Keamanan Jaringan, Sistem, Host, Data, dan Sistem Informasi

Transcription

Management Information Systems
MANAGING THE DIGITAL FIRM, 12TH EDITION GLOBAL EDITION
Pertemuan ke-4
KEAMANAN JARINGAN, SISTEM,
HOST, DATA, DAN SISTEM
INFORMASI (diadopsi dari
SECURING IS, Laudon and Laudon)
Modified by:
Dr. R. Rizal Isnanto, S.T., M.M., M.T.
CHAPTER 8: SECURING INFORMATION SYSTEMS
Learning Objectives
• What are the most important tools and
technologies for safeguarding information
resources?
2
Technologies and Tools for Protecting Information Resources
• Identity management software
– Automates keeping track of all users and privileges
– Authenticates users, protecting identities, controlling
access
• Authentication
–
–
–
–
3
Password systems
Tokens
Smart cards
Biometric authentication
• Firewall:
– Combination of hardware and software
that prevents unauthorized users from
accessing private networks
– Technologies include:
• Static packet filtering
• Network address translation (NAT)
• Application proxy filtering
4
A CORPORATE
FIREWALL
The firewall is placed between
the firm’s private network and
the public Internet or another
distrusted network to protect
against unauthorized
traffic.
FIGURE 8-5
5
• Intrusion detection systems:
– Monitor hot spots on corporate networks to detect
and deter intruders
– Examines events as they are happening to discover
attacks in progress
• Antivirus and antispyware software:
– Checks computers for presence of malware and can
often eliminate it as well
– Require continual updating
• Unified threat management (UTM) systems
6
Intrusion Detection System (IDS)
• Intrusion Detection System (disingkat IDS) adalah
sebuah aplikasi perangkat lunak atau perangkat keras
yang dapat mendeteksi aktivitas yang mencurigakan
dalam sebuah sistem atau jaringan. IDS dapat
melakukan inspeksi terhadap lalu
lintas inbound dan outbound dalam sebuah sistem
atau jaringan, melakukan analisis dan mencari bukti
dari percobaan intrusi (penyusupan).
7
© Pearson Education 2012
Intrusion and Intrusion Detection
• Intrusion : Attempting to break into or misuse your
system.
• Intruders may be from outside the network or
legitimate users of the network.
• Intrusion can be a physical, system or remote
intrusion.
8
Intrusion Detection Systems (IDS) and Signature
• Intrusion Detection Systems look for attack
signatures, which are specific patterns that usually
indicate malicious or suspicious intent.
• Different ways of classifying an IDS
IDS based on
–
–
–
–
9
anomaly detection
signature based misuse
host based
network based
• Securing wireless networks
– WEP security can provide some security by
• Assigning unique name to network’s SSID and
not broadcasting SSID
• Using it with VPN technology
– Wi-Fi Alliance finalized WAP2 specification,
replacing WEP with stronger standards
• Continually changing keys
• Encrypted authentication system with central
server
10
• Encryption:
– Transforming text or data into ciphertext
that cannot be read by unintended
recipients
– Two methods for encryption on networks
• Secure Sockets Layer (SSL) and successor
Transport Layer Security (TLS)
• Secure Hypertext Transfer Protocol (SHTTP)
11
• Two methods of encryption
– Symmetric key encryption
• Sender and receiver use single, shared key
– Public key encryption
• Uses two, mathematically related keys: Public
key and private key
• Sender encrypts message with recipient’s
public key
• Recipient decrypts with private key
12
PUBLIC KEY ENCRYPTION
FIGURE 8-6
13
A public key encryption system can be viewed as a series of public and private keys that lock data when they
are transmitted and unlock the data when they are received. The sender locates the recipient’s public key in
a directory and uses it to encrypt a message. The message is sent in encrypted form over the Internet or a
private network. When the encrypted message arrives, the recipient uses his or her private key to decrypt
the data and read the message.
