Tuesday, August 18, 2009

Lab 4 & Lab 5 -18082009-

Lab 4 has covered the topic of cryptography extended. It is all about symmetric and asymmetric cryptography, ceasar cipher, vigenere cipher and RSA algorithm.

 

Symmetric cryptography, also called secret key cryptography, is the most intuitive kind of cryptography. It involves the use of a secret key known only to the participants of the secure communication. On the other hand, Asymmetric cryptography, also called public key cryptography, is a relatively new field. The essential difference to symmetric cryptography is that this kind of algorithm uses two different keys for encryption and corresponding decryption.

 

Ceaser Cipher is one of the simplest and most widely known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions down the alphabet. For example, with a shift of 3, A would be replaced by D, B would become E, and so on.

 

Vigenere Cipher is a method of encrypting alphabetic text by using a series of different Caesar ciphers based on the letters of a keyword. It is a simple form of polyalphabetic substitution. This cipher is well known because while it is easy to understand and implement, it often appears to beginners to be unbreakable. Vigenere Cipher can be done based on the Vegenere table.

 

RSA algorithm is the most widely used public key encryption. It is the first algorithm known to be suitable for signing as well as encryption, and one of the first great advances in public key cryptography. RSA is widely used in electronic commerce protocols, and is believed to be secure given sufficiently long keys and the use of up-to-date implementations. It supports encryption and digital signature. The summary of RSA is as below:

·         n = pq, where p and q are distinct primes.

·         phi, φ = (p-1)(q-1)

·         e <>

·         d = e-1 mod phi.

·         c = me mod n, 1

·         m = cd mod n.

 

Today, lab 5 is also covered in the class. Lab 5 is about Web Application Security. This chapter will discuss about flaw of web application and how it is exploit, web application vulnerabilities and prevention method to overcome web application vulnerabilities.

 

As an introduction to this lab, web application is an application that can be accessed using web browser over network. Nowadays, as web application usage is increasing, security issues is relatively popular. This brought to the appearance of OWASP which stand for Open Web Application Security Project. The main aim of OWASP is to make application security visible, so that people and organizations can make informed decisions about true application security risks. The top 10 web vulnerabilities based on OWASP are as follow:

·         Cross site scripting

·         Injection flaws

·         Malicious file execution

·         Insecure direct object reference

·         Cross site request forgery

·         Information leakage and improper error handling

·         Broken authentication and session management

·         Insecure crypto storage

·         Insecure comms

·         Failure to restrict URL access

 

 

Among the 10 vulnerabilities, 3 of them will be discussed which is Cross Site Scripting (XSS), Injection Flaws, and Malicious File Execution.

 

 

Cross Site Scripting (XSS) can happen when a web application accept any input and sends it to a web browser without validate or encoding the content. When it is not validate attacker can execute script in the victim’s browser and can cause web defacement, user session being hijack, possibly introduce worms or conduct phishing attacks, and take over the user’s browser using scripting malware.

 

 

Injection flaw like SQL injection will cause web application to run an SQL code that was not intended by the application. Usually user supplied data from an application is sent to an interpreter as a query command. With the knowledge of SQL query syntax the attacker exploit this feature by crafting a special crafted data to execute exploit command to the interpreter. By doing this attacker can create, read, update or delete any data available in the database through the web application.

 

Malicious File execution is another web application vulnerabilities caused by failing to control application input. this kind of attack will manipulate your web application to become the attacker remote terminal to execute command line instructions such as directory list, dir or displaying network configuration, ipconfig. It will become more dangerous if the attacker manipulate this vulnerability by executing command that can create a backdoor to your server.

 

 

 

This lab will introduce the use of WebGoat and WebScarab. WebGoat is a deliberately insecure J2EE web application designed to teach web application security lessons. The primary goal of the WebGoat is to create a de-facto interactive teaching environment for web application security. On the other hand, WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols. It should be able to run on any platform as it is written in Java. Most of the time, WebScarab operates as an intercepting proxy, this allowed the user to review and modify data request by the web browser before it send to the server and vice versa. This makes WebScarab as an exploit tool that can be used as man in the middle attack. WebScarab is designed to be a tool for anyone who needs to expose the workings of an HTTP(S) based application, whether to allow the developer to debug otherwise difficult problems, or to allow a security specialist to identify vulnerabilities in the way that the application has been designed or implemented.

