Tuesday, July 28, 2009

Lab 3 : PGP,data authentication and cryptography

0 comments Posted by gina at 7:58 AM

I'll explain how to install PGP and the function of that particular software in network security...PGP is from a word Pretty Good Privacy, it is a public key enryption program originally written by Phil Zimmermann in 1991.Why PGP?For me, it is to secure email on internet because email is personal and it's private, beside that we don't want our private email or confidential documents read by anyone else. The advantages of PGP are language support and is available for many different platforms including Windows, Unix, MS DOS, OS/2, Macintosh and so on. After I do a research, the latest version of international freeware versions of PGP os 6.5.1i for Windows 95/98/NT and MacOS only while 5.0i for other platform.PGP works by combines some of the best features of both conventional and public key cryptography.PGP will compresses the plaintext that had been encrypt by user and creates a session key(secret key). Then after data is encrypted, the session key is then encrypted to the recipient's public key and transmitted along with the ciphertext to the recipient.














We can download PGP installer from www.pgpi.org,version 6.5.8.
Step 1 : Unzipped installer
Step 2 : Double click to start install. At Welcome window.Click [Next].
Step 3 : Click [Yes] at 'Software License Agreement' after finish read all terms of agreement.
Step 4 : Enter full name and company then click [Next]
Step 5 : Files will be installed in:C:\Program Files\PGP.Click [Next].
Step 6 :Choose the PGP components you wish to install.
Step 7 : Click [Next]
Step 8 : The next window asks whether you have existing keyrings you wish to use. Click [No].
Step 9 : Restart computer and Click [Finish]
* Crptography is science that using mathematics to encrypt and decrypt data. It enalbe us to store private data and transmit across insecure networks.

 

Monday, July 27, 2009

Lab 2 : Authentication & Cryptography Continued...

0 comments Posted by gina at 12:31 AM

There are two type of crptography -> substitution and transportation. Substitution is use by use one letter to refer to another letter. This substitution divided by two type, monoalphabetic(use same letter for the whole message) and polyalphabetic(use different letter in whole message).While transportation is use by change the arragement of text and letter. This method can be divided by key and unkeyed..

example what i learn in class is:
1 2 3 4 5 6 7 8 9 10
1 T H E R E I S N O S
2 E C U R I T Y O N T
3 H I S E A R T H T H
4 E R E I S O N L Y O
5 P P O R T U N I T Y
Conclusion: for unkeyed single transportation can be develop into a matrix of 10(vertical) by 5(horizontal). This step can be try on keyed single transportation just by using matrix 10 but do not in sorting.

this is some terms that need to memorize such as :

  1. Vigenere Ciphers - we must know the manual polyalphabetic cipher to perform encryption
  2. Simple substitution ciphers (random) - is use for random aphabet tp improve caesar ciphers.

Other thing that i learn today is about MAC, Message Authentication Codes is key-dependent one way hash function.It accepts as input a secret key and an arbitrary-length message to be authenticated, and outputs.MAC protects both a message's data integrity as well as its authenticity.While digital signiture is use for message from particular sender and cryptography value that depends on message and sender.A digital guarantee that information has not been modified, as if it were protected by a proof seal that is broken if the content were altered.

RSA is the algorithm was publicly described in 1978 by Ron Rivest, Adi Shamir, and Leonard Adleman at MIT.The letters RSA are the initials of their surnames, listed in the same order as on the paperis an algorithm for public-key cryptography. It is the first algorithm known to be suitable for signing as well as encryption, and one of the first great advances in public key cryptography (taken from wikipedia website).


 

Wednesday, July 22, 2009

Lecture 1 (Continue ..) : Goals of IT Security

0 comments Posted by gina at 2:13 AM

What i'm understand about IT security goals is to provide strong network logon authentication and at the same time reduce the and help desk costs that are associated with supporting users who forget their passwords or who let their passwords expire.Besides that, to preventing users from downloading or from using nontrusted and nonsigned content from the Internet. Sometimes, IT security use to provide availability, integrity,confidentiality and nonrepudiation for general business e-mail messages. I will explain about availability, integrity and confidentiality after this. Let me explain about the different between NTFS and Fat32.

