New User Special Price Expires in

Let's log you in.

Sign in with Facebook


Don't have a StudySoup account? Create one here!


Create a StudySoup account

Be part of our community, it's free to join!

Sign up with Facebook


Create your account
By creating an account you agree to StudySoup's terms and conditions and privacy policy

Already have a StudySoup account? Login here

Topics in Computer Science

by: Laurianne Mante

Topics in Computer Science CSCI 379

Marketplace > Bucknell University > ComputerScienence > CSCI 379 > Topics in Computer Science
Laurianne Mante

GPA 3.54


Almost Ready


These notes were just uploaded, and will be ready to view shortly.

Purchase these notes here, or revisit this page.

Either way, we'll remind you when they're ready :)

Preview These Notes for FREE

Get a free preview of these Notes, just enter your email below.

Unlock Preview
Unlock Preview

Preview these materials now for free

Why put in your email? Get access to more of this material and other relevant free materials for your school

View Preview

About this Document

Class Notes
25 ?




Popular in Course

Popular in ComputerScienence

This 64 page Class Notes was uploaded by Laurianne Mante on Saturday October 3, 2015. The Class Notes belongs to CSCI 379 at Bucknell University taught by Staff in Fall. Since its upload, it has received 72 views. For similar materials see /class/218092/csci-379-bucknell-university in ComputerScienence at Bucknell University.

Popular in ComputerScienence


Reviews for Topics in Computer Science


Report this Material


What is Karma?


Karma is the currency of StudySoup.

You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!

