Systems - Computer Science bibliographies - in Harvard style

Brute force is IMPOSSIBRU.

In-text: (Clayton, 2015)

Your Bibliography: Clayton, R., 2015. Brute force attacks on cryptographic keys. [online] Cl.cam.ac.uk. Available at: <http://www.cl.cam.ac.uk/~rnc1/brute.html> [Accessed 27 February 2015].

Boucher had to give up his key.

In-text: (U.S. v. Boucher, 2009 U.S. Dist. Lexis 13006 ("Boucher 2"), 2015)

Your Bibliography: Danfingerman.com. 2015. U.S. v. Boucher, 2009 U.S. Dist. Lexis 13006 ("Boucher 2"). [online] Available at: <http://danfingerman.com/law/cases/Boucher2.html> [Accessed 27 February 2015].

Cryptography is only a small part of the security system, it is a very critical part.

In-text: (Ferguson and Schneier, 2003)

Your Bibliography: Ferguson, N. and Schneier, B., 2003. Practical cryptography. New York: Wiley, p.8.

Pub key, less keys are used altogether, only need one private key per recipient, not one for each route of communication.

In-text: (Ferguson and Schneier, 2003)

Your Bibliography: Ferguson, N. and Schneier, B., 2003. Practical cryptography. New York: Wiley, p.26.

Pub key. More complex algorithm. Decryption must hold for all possible messages from all different public keys.

In-text: (Ferguson and Schneier, 2003)

Your Bibliography: Ferguson, N. and Schneier, B., 2003. Practical cryptography. New York: Wiley, p.27.

File signature works just like a MAC. Verified with pub key, private key required to make new signature.

In-text: (Ferguson and Schneier, 2003)

Your Bibliography: Ferguson, N. and Schneier, B., 2003. Practical cryptography. New York: Wiley, p.28.

-Public Key. Anyone can produce a public key impersonating anyone else. Have a central authority called Certificate Authority. User takes public key to CA, identifies them self. CA signs pub key with digital signature. Often includes expiration date. -Digital Signature. Only proves computer it was sent from, doesn't take viruses into account.

In-text: (Ferguson and Schneier, 2003)

Your Bibliography: Ferguson, N. and Schneier, B., 2003. Practical cryptography. New York: Wiley, p.29.

AES advantages and Disadvantages. Each step consists of multiple operations that can be performed in parallel, makes for high speed. However decryption operation is significantly different from encryption.

In-text: (Ferguson and Schneier, 2003)

Your Bibliography: Ferguson, N. and Schneier, B., 2003. Practical cryptography. New York: Wiley, p.56.

DES Key size 56 bits, block size 64 bits. Unsuitable, so made 3DES. 3DES solves small key size, but not small block size.

In-text: (Ferguson and Schneier, 2003)

Your Bibliography: Ferguson, N. and Schneier, B., 2003. Practical cryptography. New York: Wiley, p.51.

General crap about encryption keys.

In-text: (Harris, 2005)

Your Bibliography: Harris, S., 2005. CISSP All-in-One Exam Guide. San Francisco: McGraw-Hill Osborne, p.594.

Asymmetric. Know it came from the person because only they can encrypt with private key.

In-text: (Harris, 2005)

Your Bibliography: Harris, S., 2005. CISSP All-in-One Exam Guide. San Francisco: McGraw-Hill Osborne, p.610.

Triple DES 48 processes carried out.

In-text: (Harris, 2005)

Your Bibliography: Harris, S., 2005. CISSP All-in-One Exam Guide. San Francisco: McGraw-Hill Osborne, p.629.

RSA uses large prime numbers.

In-text: (Harris, 2005)

Your Bibliography: Harris, S., 2005. CISSP All-in-One Exam Guide. San Francisco: McGraw-Hill Osborne, p.635.

AES number of rounds.

In-text: (Harris, 2005)

Your Bibliography: Harris, S., 2005. CISSP All-in-One Exam Guide. San Francisco: McGraw-Hill Osborne, p.630.

Diffie Hellman allows for private key exchange.

In-text: (Harris, 2005)

Your Bibliography: Harris, S., 2005. CISSP All-in-One Exam Guide. San Francisco: McGraw-Hill Osborne, p.632.

Diffie Hellman is vulnerable to man in the middle attacks.

In-text: (Harris, 2005)

Your Bibliography: Harris, S., 2005. CISSP All-in-One Exam Guide. San Francisco: McGraw-Hill Osborne, p.633.

AES block cypher has a 128 bit block length and can use 128, 192 or 256 bit key lengths.

