- •Security methods. Kerckhoff’sPrinciple
- •3)Cryptographic methods of protection of the information
- •Legislative measures
- •Administrative measures Kerckhoff’sPrinciple
- •2.Tasks of cryptography
- •Impossibility to refuse authorship .Sender needn’t have possibility no refuse his authorship.
- •7.Polyalphabetic Ciphers
- •Viginere cipher
- •Description of the cipher
- •10. Symmetric cryptosystem. Des
- •11. Symmetric cryptosystem. 3des
- •12 Symmetric cryptosystem. Aes
- •13.Block cipher modes
- •14. Stream ciphers. Prg
- •Itself synchronous stream cipher
- •15. Stream ciphers. Rc4
- •16. Public key crypto. Rsa
- •17 Public key crypto.Diffie-Hellman
- •20. Protocols. Definitions.Rules of communication.Types of protocols.Problems.
- •21.Secure Protocols. Three types of Protocol
- •22.SecureElections. Simplistic Protocol #1,2
- •23.SecureElections. Voting with Blind Signatures
- •6.1 Secure Elections
- •Voting with Blind Signatures
- •24SecureElections.Election with two organization
- •Voting with Two Central Facilities
- •25.Digital Cash Protocol
- •26 Key management. Certification problem. Certificate
- •27 Authority. X.509. Certificate Hierarchy
- •28 Pgp. Key Management in pgp. Pgp’s Web of Trust. Idea.Key Schedule.Standard ansi x9.17. Working with pgp
- •30.One way functions. Properties.Collision-resistance.Example.
- •31.One way functions md5 algorithm
- •32.One way functions sha algorithm. Sha-256, sha-384, and sha-512.
- •Tasks of cryptography
Security methods. Kerckhoff’sPrinciple
Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction
Security methods.The following methods of ensuring computer system safety are known:
1)Methods of ensuring physical safety of components of system. Physical security describes measures that are designed to deny access to unauthorized personnel from physically accessing a building, facility, resource, or stored information.
2)Access control. Access control refers to exerting control over who can interact with a resource. The resource can be a given building, group of buildings, or computer-based information system. A PIN on an ATM system at a bank is another means of access control.
3)Cryptographic methods of protection of the information
Hashing Encryption is unique to a specific message, even minor changes to that message result in a dramatically different hash, thereby alerting a user to potential tampering.Symmetric cryptography, also called private-key cryptography. A sender encodes a message into ciphertext using a key, and the receiver uses the same key to decode it.
Asymmetric uses two keys, a "private" key and a "public key," to perform encryption and decryption. RSA and Diffie-Hellman.
Legislative measures
Administrative measures Kerckhoff’sPrinciple
In cryptography, Kerckhoffs' principle was stated by AugusteKerckhoffs in the 19th century. “A Cryptosystem should be secure even if everything about the system, except the key, is public knowledge.” Kerckhoffs’ Principle does not require that we publish or disclose how things work. It does require that the security of the system must not be negatively impacted by such a disclosure. A sub-theme of this principle, is that if the system is not negativly impacted by disclosure, it may be enhanced.
2.Tasks of cryptography
Nowadays modern cryptography is used for the decision of the following tasks:1) Provide the confidentiality. Confidentiality is the task of ensuring that only those entities (persons or systems) cleared for access can read information. Cryptography is a key element in ensuring confidentiality.Authentication. The addressee of the message should always know its source, and the malefactor - is not capable to mask under somebody another. For example, suppose there is plain text which is to be protected. The plain text is padded to the size of the block cipher and then encrypted. The operation of padding begs the question, What should be authenticated? According to Wagner and Schneier, both the plain text and padding would be authenticated , and not just the plain text .Integrity. The addressee of the message can check up, whether was the message changed during delivery, and the malefactor - is not capable to give out the untrue report for original
Anonymity. Sender or / and the addressee has an opportunity to hide some information. For example, moving of electronic money from one subject to another; at electronic voting - anybody does not know how the voter has voted.