54 lines
1.8 KiB
Markdown
54 lines
1.8 KiB
Markdown
## Lecture 1 (12:00) - Data Communication Security
|
|
|
|
### Normal Communication
|
|
|
|
Alice => Message => Bob
|
|
|
|
- We assume:
|
|
- A dedicated transmission system
|
|
- Good will, Co-operation, Competence among participants
|
|
These are not valid assumptions.
|
|
|
|
### Security
|
|
|
|
- Human problem caused by deliberate exploitation of weakness in the transmission system.
|
|
- Bad passwords, spoofing / phishing, config errors
|
|
- Bad procedures, backdoors, overcomplexity
|
|
- Can solve some problems, manage some, and detect some, but cannot fix everything.
|
|
- Security threats are generic to all forms of communication, not specifically computers or digital devices. Understanding them is vital to understanding IT.
|
|
|
|
### Password Security
|
|
|
|
- Password file must always be assumed to be readable
|
|
- Contains encrypted passwords.
|
|
- "Dictionary Attacks"
|
|
- Pre-encode a dictionary of words (and combination of words). Then simply look up any encoded passwords.
|
|
- "Cracker" Programs / "Brute force attacks"
|
|
|
|
### Encryption
|
|
|
|
- Scramble the message in some way so that it is only meaningful to Alice and Bob.
|
|
- Alice takes message and applies some algorithm to each of the letters to generate an encrypted message.
|
|
- Bob applies the reverse algorithm to regenerate the original message
|
|
- The aim is that Eve cant do one (or both) of these things
|
|
- If she cant decrypt, she cant eavesdrop
|
|
- If she cant encrypt, she cant masquerade.
|
|
- The more keys, the longer it takes to break
|
|
|
|
#### Caesar-shift
|
|
|
|
- Each letter is replaced by another letter, k positions later in the alphabet
|
|
- If k=3:
|
|
- A becomes D
|
|
- B becomes E
|
|
- C becomes F
|
|
- …
|
|
- "ATTACK AT TEN" becomes
|
|
- DWWDFN DW WHQ
|
|
- plaintext - ATTACK AT TEN
|
|
- ciphertext - DWWDFN DW WHQ
|
|
- Encryption method - Substitution
|
|
- Encryption Key - 3
|
|
- Decryption Key - 3
|
|
- Problem is how to share the key
|