- •Л.К.Сальная
- •It protection
- •It Protection
- •1. Read the following terms and their definitions and memorize them:
- •2. Match the following words with their Russian equivalents:
- •3. Match the following words with their synonyms:
- •Reading
- •5. Read the text and find the information about the purpose of creating the standard and who it was established for.
- •6. Answer the questions
- •7. Mark the following statements true or false. Correct the false statements
- •Vocabulary tasks
- •8. Form the word combinations and give their definitions.
- •9. Complete the sentences using the words given below.
- •10. Make the word combinations.
- •11. Match the term and its definition.
- •12. Complete the text by translating Russian phrases given in brackets.
- •13. Read the second part of the text. Name the topics which are outside the scope of cc.
- •14. Grammar tasks. Check your grammar.
- •I. Choose the correct form of the verb.
- •II. Choose the correct modal verb.
- •III. Choose the correct form.
- •IV. Choose the correct form of the verb in Active or Passive Voice.
- •V. Choose the correct preposition.
- •VI. Put an article or an expression of quantity where necessary.
- •VII. Choose the correct form of an adjective or an adverb.
- •I. Put the verbs in the correct form. Present Simple, Present Continuous,
- •II. Put the verbs in the correct form. Past Simple, Past Continuous, Past Perfect, Future–in–the Past.
- •2. Match the following words with their Russian equivalents:
- •3. Match the following words with their synonyms:
- •Reading
- •5. Scan the text and match the headings with its parts.
- •6. Answer the questions
- •7. Mark the following statements true or false. Correct the false statements
- •Vocabulary tasks
- •8. Form the word combinations and give their definitions.
- •9. Give your definitions of the following terms.
- •10. Make the word combinations
- •11. What do the following abbreviations from Text 1 mean?
- •12. Complete the text.
- •13. Translate into Russian the following paragraph.
- •14. Complete the text by translating Russian phrases given in brackets.
- •15. Translate into English.
- •16. Read the second part of the text, write out key words and write down short definitions of the clue terms given in the text.
- •17. Grammar
- •18. Communication
- •19. Writing.
- •1. Read the following terms and their definitions and memorize them:
- •2. Match the following words with their Russian equivalents:
- •3. Match the following words with their synonyms:
- •Reading
- •What is cryptography? What do you know about cryptographic protocols and algorithms?
- •5. Read the text and summarize the pieces of advice about cryptographic algorithms. Cryptographic Algorithms and Protocols.
- •6. Answer the questions
- •11. What do the following abbreviations from Text 1 mean?
- •12. Find abbreviations in Text 2 and comment on their meaning.
- •13. Complete the text using the words given below.
- •14. Translate into Russian the following paragraph.
- •15. Complete the text by translating Russian phrases given in brackets.
- •16. Translate into English
- •17. Translate into English
- •18. Text 2. Scan the text and write out the facts that are new for you. Symmetric Key Encryption Algorithms. Public Key Algorithms. Cryptographic Hash Algorithms.
- •19. Grammar
- •20. Communication.
- •21. Writing.
- •1. Read the following terms and their definitions and memorize them:
- •2. Match the following words with their Russian equivalents:
- •3. Match the following words with their synonyms:
- •Reading
- •5. Read the text and find out if it mentions the following
- •10. Complete the text using the terms and word combinations given below.
- •11. Complete the text.
- •12. Translate into English the following passage.
- •13. Text 2. Read the text and write its summary. Point out the facts that are new for you. Present them orally. Cryptanalytic Methods for Modern Ciphers.
- •14. Grammar
- •15. Communication.
- •16. Writing.
- •1. Read the following terms and their definitions and memorize them:
- •2. Match the following words with their Russian equivalents:
- •3. Match the following words with their synonyms:
- •Reading
- •5. Text 1. Steganography. Read the text and give brief characteristics of the main steganographic techniques.
- •6. Answer the questions
- •7. Mark the following statements true or false. Correct the false statements.
- •Vocabulary tasks
- •8. Give as many word combinations as possible and translate them
- •9. Make the word combinations
- •10. Complete the text using the terms and word combinations given below.