Date Created: 10/03/15
7 KNEISL UNIVERSITY omputer clence CSC1379 Topics in Computer Science Fundamentals of Computer Security More Classtcal Ctphers cscx m Fundamemab a mmputersecumy aam mm a Attacks on Cryptosystems Ciphertext Only Attack ChosenPlaintext Attack KnownPlaintext Attack Rubberhose Attack 0901 2004 CSCI 379 Fundamentals of Computer Security Cryptanalysis The science of recovering the plaintext of a message without knowledge of the encryption key Successful cryptanalysis may result in the recovery of a message or an encryption key Definition Compromise is the disclosure of a key without the use of any cryptanalysis Definition An attack on a cryptosystem is an attempt to recover plaintext or key from a collection of enciphered messages Kerchoffs Principle Secrecy must rely on the encryption key the attacker may more easily obtain detailed information on algorithms than key values 0901 2004 CSCI 379 Fundamentals of Computer Security CiphertextOnly Attack by Frequency Analysis OH i i i i i ura 0 E m 005 u n u 7 7 gt m 006 m c 004 002 7 U i i t 1 1L 0 5 to 15 20 25 Le et 0 4 n l l x l I Hz or 5 i 008 i a m m gt 7 m 006 m a 004 002 W7 0 i y y o 5 l0 l5 20 25 Letter l English Language l Affine Cipher 09012004 km11a5 CSCI 379 Fundamentals of Computer Security Limitations of Frequency Analysis lVlr Zoliparia laffs Whare did u get yoor litl pal he askz She crold out thi woodwurk l sez n he laffs ageh an lm evih moar embrasd h ettihg wite swety how Dat dahh ahtl lVlakih a full ov me N makih mah fais awl beeg an bloted in dat bust shees wukih on how h stew not going bak in hir box Ither This is a slightly modified passage from Feersum Endinn by Iain M Banks Is it possible to write mangled but understandable English or any other language and purposefully alter the relative frequencies of individual characters and perhaps even of digrams trigrams etc Is it possible to write large chunks of text avoiding one specific letter Ultimately what we are asking ourselves is can we create plaintext that distorts the language signature so much that it makes ciphertext frequency analysis hard Does frequency analysis work on short texts How large do texts need to be for it to work well 0901 2004 CSCI 379 Fundamentals of Computer Security Relative frequency Homophonic Substitution Cipher Use a larger ciphertext alphabet Then to each plaintext letter map a number of ciphertext symbols that is proportional to the relative frequency of 39 the original letter in the language of the plaintext h For instance A represented by 8 symbols The goal is to create a cipher more resistant to frequency analysis by equalizing relative frequencies Question How does one break this cipher 09012004 CSCI 379 Fundamentals of Computer Security 6 Secret Writing CodesE Steganogr p Cipher EM Public Kjgiey Symmetric Unkeyedg mquot Wham W15quot v w HM Transpo 39 Exam 1 mum 1 onoalphaetlc m Plafir I I MINER l I I Additi Multiplica Affingandg MultilitEHomopthnic 09012004 CSCI 379 Fundamentals of Computer Security7 09012004 Polyalphabetic Ciphers CSCI 379 Fundamentals of Computer Security The Vigenere Cipher Key king PLAINTEXT HERE BE DRAGONS kingkin HEREBE xweyrwaqybhi ciphertext xwey rw qlqybhi U 330 gt2 0 O ZCQ U Each character from the plaintext is enciphered using a different alphabet which is determined by the corresponding character in the key This is a polyalphabetic cipher POSSIBLE KEY VALUES WEAK KEYS 0901 2004 CSCI 379 Fundamentals of Computer Security mmqu Breaking Vigenere Frequency Analysis a can mmqu a t5 20 25 a 5 in t5 20 25 09012004 Ideally a cipher would completely flatten the single letter frequencies bars The Vigenere cipher doesn t quite meet this goal but it does a betterjob than other ciphers we ve seen Now what CSCI 379 Fundamentals of Computer Security 10 Breaking Vigen re plz Pr nding symbol a in ciphertext Ideally pa 0038 1 2 pa g deviation from the probability of selecting letter afrom a smooth text z 2 1 Z pa g measure of roughnessquot 712 0038 09012004 CSCI 379 Fundamentals of Computer Security 11 Breaking Vigenere 712 Prselecting ain ciphenextm Prselecting ain ciphenextn 1 fa number of ocurrences of win ciphenext pa Q n 1 p a fa n n 1 We can now define an Index of Coincidence a metric that tells us the probability that two letters randomly chosen from a text are identical Z m 1 IC a nn 1 09012004 CSCI 379 Fundamentals of Computer Security 12 Breaking Vigenere Key length 0 The Friedman Test 1 0066 Z 1 2 00520 C DH f f 3 00473 quotn 1 4 00450 5 00436 For a monoalphabetic cipher IC 0066 6 00427 Given a ciphertext compute its IC If it is 7 00420 near 0066 the cipher is probably 8 00415 monoalphabetic If it is much smaller than 9 O 0411 0066 the cipher is probably 39I 39 39 39 39 10 00408 From the IC you can also determine the 11 00405 length of the key word Another helpful tool in this test is the Kasiski test 12 00403 