Computer - Center for Information Assurance Research and Education

advertisement
Cryptography
Survey Results
- More than 50% students or someone they know
purchase goods, use banking, access or give out
personal information online
- 79% students use social networking website such as
MySpace and Facebook
- More than 50% students spend more than 2 hours
everyday in the internet
- 85% students agree that internet security is concern of
EVERYONE
Video
- Sheldon's World of Warcraft character hacked
-
http://gawker.com/5788015/sheldons-world-of-warcraft-character-hacked-on-thebig-bang-theory
Security Threats
Recent News
- Credit Card Breach at Home Depot and Target
- Identity theft
- Big Data
Encryption Terminology
Encrypt - en·crypt (n-kr pt) tr.v. en·crypt·ed, en·crypt·ing, en·crypts.
1. To put into code or cipher.
2. Computer Science To alter (a file, for example) using a secret.
Code - symbol or signal used to represent or communicate
something-else
Cryptosystem - consists of three algorithms
Key Generation
Encryption
Decryption
Encryption -Terminolgy
• Cipher or Cypher- any
method of transforming a
message to conceal its
meaning.
– ciphertext or cryptogram
is the encrypted form of
the message.
– Plain or clear text refers
to either unencrypted
text or successfully
decrypted text.
• Key – used to decrypt or
de-cypher the encrypted
message.
Encryption
Methods
• Bit stream
• Block ciphering
• Symmetric
• Asmmetric
• Hybrid - In practice
Ciphers
•
•
•
•
•
Substitution ciphers
Transposition ciphers
XOR function
Veignere cipher
Vernam cipher
Uses in History
Hashing
Hashing is the transformation of a string of characters into a usually shorter
fixed-length value or key that represents the original string.
Demo - HashCalc
HashCal- compute
multiple hashes,
checksums and
HMACs for files, text
and hex strings
Cipher Wheel
• Spies Like Us - Decipher it
• LA Noir - The Secret
Message
• Ceasar’s Cipher.
Substitution Cipher created
by Julius Ceasar. Also
known as a shift Cipher
ACTIVITY:
Let’s make a
code wheel!
Demo-Cipher Wheel
Encode
H=Q
we are cool spies
cipher is fun
Decode
I=L
PHHW PH DW QRRQ
DOEXTXHUTXH ERWDQLFDO
JDUGHQ
NSA - CRYPTOKIDS AMERICA’S FUTURE CODEBREAKERS
More Resources
PBS: How Enigma Works:
•
www.pbs.org/wgbh/nova/military/how-enigma-works.html
Cryptology - Purdue:
•
http://www.cerias.purdue.edu/education/k12/teaching_resources/lessons_presentations/cryptology.html
Crypto Museum:
•
http://www.cryptomuseum.com/crypto/enigma/
NSA- CryptoKids America
• https://www.nsa.gov/kids/home.shtml
The NSA/CSS core missions are to protect U.S. national security systems and to
produce foreign signals intelligence information.
Applications
• Digital Certificates:
certifies the ownership of
a public key by the
named subject of the
certificate.
• Main providers:
Symantec (VeriSign),
Comodo SSL, Go Daddy,
GlobalSign
Issues with Digitial Certificate
• In 2010, VeriSign is
hacked
• Comodo is hacked
in 2009 and 2011
• Hackers issued
digitial certificates to
one or more
unauthorized parties
Applications (cont.)
• Digital Signatures
Applications (cont.)
• Passwords
IA Program at UNM
• http://ia.unm.edu
• Information Systems (IS) is a discipline that bridges
business and computer science.
• IS professionals contribute to organizations in many
ways including:
– Planning an organization's technology-related strategy and
infrastructure
– Acquiring, developing, and managing computer hardware,
networks, software, and related services
– Developing and managing an organization's databases
– Analyzing data to improve an organization's marketing,
operations, and strategic planning
MS-ISA Program
• Targeted at students with an undergraduate degree in one of the following
fields:
– Accounting
– Computer science (CS) or computer-related engineering
– Information systems (IS) or information technology (IT)
• Areas of Study
– Cybersecurity and information assurance
– Data analytics (Big data)
– Database management and data warehousing
– Fraud, white collar crime and digital & financial forensics
– Information system acquisition, development, and management
– System & network administration and security
Why choose IA at UNM
• Information Assurance Program at UNM Anderson
• An AACSB accredited program
• A designation from the National Security Agency (NSA) and the Department
of Homeland Security (DHS) as a center of academic excellence in IA
education and research A partnership with the FBI and its Regional
Computer Forensics Lab (RCFLA designation from the National Security
Agency (NSA) and the Department of Homeland Security (DHS) as a center
of academic excellence in IA education and research A partnership with the
FBI and its Regional Computer Forensics Lab (RCFL), housed at UNM,
through training, and student internships and co-ops.
• A partnership with the Department of Energy's first satellite office for the
Center for Cyber Defenders through Sandia National Laboratories.
• The Metro Law Enforcement Internship program
Scholarship Program
• UNM Information Assurance Scholarship for Service
Program
• Pursue a Master's degree in Information Assurance at UNM.
• Scholarship pays all costs for three semesters: $2000 per
month stipend, all tuition & fees, book allowance, travel
allowance.
• Customize the degree program to your background and
career goals: computer & network security, computer
forensics, white collar crime, auditing, and compliance.
• Complete a summer internship with a Federal agency in
Washington, D.C.
What you can do while in school
• Competitions: National Collegiate Cyber
Defense Competition (CCDC) and
Computer and Network Vulnerability
Assessment Simulation (CANVAS)
• Get involved with student organization Network Exploitation Security Team
(NEST)
Career Path
•
Work for government
–
–
–
–
–
Department of Defense
National Security Agency
Department of Commerce
Department of Energy
Department of Homeland Security
•
Jobs’ titles
– Computer Security Specialist
– Database Administrators
– Computer and Information
Scientists
– Computer Support Specialists
– Network Systems and Data
Communications Analysts
– The Computer Systems
Administrator
– Computer and Information
Systems Managers
– Management Information Systems
Directors
– Project Managers
– Local Area Network and Wide
Area Network Managers
Questions?
Spies Like Us
Download