...Unit 2 Assignment – Data Encryption Security & Lab 3.10D and Lab 3.10E Oren Shedo Kaplan University Abstract Computer key encryption is becoming popular day by day because of hackers within the online world. Hackers are cracking into peoples systems left and right for their own personal gain and gaining information that can be used for identity theft. Identity theft is one of the biggest cybercrimes out there today. There are numerous security protocols and techniques out there to secure your computer though from hackers and curious people out there in the Internet. Security protocols such as secure socket layer and transport layer security are the most popular now for securing ecommerce websites. Secure socket layer is even popular for securing peoples email system as well as sender policy framework for filtering spam mail and not cluttering your inbox with junk. Another topic that is popular these days is what type of security key should we put on our networks. This report will go through why a WPA2 type security key is vital to a network for security. Part 1 - Lab 3.10D – Using the Windows Encrypting File System (EFS) 1. 2 to 6. 7. When a networked user tried to access the encrypted test3 folder, they were given an access denied error. 9. 11. When transferring test1.txt into the test3 folder, it turned into an encrypted file. 12. 13-14. for #13, the test5.txt stayed encrypted within the test folder. 16. Operation of exporting certificate was...
Words: 1801 - Pages: 8
...Symmetric key encryption is also known as shared-key, single-key, secret-key, and private-key or one-key encryption. In this type of message encryption, both sender and receiver share the same key which is used to both encrypt and decrypt messages. Sender and receiver only have to specify the shared key in the beginning and then they can begin to encrypt and decrypt messages between them using that key. Examples include AES (Advanced Encryption Standard) and TripleDES (Data Encryption Standard). Advantages - Simple: This type of encryption is easy to carry out. All users have to do is specify and share the secret key and then begin to encrypt and decrypt messages. - Encrypt and decrypt your own files: If you use encryption for messages or files which you alone intend to access, there is no need to create different keys. Single-key encryption is best for this. - Fast: Symmetric key encryption is much faster than asymmetric key encryption. - Uses less computer resources: Single-key encryption does not require a lot of computer resources when compared to public key encryption. Disadvantages - Need for secure channel for secret key exchange: Sharing the secret key in the beginning is a problem in symmetric key encryption. It has to be exchanged in a way that ensures it remains secret. - Too many keys: A new shared key has to be generated for communication with every different party. This creates a problem with managing and ensuring the security of all these keys. - Origin...
Words: 729 - Pages: 3
...recommendations …………………………………………….. 10 High-level implementation plan ……………………………………………………….. 11 Summary of project ……………………………………………………………………. 12 Abstract The arrival of information technology some decades ago has contributed to the various developments on how information is being diffused and fluctuated among people, nations and around the world. The controversy of information “theft” and data loss has unfolded all around the world and interests on how to solve this issue are capturing the scrutiny of experts of Information Security. In the present day, with the ongoing reproduction of new invented techniques in cryptanalysis, we can acknowledge that information security is the remedy. In this paper, I propose a panacea that can be used to solve multiple issues that clinics such as New Direction can face when using online storages like Drop Box. This paper will also discuss why New Direction should begin taking action to use back up tools such as DLP on their Cloud Storage. Just like any other user using Cloud Computing, New Direction Mental Health Clinic can be at risk of losing important data, and information theft. Keeping Files Secured when using Cloud Computing at New Direction...
Words: 3536 - Pages: 15
...Security Topics * Local Security * Physical Security * Firewall * Authentication * Encryption * Wireless Security * Viruses * Physical Security video 5.01 * Lock and control access to serves * Lock server and computer cases * Use audible alarms * Create administrative alerts * Locate servers room in high traffic area * Store backup tapes in secure area * Lock users operating system * Physically destroy old hard drive Authentication Policies * CMOS passwords * Username and password * Smart card and pin * Key fob * Biometric CMOS passwords Power-on Password * Supervisor’s password * User password * Full access * Liminted access * View only access * No access * Hard Drive Password * Protects data even if HD is stolen * Password required each time the system boots Reset CMOS password * Acess CMOS settings * Reset jumper * Remove/replace CMOS battery Create strong password * Six or more chraractors * Passphrase * Upper and lower case letters * Mix in numbers and symbols * Don’t use * Consecutive letters * Consecutive numbers * Consecutive keys Kerberos * Authentication method used by windows to encrypt passwords * Passwords are case sensitive This video shows the proper way to secure servers and...