09012004 CSCI 379 Fundamentals of Computer Security Breaking Vigenere N 0 5 Find groups of symbols that appear repeatedly in the h rtext cip e Count the number of symbols between the repetitions you re computing the distance between repetitions Find the prime factors of the numbers discovered above The most common factor is likely to be the length of the keyword 09012004 CSCI 379 Fundamentals of Computer Security The Vigen re Tableau C IWID39UOZEFXL IOTIITIUOWgt Y Z 0901 2004 CSCI 379 Fundamentals of Computer Security Vigenere as a Stream Cipher practicatty Stnce humans began h t t Wrtttng they clp er ex have been V39genere Wrtttng in 0d I Tableau and Ciphers have yactcarp emkrwrasfgh decided the fates of empires P39a39mequott 5 Think of the plaintext as a stream E of characters Now instead of g repeatedly using the same key 3 value use a key stream an 39 array of characters as long as the d hwtrtqwqq m plaintext Encipher each OPPQJ qetimaqcx character from the plaintext using nhior cqaghtkpt rr hudaioextgrt the VIgnere tableau With the ewcktpoaseidqqt yredmmeukdw corresponding character In the key stream key stream 09012004 CSCI 379 Fundamentals of Computer Security 15 The Autokey Cipher practtcaHy s humans beg me an Wrmng they ciphertext have been V39genere Wrmng h I Tableau and cmhers have yacttcarp emkrwrasfgh dectded the tates of emptres plaintext 339 J E 6 3 r9ya flags Wave key stream starts off with a k39quot s We sequence of etters a key practtcaHy smce V n vatue used to pnme the key Wrmng they stream have eeh WHUH m C y and ctphers have dectded the tates of emptres 09012004 CSCI 379 Fundamentals of Computer Security 17 One Time Pads practically since humans began decided the fates ciphertext pk 26 yllacitcarp emkrwrasfgh of empires U P39a39mext a If each message Is encrypted E with a key stream built as a 3g nonrepeating set of truly random 3 letters that is used only once we 39 have a perfect encryption dtghwirtqwqqxcm scheme loppgllqerlimaqcx xnhlorxcqaghikpl ewezigsoiseiiiqt Ques 0 ft the perfect Yquot W Je W cryptosyste why Isn t it use key stream 09012004 CSCI 379 Fundamentals of Computer Security 18 09012004 Transposition Ciphers CSCI 379 Fundamentals of Computer Security A Simple Transposition Cipher 4 The key information for enciphering and deciphering is number of rows number of columns write in order take off order take off rows DUIb03me 09012004 I I I I I V V V V V write in columns CSCI 379 Fundamentals of Computer Security 20 20 A Simple Transposition Cipher PLAINTEXT Questions 1 Can frequency analysis help one break a transposition cipher 2 What is the effect of transposition on the encipherment 0901 2004 CSCI 379 Fundamentals of Computer Security 21 Transposition as a Block Cipher plaintext cipher text nrtawii ntehghya 8Ietter blocks quot 39 transposi ion oencdadi vbeweenr 8Ietter blocks eeiedcdd quot 5 m 1 5 m 539 31 m m m 3 O m 539 V39 I 0 a 3 0 mm lt E o m 2 i m 09012004 CSCI 379 Fundamentals of Computer Security 22 22 09012004 Polygraphic Ciphers CSCI 379 Fundamentals of Computer Security 23 The Playfair Cipher Sir Charles Wheatstone 1854 First step Condition the text by replacing all of with Second step Divide the plaintext into pairs Where there are double letters separate them with an Add a Z to the final text if the last 0mm group has a single letter Example LORD GRANVILLEquot becomes lord gr an vi lx le sl et te rzquot lt3CT 39C XXQH39 Third step Encipher the plaintext one pair at a time If the two letters are in the same row or ltQ quotOB NCCQDCD Key palmerston 09012004 column replace them by the succeeding letters AMquot becomes le If the two letters stand at the corners of a rectangle in the table replace them with the letters at the other two corners LO becomes mtquot CSCI 379 Fundamentals of Computer Security 24 24 EISL UNIVERSITY omputer aence CSC1379 Topics in Computer Science Fundamentals of Computer Security Modern Cryptography The Data Encryption Standard cam2mm 050mg Fundamentatsot mpmerwunty Algorithms and Keys PublicKey Algorithms kprivategt Where kpublic i kprivate39 key ltk pubhc I The key used for encryption is different from the key used for decryption Ekpublzc C Ekmm C Dk M kaublzc M private 09132004 CSCI 379 Fundamentals of Computer Security 2 Algorithms and Keys Symmetric Algorithms EkMC DkCM The same key is used both for encryption and decryption i Block cipher Stream cipher i i one mock one mock piaimexr stream ciphertexl stream 3 1 i 3 0101111111011100 Piaimexl cipherte quotquot quot W 0 i wooooowooown 11111000101011101 i 1 Key Keystream i i i 09132004 CSCI 379 Fundamentals of Computer Security 3 09132004 Block Cipher Modes CSCI 379 Fundamentals of Computer Security Using Block Ciphers Padding If the plaintext length is not an exact multiple of the block size the plaintext needs to be padded Padding must be reversible An erroneous padding must be treated