• Digital certificate:
– Data file used to establish the identity of users and
electronic assets for protection of online transactions
– Uses a trusted third party, certification authority (CA), to
validate a user’s identity
– CA verifies user’s identity, stores information in CA server,
which generates encrypted digital certificate containing
owner ID information and copy of owner’s public key
• Public key infrastructure (PKI)
– Use of public key cryptography working with certificate
authority
– Widely used in e-commerce
14
DIGITAL
CERTIFICATES
Digital certificates help
establish the identity of people
or electronic assets. They
protect online transactions by
providing secure, encrypted,
online communication.
FIGURE 8-7
15
• Ensuring system availability
– Online transaction processing requires 100%
availability, no downtime
• Fault-tolerant computer systems
– For continuous availability, e.g. stock markets
– Contain redundant hardware, software, and power
supply components that create an environment that
provides continuous, uninterrupted service
• High-availability computing
– Helps recover quickly from crash
– Minimizes, does not eliminate downtime
16
• Recovery-oriented computing
– Designing systems that recover quickly with
capabilities to help operators pinpoint and correct of
faults in multi-component systems
• Controlling network traffic
– Deep packet inspection (DPI)
• Video and music blocking
• Security outsourcing
– Managed security service providers (MSSPs)
17
• Security in the cloud
– Responsibility for security resides with company
owning the data
– Firms must ensure providers provides adequate
protection
– Service level agreements (SLAs)
• Securing mobile platforms
– Security policies should include and cover any special
requirements for mobile devices
• E.g. updating smart phones with latest security patches,
etc.
18
MWEB BUSINESS: HACKED
Read the Interactive Session and discuss the following questions
• What security and control problems are described in this
case?
• What people, organization, and technology factors
contribute to these problems?
• How secure is cloud computing? Explain your answer.
• If you were in charge of your company’s information
systems department, what issues would you want to clarify
with prospective vendors?
• Would you entrust your corporate systems to a cloud
computing provider? Why or why not?
19
• Ensuring software quality
– Software metrics: Objective assessments of system
in form of quantified measurements
•
•
•
•
Number of transactions
Online response time
Payroll checks printed per hour
Known bugs per hundred lines of code
– Early and regular testing
– Walkthrough: Review of specification or design
document by small group of qualified people
– Debugging: Process by which errors are eliminated
20
Communications, Networks,
& Safeguards
6
McGraw-Hill
Cyberthreats, Hackers, &
Safeguards
 Problem: Internet was begun to foster collaboration
among universities and scientists. They trusted each
other. No security was built into the internet.
 Problem: The internet is open-access and is used by
criminals who take advantage of the lack of built-in
safeguards.
 Problem: Most people connect to the internet and
use their computers in LANs. All it takes is one
computer on a LAN that has been compromised for
all computers on it to be vulnerable.
McGraw-Hill
Safeguards
 Cyberthreats
 Denial of Service Attacks
 Consist of making repeated requests of a
computer or network device, thereby
overloading it and denying access to
legitimate users
 Used to target particular companies or
individuals
McGraw-Hill
Safeguards
 Cyberthreats (continued)
 Worms (Malware)
 A program that copies itself repeatedly
into a computer’s memory or disk drive
 May copy itself so much it crashes the
infected computer
 Primarily target PCs running Microsoft
Windows
McGraw-Hill
Safeguards
 Viruses (Malware)
 Deviant program that hides on a disk, in an email, or in a web link that causes unexpected
effects such as destroying or corrupting data
 Viruses are released at the rate of about one
per day
 To see what the latest ones are, go to
www.symantec.com/avcenter/vinfodb.html
McGraw-Hill
Safeguards
 Trojan Horses (Malware)
 Programs that pretend to be a useful program
such as a free game or a screensaver but that
carry viruses or malicious instructions that
damage your computer or install a backdoor or
spyware
 Backdoors and spyware allow others to access
your computer without your knowledge
McGraw-Hill
Safeguards
 How they spread
 Via e-mail attachments
 By infected disks
 By clicking on infiltrated websites
 By downloading infected files from websites
 Through infiltrated Wi-Fi hotspots
 From one infected PC on a LAN to another
 What can you do about it?