Words: 1170 - Pages: 5
...the encryption to generate unique encrypted text. B. Problem The problem with this system is that, often hackers get access to the database, and somehow the figure out the password from the database. There have been a lot of encryption algorithms till this day and each one has its rise and fall. C. Proposed Solution 1. What could be done is that the passwords or even the usernames can be rotated after some time interval so that the database at 12:00 hours is not identical to the database at 13:00 hours. There would be a program...
Words: 534 - Pages: 3
...OF CRYPTOGRAPHY Contents 1. Introduction 2. Classical Encryptions (Ancient Times) 3. Classical Encryptions (Middle Ages) The Cipher of Mary Queen of Scots Vigenère Ciphers Uesugi Cipher 3 4 6 6 6 7 4. Modern Ciphers: Ciphers during World War I and the Emergence of Encryption Machines German Communication Cables Disconnected by the United Kingdom Zimmermann Telegram ADFGVX Cipher The Birth of Enigma 8 8 8 8 9 5. Modern Ciphers: Encryptions in the Computer and Internet Era DES Cipher Public-Key Cryptosystem RSA Cipher Decrypting the DES Cipher Responsive Action of Cipher Enhancements for SSL 10 10 10 11 12 12 6. The Future of Encryption 7. Conclusion: Enhancing the Effectiveness of Encryptions used for SSL References 13 14 14 2 © 2013 Thawte, Inc. All rights reserved. Thawte, the thawte logo, and other trademarks, service marks, and designs are registered or unregistered trademarks of Thawte, Inc. and its subsidiaries and affi liates in the United States and in foreign countries. All other trademarks are property of their respective owners. 1. Introduction E ncryption and related technologies are widely and frequently used as a means of ensuring that information is secure, and their importance has been growing with the increasingly widespread utilization of the Internet. The use of encryption can be traced to as far back as about 3000 B.C., during the Babylonian Era. Encryption technologies evolved as they were used in military and political...
Words: 6411 - Pages: 26
...Assignment 1 Solution 1. Compare and contrast symmetric encryption with public-key encryption, including the strengths and weaknesses of each. Solution Scalability: with public-key encryption, multiple users can send encrypted messages to Alice using her public key and these messages can be decrypted only by Alice; thus, a linear number of publicprivate key pairs need to be established, distributed and protected to allow pairwise confidential communication between any two users; instead, symmetric encryption requires a quadratic number of secret keys. Efficiency: existing symmetric encryption methods are much faster and use much shorter keys than existing public-key encryption methods. Usability: symmetric-key encryption is easier to understand by a non-expert than public-key encryption. 2. Give an example of the false sense of security that can come from using the “security by obscurity" approach. Solution There are many examples. One possibility would be to use a weak encryption algorithm, like the Caesar cipher and try to keep secret the type of algorithm that you are using, in addition to keeping the key secret. The problem with this approach is that if someone guesses you are using such an algorithm or is able to reverse engineering your software, then they will discover your algorithm. From there it is a simple matter to break your weak encryption scheme. 3. Benny is a thief who tried to break into an Automated Teller Machine (ATM) using a screwdriver, but was only...