Fat 32 is old file system that is simple, but if need to access from DOS or win9x, this Fat32 is suitable. Is also well-documented, readable from a large number of OSs, and supported by a wide range of tools while a newer file system that is faster, safer, space efficient, feature-rich, proprietary, undocumented at the raw bytes level, and subject to change - even within Service Packs of the same OS version. To get detail, refer to this website http://cquirke.mvps.org/ntfs.htm.

The differentiate between availability, integrity,confidentiality :

CONFIDENTIALLY -
Means that, computer or asset cannot being used by other unauthorized person because it is privacy and secrecy.
Example : there are two user had been created. User1 do not have authority to see,modified or do anything to User2 folder or file.Only User2 have authority can do anything to their computer or assets.

AVAILABILITY -
Means that, user can access their own file or information anytime they want without a failure and it remains available or secure.
Example : User1 can access their own information anytime they want but User2 cannot do anything eventhough User1 had been removed or delete by administrator.

INTEGRITY -
Means that, only own user can do any changes to their data.
Example : User1 can added, deleted or updated their data. User1 can only do the task that been set by administrator.

Let me explain how to convert from FAT disk into NTFS.There are a few step :

  1. Log on Windows 2003 Server as Administrator.
  2. Click [Start] and after that Click [Run]
  3. Type cmd to open command line at type chkntfs d: Notes : You will get a message "D: is not dirty"
  4. Then type convert d: /fs:ntfs. If the drive has a volume label, enter it when prompted.
  5. Type chkntfs d : to verify that drive is now NTFS.
  6. Finish.

 

Monday, July 20, 2009

Lecture 2 : Authentication & Cryptography

0 comments Posted by gina at 3:38 AM

Some of people is very familiar with authentication, as you know it is something that verification of our identity as security to some data...Such as login for some application which we need to insert our username and password..Besides, we use smart card, passport, biometrics system, signature, retina or use voice to verification. All this kind of technique only for one purpose, protection from atacker.
Below is an example that we need to protect our password..


  1. 1st thing, do not show password to anybody. Example : cannot write password anywhere and login the password only at a secure places.
  2. Important to find a password that is easy for us to remember but difficult to guess by others.
  3. Create password more that six character(especially using combination of number and alphabets)
  4. Do not use familiar information such as names, birthday,phone number, plate numbers or family names
  5. Others

What best part of lecture today, we learned how to guess other passwords.

  • Use default passwords to guess.
  • Use short word and easy character to guess
  • Use all the words in an electronic dictionary(60,000).
  • Hm how about collect information about the user name, family names, birthday, so on.
  • Guess user’s phone number, social security number, street address.
  • Guess license plate numbers
  • Use a Key Looger or Trojan horse so we can keep track what had been type by users.
  • Lastly, tap the line between a remote user and the host system.
I'm leaning a new thing about CRYPTOGRAPHY today..

General meaning of cryptography is about how to get secret writing..It also about the plaintext and ciphertext.

The solution of RSA calculation :
Solution :
n = p x q
= 3 x 11
= 33
Ø(n)=(q-1)(p-1)
=(10)(2)
= 20
e = 7
d = e ¯¹ mod Ø(n)
= 7 ¯¹ mod 20
a = 7 , b = 20
b = x(a) + y
20= 2(7) + 6 …………………………………(1)
7 = 1(6) + 1………………………………….(2)


From (1)
1 = 7-1(6)…………………………………….(3)
From (2)
6 = 20 – 2(7)…………………………………(4)
From (3)
1 = 7-1(6)
= 7-1 [20-2(7)]
= 7 – 20 + 2(7)
= 3(7) – 20…………………………………(5)

Multiple (5) with mod 20
1 = 3(7) – 20
mod 20 = 3(7) mod 20 – 20 mod 20
mod 20 = 3(7) mod 20
1/7 mod 20 = 3 mod 20
7 ¯¹ mod 20 = 3 mod 20
d = 3

Here is example of calculation to find the plaintext:
In a public key-stream using RSA, you intercept the ciphertext c=10 sent to whose public key is e=5, n=35. What is the plaintext m?
p = 5, q = 7
n = p * q
= 5 * 7 = 35
Ø(n) =(q-1)(p-1)
=(6)(4)
=24
d = e ¯¹ mod Ø(n)
= 5 ¯¹ mod 24
a = 5 , b = 24
b = x (a) + y
24 = 4(5) + 4…………………………………………………(1)
5 = 1(4) + 1…………………………………………………(2)

