Ideja o PKI Mark Lomas, University of Cambridge -povezava gradu s cestami (varnost pri po"siljanju sporo"cil) -predstavi osnovno idejo posiljanja po internetu (deljenje na pakate, vsak paket ima naslov, a ne gre nujno po isti poti, sestavljanje paketov) -deljenje zaupanja "stevilnim organizacijam Alec Muffestt in Whitfield Diffie, Sun Microsystems -za"s"cita, "sifriranje, enkripcija, tajni klju"ci -Enigma, Bletchley Park (posiljanje "sifrirnega/de"sifrirnega klju"ca) -Diffie razlo"zi idejo kriptografije javnih klju"cev preko anologije z nabiralniki (Sasa - analogina s pismi) in podpisovanjem -PGP Mark Graff in Alec Muffestt , Sun Microsystems Brian Neal, Digital Equipment Corp. -vstop v trdnjavo s pomo"cjo gesla in gesla za dostop do ra"cunalnika -napadi * kje so shranjena gesla v UNIX-u, * iskanje "sibkih gesel z napadom s pomo"cjo slovarja, * ko si enkrat v gradu, ima"s dostop do skrivnih sob * (iskanje nadaljnih slabosti) * izbira gesel Virusi -skrivni notranji program, ki korumpira podatke -trojanski konj (impersonira programe, krade podatke) *primer: Halifax (BBC Newsroom South East, Sept. 1995) doma narejen bankomat v petih tednih zbral gesla in ukradel 125.000funtov s 100 ra"cunov -"crv (angl. worm, ima svoje "zivljenje in raziskuje omre"zje) se "siri in seli z ma"sine na ma"sine -preventiva: po"zarni zid (kontrola pri vhodih, ugotovljanje namena na vhodu) *"ce notranja oseba izdaja, po"zarni zid ne pomaga *"sirjenje programov po internetu, zaupanje, odgovornost CERT (Computer Emergency Response Team) Dennis Jackson, Janet-Cert Co-ordinator -policija izvaja zakone -hekerji in krakerji (prvi pi"sejo programe za zabavo/veselje - ne gre za "carovnike, pogosto sledijo receptom in poskusajo ugotoviti zakaj delujejo, medtem ko drugi razbijajo varnost sistemov za skodozeljne ali pa pridobitni"ske namene) vlomilec sledi receptom, obi"cajno pa ne razume delovanje klju"cevnice - analogija s hekerjem ... kako pride izvzeti heker do novega recepta? arhitekt in napadalec designer ... namen ra"cunalnikov L. 1990 je Robert Morris dobil tri leta pogojno in \$10.000 kazni. Academic consultant: Blaine Price PKI W. Diffie BBC Prime 0' Fort, Comparison of ordinary mail and PKI 1' Dennis, Brian 2' Diffie, Sun Microsystems, Cryptography 3' WWII, Enigma, Bletchly Park, great computation efford? 4' public and private key, Alice and Bob in the presence of Eve 5' Instead of moving the messages we move the keys 6' Shop keepers and the bank that has different key 7' Red and blue keys,... analogy with ordinary mail, 8' signatures, PGP, Cryptography is not solution to all the problems 9' passwords and the dictionary attack ( 10' Alec Muffet?: unix password 12' Once you are in you can do almost anything 13' Guessable passwords, Brian Neale () password is a major problem 14' Computer virus 15' Trojan horse, the concept works in software 16' The worm 17' Firewall, a defence ... but not from the insiders 18' E-mail, virus, judge the safety of software. 19' Regular backup, Security, CERT 20' Denis 21' hackers 22' attacker and arhitech 23' computers are tools, important is to trust 24' Hacker