Words: 578 - Pages: 3
...Kudler Fine Food's Frequent Shopper Program BSA310 Kudler Fine Food's Frequent Shopper Program Kudler Fine Foods, a “fine” grocery store based in San Diego, is looking to implement a frequent shopper program. This program is to enhance their current database that tracks sales and performs low-level data analysis, the kind most current stores use to keep inventory current. The program is set to provide a more detailed analysis of shopper’s spending habits at an individual level, which brings in a number of ethical, legal, and information security concerns. This paper is to discuss these concerns, what the company can do to protect such sensitive information, and what potential legal issues that may be faced implementing this system. Ethical Concerns This, above all else, should be the first consideration when implementing a system like this. For a system like this to work, customers will have many attributes of their lives revealed through deep analysis of their spending habits. Most people will be uncomfortable with such a notion, so the program cannot be mandatory. This must be left to the customer to choose to participate or not. If customers do opt in to the program, everything the company plans to do with their info should be laid out for them to know right up front. Especially when it comes to sharing sensitive information with other companies, customers may trust Kudler, more than likely they will not trust other companies that do business with Kudler. A good way to...
Words: 968 - Pages: 4
...at a fast pace, is probably impossible. Changes are needed, and once you have achieved a certain amount of size, the sheer inertia of the installed base may make it impossible to apply fixes. The challenges for the security industry are growing. With the electronic commerce spreading over the Internet, there are issues such as nonrepudiation to be solved. Financial institutions will have both technical concerns, such as the security of a credit card number or banking information, and legal concerns for holding individuals responsible for their actions such as their purchases or sales over the Internet. Issuance and management of encryption keys for millions of users will pose a new type of challenge. While some technologies have been developed, only an industry-wide effort and cooperation can minimize risks and ensure privacy for users, data confidentiality for the financial institutions, and nonrepudiation for electronic commerce. With the continuing growth in linking individuals and businesses...
Words: 2435 - Pages: 10
...system is as soon as a customer uploads their information to make a purchase, it is immediately transferred into the system as a temporary file, at the end of each work day, we have all the temporary files transferred to our Cloud. The Cloud infrastructure allows for our company to securely share our files amongst one another, with also insuring that our information remains just that, ours. To guarantee that our Cloud isn’t hacked or if the server goes down or fails, our information isn’t lost, we have set the system to run with a Cloud Encryption Key rotation. We are using a split key encryption, meaning that I am the only one that has access to the key. No one including the government has access to this key. Be that as it may, security is always the number one priority for data so every month I change my encryption key to ensure that further security is in place. After one calendar month of information is gathered, we save all the data and transfer it using a hard disk. This hard disk is then taken by me once a month to a safety deposit box I have setup at a bank to store all the information securely. So once the information is in the Cloud, if the server fails for some reason, we will not lose...
Words: 675 - Pages: 3
... Performance analysis of Encryption/Decryption algorithms using SimpleScalar By: MANIRIHO Malachie and NIZEYIMANA Jean-Paul Supervisor: Dr.-Ing. NIYONKURU Adronis Huye, 2011 CHAPTER ONE: GENERAL INTRODUCTION 1.1. BACKGROUND TO THE STUDY There are various security measures that can be imposed in order to secure the information stored. As more and more technologies evolve, an irresponsible person may try to find a way to excavate any loopholes within the system in order to penetrate into the heart of its weaknesses. This is due to the fact that human-made designs can also be broken by another human. Thus, over time security measures must constantly be reviewed and strengthened in order to combat hackers or culprits hot on the heels of system developers who are also using high technologies. One of the means to secure the data is to apply a secret code of encryption. By having it encrypted, the sender can pass the data to the receiver and only the receiver or authorized personnel can have access to the data provided they have been given a key by the sender to decrypt it in order for them to view the information. Thus, without having the right key, nobody is able to read the encrypted data received or stored. Even if hackers or unauthorized person managed to intercept or steal the data, it would be futile because the text looks ridiculous to them. It is widely recognized that data security will play a central...