as an authentication failure Let lP be the length of the plaintext in bytes Use one of the two following schemes 1 Append a single byte with value 128 then as many 0 bytes to make lP a multiple of the block size I 2 Let n be the number of padding bytes required Pad Pwith n bytes each with value n Calculate n so that it satisfies n lP k b for someinteger k linib 09132004 CSCI 379 Fundamentals of Computer Security Electronic Code Boo plaintext message l l l l l l l l l IP1le PelP4lP5lPslP7lPslP9l 5 it Li pixel la la K 1 l l l l l l l l l01l02l03l04lCalcslcylcslcgl l l l l l l l l l If any two Iblamdnare identical the coqaemsipwai l ding also be identical one can learn the key from K ECB the repeated blocks The blocks can be rearranged or tampered w ith 09132004 CSCI 379 Fundamentals of Computer Securitys Cipher Block Chaining CBC If aii messages were to use the same IV someone couid figure out facts about tne messages being encrypted If IV is chosen randomiy then even if tne same message is repeatediy encrypted their corresponding cipnertext wiii be different each time The message may stiii be modified in transit the effect may be obvious to numan eyes but nard to spot by a program 09132004 CSCI 379 Fundamentals of Computer Security Cipher Block Chaining CBC Ci EKB 9 CH for i 1k Each biock of piaintext is randomized according to the previous ciphertext biock Identicai piaintext biocks wiii most iikeiy encrypt to different ciphertext biocks How do you choose Cu the initiaiization vector Two different messages starting with the same biock yieid ciphertexts that start with the same biock this opens a breach for attackers Possibie soiutions Use a message counter 2 Use a random number Ca and mb1 k Val CLEKPLCH fori1k 3 Use a nance Each message is given a nonce a unique number used on iy once You have to be carefui never to use the same nonce twice with the same key Each message Pis assigned a number counter that does not wrap around This number is used to construct a nonce unique in the whoie system The nonce has the size of a biock and is next encrypted with Kproducing Cu Send the message number in front of the ciphertext so that the receiver can reconstruct the nonce The receiver must accept any one message number oniy once 09132004 CSCI 379 Fundamentals of Computer Security Output Feedback Mode OFB This is a stream cipher the message is XORed with the onetime pad generated by OFB KO IV Ki EKKH fori 1k QB K The IV can be chosen randomly and sent with cipheitext or it can be generated from a nonce There is no need for padding you only send as many cipheitext bytes as there are plaintext bytes The secrecy relies on the onetime pad really being used only oncel If a lot of data is encrypted it is possible that a sequence of key blocks could start repeating 09132004 CSCI 379 Fundamentals of Computer Security Counter Mode CTR K gtE K gtE K gtE This is also a stream cipher The key stream is generated very simply using the IV as a starting point and adding to it a counter value which gt gt represents the number of blocks processed Ki 2 EKNonce lli for i 1k Ci 2 EB Ki 09132004 CSC379 Fundamentals of Computer Security 10 The Data Encryption Standard 09132004 CSCI 379 Fundamentals of Computer Security 11 Feistel Ciphers Harst Feistel 1950519605 The symbol means bitwise XOR Functions f1 f2 f are called round mctions Right half Notation for Feistel ciphers example on the left Wf g iIf1 f2 f3 successive round functions Decryption of Feistel ciphers 171Jflff2 yquot 7fnilffn llfn7fn717quot397f37f27f1 The round functions do not have to be invertible fewer constraints on how to achieve good diffusion and confusion leads to smaller code size faster implementation in software fewer gates in hardware etc 12 09132004 CSCI 379 Fundamentals of Computer Security The DES Algorithm 5513 key 64bit block plaintext l quot3 Each 64bit block of plaintext does throuqh rou d 1 mi An initial permutation l mi 16 rounds of substitution and round 4 transposition OFerations influenced by a midi 48bitsubkey or each round which ls l derived from the 56bit DES key mun5d15 A final permutation Fl 64bit block ciphertext 09132004 CSCI 379 Fundamentals of Computer Security 13 DES is a Feistel Cipher Encryption Take each block and divide into two halves L and R Each round consists of computing the XOR of L with FKFl for some function F and round Key K and then swapping L and R Decryption Swap L and Fl then XOR L with FKI39R Single DES Round K 09132004 CSCI 379 Fundamentals of Computer Security 14 A DES Round Consider a C implementation Question How do you perform bitwise operations y39 Question How do you split a 64 bit value into two 32bit values Question How do you permute the bits in a variable 64bit output 09132004 CSCI 379 Fundamentals of Computer Security 15 bits 091 32 004 DES S boxes Sboxes perform substitution operations There are 8 different S