 

 

 

 

 

 

Lecture 4 -17082009-

Today's lecture is about Operating System Security. 


Operating systems provide the fundamental mechanisms for securing computer processing. Recently, the importance of ensuring security of operating system is increasingly obvious.


The  items in operating system that need protection are memory, sharable I/O devices, serially reusable I/O devices, sharable programs and sub procedures, and sharable data.


The most fundamental security issue for modern operating systems is SEPARATION. The operating system must keep users separate from each other as well as separating individual process. Separation can be done in several way include physical separation, temporal separation, logical separation and cryptographic separation. Physical separation is done where users are restricted to separate devices. This provides a strong form of separation, but it is often impractical. Temporal separation can be enforced where processes execute one at a time. This eliminates many problems that arise due to concurrency and simplify the job of the operating system. Logical separation can be implemented through sandboxing, where each process has its own sandbox. A process is free to do almost anything within its sandbox, but it’s highly restricted as to what it can do outside of its sandbox. Cryptographic separation can be used to make information unintelligible to an outsider. Various combinations of these separation methods can be used as well.

 

The second fundamental issue of Operating System is memory protection which En.Mohd Zaki put major focuses on this issue. Memory protection is protection for the memory that the Operating System itself uses as well as the memory of user processes. There are several method used for memory protection include fence, relocation, base/bound registers, tagged architecture, segmentation, paging and paging combined with segmentation.

 

Fence is introduced in single-user OS. A fence is a particular address that users and their processes cannot cross, only the OS can operate on one side of the fence, and users are restricted to the other side. A fence could be static in which case there is a fixed fence address. A major drawback to this approach is that it places a strict limit on the size of the OS. An alternative is dynamic fences which can be implemented using a fence register to specify the current fence address.

 

On the other hand, relocation is important in a multi-user OS environment. The process of relocation is taking a program written as if it begins at address 0 and changing all addresses to reflect the actual address at which the program is located.

Then, we come to Base/Bound Registers. Base registers also known as Variable fence register. These registers contain the lower and upper address limits of a particular user (or process) space. All address is offset from the base registers. It only provide a lower bound ( a starting address) but not an upper bound. To overcome this problem, second registers called Bound register which is an upper address limit is added.

 

The following is the tagged architecture. This is a way to solve the problem in base/bounds register. By using Tag Architecture, every word of machine memory has one or more extra bits to identify the access right to that word. However, there are problems with tagged architecture which is code compatibility and locked into convention despite low cost of memory.

 

The most common methods of memory protection are segmentation and paging. Segmentation divides the memory into logical units, such as individual procedures or the data in one array. Different access control can be enforced on different segments. Properties of segment include:

- Each segment has a unique name.

- A code or date item within a segment is addressed as the pair

- The pair is adequate to access to any data or instruction to which program should have access.

- Segment can be separately relocated.

One serious drawback to segmentation is that the segments are of variable sizes. As a result, when the OS reference it must also know the size of the segment in order to be sure that the requested address is within the segment. But some segments – such as those that include dynamic memory allocation, can grow during execution. Consequently, the OS must keep track of segment sizes that can vary.

 

The last method used for memory protection is paging. Paging is similar to segmentation, except that all segments are of fixed size while paging contains no variable segment sizes. With paging, access to a particular page uses a pair of the form . The advantages of paging include improving efficiency and no fragmentation is used. However, the disadvantages are that there is no logical unity to pages, which makes it more difficult to determine the proper access control to apply to a given page. 

 

Combined paging with segmentation is another means to solve the problem by paging method. Each segment is broken into equal sized pages. Thus, this can gain advantage of segment permissions coupled with reduction in fragmentation offered by paging.

Sunday, August 16, 2009

Lecture 3 -10082009-

Today, En. Mohd Zaki introduce a webpage to us which is OWASP and can be found at www.owasp.org. The OWASP stand for Open Web Application Security Project is a worldwide free and open community focused on improving the security of application software. The primary mission of this organization is to enable organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security. 

