrity Availability Confidentiality Authentication Non- repudiation
  • 6. We will not discuss availability in this presentation as cryptography is not generally used to assure availability (i.e. the service is available whenever you need it)Guru Denial of Service (DoS) attacks disrupts the available it of a service.
  • 7. Can I trust the system not to show my sensitive data to any unauthorized parties? Guru Can I trust the system not to modify my data by any unauthorized parties? Can I trust the system not to allow to impersonate me to the system? Can I trust the system to hold each individual accountable of their actions? Confidentiality Integrity Authentication Non-repudiation
  • 9. Trust sounds intuitive, but how do I objectively measure trust?
  • 10. What does it mean a system to be secure?
  • 11. Guru The measure of trust (how secure your system) depends on who you are trying to protect against. We call it the attack model. An Attack model captures the capabilities, collisions and intentions of adversaries. An adversary is a bad user who want to break the security of your system.
  • 12. Guru In order to demonstrate trust in the system under the given attack model We need to prove the security of the cryptographic protocols under that attack model. A cryptographic protocol secure under one attack model (e.g. attacker can see one message) may not be secure under more stronger attack model (e.g. attacker can see many messages).
  • 13. Guru Usually, most of us will be using time tested and proven cryptographic primitives such as ciphers, message authentication codes, digital signatures. We will be constructing new protocols using these primitives. However, we need to make sure that our protocols are secure under the chosen attack model. A cryptographic protocol built using secure cryptographic primitives may not necessarily be secure if not built right.
  • 14. Adversary Capabilities Intentions In cryptography, we assume that attackers have limited computational power. In other words, they are computationally bounded. There could be passive attackers or active attackers. Passive attackers simply listens to your messages whereas much more powerful active attacks modify your messages. Collisions Multiple adversaries may collude together to break a cryptographic protocol.
  • 15. Let’s look at the security goals that are directly tied to cryptography mentioned earlier. Guru
  • 16. Confidentiality Can’t read! Ciphertext (C)EncryptPlaintext (M) Plaintext(M)DecryptCiphertext(C) Use cipher. The message to be encrypted is called “plaintext” The encrypted message is called “ciphertext”
  • 17. Ciphers Symmetric ciphers Asymmetric ciphers Also called “Symmetric Key Cryptosystems” Also called “Public Key Cryptosystems” Alice Bob Alice and Bob share the same key. Alice Bob Alice and Bob do not share the same key.Public key & Private key pair
  • 18. Roughly speaking, a cipher is secure if it is hard to obtain plaintext from the ciphertext without knowing the key used.Guru In a cipher, only the key is secret; everything else (encryption algorithm, decryption algorithm) is public. Alice Bob Messages exchanged in a TLS protocol are encrypted using a symmetric cipher.
  • 19. Integrity Can’t modify! Cryptographic Hashing Algorithm Document Key Secure Hash Alice Bob Messages exchanged in a TLS protocol are hashed using a keyed hash algorithm. Send the hash along with the document to the receiver. Receiver can compute the hash and compare to verify. Message Hash Use hashing.
  • 20. Authentication Can’t impersonate! Use hashing, Public Key Ciphers (certificates). Three ways to authenticate Use what you have (e.g. key, badge, certificates) Use what you know (e.g. passwords, PINs) Use what you are (e.g. fingerprints, iris)
  • 21. Password authentication (Server: am I talking to Alice?) Alice Server (www.example.com) Hash pwd Salt Password Certificate based authentication (Alice: Am I taking to example.com?) Alice Server (www.example.com) Example.com certificate Example.com certificate Check if the certificate is signed by a trusted root authority. Check if the new hash matches the stored one.
  • 22. Transfer $1M to Bob Non-repudiation Can’t deny doing! Use Public Key Ciphers (digital signatures). Alice Public key Private key Transfer $1M to Bob Digitally signed using Alice’s private key Alice cannot later deny that she did not order bank to transfer as it has her digital signature on it (only she can produce that signature) Verify signature using Alice’s public key
  • 23. The security of a system boils down to the trust. Cryptography is a tool that we can use to build trust in security services (confidentiality, integrity, authentication and non-repudiation) and in turn in systems build using these security services. If the foundation of your house (cryptographic tools used) is not strong, your house (software system) will collapse! Guru