- •11. Translate into Russian the following passage.
- •12. Translate into English the following passage.
- •13. Text 2. Scan the text and point out its main ideas.
- •14. Grammar. Modal Verbs.
- •15. Communication.
- •16. Writing.
- •1. Read the following terms and their definitions and memorize them:
- •2. Match the following words with their Russian equivalents:
- •Reading
- •4. Text 1. Quantum cryptography. Find in the text the description of the phenomena of quantum mechanics.
- •5. Answer the questions
- •6. Mark the following statements true or false. Correct the false statements.
- •Complete the text using the terms and word combinations given below.
- •Render in Russian the following passage.
- •13. Translate into English.
- •14. Text 2. Read the text and outline the process of secret key generation.
- •Vocabulary and Grammar 1-6. Revision.
- •Put the words in the correct order. The first word is underlined.
- •III. Match the lines.
- •IV. Put the verbs in brackets in the correct form Active or Passive.
- •V. Give definitions of the following terms.
- •Translate into Russian.
- •VII. Translate into English.
- •VIII. Communication
- •IX. Writing
- •1. Read the following terms and their definitions and memorize them:
- •2. Match the following words with their synonyms:
- •Reading
- •4. Decide where the following sentences go in the text.
- •5. Answer the questions
- •6. Mark the following statements true or false. Correct the false statements
- •11. Complete the text using the terms and word combinations given below.
- •12. Render in Russian the following passage.
- •13. Translate into English the following passage.
- •14. Text 2. Credit Card Security. Scan the text and mark the sentences about the main disadvantage of using credit cards. Point out the ways to solve the problem mentioned in the text.
- •15. Grammar
- •16. Communication
- •17. Writing. Resume. Read the variants of resume and write your own one.
- •1. Read the following terms and their definitions and memorize them:
- •2. Match the following words with their Russian equivalents:
- •3. Match the following words with their synonyms:
- •Reading
- •5. Read the text and find out whether the following ideas are true, false or not discussed in it.
- •10. Give English equivalents of the following words and word combinations.
- •11. Give Russian equivalents of the following words and word combinations.
- •12. Translate into Russian.
- •13. Complete the text by translating Russian phrases given in brackets.
- •14. Text 2. Virtual private network. Read the text and write its main ideas.
- •[Edit] Authentication mechanism
- •[Edit] Types
- •[Edit] Tunneling
- •[Edit] Security dialogues
- •15. Grammar
- •16. Communication.
- •17. Writing. Read the example and write your cv.
- •1. Read the following terms and their definitions and memorize them:
- •2. Match the following words with their Russian equivalents:
- •3. Match the following words with their synonyms:
- •Reading
- •6. Answer the questions
- •7. Write if the following statements are true or false.
- •12. Translate into Russian the following passage.
- •13. Complete the text by translating Russian phrases given in brackets.
- •14. Translate into English the following passage.
- •15. Text 2. Read the second part of the article and write one sentence to characterize each type of firewall architecture.
- •16. Grammar
- •17. Communication
- •18. Writing.
- •1. Read the following terms and their definitions and memorize them:
- •2. Match the following words with their Russian equivalents:
- •3. Match the following words with their synonyms:
- •Reading
- •5. Text 1. An overview of the security of wireless networks. Read the text and outline the main problems of wireless communication security and the perspectives of protection means.
- •6. Answer the questions
- •7. Mark the following statements true or false. Correct the false statements.
- •12. Translate into Russian the following passage.
- •13. Translate into English the following passage.
- •14. Text 2. Read the text and determine what it is about.
- •Vocabulary and Grammar 7-10. Revision.
- •I. Write if the sentences are true or false. Correct the false sentences.
- •Match the lines.
- •IV. Choose the correct form of the verb.
- •V. Put the verbs in brackets in the correct form. There are some non-finite forms necessary.
- •VI. Give definitions of the following terms.
- •VII. Translate into Russian.
- •VIII. Translate into English.