In-text: (Katz and Lindell, 2008)

Your Bibliography: Katz, J. and Lindell, Y., 2008. Introduction to modern cryptography. Boca Raton: Chapman & Hall/CRC, p.186.

Asymmetric. One party generates a pair of keys. Send public key in the clear.

In-text: (Katz and Lindell, 2008)

Your Bibliography: Katz, J. and Lindell, Y., 2008. Introduction to modern cryptography. Boca Raton: Chapman & Hall/CRC, p.333.

Asymmetric Disadvantages. A lot slower.

In-text: (Katz and Lindell, 2008)

Your Bibliography: Katz, J. and Lindell, Y., 2008. Introduction to modern cryptography. Boca Raton: Chapman & Hall/CRC, p.335.

Private Key Disadvantages. Parties must have an initial secure way of sharing information. Can be useful for single user encryption.

In-text: (Katz and Lindell, 2008)

Your Bibliography: Katz, J. and Lindell, Y., 2008. Introduction to modern cryptography. Boca Raton: Chapman & Hall/CRC, p.5.

Private Key Disadvantage Solution. Key Distribution Center. All users share key with DC. User sends message to DC. DC produces session key, encrypted using users key, and to receiver using receivers key.

In-text: (Katz and Lindell, 2008)

Your Bibliography: Katz, J. and Lindell, Y., 2008. Introduction to modern cryptography. Boca Raton: Chapman & Hall/CRC, p.318.

No longer considered secure due to key lentgh of 56 bits.

In-text: (Katz and Lindell, 2008)

Your Bibliography: Katz, J. and Lindell, Y., 2008. Introduction to modern cryptography. Boca Raton: Chapman & Hall/CRC, p.173.

Asymmetric requires less security, only one key needs to be protected. Only allows one way communication. Allows multiple senders to communicate with receiver.

In-text: (Katz and Lindell, 2008)

Your Bibliography: Katz, J. and Lindell, Y., 2008. Introduction to modern cryptography. Boca Raton: Chapman & Hall/CRC, p.334.

Stuff about 2 round DES and 3 round DES.

In-text: (Katz and Lindell, 2008)

Your Bibliography: Katz, J. and Lindell, Y., 2008. Introduction to modern cryptography. Boca Raton: Chapman & Hall/CRC, p.177.

-56-bit keys do not make for large enough key space. Introduced Triple DES. -Public - key cryptography... allows one (public) key to be used for encryption and another (the secret key) for decryption. -Pub and Priv keys must be closely related. [In principle, computational limitations]

In-text: (Klein, 2014)

Your Bibliography: Klein, P., 2014. A cryptography primer. New York: Cambridge University Press, pp.147 - 148.

Digital signature for the document depends mathematically on the content of the document. To verify the signature, the mathematical relationship should be publicly known. Must be secret so only one person can produce it. Similar to public - key.

In-text: (Klein, 2014)

Your Bibliography: Klein, P., 2014. A cryptography primer. New York: Cambridge University Press, p.161.

Ubuntu, Linux encryption implementations supporting AES. -CPU performance 20% slower, usage 25% higher. -Notable but lesser hit on Disk intensive activities.

In-text: (Larabel, 2015)

Your Bibliography: Larabel, M., 2015. The Performance Impact Of Linux Disk Encryption On Ubuntu 14.04 LTS - Phoronix. [online] Phoronix.com. Available at: <http://www.phoronix.com/scan.php?page=article&item=ubuntu_1404_encryption&num=1> [Accessed 27 February 2015].

I PLEAD THE 5TH!

In-text: (Fifth Amendment | Wex Legal Dictionary / Encyclopedia | LII / Legal Information Institute, 2015)

Your Bibliography: Law.cornell.edu. 2015. Fifth Amendment | Wex Legal Dictionary / Encyclopedia | LII / Legal Information Institute. [online] Available at: <https://www.law.cornell.edu/wex/fifth_amendment> [Accessed 27 February 2015].

Public must hand over encryption keys

In-text: (Regulation of Investigatory Powers Act 2000, 2015)

Your Bibliography: Legislation.gov.uk. 2015. Regulation of Investigatory Powers Act 2000. [online] Available at: <http://www.legislation.gov.uk/ukpga/2000/23/contents> [Accessed 27 February 2015].

With symmetric encryption algorithms like Triple - DES or AES, we can reduce the number of keys that need to be securely distributed.

In-text: (Martin, 2008)

Your Bibliography: Martin, L., 2008. Introduction to identity-based encryption. Boston: Artech House, p.90.

A Cryptographic key is a value that defines the operation of an encryption or decryption algorithm, Values that are used for all users of a system are called parameters instead. While traditional public-key algorithms have only public and private keys, IBE algorithms typically have a set or public parameters.

