Transcript File
Team 6 Decrypting Encryption Jeffrey Vordick, Charles Sheefel, and Shyam Rasaily Encryption Encryption Encryption (!@#$%^&) • Convert data into scramble data (cipher text) • Information privacy Assurances • Data not modified • Viewed by intended recipient • Received at intended destination Key Encryption Key Encryption Key Encryption • Random string of character Private and Public Key Encryption Private Key Encryption Private Key Encryption Private Key Yo Alice BOB Yo Alice #dasf ^&* #dasf ^&* Encrypt Decrypt Private Key Private Key ALICE Public Key Encryption Public Key Encryption Use two Keys • Private key • Public Key Public Key Encryption Public Key Encryption Public Key Yo Alice BOB Yo Alice #dasf ^&* #dasf ^&* Encrypt Decrypt Public Key Private Key ALICE PGP (Pretty Good Privacy) Pretty Good Privacy Raw file Sign file Decrypt with file with private private key key Encrypt Verify file with public signature key with public key Encrypted and signed file Email SSL (Secure Sockets Layer) Secure Socket Layer SSH (Secure Shell) Secure Shell • Commonly used for remote access like VPN Public keys are placed on the computers that should allow access. (So its more like a lock) Private key allows access to computers locked with the public keys SCP (Secure CoPy) & SFTP (Secure File Transfer Protocol) SCP • • • • (Secure CoPy) Extension of OpenSSH Replaces insecure FTP Uses TCP Port 22 Included on UNIX, Linux, and Macintosh OS X operating systems Below is a conversion between lsu’s server and my MAC Charless-MacBook-Pro:~ csheefel3$ scp [email protected]:geog2250 test The authenticity of host 'lsu.edu (130.39.253.217)' can't be established. RSA key fingerprint is 52:fd:fa:74:40:a7:c4:03:8f:04:7b:78:c8:ea:e8:68. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'lsu.edu,130.39.253.217' (RSA) to the list of known hosts. \033[H\033[2J NOTICE: This is the Louisiana State University computer system, which may be accessed and used only by authorized persons. LSU reserves the right to review and/or monitor system transactions for compliance with its policies and/or applicable law. Upon reasonable cause, LSU may disclose such transactions to authorized persons for official purposes, including criminal and other investigations, and permit the monitoring of system transactions by law enforcement agencies. Access or use of this computer system by any person, whether authorized or unauthorized, constitutes consent to these terms. [email protected]'s password: SCP • • • (Secure CoPy) Using SCP Ideal for quick transfer of single files. Syntax is similar to the Unix copy command. For demonstration purposes, we'll use two computers (Kari’s desktop and CEBALab001) with the usernames Kari and kwalters scp path/to/file [email protected]:path/to/destination If Kari wanted to transfer the a file called example.txt from Kari’s home directory on Kari’s desktop to Kari’s home directory on CEBALab001, the command might look like this: scp /home/Kari/example.txt [email protected]:/home/kwalters/ If Kari wanted to transfer a file from CEBALab001 to Kari’s desktop, she could type something like this: scp [email protected]:/home/kwalters/example.txt /home/Kari/ If Kari needed to copy an entire directory, Kari would need to use the recursive flag, like this: scp -r Karidirectory [email protected]:/home/kwalters/ SFTP • • • • • • • (Secure File Transfer Protocol) Uses Propriety SSH Connects like FTP Not as widely supported Five main commands: ls, get, put, cd, and lcd. Designed by IETF Used to transport multiple files Latest Version 6* IPSec (Internet Protocol Security) IPSec • • • • • • (Internet Protocol Security) Operates at Network Layer Adds information to headers of IP packets Designed by IETF Works on any TCP/IP Transmission Native IPv6 Standard Authentication 1. Phase 1 Key Management: IKE on port 500 2. Phase 2 Encryption: AH and ESP IPSec (Internet Protocol Security) VPN concentrator • Establish VPN Connection • Authenticates VPN Clients • Location: edge of private network IPSec (Internet Protocol Security) • Modes 1. Transport Mode- Encapsulated Header Intact 2. Tunnel Mode – New Encapsulated Header Any Questions?