From (1)
1 = 5 – 1(4)…………………………………………………..(3)
From (2)
4 = 24 – 4(5)………………………………………………...(4)
From (3)
1 = 5 -1(4)
= 5-1[24-4(5)]
= 5 – 24 + 4(5)
= 5(5) – 24…………………………………………………(5)

Multiple (5) with mod 24
1 = 5(5) – 24
mod 24 = 5(5) mod 24 – 24 mod 24
1/5 mod 24 = 5 mod 24
5 ¯¹ mod 24 = 5 mod 24
d = 5
m = Cˆd mod n
= 10ˆ5 mod 35
= 5


 

Sunday, July 19, 2009

Lecture 1 : Do you know? WhaT IT Sec??

0 comments Posted by gina at 2:13 AM




Our Lecturer :
En. Zaki


?? IT Security??
For me, IT security is about the need of information which can prevents hackers from attacking our Web site but importance thing, we must know tools such as cryptography and firewall. If we are expert in this area, it is something good because it will become as career opportunities and importance of IT security. From day to day, belong to our country, we can see the increasing demand by government and private industry.

What I’m learned ………………..
WM8S
What IT Security

protection of information, system, software, hardware ffrom danger and hacker.


Method of defense
Prevent, deter , deflect, detect, recover
Control –Encryption, software or program controls, hardware control, policies & procedure control, physical control

Security Trends
Attack Sophistication increase from year to year.
Security Area

Detection(using scanner),prevention(proxy, firewall),recovery(cryptography techniques and proper planning)

Security Architecture
defined by ITU-T Recommendation X.800 or OSI Security Architecture and developed as an international standard to structured definition of services and mechanisms.

Security Principles
Confidentially, integrity and availability


Security Policy

set of rules includes of authorization, access control policy and accountability.

Security Attacks/ Threats
Passive Attack (to obtain data that being transmitted) vs Active Attack (to obtain authorization)

Security Services

defined by X.800 and RFC 2828. Categories : Data Integrity, authentication, data confidentially, non repudiation, access control

Security Mechanisms
Any process that is designed to detect, prevent or recover from a security attack.Two classes :

 

Wednesday, July 15, 2009

Lab 1 : Virtualization & VMware

3 comments Posted by gina at 6:59 AM

By this time section, i will explain about - Virtualization & VMware -Do you know about virtualization?Let me give a litle explaination about that. Virtualization is to support an OS, instruction set and computational resources which differ from underlying software because enables much higher degree of portability and flexibility...Beside that, to give the appearence of a different paltform.Example of virtualization environment created by such software is called virtual machine.VIRTUAL MACHINE it is same as real machine, more efficient and duplicate the real machine and is created using Virtual Machine Monitor(VMM). Why we use VMM because it provides a second layer on a machine for another OS to run on it. What I can get from study this lab actually I know that VMM can reproduces everthing from the CPU installation. Let's share how to intall VMware Workstation :
  • Download VMware Workstation from http://www.vmware .com/download/ws/
  • Double click on VMware launcher to start the installation wizards
  • Click on [Next]
  • Choose Typical setup type
  • Choose location for VMware Workstation installation.Click on [Next].
  • Configure the shortcuts for VMware Workstation and Click on [Next].
  • Click on [Install]
  • Enter serial number of VMware Workstation.
  • Click [Finish] and restart the Computer.



1.Create new Virtual Machine to open the Virtual Machine wizard. Click [Next]
2.Choose the typical configuration, click [Next]
3.Choose the type of OS to be installed on the Virtual Machine.
4.Then install Windows Server 2003 to virtual machine, select [Microsoft Windows] as the guest.
5.Select Windows Server 2003 Standard Edition in version list.
6.Click [Next]
7.Name the virtual machine and specify the location where the disk image for virtual machine will be stored in the hard disk.
8.Select [Use host-only Networking], to create LAN between other virtual machine.
9.Select [Use bridged networking]. Click [Next]
10.Specify the disk capacity of the virtual machine depends on your size of PC.
11.Select [Allocate disk space now].
12.Click [Finish]Notes : Virtual Machine residing on the image that can be cloned and copy from one host to another host by simply drag and drop.

 

;;
Subscribe to: Posts (Atom)