Cyber Security Final

# Cyber Security Final ### 1. 網路安全威脅與需求 ### 2. 加密技術 > 對稱 > DES : permutation> LPT+RPT> 16bit round key> rejoin and permutation > key is too short, 雪崩效應, decrypty just unwind steps > > AES : substitude byte> shift row> mix column> add round key > 128-bit data, 128/192/256-bit keys > 非對稱 > RSA : based on exponentiation in a finite (Galois) field over integers modulo a prime > 任挑兩個大質數p及q ，將pq相乘得n 且求n的尤拉商數ø(n)=(p-1)(q-1)， > selecting at random the encryption key e where 1<e<ø(n), gcd(e,ø(n))=1 > find decryption key d which e.d=1 mod ø(n) and 0≤d≤n ，令(e,n)為公開金鑰，公告周知，(d,n)為私密金鑰，謹慎保管。 > ECC 雜湊函數數位簽章 : draw the graph will help you understand MAC digital signatures provide the ability to: 1.verify author, date & time of signature 2.authenticate message contents 3.be verified by third parties to resolve disputes ### 3. Classical Encryption: Ciphers () ##### Caesar [reference] each letter by shifting Xth letter on [break] only have 26 possible ciphers, could simply try each in turn ##### Monoalphabetic [referece] rather than just shifting the alphabet, could shuffle (jumble) the letters arbitrarily [break] human languages are redundant, calculate letter frequencies for ciphertext ##### Playfair [reference] a 5X5 matrix of letters based on a keyword fill in letters of keyword fill rest of matrix with other letters, I and J are in the same grid. [break] ##### Vigenere [reference] 對位移方式Ci=Pi+Ki (mod26) or 對照表 [break] ##### Autokey [reference] ideally want a key as long as the, Vigenère proposed the autokey cipher with keyword is prefixed to message as key message, 金匙不夠長，用明文來代替；這種加密方法叫做明文相依加密器，即加密方法因明文而易，最不易被破解。 [break] ##### Row Transposition [reference]write letters of message out in rows over a specified number of columns, then reorder the columns according to some key before reading off the rows [break] ##### Rail Fence [reference] write message letters out diagonally over a number of rows, then read off cipher row by row [break] ### 4. SSL (Secure Socket Layer) + HTTP = HTTPS --> Handshake protocol transport layer security service for application layer(https) originally developed by Netscape, subsequently became Internet standard known as TLS uses TCP to provide a reliable end-to-end service SSL has two layers of protocols - Change Cipher Spec Protocol & Record Protocol Handshake protocol: phase 1: establish connect, say hello to each other phase 2: server authentification phase 3: client authentificate phase 4: change cypher suite and finish handshake -->keys needed for Cipher Spec.<-- Client write MAC secret key, Server write MAC secret key, Client write secret key, Server write secret key, Client write IV, Server write IV ### 5. SET --> Dual Signature (Purchase Request - Customer & Merchant) is a communications protocol standard for securing credit card transactions over networks 訂單產生將訂單與帳單hash完後串接在一起，再hash一次並做簽章銀行看不到訂單資訊商家看不到帳單資訊, ### 6. PGP --> 滿足了四個條件 --> final range ### 7. Session Key Exchange -> RSA , D-H , Fixed D-H, D-H RSA , D-H , Fixed D-H ### 8. POST - Quantum Cryptograph 1. 最接近向量問題 2. Knapsack cryptosystem ###### tags: `class notes`