 Install antivirus software and subscribe to the
manufacturer’s automatic antivirus update service
McGraw-Hill
Safeguards
 Cellphone Malware
 Spread via internet downloads, MMS attachments, and
Bluetooth transfers
 Usually show up disguised as applications such as
games, security patches, add-on functionalities, erotica,
and free programs
 Protect your phone:
 Turn off Bluetooth discoverable mode
 Check security updates to learn about filenames to watch out
for
 Install security software
McGraw-Hill
Safeguards
 Cyber Villains
 Hackers are either
 Computer enthusiasts, people who enjoy learning
about programming and computers
 People who gain unauthorized access to computers or
networks, often for fun or just to see if they can
 Two types:
 Thrill-seeker hackers: do it for the challenge
 White-hat hackers: do it to expose security flaws that can be
fixed
McGraw-Hill
Safeguards
 Cyber Villains
 Crackers
 Malicious hackers who break into computers for
malicious purposes
 Script kiddies are technically unsophisticated teenagers who
use downloadable software for perform break-ins
 Hacktivists are hacker activists who break into systems for a
political purpose
 Black-hat hackers are those who break into computers to steal
or destroy information or to use it for illegal profit
 Cyberterrorists attack computer systems so as to bring
physical or financial harm to groups, companies, or nations
McGraw-Hill
Safeguards
 Online Safety
 Use antivirus software, and keep it current
 Install a firewall to monitor network traffic and filter
out undesirable types of traffic and undesirable sites
 Don’t use the same password for multiple sites
 Don’t give out any password information
 Use robust passwords:
 Minimum 8 characters with letters, numbers,
characters
 4cats is not a good password; f0UrK@tTz is safer
McGraw-Hill
Safeguards
 Online Safety (continued)
 Install antispyware software
 Encrypt financial and personal records so only you
can read them
 Back up your data, so if your PC is attacked and
must be reformatted, you can restore your data
 Never download from a website you don’t trust
 Consider biometric authentication
McGraw-Hill
Safeguards
 Biometrics: science of measuring individual body
characteristics
 Used in security devices
 Examples; hands, fingerprints, iris recognition, face
recognition, voice recognition
 Now available on laptops
McGraw-Hill
Safeguards
 Encryption
 Process of altering readable data into unreadable form
to prevent unauthorized access
 Uses powerful mathematical ciphers to create coded
messages that are difficult to break
 Unencrypted messages are known as plain text
 Encrypted text is known as cybertext
 Either private keys or public keys are used to encrypt and send
and then to receive and decrypt messages
McGraw-Hill
Safeguards
 Private Key encryption means the same secret key
is used by both the sender and receiver to encrypt
and decrypt a message
 Public Key encryption means that two keys are
used; the recipient’s public key is given to the
sender to encrypt the message; the receiver uses
a private key to decrypt it
McGraw-Hill
Contoh Public Key
Cryptosystem: RSA
 Teknik yang digunakan untuk penghitungan:
FAST EXPONENTIATION
 Kita akan tengok terlebih dahulu konsep FAST
EXPONENTIATION sebelum membahas
Algoritma RSA
McGraw-Hill
FAST EXPONENTIATION
1. Konsep Modulo
2. Perpangkatan Cepat
3
8
Fast Exponentiation
 Algoritma kunci-publik seperti RSA, Elgamal,
Rabin-Williams Cryptosystem, DSA, dan
sebagainya, sederhana dalam perhitungannya
namun sulit dalam implementasinya dalam
perangkat lunak. Hal ini karena algoritma tersebut
melakukan operasi perpangkatan dengan
bilangan yang besar.
 Metode Fast Exponentiation digunakan untuk
menghitung operasi pemangkatan besar bilangan
bulat modulo dengan cepat.