In-text: (Martin, 2008)

Your Bibliography: Martin, L., 2008. Introduction to identity-based encryption. Boston: Artech House, p.92.

-RSA allowing signature. -RSAs use as digital signature.

In-text: (Qi, Wei and Zhang, 2013)

Your Bibliography: Qi, N., Wei, W. and Zhang, J., 2013. Analysis and Research of the RSA Algorithm. Information Technology J., [online] 12(9), pp.1818-1824. Available at: <http://scialert.net/fulltext/?doi=itj.2013.1818.1824> [Accessed 26 February 2015].

TrueCrypt can encrypt windows installations on the fly, no change in how you use. -Long first start time -Decryption easy and generally faster. -Performance slower and encryption takes longer if you employ multiple algorithms. -Fast HDD and multi core processors allow to work subtly in background. Raid arrays and SSDs lessen bottlenecks when read/writing a lot of data with fast multicore processors. -Strong encryption has small effect on batter life.

In-text: (Roos, 2009)

Your Bibliography: Roos, P., 2009. Protect Your Data With Encryption - TrueCrypt 6.1--Tried And Tested. [online] Tom's Hardware. Available at: <http://www.tomshardware.com/reviews/truecrypt-security-hdd,2125.html> [Accessed 27 February 2015].

TrueCrypt on WIndows -Boot times slightly slower on slower HDDs, effect negated on SSDs -Neg effect on HDD intensive activities, SSD hit more -Little effect on activities not involving constand HDD read/write i.e. cpu intensive i.e. gaming -SSDs hit more, but still faster then HDDs.

In-text: (Rusen, 2015)

Your Bibliography: Rusen, C., 2015. What is the Performance Impact of System Encryption With TrueCrypt. [online] 7tutorials.com. Available at: <http://www.7tutorials.com/what-performance-impact-system-encryption-truecrypt#main-content> [Accessed 27 February 2015].

People use easy passwords.

In-text: (Schneier, 2015)

Your Bibliography: Schneier, B., 2015. Schneier on Security: Real-World Passwords. [online] Schneier.com. Available at: <https://www.schneier.com/blog/archives/2006/12/realworld_passw.html> [Accessed 27 February 2015].

Live systems must be kept live

In-text: (The growing impact of full disk encryption on digital forensics, 2015)

Your Bibliography: Sciencedirect.com. 2015. The growing impact of full disk encryption on digital forensics. [online] Available at: <http://www.sciencedirect.com/science/article/pii/S1742287611000727> [Accessed 27 February 2015].

Availability [of data] is adversely impacted by cryptography by the introduction of extra risk from the loss, distribution, or mismanagement of cryptographic keys.

In-text: (Tipton, 2011)

Your Bibliography: Tipton, H., 2011. Official (ISC)2 guide to the SSCP CBK. Boca Raton, FL: Auerbach Publications/CRC Press, p.45.

-With symmetric key encryption, it is not possibly to tie a specific person to a particular cryptographic action. -It is through asymmetric. -Block ciphers encrypt plaintext in chunks or of a particular size where the block size is the size of the message chunk and the secret key used can vary in length dramatically, with longer keys typically being considered stronger.

In-text: (Tipton, 2011)

Your Bibliography: Tipton, H., 2011. Official (ISC)2 guide to the SSCP CBK. Boca Raton, FL: Auerbach Publications/CRC Press, p.47.

Stream ciphers encrypt data on the fly usually on a bit-by-bit basis. Often used for speed and flexibility rather then strength.

In-text: (Tipton, 2011)

Your Bibliography: Tipton, H., 2011. Official (ISC)2 guide to the SSCP CBK. Boca Raton, FL: Auerbach Publications/CRC Press, p.55.

Hashes take a variable length message and construct a fixed-length binary output. Should always produce the same output. Useful for verifying message integrity, critical when using public key. Problem when used with symmetric, can be easily duplicated with anyone who has the key. Process: take original message, process it with cryptographic hash function. This generates a message digest that is encrypted using the senders private key. Encrypted message digest is referred to as a digital signature. When message received, recipient can verify the signature and message integrity if they have access to the senders public key. Done by running message through same cryptographic hash and sender used to generate a message digest. Affixed digital signature is then decrypted with the senders public key generating another message digest. If these 2 digests are identical the message integrity can be verified.

In-text: (Tipton, 2011)

Your Bibliography: Tipton, H., 2011. Official (ISC)2 guide to the SSCP CBK. Boca Raton, FL: Auerbach Publications/CRC Press, p.58.