boxes Each S box takes 6 input bits and produces 4 output mm mm mm in WWW m i own m 5 summon operandquot 2 him a Bits 1 6 are the input to S box 1 Bits 7 12 are the input to S box 2 etc CSCI 379 Fundamenlals oi Compuer Seourlly 16 DES Sbox Operation Each Sbox contalns 4 rows and 18 columns of entrles 0 Example 7 Srbox1 o The rst and last of the 8 Input blts to an blnary num er that speel es one of the4 r 00 for the zeroth row 01 for the rst row 10 for the second row and 11 r the thtrd row Srbox form a twordlglt rows 0 h I dle four Input blts form a fourrdlglt blnary number that speelfles one of the 18 columns 7 0000 for the zeroth 0010mm 0001 for the rst 001mm and 1111 for the 15th 0010mm 09132004 1801379 Fundamentats 01 Computer Sammy DES Sbox Operation The entry found at the intersection of the specified row and column isthe fourdigit binary output for the S box Examples using S box 1 011010 input ow 0 column 13 110010 input row 2 column 9 12 1100 output 000011 input row 1 column 1 15 1111 output cane2mm csci m Fundamentals 01 Compmerseourny 1001 output DES The S boxes sham Sims mumquot2munum n mswmwx mum1mmmumsmmmu u u u lswmnmuppmqmu uyamx 14 11 2 12 1 u l S H Is nv s sx x n m1wMuwzhmamm ma m s n J z l ll m u 7 8 IG U L quotMu n psm xpmg 1mammm nwm mmum M2pmmmu mms m bax2 Shuxs 5 I X H nv n s Mo z m u u xu 2 Mm ls sv2MumaAh s n MMJ7172xu12u1m n u u a lU m J z umhMMm n rx u g x u u u w u 3 x xz mum mumst nnwummmuh mmmmvpm 2umqmmmumu mamumsmummmumm Shux Sbux7 u H a u n u uv JHMS AIMQMMM mmmmmn u Mu G u n Mx mm m H mmms mp 7 u 1 7 u 1 w39 u 09132004 CSCI 379 Fundamenlals of Compuer Securlly 19 DES Sbox Operation Example he 48bit result of the XOR operallon r 110011111011001001001011100101110100010001001001 new mom comm ovum wmm 110100 010001 comm MMMMM um um mm 0011 nu mm mm mm o The 32bit result of the Srbox subslllullons r 10110101001111111100010011101010 mam2mm 0301 m Fundamema s 01 CompumrSWrny DES Pbox r The 327m ompm oT the Srboxes Ts passed through a Pbox r The Pbox permmes the bus WHO 2 new order 167201L291125 5 2 Tune 17II 15u1432273919133ns22nt 25 e The hm ompm m VON he 5 boxes Ts moved WHO posnoh Te 7 The seoond m s moved WHO posnoh 7 e The tmrd M s moved WHO posmoh 20 e The Way seoond m s moved WHO posnoh 25 cam20m osoT 379 Fumanenu s atcamey Sammy 2 DES Second XOR Operation The 32b391t output of the Pbox 3915 XORed w391th the left half of the ortg39thal 64b391t thput block 7 OulpuHrom Prbox his 10001101110101100101011001011111 r Letl haquot 01 Inpul bloc 2 his 1100010101110100011100011001101 00171101nownoowwlmmonnl XOR nwommon omnuoonnnnm anonnononooononIolomoow The 32b391t output of the XOR operation 7 01101111011011000110111010010010 nah mum 0501379 Fundamentats 01 Computer Seotmty DES Decryption The same algorithm and key is used for decryption The subkeys are applied in the opposite order Subkey 16 is used during the first round of decryption Subkey 15 is used during the second round of decryption Subkey1 is used during the 16th round of decryption 09132004 CSCI 379 Fundamentals of Computer Security 23 23 Multiple Encryption With DES 3DES Define two key values K1 and K2 Each block is encrypted as thesecond pass encrypts with decryption K1 K2 Kl l l l m E D E 0 See Kaufman 2002 if you want to understand Decryption does the reverse whythe 3rdtime isthe T E K charm c gtD gtE gtD gtm Note that encrypting twice with the same key is not much more than a single encryption exhaustive earc 39 L L of keys t 39 39 L y has to be tested twice but that isn39t a big deal Also encrypting twice with two keys is not as strong as encrypting once with a key twice as long There exists a possible attack that breaks doubleencryption DES in roughly twice the time for a bruteforce attack on singleencryption DES 09132004 CSCI 379 Fundamentals of Computer Security 24 DES Summary DES is still a widely used cryptosystem Increased computing power has weakened the protection offered by DES considerably 1998 the Electronic Frontier Foundation builds a 220000 specialpurpose machine that could recover the key for a message encrypted with DES in about four days DES helped to focus and unify the public cryptographic research community NIST s 1998 call for an Advanced Encryption Standard to replace DES produced 15 promising candidate algorithms from researchers all over the world 09132004 CSCI 379 Fundamentals of Computer Security 25 25 References In print Fundamentals of Secure Computer Systems Brett Tjaden Franklin Beedle amp Associates 2003 Security Engineering Ross Anderson Wiley 2001 Applied Cryptography Bruce Schneier Wiley 1996 Practical Cryptography Bruce Schneier and Neils Ferguson Wiley 2002 The Code Book Simon Singh Online httpwwwwiretappnet 09132004 CSCI 379 Fundamentals of Computer Security 25 26 emi wg eeygIVERSITY CSCI 379 Topics in Computer Science Fundamentals of Computer Security Writing Secure Code aazuzaao