McGraw-Hill
Konsep Modulo (1)
 Konsep Modulo merupakan bagian yang dibahas pada
Matematika Diskret.
 Operasi modulo, misal: a mod b = c mempersyaratkan nilainilai a, b, dan c harus integer (bulat), dengan c merupakan
sisa hasil-bagi bulat dari a/b  div (a/b)
 Contoh: 10/3 = 3, sisa 1  maka 10 mod 3 = 1
 Penggunaan kalkulator yang tidak ada fungsi mod-nya
contoh: Berapa 124 mod 5?
cara: 124 : 5 = 24.8
24
0.8
0.8*5 = 4
Sehingga, 124 mod 5 = 4, atau bisa ditulis: 124 4 mod 5
McGraw-Hill
Konsep Modulo (2)
 Jika a mod b, dengan a < b, maka a mod b = a
 Jika a mod b, dengan a > b/2 dan a < b maka a mod b = a-b = - (b-a)
Contoh: berapakah 31 mod 33?
Jawab: a = 31, b = 33, dengan a < b (=31 < 33), sekaligus
a > b/2 (= 31 > 33/2 = 16,5), maka dapat dituliskan:
31 mod 33 = 31 31-33 -2 mod 33
atau dapat ditulis: 31 31-33 -2 mod 33
yang merupakan cara penulisan cepat.
Angka hasil modulo yang kecil lebih disukai  lebih mudah
penghitungannya pada fast exponentiation.
Model penulisan lain (lebih panjang):
31 mod 33 = (31-33) mod 33 = -2 mod 33 = -2
McGraw-Hill
FAST EXPONENTIATION
McGraw-Hill
 Jadi hasil dari 311 mod 35
McGraw-Hill
 Contoh
1098 mod 11
1098 mod 11 ≡ 1064+32+2
10 mod 11 ≡ 10 ≡ (-1) mod 11
102 ≡ (-1)2 ≡ 1 mod 11
1032 ≡ (102)16 =116 ≡ 1 mod 11
1064 ≡ (1032)2 = 12 ≡ 1 mod 11
Jadi 1098 mod 11 ≡ 1064+32+2 ≡ 1064. 1032. 102
≡ (1). (1). (1) ≡ 1 mod 11
McGraw-Hill
 57237 mod 713
57237 = 57232  5724  572
572 mod 713 ≡ 572 ≡ (-141) mod 713
5722 ≡ (-141)2 ≡ 630 ≡ (-83) mod 713
5724 ≡ (5722) 2 ≡ (-83) 2 ≡ 472 ≡ (-241) mod 713
5728 ≡ (5724) 2 ≡ (-241) 2 ≡ 328 mod 713
57216 ≡ (5728) 2 ≡ 328 2 ≡ 634 ≡ (-79) mod 713
57232 ≡ (57216) 2 ≡ (-79) 2 ≡ 537 ≡ (-176) mod 713
Jadi 57237 mod 713 ≡ 57232  5724  572 ≡
(-176).(-241).(-141) ≡ (-12) mod 713
McGraw-Hill
PR A (1 minggu)
Dengan Fast Exponentiation, carilah:
1. 1535 mod 17
2. 2315 mod 29
3. 324 mod 8
4. 5105 mod 12
5. 737 mod 10
McGraw-Hill
ENKRIPSI RSA
4
7
R
S
A
Ronald Rivest, Adi Shamir, Leonard Adleman)
RSA PUBLIC KEY
ALGORITHM
McGraw-Hill
Everyone knows Bob’s public key.
Anyone can do the public operation.
McGraw-Hill
Only Bob knows his own private key.
It is not possible to find M, given only C and not the private
key.
It is not possible to find the private key, given the public
key.
Therefore, only Bob can do the private operation.