Malicious code (also called vandals) is a new breed of Internet threat that cannot be efficiently controlled by conventional antivirus software alone. In contrast to viruses that require a user to execute a program in order to cause damage, vandals are auto-executable applications. Viruses and worms are related classes of malicious code; as a result they are often confused. Both share the primary objective of replication. However, they are distinctly different with respect to the techniques they use and their host system requirements. This distinction is due to the disjoint sets of host systems they attack. Viruses have been almost exclusively restricted to personal computers, while worms have attacked only multi-user systems. 

There are several malicious codes such as:- • Trojan Horse - a program which performs a useful function, but also performs an unexpected action as well.  • Virus - a code segment which replicates by attaching copies to existing executables.  • Worm - a program which replicates itself and causes execution of the new copy.  • Network Worm - a worm which copies itself to another system by using common network facilities, and causes execution of the copy on that system. • Spyware: Code designed to track your usage on the internet and to deliver that information to outside marketing computers and advertise services to you.  • Malware: Code designed to steal personal information such as usernames, passwords, bank account info, credit card numbers and report that information to people who may use your financial information to steal from you. 

A computer virus is a computer program that can copy itself and infect a computer without the permission or knowledge of the owner. The term "virus" is also commonly but erroneously used to refer to other types of malware, adware, and spyware programs that do not have the reproductive ability. A true virus can only spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive. Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer. 

In order to replicate itself, a virus must be permitted to execute code and write to memory. For this reason, many viruses attach themselves to executable files that may be part of legitimate programs. If a user attempts to launch an infected program, the virus' code may be executed simultaneously. Viruses can be divided into two types based on their behavior when they are executed. Nonresident viruses immediately search for other hosts that can be infected, infect those targets, and finally transfer control to the application program they infected. Resident viruses do not search for hosts when they are started. Instead, a resident virus loads itself into memory on execution and transfers control to the host program. The virus stays active in the background and infects new hosts when those files are accessed by other programs or the operating system itself.

There are several types of viruses include:-Boot-sector viruses: These viruses infect floppy disk boot records or master boot records in hard disks. They replace the boot record program (which is responsible for loading the operating system in memory) copying it elsewhere on the disk or overwriting it. Boot viruses load into memory if the computer tries to read the disk while it is booting.

Examples: Form, Disk Killer, Michelangelo, and Stone virus

Macro Viruses: A macro virus is a new type of computer virus that infects the macros within a document or template. When you open a word processing or spreadsheet document, the macro virus is activated and it infects the Normal template (Normal.dot)-a general purpose file that stores default document formatting settings. Every document you open refers to the Normal template, and hence gets infected with the macro virus. Since this virus attaches itself to documents, the infection can spread if such documents are opened on other computers.

Examples: DMV, Nuclear, Word Concept.

Stealth viruses: These viruses use certain techniques to avoid detection. They may either redirect the disk head to read another sector instead of the one in which they reside or they may alter the reading of the infected file’s size shown in the directory listing. For instance, the Whale virus adds 9216 bytes to an infected file; then the virus subtracts the same number of bytes (9216) from the size given in the directory.

Examples: Frodo, Joshi, Whale

Polymorphic viruses: A virus that can encrypt its code in different ways so that it appears differently in each infection. These viruses are more difficult to detect.

Examples: Involuntary, Stimulate, Cascade, Phoenix, Evil, Proud, Virus 101

Multipartite viruses: A hybrid of Boot and Program viruses. They infect program files and when the infected program is executed, these viruses infect the boot record. When you boot the computer next time the virus from the boot record loads in memory and then starts infecting other program files on disk.

Examples: Invader, Flip, and Tequila

Program viruses: These infect executable program files, such as those with extensions like .BIN, .COM, .EXE, .OVL, .DRV (driver) and .SYS (device driver). These programs are loaded in memory during execution, taking the virus with them. The virus becomes active in memory, making copies of itself and infecting files on disk.