- •IX. Translate into English using non-finite forms of the verbs.
- •X. Communication
- •Appendix 1 Writing an Abstract
- •Appendix 2 List Of Acronyms
- •Сальная Лейла Климентьевна
- •It Protection
17. Translate into English
DES алгоритм является первым примером широкого производства и внедрения технических средств в область защиты информации. К настоящему времени выпускается несколько десятков устройств аппаратно - программной реализации DES-алгоритма. Для выпуска такого рода устройства необходимо получить сертификат Национального Бюро Стандартов на право реализации продукта, который выдается только после всесторонней проверки по специальным тестирующим процедурам.
Достигнута высокая скорость шифрования. По некоторым сообщениям, в одном из устройств на основе специализированной микросхемы она составляет около 45 Мбит/сек.
Основные области применения DES-алгоритма:
- хранение данных в ЭВМ (шифрование файлов, паролей);
- электронная система платежей (между клиентом и банком);
- электронный обмен коммерческой информацией (между покупателем и продавцом).
18. Text 2. Scan the text and write out the facts that are new for you. Symmetric Key Encryption Algorithms. Public Key Algorithms. Cryptographic Hash Algorithms.
The use, export, and/or import of implementations of encryption algorithms are restricted in many countries, and the laws can change quite rapidly. Find out what the rules are before trying to build applications using cryptography.
For secret key (bulk data) encryption algorithms, use only encryption algorithms that have been openly published and withstood years of attack, and check on their patent status. We would recommend using the new Advanced Encryption Standard (AES), also known as Rijndahl -- a number of cryptographers have analyzed it and not found any serious weakness in it, and we believe it has been through enough analysis to be trustworthy now. However, in August 2002 researchers Fuller and Millar discovered a mathematical property of the cipher that, while not an attack, might be exploitable into an attack (the approach may actually has serious consequences for some other algorithms, too). A good alternative to AES is the Serpent algorithm, which is slightly slower but is very resistant to attack. For many applications triple-DES is a very good encryption algorithm; it has a reasonably lengthy key (112 bits), no patent issues, and a very long history of withstanding attacks (it's withstood attacks far longer than any other encryption algorithm with reasonable key length in the public literature, so it's probably the safest publicly-available symmetric encryption algorithm when properly implemented). However, triple-DES is very slow when implemented in software, so triple-DES can be considered ``safest but slowest.'' Twofish appears to be a good encryption algorithm, but there are some lingering questions - Sean Murphy and Fauzan Mirza showed that Twofish has properties that cause many academics to be concerned (though as of yet no one has managed to exploit these properties). MARS is highly resistent to ``new and novel'' attacks, but it's more complex and is impractical on small-ability smartcards. Your protocol should support multiple encryption algorithms, anyway; that way, when an encryption algorithm is broken, users can switch to another one.
For symmetric-key encryption (e.g., for bulk encryption), don't use a key length less than 90 bits if you want the information to stay secret through 2016 (add another bit for every additional 18 months of security) [Blaze 1996]. For encrypting worthless data, the old DES algorithm has some value, but with modern hardware it's too easy to break DES's 56-bit key using brute force. If you're using DES, don't just use the ASCII text key as the key - parity is in the least (not most) significant bit, so most DES algorithms will encrypt using a key value well-known to adversaries; instead, create a hash of the key and set the parity bits correctly (and pay attention to error reports from your encryption routine). So-called ``exportable'' encryption algorithms only have effective key lengths of 40 bits, and are essentially worthless; in 1996 an attacker could spend $10,000 to break such keys in twelve minutes or use idle computer time to break them in a few days, with the time-to-break halving every 18 months in either case.
Block encryption algorithms can be used in a number of different modes, such as ``electronic code book'' (ECB) and ``cipher block chaining'' (CBC). In nearly all cases, use CBC, and do not use ECB mode - in ECB mode, the same block of data always returns the same result inside a stream, and this is often enough to reveal what's encrypted. Many modes, including CBC mode, require an ``initialization vector'' (IV). The IV doesn't need to be secret, but it does need to be unpredictable by an attacker. Don't reuse IV's across sessions - use a new IV each time you start a session.