McGraw-Hill
Konversi Huruf ke Angka
dalam RSA
 Dalam implementasinya, pesan m yang akan
dienkripsi adalah berbentu teks, sehingga teks
(rangkaian huruf/karakter) tersebut harus
dinyatakan dalam sebuah angka.
 Cara mengkonversi adalah mengikuti rumus:
n1
m   (ASCII(karakter ke  i) * 256i
i 0
dengan n = panjang karakter
Contoh: bagaimana mengubah pesan “aabc”
menjadi sebuah angka m?
McGraw-Hill
Konversi Huruf ke Angka
dalam RSA (2)
Contoh: bagaimana mengubah pesan “aabc” menjadi sebuah
angka m?
n1
m   (ASCII(karakter ke  i) * 256
i
i 0
Jawab:
ASCII (‘a’) = 97
ASCII (‘b’) = 98
ASCII (‘c’) = 99
sehingga m = (97 x 2560) + (97 x 2561) + (98 x 2562) + (99 x 2563)
= 97 + 24.842 + 6.422.528 + 1.660.944.384
= 1.667.391.841 (angka yang cukup besar)
McGraw-Hill
Konversi Huruf ke Angka….(3)
 Namun demikian, sebetulnya cara tersebut bukan satu-satunya,
tergantung dari kesepakatan Alice dan Bob.
 Ada yang menggunakan cara karakter per karakter (Cara kedua)
 Misal kata ”tugasakhir” akan dikonversi terlebih dahulu menjadi:
“tugasakhir” = 116 117 103 97 115 97 107 104 105 114
Misalkan Alice mengambil blok dengan panjang 4 digit menjadi :
1161, 1710, 3971, 1597, 1071, 0410, 5114.
Masing-masing angka ini kemudian dihitung menggunakan
pasangan kunci publik.
• Tentang kunci publik, kunci rahasia, enkripsi, dekripsi, dsb.
dibahas setelah ini.
McGraw-Hill
Konversi Huruf ke Angka….(4)
 Cara ketiga: Mirip dengan cara pertama, namun
dengan bilangan basis yang dipangkatkan 95.
 Cara keempat, kelima, dan seterusnya bisa dicek di
Internet.
 Intinya, untuk mengubah ke suatu angka
tergantung konvensi (kesepakatan) antara Alice
dan Bob
 Untuk mengembalikan dari angka menjadi huruf
saat dekripsi, dibutuhkan tabel ASCII (untuk cara
kedua) dan kalkulasi komputer yang lebih rumit
(untuk cara pertama dan ketiga)
McGraw-Hill
Ide Utama Enkripsi RSA
(Rivest, Shamir, Adleman)
1. Key setup
 Pilih dua buah bilangan prima p,q
 Hitung n = p.q
 Pilih e sedemikian hingga 1<e<ф
dengan ф = (p-1)(q-1)
 Hitung d yang secara relatif prima terhadap ф
kunci publik (n,e)
kunci privat (d)
McGraw-Hill
2. Enkripsi
c = me mod n
m = pesan asli / plaintext
3. Dekripsi
m = cd mod n
McGraw-Hill
Contoh soal
Diketahui pada algoritma RSA bahwa key setup
yang dilakukan adalah p=3, q=11 dan e dipilih 17
a. Berapa nilai d yang dipilih ?
b. Jika m=5 tentukan cipher teksnya !
c. Buktikan bahwa dekripsi yang dilakukan
akan menghasilkan m yang sesuai butir b !
McGraw-Hill
Jawab:
p = 3; q = 11
n = p.q = (3)(11) = 33
ф = (p-1)(q-1)=(2)(10) = 20
e  1 < e < ф 1 < e < 20
misal e=17
pilih d, 1 < d < ф
e.d=1 mod ф
Kandidat d
e.d
e.d mod ф
Keterangan
2
34
34 mod 20 = 14
bukan
3
51
51 mod 20 = 11
Bukan
4
68
68 mod 20 = 8
Bukan
….