csci 379 Fundamentais oi Computer Security 1 Guiding Principlesf Software Security 1 2 3 4 5 6 7 8 9 1 Secure the weakest link Practice defense in depth Fail securely Followthe principle of lea Compartimentalize Keep it simple Promote privacy st Rememberthat hiding secre Be reluctant to trust 0 Use your community resourc 09242004 CSC379 Fundamentals of Computer Security 2 privilege ts is hard es Executing External Pr ex ex ex ex ex ex ex ec ec ec ec ec ec ec 09242004 l l 39 4 Be careful with what you a Understand how each of these systems 0 e P P CSC379 Fundamentals of Computer Security 3 ograms gtkfor allwork Dealing with Core Dump Say your program crashes Whatdaestie operating system do in that event Does this action putthe security of your program or worse that of your compattleirs2kWhat can you do to ensure that things won t go awry OnUnix setrlimit 09242004 CSC379 Fundamentals ofComputerSecurity 4 Permissions on New Files on Unix When your program runs More tes how will access permissions be set Do you want to explicitly control that o shOle you just not worry and be happy umask ooo octaldigits The value ofthe umask digits are subtracted from the permissions ofthe newfile Whatdnos kaocmmplish ifthe file would normally be created with permissions 777 There are two different kinds of umask comman 5 one is a system program the other is a shell builtin 09242004 CSC379 Fundamentals ofComputerSecurity 5 Temporary Files th Id Say you need to create a temporaryfile sensitive data In what directory shou What name do you give to it OnUnix mkstemp Do you wantto leavethisfile around ifyoierrogra 09242004 CSC379 Fundamentals ofComputerSecurity 5 atwill contain you store it m crashes Input Validation lfdatacomesintoyourappHcaHo potenHalforarnchioususerto makestheprogramamabhmave n I Afew rules ofthumb 1 Trust no one All input is guilty until proven otherwis 2 3 Beware of special commands characters and quoti Example client feeds server an email address serve uses itrdl hli l 95 5 gave is as below dudebeachnetcat etcpasswd Understandthe data so you can filter it effectively lt twuhlmthnappiens ifthe address 4 09242004 CSC379 Fundamentals ofComputerSecurity 7 fe Validate both at inputto application and at inputto e thereis editinputthe ach component 9 rtakes address and he client l l mail evilha Environment Variab Howdoyoureadchangeordemte ne vaHableHowcanyoudothatsecurm On Unix g et en v Never make any assumptions aboutthe length orthe 0 environment veDrtbanbtaimplycopythe value of an envi variable into astatically allocated buffer Questidmit possibleto have two or more environment v same name and differentvalues Doesthis pose athre 09242004 CSC379 Fundamentals oiComputerSecurity 8 Ies ivnonment 7 ontents ofan ronment ariables with the attoyourprogram Validate Filenames and Paths The user gives you afilename or a path How do you resolve this name to the actt a file that it refers to in the filesystem OnUnix realpath It is dangerousto use relative pathnames and li ks be aware and always take this into account 09242004 CSC379 Fundamentals oiComputerSecurity 9 Validate Email Addresses If your application takes an email address 2 input you should always ver fythat this is as proper avalid address Look at RFC 822 09242004 CSC379 Fundamentals of Computer Security 10 Error Handling If you re programming in a langJage that supports exceptions use exceptions handle exceptions Exceptions that are no handled will make the program terminate the service that it provides w II no longer be available 09242004 CSC379 Fundamentals of Computer Security 11 Protecting Data in Memory Say you have afile with encryoted information In orderfor your program to use you need to decrypt it first You don t want to store the decrypted data in disk so you put it in a memory butter Is this a hazard Understand how memory managementworks The security ofyour program wil depend on how you use dynamic memory allocation primitives When you re done with abufferdiallgriixuotr are you sure you re not spilling sensitive information 09242004 CSC379 Fundamentals of Computer Security 12 Protecting Data on Disk nformation You have afile with sensitive You simply eraseirrtANrietlyour secrets still safe No they re not The file can be undeleted The disk blccks will still contain your data Overwriting each individual blocks once will not solve the problem either You want to catch every block thatwas allocated to this file andwrite some bogwrsudaitplemimleernate passes in which you write patterneddata and random data 09242004 CSC379 Fundamentals of Computer Security 13 References Security in Com uyilufgleeger and Pfleeg i ECBition Prentice Hall 2003 39Building Secure Soblywwrega and McGraw AddisonWesley 2002 39 Secure Programming Cookbookfor Cand Cby Viega and Messier O Reilly 2003 httpwwwsecureproqrammi1900m 09242004 CSC379 Fundamentals of Computer Security 14


