Professional Documents
Culture Documents
Research Interests:
Algorithm design and analysis
Wireless networks
Game theory
Computational geometry
Contact Information
Phone 312-567-5207
Email: xli@cs.iit.edu
Office hours
Wednesday 4:10PM – 6:10PM.
Introduction
Xiang-Yang Li
From wikipedia
Cryptography and Network Security 12
C.I.A
Confidentiality, Integrity and Availability
Information Systems are decomposed in
three main portions, hardware, software
and communications
with the purpose to identify and apply information
security industry standards, as mechanisms of
protection and prevention, at three levels or layers:
Physical, personal and organizational
Network security starts from authenticating any user, most likely a username and a
password
An intrusion prevention system (IPS)[2] helps detect and prevent such malware. IPS
also monitors for suspicious network traffic for contents, volume and anomalies to
protect the network from attacks such as denial of service
Explicitness
About its environment assumptions, security service offered,
special cases in math assumptions,
Protection tuned to application needs
No less, no more
Security protocols cannot do all: man does what man can do,
machine does what machine can do
Openness
Traffic analysis
which is the analysis of patterns of communication in order
to learn secret information
The messages could be encrypted
http://en.wikipedia.org/wiki/Traffic_analysis
Polybiussquare
Hidden messages on messenger's body
Last 2 bits
Principal Principal
(sender) (receiver
)
Security Security
transformation transformation
attacker
Cryptography and Network Security 24
Attacks, Services and Mechanisms
Security Attacks
Action compromises the information security
Could be passive or active attacks
Security Services
Actions that can prevent, detect such attacks.
Such as authentication, identification, encryption, signature, secret
sharing and so on.
Security mechanism
The ways to provide such services
Detect, prevent and recover from a security attack
Wiring,
eavesdrop
Replaced
intercept
info
Ali: this is
…
Ali: this is
…
Cryptography and Network Security 31
Attacks, Services and Mechanisms
Security Attacks
Action compromises the information security
Could be passive or active attacks
Security Services
Actions that can prevent, detect such attacks.
Such as authentication, identification, encryption, signature, secret
sharing and so on.
Security mechanism
The ways to provide such services
Detect, prevent and recover from a security attack
Ciphertext
The transformed message
Message
Is treated as a non-negative integer hereafter
Decipher (decode)
The process of converting ciphertext back into plaintext
Decipher P = D(K2)(C)
Plaintext ciphertext
Encipher C = E(K1)(P)
K1, K2: from keyspace
These two keys could be different;
could be difficult to get one from the other
Cryptography and Network Security 44
What is Security?
Two fundamentally different securities
Unconditional security
No matter how much computational power is available, the
cipher cannot be broken
Using Shannon’s information theory
The entropy of the message I(M) is same as the entropy of the
message I(M|C) when known the ciphertext (and possible more)
Computational security
Given limited computing resources (e.g time needed for
calculations is greater than age of universe), the cipher
cannot be broken
What do we mean “broken”?
Proved by some complexity equivalence approach