…
…
…
13
221
221 mod 20 = 1
Dipilih
McGraw-Hill
Cari cara cerdas untuk mencari d
1. Perkirakan, d genap atau ganjil  akan menghemat setengah
waktu untuk pencarian
2. Perkirakan kandidat d yang paling mungkin.
Contoh: dari kasus sebelumnya e.d mod ф = 1; untuk e = 17 dan
ф = 20 dapat ditulis sebagai 17d/20 = sebuah angka (tidak
penting berapa nilainya) dengan sisa pembagian 1.
Semua kelipatan 20 pasti berakhiran 0 (yaitu: 20, 40, 60, dst.)
17d pasti berakhiran (0 + 1) = 1; dan d pasti berakhiran 3, karena
bilangan lain jelas tidak mungkin (ingat 7*3 = 21)
Untuk 1<d< 20, maka d yang mungkin adalah 3 dan 13.
Bilangan 3 sudah dicari  bukan. Berarti jawabannya pasti d =
13.
Cek: 17*13 = 221; 221 mod 20 = 1  TERBUKTI.
McGraw-Hill
 kunci publik (n,e)=(33,17)
 kunci privat (d)=(13)
b. Enkripsi
c = me mod n dengan m = 5
33
 c=14
McGraw-Hill
c. Dekripsi
 m = 5 (terbukti)
McGraw-Hill
PR (1 minggu)
1. Untuk teks “Hello”, tentukan m (plaintext) yang siap
dienkripsi dalam RSA, dengan cara pertama dan
kedua (asumsi: ukuran blok 3 digit menjadi 4 digit).
Lihat Tabel ASCII.
2. Diketahui pada algoritma RSA bahwa key setup yang
dilakukan adalah p=13, q=17, dan e dipilih = 25.
a. Berapa nilai d yang dipilih? (d adalah ganjil
sedemikian hingga 159 < d < 190)
b. Jika m = 7, tentukan ciphertext c-nya.
c. Buktikan bahwa dekripsi yang dilakukan
akan menghasilkan m sesuai butir b.
McGraw-Hill
Private Key Cryptosystem
 Disebut pula sebagai Kriptografi simetrik
(symmetric cryptography) atau kriptografi
kunci rahasia (secret key cryptography)
McGraw-Hill
Symmetric Cryptography
• Kriptografi simetrik (symmetric cryptography) atau dikenal pula
sebagai kriptografi kunci rahasia (secret key cryptography)
• Merupakan kriptografi yang menggunakan kunci yang sama baik
untuk proses enkripsi maupun dekripsi.
• Kriptografi simetrik sangat menekankan pada kerahasiaan kunci
yang digunakan untuk proses enkripsi dan dekripsi. Oleh karena
itulah kriptografi ini dinamakan pula sebagai kriptografi kunci
rahasia
• Contoh algoritma simetrik adalah : OTP, DES (Data Encryption
Standard), RC2, RC4 (Ron’s Code), Rc5, RC6, IDEA (International
Data Encryption Algorithm), Twofish, Magenta, Rijndael (AESAdvanced Encryption Standard), Blowfish, GOST, dan lain – lain
• Block cipher : IDEA, AES, DES
• Stream cipher : RC4
McGraw-Hill
Symmetric Cryptography
 Kunci untuk enkripsi = kunci untuk dekripsi
 Ek(m) = c
 Dk(c) = m
McGraw-Hill
Mekanisme Kerja Symmetric
Cryptography
• Alice dan Bob menyetujui algoritma simetrik yang akan
digunakan
• Alice dan Bob menyetujui kunci yang akan dipakai
• Alice membuat pesan plaintext yang akan dikirimkan
kepada Bob, lalu melakukan proses enkripsi dengan
menggunakan kunci dan algoritma yang telah
disepakati sehingga menghasilkan ciphertext
• Alice mengirimkan ciphertext tersebut kepada Bob
• Bob menerima ciphertext, lalu melakukan dekripsi
dengan menggunakan kunci dan algoritma yang sama
sehingga dapat memperoleh plaintext tersebut
McGraw-Hill
Mekanisme Kerja Symmetric Cryptography
Sumber
Kunci
Pihak tak
dikenal
jalur aman
e
e
Enkripsi
E e (m) = c
c
jalur tak aman
Dekripsi
D d (c) = m
m
m
Sumber
Plaintext
Tujuan
Alice
Bob
McGraw-Hill
Kelemahan Symmetric
Cryptography
• Harus ada jalur aman (secure channel) dahulu yang
memungkinkan Bob dan Alice melakukan transaksi kunci
• Hal ini menjadi masalah karena jika jalur itu memang ada,
tentunya kriptografi tidak diperlukan lagi dalam hal ini.