Examples: Sunday, Cascade

A computer worm is a self-replicating computer program. It uses a network to send copies of itself to other nodes (computers on the network) and it may do so without any user intervention. Unlike a virus, it does not need to attach itself to an existing program. Worms almost always cause at least some harm to the network, if only by consuming bandwidth, whereas viruses almost always corrupt or devour files on a targeted computer.

Lab 3 -28072009-

Today’s lab is all about authentication can basic cryptography. 


During this lab, we are taught to implement data encryption, local password policy on Windows 2003 and implement asymmetric cryptography using Pretty Good Privacy (PGP). 


In Windows 2003, users are able to encrypt data in file or folder to prevent others from reading their private data. Although this method is not fully secured but at least it helps to make hacker more difficult to hack into the system. To encrypt data, users can choose the “Encrypt Contents to Secure Data” in the properties of the data. This will make this data only available and accessible by the user who encrypts the data. 


Besides, password length can be set by administrator to enforce user to create a more secure password with minimum length. This is to make the cracking process of password harder. After the password length has been set, users need to create password according to the minimum length set by administrator. 



Complexity of password is also an important issue in creating password. The more complex the password, the more difficult to be cracked. A complex password should contain combination of numbers, uppercase and lowercase alphabet and special characters. In windows 2003, administrator is able to set the password policy so that user creates a complex password. 


To further enhance the security of system, administrator is allowed to set the account lockout policy. This function is to disable an account for a specific amount of time after a certain number of failed logon attempts. If the account is lockout, user can either wait for 30minutes or contact administrator to reset the counter for next time login. 


Pretty Good Privacy (PGP) is a public key encryption program that provides cryptographic privacy and authentication originally written by Phil Zimmermann in 1991. PGP is often used for signing, encrypting and decrypting e-mails to increase the security of e-mail communications. Over the past few years, PGP has become a de-facto standard for encryption of email on the Internet.

How PGP works actually? When a user encrypts plaintext with PGP, PGP first compresses the plaintext. Data compression saves modem transmission time and disk space and, more importantly, strengthens cryptographic security. Most cryptanalysis techniques exploit patterns found in the plaintext to crack the cipher. Compression reduces these patterns in the plaintext, thereby greatly enhancing resistance to cryptanalysis. (Files that are too short to compress or which don't compress well aren't compressed.) 



PGP then creates a session key, which is a one-time-only secret key. This key is a random number generated from the random movements of your mouse and the keystrokes you type. This session key works with a very secure, fast conventional encryption algorithm to encrypt the plaintext; the result is ciphertext. Once the data is encrypted, the session key is then encrypted to the recipient's public key. This public key-encrypted session key is transmitted along with the ciphertext to the recipient. 



Decryption works in the reverse. The recipient's copy of PGP uses his or her private key to recover the temporary session key, which PGP then uses to decrypt the conventionally-encrypted ciphertext.



The combination of the two encryption methods combines the convenience of public key encryption with the speed of conventional encryption. Conventional encryption is about 1, 000 times faster than public key encryption. Public key encryption in turn provides a solution to key distribution and data transmission issues. Used together, performance and key distribution are improved without any sacrifice in security.


 

Saturday, August 15, 2009

Continuation of Lecture 2 -27072009-

A digital signature is an electronic signature that can be used to authenticate the identity of the sender of a message or the signer of a document, and possibly to ensure that the original content of the message or document that has been sent is unchanged. Digital signatures are easily transportable, cannot be imitated by someone else, and can be automatically time-stamped. The ability to ensure that the original signed message arrived means that the sender cannot easily repudiate it later. A digital signature can be used with any kind of message, whether it is encrypted or not, simply so that the receiver can be sure of the sender's identity and that the message arrived intact. A digital certificate contains the digital signature of the certificate-issuing authority so that anyone can verify that the certificate is real.


Example of how digital signature work. (http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci211953,00.html)


Assume you were going to send the draft of a contract to your lawyer in another town. You want to give your lawyer the assurance that it was unchanged from what you sent and that it is really from you. 
1. You copy-and-paste the contract (it's a short one!) into an e-mail note. 
2. Using special software, you obtain a message hash (mathematical summary) of the contract.
3. You then use a private key that you have previously obtained from a public-private key authority to encrypt the hash.