Buy Material

Are you sure you want to buy this material for

25 Karma

Buy Material

BOOM! Enjoy Your Free Notes!

We've added these Notes to your profile, click here to view them now.


You're already Subscribed!

Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'

Why people love StudySoup

Steve Martinelli UC Los Angeles

"There's no way I would have passed my Organic Chemistry class this semester without the notes and study guides I got from StudySoup."

Kyle Maynard Purdue

"When you're taking detailed notes and trying to help everyone else out in the class, it really helps you learn and understand the I made $280 on my first study guide!"

Bentley McCaw University of Florida

"I was shooting for a perfect 4.0 GPA this semester. Having StudySoup as a study aid was critical to helping me achieve my goal...and I nailed it!"


"Their 'Elite Notetakers' are making over $1,200/month in sales by creating high quality content that helps their classmates in a time of need."

Become an Elite Notetaker and start selling your notes online!

Refund Policy


All subscriptions to StudySoup are paid in full at the time of subscribing. To change your credit card information or to cancel your subscription, go to "Edit Settings". All credit card information will be available there. If you should decide to cancel your subscription, it will continue to be valid until the next payment period, as all payments for the current period were made in advance. For special circumstances, please email


StudySoup has more than 1 million course-specific study resources to help students study smarter. If you’re having trouble finding what you’re looking for, our customer support team can help you find what you need! Feel free to contact them here:

Recurring Subscriptions: If you have canceled your recurring subscription on the day of renewal and have not downloaded any documents, you may request a refund by submitting an email to

Satisfaction Guarantee: If you’re not satisfied with your subscription, you can contact us for further help. Contact must be made within 3 business days of your subscription purchase and your refund request will be subject for review.

Please Note: Refunds can never be provided more than 30 days after the initial purchase date regardless of your activity on the site.