Security

BY PRASANTH, Y13
 Sub Contents

 Digital Certificates
 Adding a digital signature
 SSL/TLS (Protocols)
 Malwares

 Recap : Symmetric and Asymmetric Encryption ??

Digital Certificates/Signatures 1.1

 First, we have to know what is Public Key Infrastructure and Certificate

Authority ?
PKI :
Public Key Infrastructure (PKI) is a set of requirements that allow (among other things) the
creation of digital signatures. Through PKI, each digital signature transaction includes a pair of
keys: a private key and a public key.
The private key, as the name implies, is not shared and is used only by the signer to electronically
sign documents. The public key is openly available and used by those who need to validate the
signer’s electronic signature.
Digital Certificates 1.2

 CA :
Digital signatures rely on public and private keys. Those keys have to be protected in
order to ensure safety and to avoid forgery or malicious use. When you send or sign a
document, you need assurance that the documents and the keys are created securely
and that they are using valid keys.
CAs, a type of Trust Service Provider, are third-party organizations that have been
widely accepted as reliable for ensuring key security and that can provide the necessary
digital certificates.
Both the entity sending the document and the recipient signing it must agree to use a
given CA
1.3 Cryptographic one
way hash function

 An alternative is to use a cryptographic

one-way hash function which creates
from the message a number, uniquely
 Defined for the particular message,
called a 'digest'. The private key is used
as a signature for this digest.
 This speeds up the process of confirming
the sender's identity.
1.3.1 Checking received transmissions

 We will assume that the message is transmitted as

plaintext together with the digital signature as a separate
file.
 The processes that take place at the receiver end are
outlined in Figure 21.03.
 The same public hash key function is used that was used
by the sender so the same digest is produced if the
message has been transmitted without alteration .
 The decryption of the digital signature produces an
identical digest if the message was genuinely sent by the
original owner of the public key that the receiver has
used.
 This approach has allowed the receiver to be confident
that the message is both authentic and unaltered .
 Disadvantage ?!!!

This sounds good but unfortunately it does not consider

the fact that someone might forge a public key
and pretend to be someone else.

Therefore, there is a need for a more rigorous means of

ensuring authentication. This can be provided by
a Certification Authority (CA) provided as part
of a Public Key Infrastructure (PKI).
1.3.2 Processes involved in obtaining a digital signature

 An individual (A) who is a would-be receiver and

has a public-private key pair contacts a local CA
 The CA confirms the identity of person A
 The CA creates a public-key certificate (a digital
certificate) and writes person A’s public key into
this document
 The CA uses encryption with the CA’s private key
to add a digital signature to this document
 The digital certificate is given to person A
 Person A posts the digital certificate on a website
 2.0 SSL and TLS

Secure Socket Layer (SSL) and Transport Layer

Security (TLS) are two closely related protocols
providing security in using the Internet

** TLS is slightly modified version of SSL

2.1 Overview SSL/TLS

When a computer connects to a website, communication begins between the computer's

web browser and the web server the site is hosted on.

Typically, this communication is unguarded, meaning it's out in the open and any
interested third party can have a look at it.

As you can imagine, if you're transmitting important personal information having it out in
the open is not an ideal way to do things.

Think of an SSL/TLS certificate as a driver’s license of sorts—it serves two functions.

It grants permissions to use encrypted communication via Public Key
Infrastructure, and also authenticates the identity of the certificate’s
holder.
2.2 How does SSL/TLS provide authentication
For server authentication, the client uses the server's public key to encrypt the data that is used
to compute the secret key. The server can generate the secret key only if it can decrypt that
data with the correct private key.

For client authentication, the server uses the public key in the client certificate to decrypt the
data the client sends during handshake.

For both server and client authentication,

The server needs:

1. The personal certificate issued to the server by CA Y
2. The server’s private key
3. The CA certificate for CA X

And the client needs:

1. The personal certificate issued to the client by CA X
2. The client’s private key
3. The CA certificate for CA Y
An overview of SSL or TSL handshake

What’s a handshake??
Secret way to communicate

1. Agree on the version of the protocol to use.

2. Select cryptographic algorithms.
3. Authenticate each other by exchanging and
validating digital certificates.
3.0 What is a Malware?

Malware is the informal name for malicious software. Malicious software is

software that is introduced into a system for a harmful purpose. One category
of malware is where program code is introduced to a system. The various types
of malware-containing code are:
 Virus : tries to replicate itself inside other executable code
 Worm : runs independently and propagates to other network hosts
 Logic bomb : lies dormant until some condition is met
 Trojan : replaces all or part of previously useful program
 Spyware : collects information and transmits it into other system
 Bot : takes control of another computer and uses it to launch attacks.
3.1 How does a Malware infection happen?

> Some malware can get on your computer by taking advantage of security vulnerabilities in your operating
system and software programs. Outdated versions of browsers, and often their add-ons or plug-ins as well, are
easy targets.
> Most of the time, however, malware is installed by users (that's you!) overlooking what they're doing and
rushing through program installations that include malicious software. Many programs install malware-ridden
toolbars, download assistants, system and Internet optimizers, bogus antivirus software, and other
tools automatically... unless you explicitly tell them not to.
> Another common source of malware is via software downloads that at first seem to be something safe like a
simple image, video, or audio file, but in reality is a harmful executable file that installs the malicious program
How Do You Protect Yourself From
a Malware Infection?

The most important way to prevent malware from reaching your computer is by making sure
you have an antivirus/antimalware program installed and that you have it configured to
constantly look for signs of malicious activity in downloads and active files.

Beyond software that automatically keeps an eye out for malware, the most important
thing you can do to protect your computer is to change your behavior.

One way is to avoid opening email and other messaging attachments from people or
organizations you don't know or don't trust. Even if you do know the sender, make sure
that whatever is attached is something you were expecting or can follow up about in
another message. One clever way malware is spread is by auto-mailing copies of itself
to friends and family in an email contact list.
Symmetric and Asymmetric Encryption

What are the differences??????

Symmetric Encryption

Simplestkind of encryption that involves only one secret key to

cipher and decipher information.
It uses a secret key that can either be a number, a word or a
string of random letters. It is a blended with the plain text of a
message to change the content in a particular way.
The sender and the recipient should know the secret key that is
used to encrypt and decrypt all the messages.
 Blowfish, AES, RC4, DES, RC5, and RC6 are examples of
symmetric encryption. The most widely used symmetric algorithm
is AES-128, AES-192, and AES-256.

The main disadvantage of the symmetric key encryption is that

all parties involved have to exchange the key used to encrypt
the data before they can decrypt it.
Asymmetric Encryption

Asymmetrical encryption is also known as public key

cryptography
Asymmetric encryption uses two keys to encrypt a plain text.
Secret keys are exchanged over the Internet or a large
network. It is important to note that anyone with a secret key
can decrypt the message and this is why asymmetrical
encryption uses two related keys to boosting security.
A public key is made freely available to anyone who might
want to send you a message. The second private key is kept a
secret so that you can only know.
A message that is encrypted using a public key can only be
decrypted using a private key, while also, a message
encrypted using a private key can be decrypted using a
public key.