4. The encrypted hash becomes your digital signature of the message. (Note that it will be different each time you send a message.)


At the other end, your lawyer receives the message. 
1. To make sure it's intact and from you, your lawyer makes a hash of the received message.
2. Your lawyer then uses your public key to decrypt the message hash or summary.
3. If the hashes match, the received message is valid.


Another example of how digital signature work can be seen in http://www.youdzone.com/signature.html



What is RSA? RSA is named after its inventors Rivest, Shamir and Adelman. It is the best known and most frequently used reversible asymmetric algorithm. Its key length is variable, 512 bits being considered as a minimum today and 2048 bits as to remain very secure in the near future. The block size is also variable, but must be smaller than the key's. The cipher text will be the length of the key. The public key consists of a product n of two large primes p and q and a fixed number e. The private key is a number d. 


Each participant will need to generate a public and corresponding private key: 



First choose a small constant e. Taking always the same small e does not make RSA less secure but greatly increases its performance. Two popular values for e are 3 and 65537. 



For a key size of k bits, choose two large primes p and q of size bits with relatively prime to e. To find this kind of large primes when e=3 for instance, use Miller and Rabin's probabilistic primarily test on odd random numbers multiplied by 6 with 5 added. Such (probable) primes p will obey relatively prime to 3. Let n=pq. 



The public key is the pair, the private key is, where, i.e. d is e's multiplicative inverse mod, found with Euclid's algorithm. 



The encryption and decryption functions e, d are identical in RSA: 



To encrypt a message to Alice, one computes, where Alice’s public key is. Only Alice will be able to decrypt c, using her private key to compute. Also, only Alice can sign a message with the signature. Anyone can verify the signature by checking that. 



RSA is secure because no one knows how to factor large numbers quickly. Indeed, to find d from e and n, one needs to know, i.e. the factors p and q of n. No other way to break RSA is known, and factoring a 512 bit number with the best techniques known requires about 500'000 MIPS years. 


RSA is much slower to compute than popular symmetric algorithms such as DES and IDEA. Therefore it will not be used to encrypt long messages, but rather to encrypt a random DES or IDEA key which is then used to actually encrypt a message. 


Other than RSA, there are other encryption algorithm such as DES, Triple DES and AES.



The Data Encryption Standard (DES) is a block cipher (a form of shared secret encryption) that was selected by the National Bureau of Standards as an official Federal Information Processing Standard (FIPS) for the United States in 1976. DES encrypts and decrypts data in 64-bit blocks, using a 64-bit key. It takes a 64-bit block of plaintext as input and outputs a 64-bit block of cipher text. Since it always operates on blocks of equal size and it uses both permutations and substitutions in the algorithm, DES is both a block cipher and a product cipher.


DES has 16 rounds, meaning the main algorithm is repeated 16 times to produce the ciphertext. It has been found that the number of rounds is exponentially proportional to the amount of time required to find a key using a brute-force attack. So as the number of rounds increases, the security of the algorithm increases exponentially.


Triple DES is the common name for the Triple Data Encryption Algorithm (TDEA) block cipher. It is so named because it applies the Data Encryption Standard (DES) cipher algorithm three times to each data block. Triple DES provides a relatively simple method of increasing the key size of DES to protect against brute force attacks, without requiring a completely new block cipher algorithm.


Advanced Encryption Standard (AES) is an encryption standard adopted by the U.S. government. The standard comprises three block ciphers, AES-128, AES-192 and AES-256, adopted from a larger collection originally published as Rijndael. Each AES cipher has a 128-bit block size, with key sizes of 128, 192 and 256 bits, respectively. The AES ciphers have been analyzed extensively and are now used worldwide, as was the case with its predecessor,[3] the Data Encryption Standard (DES). AES is based on a design principle known as a Substitution permutation network. It is fast in both software and hardware,[5] is relatively easy to implement, and requires little memory. Unlike its predecessor DES, AES does not use a Feistel network.

