程序代写代做代考 While you are waiting for the session to start, can you familiarise yourself with the OWASP website. Its link https://owasp.org/ What is OWASP is about etc? Find any events that you can attend virtually

While you are waiting for the session to start, can you familiarise yourself with the OWASP website. Its link https://owasp.org/ What is OWASP is about etc? Find any events that you can attend virtually

Catch-up
&

Tasks on DH, RSA and Padding

Lec 6a

1

Overview
By the end of the session, you should :
know what we have done in the module so far? [like a summary of key points]
Be able to solve DH, RSA and padding related
problems.

What we have done so far?
Week 1
a) CIA & Authentication and Accountability
b) Types of threats: Active/Passive, Insider/Outsider
c) Attack surface and attack trees
d) Other key terms like vulnerability etc
Week 2
a) General intro to malware
b) Basic operation of viruses, worms and trojans
c) Payload types
d) bots, spyware and rootkits
e) Countermeasures

What we have done so far?
Weeks 3-6 Cryptography
a) General introduction
b) Cryptographic system categories
– Substitution/Transposition
Single letter, multi-letter substitutions
Rail-fence and route transposition techniques
– Block/Stream
Padding techniques: Random,Zelolen, Null etc
Salt: playback issue, CBC, CFB, OFB, CTR
GCM
– Symmetric/Asymmetric
Explained role of keys
Symmetric: DES, 3DES and AES
Asymmetric: RSA, DH, Elliptic Curve
Digital signature, certificates
c) Cryptographic hashing (Friday’s lecture)

What we have covered in labs?
CIA concepts based on scenario
Behaviours of malware
PHP application
Used different ciphers to secure an asset
Cryptographic standard OpenSSL library

Some Mac users have issue installing OpenSSL – only two students reported it to me. It is solved, check discussion pages on Canvas.

Module learning aims
Systematically discuss key dimensions of computer security (e.g. secrecy, authentication, integrity, anonymity), and their relationship to the main threats and attack techniques relevant to computer security.

Systematically describe the main building blocks of cryptography (e.g. public and private key encryption, cryptographic hashing), and their relationship with the key dimensions of computer security from LO1.

Deploy up-to-date tools and techniques for finding vulnerabilities in computer systems. Draft security policies and implement policy enforcement processes and mechanisms.

Design secure computer systems by using established computer security principles.

Quiz

How are you attempting lab work? Are you using your own PC?

If NOT, I need to know by end of this week to avoid any problem in setting up SQLi and XSS labs.

https://canvas.sussex.ac.uk/courses/13026/quizzes/17639

Catch-up

You have interim report for FYP but make sure that you progress in computer security module

Use this week to catch up with this module
both in theory and labs work

Next week – Web security [ SQLi and XSS Attacks], HTTP

Revise it for Exam
Study examples of DH, RSA and Padding then attempt tasks provided on each of the three topics

Task – DH

Examples of DH are on the next two slides.

Problem-1
Suppose that two parties A and B wish to set up a common secret key (D-H key) between themselves using the Diffie Hellman key exchange technique. They agree on 7 as the modulus and 3 as the primitive root. Party A chooses 2 and party B chooses 5 as their respective secrets. Find the DH key.

Problem-2
In a Diffie-Hellman Key Exchange, Alice and Bob have chosen prime value q = 17 and primitive root = 5. If Alice’s secret key is 4 and Bob’s secret key is 6, what is the secret key they exchanged?

Once you attempt, check your solution against:
https://www.gatevidyalay.com/tag/diffie-hellman-key-exchange-tutorial/

Example of DH protocol

Task – RSA
In an RSA cryptosystem, a particular A uses two prime numbers p = 13 and q =17 to generate her public and private keys. If the public key of A is 35. Then the private key of A is?

RSA – example01
Encryption
Decryption

Public key: (5,14)

Plaintext: B  2 index

( mod ) 14
= 32 (mod 14)
= 4 (mod) 14
= D = 4 index

Private key (11, 14)

Note: 14 is the same
Ciphertext: D 4

(mod)14
= 4194304 (mod 14)
= 2 (mod 14)
= B = 2 index

C= mod N
M= mod N

How does it work?
1st step: two primes number p and q
p=2 and q=7
2nd step: product of p and q = p x q = 14 = N
which is mod in public and private key, it is publicise

3rd step: (pronounced as PHI(N) = (p-1)(q-1)
=(2-1)(7-1)
= 6 = total number of co-prime

4th step: Choose e 1< e < (N) = 2,3,4,5 { co-prime with N, (N) = 2,3,4,5 N=14, (N)=6; public key = 5, 14 5th step: choose d: de (mod (N)) = 1 5d (mod 6) = 1 d should be such a number that when it multiplies with 5 and find mod by 6, it should give you 1 1 2 3 4 5 6 7 8 9 10 11 12 13 14 d 1 2 3 4 5 ….. 5d 5 10 15 20 25 …… mod 6 5 4 3 2 1 0 This pattern repeat, pick any number that give you mod 1 How many coprime below 14? 14=2x7 2=2x1 4=2x2 6=3x2 8=2x2x2 12=2x2x3 14=2x7 1=1x1 3=3x1 5=5x1 7=7x1 9=3x3 11=11x1 13=13x1 Coprime 1=1x1 3=3x1 5=5x1 9=3x3 11=11x1 13=13x1 RSA - example02 Encryption Decryption two primes p x q ; p=3, p=11 N = p x q = 3 x 11 = 33 (N) = (p-1)(q-1) = (3-1) (11-1) = 2 x 10 = 20 [this will be our mod] = Both parties will have this value Selecting e 1< e < (N) = 1