Words: 7475 - Pages: 30
...firewalls can be quite complex in their modus operandi. Where basic firewalls work on the first three or four layers of the OSI model, the more complex firewalls operate on all seven levels of the OSI model. Often times accompanying these higher end firewalls, there is what is known as a bastion. A bastion is located on the public side of the firewall and acts as bait for would be attackers. The thought behind a bastion is to get the would-be attackers to go there, thinking they have accessed the protected network. Bastions are completely unguarded to make this process easier. Another method of making a WLAN secure is to encrypt data that is on the network. If this is done, the users will authenticated, which will yet again further strengthen the WLAN. For this it is recommended to utilize either WPA or WPA 2 wireless encryption. In conjunction to the encryption, use VLAN or MAC address control lists, to further increase the level of difficulty for the hackers. If the security needs of an organization are such that they require these measures in their security plan, then it is almost certain that all communications, e-mails, files copied, files altered, files downloaded, and files accessed are recorded. Another...
Words: 504 - Pages: 3
...audit the firewall to make sure everything works properly. Once everything is checked on and I have finished making sure it is running smooth I will have an ongoing maintenance. This ongoing maintenance will detect anything suspicious and any intrusions. A method of encrypting alphabetic: P mxlfop sy lbffdtgkee pexugbpipc. Using Vigenere Cipher I was able to come up with this Cipher. I used http://rumkin.com/tools/cipher/vigenere-autokey.php# an online cipher to help with this Cipher, using the alphabet key A and the passphrase Patsy. I believe this a very secure cipher due to the fact that there can be up to 26 different cipher alphabets. When securing the network that I have chosen I need an antivirus application, firewall, and encryption. The Antivirus is used, just as the name insists, to detect virus before they enter your computer. There can be many threats to a WAN network, just as any other network. Businesses should take all the necessary precautions to make sure that their network is secure and protected. Physical forms of a WAN can include authentication on servers,...
Words: 1001 - Pages: 5
...ICT-457 Network Security Sum-2013 HW-9 1. Provide the name of a link to 2 publicly available encryption software tools. http://export.stanford.edu/encrypt_ear.html https://www.cryptanium.com/?gclid=CLbz5Z7KlbgCFcU5QgodrC0APg 2. Explain the difference between symmetric and asymmetric key cryptography. Provide an example where each is used. Pg. 282/283. Those that use the same key to encrypt and decrypt are private (symmetric) key ciphers. Those that use different keys to encrypt and decrypt are public (asymmetric) key ciphers. Symmetric key cryptography cannot secure correspondence until after the two parties exchange keys. Asymmetric key cryptography uses a cipher with two separate keys. One is for encryption and one for decryption. Correspondents do not first have to exchange secret information to communicate securely. With asymmetric key cryptography, an opponent can intercept everything and still not be able to decipher the message. 3. Explain why having an entity’s public key alone does not allow someone to decrypt a message. Pg. 288. Because it is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates. 4. Does a hash function ensure integrity or privacy? Explain your answer. Pg.309/310. Hash functions help to detect forgeries. They compute a checksum of a message and then combine it with a cryptographic function so that the result...
Words: 363 - Pages: 2
...1. Traditional encryption methods use the single key. Modern encryption methods use public key and private key. The public key is used to encrypt and a private key is used to decrypt. The only people who can open the file are the owner, user with the private key, and recovery agent. Once you go to the file right click then click the properties button. Once you click the properties button click the advanced button then select encrypt contents to secure data. Once you have done this the file name should turn a different color. * Public key- is used to encrypt * Private key- is used to decrypt 2. Windows firewall can block ports and IP addresses. You can access this information through the control panel, system tray, windows firewall utility, or my network places * Firewall- is a security device in the computer where you can change settings like outside networks using your modem to get internet and to prevent someone from hacking in your computer to see your information. * Where to configure settings for the firewall- control panel, system tray, or network places. 3. When two wireless devices communicate directly with each-other they use the Ad Hoc mode. Most wireless networks use what’s called wireless access point (WAP). The WAP creates a hot spot so other wireless devices can connect to it unless the firewall is setup so other devices can’t connect to it. The service set identifier (SSID) it sets broadcast presence to any wireless devices that might...
Words: 410 - Pages: 2