   

Lab 2 -21072009-

Today’s lab is mainly about information technolory security. Information security is the protection of information from a wide range of threats in order to ensure business continuity, minimize business risk, and maximize return on investments and business opportunities. Information security is achieved by implementing a suitable set of controls, including policies, processes, procedures, organizational structures and software and hardware functions. These controls need to be established, implemented, monitored, reviewed and improved, where necessary, to ensure that the specific security and business objectives of the organization are met.


Basically, the goals of information security are confidentiality, integrity and availability. Other thna that, information technology security are able to:-
• Provide strong network logon authentication.
• Decreased risk to operations and business. 
• Provide legitimate use of resources which ensuring that resources are from the original source.


NTFS, short for NT File System, is designed with local file security. It is one of the file system for Windows server 2003. NTFS has features to improve reliability, such as transaction logs to help recover from disk failures. To control access to files, user can set permissions for directories and individual files. NTFS files are not accessible from other operating systems such as DOS.


Data confidentiality can be defined as ensuring that information is accessible only to those authorized to have access. To ensure data confidentiality, one can set accesibilty to files and folder. In NTFS, user can assign permission to certain file or folder to prevent from intruder to access the files. By default, administrator has full control over all the file and folder which include Read and execute, List Folder Contents and Read. 



Data availablity refers to the degree to which data can be instantly accessed. Data availaibity is essential to ensure data continues to be available at a required level of performance. Secured
data that is inaccessible is considered downtime and detrimental to a business. An important notes to be known is that data that is secured too strongly might conflict with the availability . Means to reduce downtime and increase data availability are backups, clustering, load balancing and RAID. 



Data integrity can be defined as data that has not been tampered with intentionally or accidentally. In other term, data integrity means the reliability, validity and correctness of data. Data integrity can be damaged by viruses, worms, hackers and Trojan horses. Besides, data integrity can be threatened by environmental hazards such as dust, surges, and excessive heat. Disaster recovery plans, an equipment standards policy, system documentation and preventive maintenance might help to maintain data integrity. 

Monday, August 10, 2009

My Second Lecture -20072009-

Today lecture is mainly about authetication and basic crpytography. Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be. In private and public computer networks, including the Interne, authentication is commonly done through the use of logon passwords. Knowledge of the password is assumed to guarantee that the user is authentic. Each user registers initially using an assigned or self-declared password. On each subsequent use, the user must know and use the previously declared password. In short, authentication can be said as verification that the digital content is authentic or official and certification of this to users accessing the content. On the othe hand, cryptography is the science of information security. Cryptography includes techniques such as microdots, merging words with images, and other ways to hide information in storage or transit. However, in today's computer-centric world, cryptography is most often associated with scrambling plaintext into ciphertext (a process called encryption), then back again (known as decryption).

In contemporary world, more new technology have been invented to enhance security such as finger print recognition to start car and gait recognition. Gait recognition technology is a biometric method -- that is, a unique biological or behavioral identification characteristic, such as a fingerprint or a face. The ultimate goal is to detect, classify and identify humans at distances up to 500 feet away under day or night, all-weather conditions. Such capabilities will enhance the protection of U.S. forces and facilities from terrorist attacks.

The most important topic in this lecture is Password! To choose a secure and good password, there are guidelines to follow. 
• Do not use words that can be found in dictionary include foreign language.
• Do not use your user name or real name.
• Do not use your spouse’s name.
• Avoid sequences or repeated characters. "12345678," "222222," "abcdefg," or adjacent letters on your keyboard do not help make secure passwords.
• Any word in any “cracking dictionary”. There are lists of words that crackers use to try to crack passwords-passwords that a lot of people use. Some of these lists include: Abbreviations, Asteroids, Biology, Cartoons, Character Patterns, Machine names, famous names, female names, Bible, male names, Movies, Myths-legends, Number Patterns, Short Phrases, Places, Science Fiction, Shakespeare, Songs, Sports, Surnames.
• Choose a password that is at least six characters long. This should be long enough to discourage a brute-force attack.
• Use password that consists of combination of lower- and upper-case characters, numbers, and symbols.
• Think of an uncommon phrase, and take the first, second or last letter of each word. “You can't always get what you want” would yield “ycagwyw”. Throw in a capital letter and a punctuation mark or a number or two, and you can end up with “yCag5wyw”.