There are a number of different streaming encryption algorithms, but many of them have patent restrictions. I know of no patent or technical issues with WAKE. RC4 was a trade secret of RSA Data Security Inc; it's been leaked since, and we know of no real legal impediment to its use, but RSA Data Security has often threatened court action against users of it (it's not at all clear what RSA Data Security could do, but no doubt they could tie up users in worthless court cases). If you use RC4, use it as intended - in particular, always discard the first 256 bytes it generates, or you'll be vulnerable to attack. SEAL is patented by IBM - so don't use it. SOBER is patented; the patent owner has claimed that it will allow many uses for free if permission is requested, but this creates an impediment for later use. Even more interestingly, block encryption algorithms can be used in modes that turn them into stream ciphers, and users who want stream ciphers should consider this approach.
For public key cryptography (used, among other things, for signing and sending secret keys), there are only a few widely-deployed algorithms. One of the most widely-used algorithms is RSA; RSA's algorithm was patented, but only in the U.S., and that patent expired in September 2000, so RSA can be freely used. Never decrypt or sign a raw value that an attacker gives you directly using RSA and expose the result, because that could expose the private key (this isn't a problem in practice, because most protocols involve signing a hash computed by the user - not the raw value - or don't expose the result). Never decrypt or sign the exact same raw value multiple times (the original can be exposed). Both of these can be solved by always adding random padding (PGP does this) - the usual approach is called Optimal Asymmetric Encryption Padding (OAEP).
The Diffie-Hellman key exchange algorithm is widely used to permit two parties to agree on a session key. By itself it doesn't guarantee that the parties are who they say they are, or that there is no middleman, but it does strongly help defend against passive listeners; its patent expired in 1997. If you use Diffie-Hellman to create a shared secret, be sure to hash it first.
NIST developed the digital signature standard (DSS) (it's a modification of the ElGamal cryptosystem) for digital signature generation and verification; one of the conditions for its development was for it to be patent-free.
RSA, Diffie-Hellman, and El Gamal's techniques require more bits for the keys for equivalent security compared to typical symmetric keys; a 1024-bit key in these systems is supposed to be roughly equivalent to an 80-bit symmetric key. A 512-bit RSA key is considered completely unsafe; Nicko van Someren has demonstrated that such small RSA keys can be factored in 6 weeks using only already-available office hardware (never mind equipment designed for the job). In the past, a 1024-bit RSA key was considered reasonably secure, but recent advancements in factorization algorithms (e.g., by D. J. Bernstein) have raised concerns that perhaps even 1024 bits is not enough for an RSA key. Certainly, if your application needs to be highly secure or last beyond 2015, you should use a 2048 bit keys.
If you need a public key that requires far fewer bits (e.g., for a smartcard), then you might use elliptic curve cryptography (IEEE P1363 has some suggested curves; finding curves is hard). However, be careful - elliptic curve cryptography isn't patented, but certain speedup techniques are patented.
Some programs need a one-way cryptographic hash algorithm, that is, a function that takes an ``arbitrary'' amount of data and generates a fixed-length number that hard for an attacker to invert (e.g., it's difficult for an attacker to create a different set of data to generate that same value). For a number of years MD5 has been a favorite, but recent efforts have shown that its 128-bit length may not be enough [van Oorschot 1994] and that certain attacks weaken MD5's protection [Dobbertin 1996]. Indeed, there are rumors that a top industry cryptographer has broken MD5, but is bound by employee agreement to keep silent (see the Bugtraq 22 August 2000 posting by John Viega). Anyone can create a rumor, but enough weaknesses have been found that the idea of completing the break is plausible. If you're writing new code, use SHA-1 instead of MD5. Don't use the original SHA (now called ``SHA-0''); SHA-0 had the same weakness that MD5 does. If you need more bits in your hash algorithm, use SHA-256, SHA-384, or SHA-512; you can get the specifications in NIST FIPS PUB 180-2.