There are some tips to remember for protection of password.
• Do not reveal them to others.
• Do not write down or record password in any place. It is better to memorize it.
• Change password regularly.
• Do not use the same password for everything that need a password. Create different password.

There are two types of cryptography which are symmetric cryptography and asymmetric cryptography. 
Symmetric cryptography includes any form where the same key is used both to encrypt and to decrypt the text involved. One of the simplest forms is sometimes known as the Caesar cipher -- reputedly used by Julius Caesar to conceal messages, in which the process is simply one of shifting the alphabet so many places in one direction or another. Unlike the situation in asymmetric cryptography where there is a public element to the process and where the private key is almost never shared, symmetric cryptography normally requires the key to be shared and simultaneously kept secret within a restricted group. It's simply not possible for a person who views the encrypted data with a symmetric cipher to be able to do so without having access to the key used to encrypt it in the first place. If such a secret key falls into the wrong hands, then the security of the data encrypted using that key is immediately and completely compromised. Hence, what all systems in this group of secret key methods share is the problem of key management.

Some example of symmetric cipher can be found in this website.

http://www.ibm.com/developerworks/library/s-crypt02.html



Asymmetric cryptography or public-key cryptography is cryptography in which a pair of keys is used to encrypt and decrypt a message so that it arrives securely. Initially, a network user receives a public and private key pair from a certificate authority. Any other user who wants to send an encrypted message can get the intended recipient's public key from a public directory. They use this key to encrypt the message, and they send it to the recipient. When the recipient gets the message, they decrypt it with their private key, which no one else should have access to. The essential difference to symmetric cryptography is that this kind of algorithm uses two different keys for encryption and corresponding decryption.

Ceaser Cipher is one of the simplest and most widely known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions down the alphabet. For example, with a shift of 3, A would be replaced by D, B would become E, and so on. The method is named after Julius Caesar, who used it to communicate with his generals. The encryption step performed by a Caesar cipher is often incorporated as part of more complex schemes, such as the Vigenère cipher. 

There's an interesting website which can encipher and decipher message using Ceasar Cipher technique.

http://www.secretcodebreaker.com/caesar.html

The Vigenère cipher is a method of encrypting alphabetic text by using a series of different Caesar ciphers based on the letters of a keyword. It is a simple form of polyalphabetic substitution. This cipher is well known because while it is easy to understand and implement, it often appears to beginners to be unbreakable. 



First Lab -14072009-

Today's lab is an intoduction to virtualization and VMware. Virtulaization has become increasingly important nowadays as virtualization presents a huge opportunity for IT groups to more effectively manage their environments, optimize resource loads for the physical machines at their disposal and even get by with less hardware. Besides, virtualization enables a much higher degree of portability and flexibility. Software is added to an execution platform to produce virtualization to give it the appearance of a different platform. Virtualization supports an operating system, instruction set, and computational resources which differ from those available on the underlying software. One of virtualization environment created by such software is called virtual machine.

Virtual machine (VM) is an environment, usually a program or operating system, which does not physically exist but is created within another environment. It is a software implementation of a machine (computer) that executes programs like a real machine. Virtual machines are often created to execute an instruction set different than that of the host environment. One host environment can often run multiple VMs at once.

In this lab, we are taught to use VMware. First of all, the installation of VMware into operating system is necessary. During the configuration of the virtual machine, we are asked to select a guest operating system which is Microsoft Windows as our task is to  install Windows Server 2003 into the virtual machine. Then, we are asked to check our computer's disk capacity whether its enough 15GB to utilize the virtual machine. 

After that, we start our virtual machine by clicking the green triangle button on the toolbar. Then, installation of Windows Server 2003 is started. It takes about half an hour to complete the installation progress. After the installation is succeeded, we can start explore the Windows Server 2003. A note that must be always remembered is to type CTRL+ALT to get the mouse cursor back to host desktop when we wanted to quit from the virtual machine.