Masalah ini dikenal sebagai masalah persebaran kunci (key
distribution problem)
• Kelemahan lainnya adalah bahwa untuk tiap pasang pelaku
sistem informasi diperlukan sebuah kunci yang berbeda.
Dengan demikian bila terdapat n pelaku sistem informasi,
maka agar tiap pasang dapat melakukan komunikasi
diperlukan kunci sejumlah total n(n – 1)/2 kunci. Untuk
jumlah n yang sangat besar, penyediaan kunci ini akan
menjadi masalah, yang dikenal sebagai masalah
manajemen kunci (key management problem)
McGraw-Hill
Keuntungan Symmetric
Cryptography
 Dibandingkan dengan kriptografi asimetrik,
kriptografi simetrik memiliki kecepatan
operasi yang jauh lebih cepat.
69
McGraw-Hill
Secret Key Cryptosystem
• Block Cipher
• Transposition Cipher
• Substitution Cipher
• Stream Cipher
• Polyalphabetic substitutions and Vigenere
ciphers
• Polyalphabetic cipher machines and rotors
• Cryptanalysis of classical ciphers
70
McGraw-Hill
Transposition ciphers
Transposition cipher melakukan proses enkripsi
dan dekripsi dengan cara :
• Mengganti urutan huruf pada Plaintext
(enkripsi) dan Ciphertext (dekripsi) dengan
aturan tertentu
• Aturan ini membentuk kunci yang di pakai
dalam Enkripsi / Dekripsi
71
McGraw-Hill
Contoh Transposition Cipher
 Misalkan Plaintext “gadjah” dan Kunci “pakai
blok berukuran tiga, tukar huruf pertama
dengan huruf kedua, huruf ketiga dibuat
tetap”.
 Plaintext dibagi beberapa blok dengan ukuran
sesuai informasi Kunci, kemudian penukaran
Kunci dipakai. Dalam contoh ini Plaintext
“gadjah” di enkrip menjadi “agdajh”
72
McGraw-Hill
Contoh 1:
Transposition Cipher
Plaintext
: g a d j a h
Enkripsi
Ciphertext : a g d a j h
Dekripsi
Plaintext
: g a d j a h
73
McGraw-Hill
Contoh 2: Matrix encryption
 Ide : plaintext diletakkan pada matriks
bujursangkar.
 Contoh : UNIVERSITAS DIPONEGORO
* spasi pada plaintext diabaikan.
 Jumlah karakter contoh plaintext di atas
adalah 21 karakter, maka matriks yang dipakai
adalah 25 = 52.
McGraw-Hill
Matriksnya menjadi:
1
2
3
4
5
U
N
I
V
E
R
S
I
T
A
S
D
I
P
O
N
E
G
O
R
O
X
X
X
X
•Misal : kunci = 41325 (berdasar kolom)
•Jadi chipertext =
VTPOX URSNO IIIGX NSDEX EAORX
dan digabung menjadi :
VTPOXURSNOIIIGXNSDEXEAORX
McGraw-Hill
Dekripsi
Matrix Encryption
• Dekripsi :
– Bagi 1 blok untuk 5 huruf
– Buat matriks berdasar kolom (atas ke bawah)
– Urutkan dalam posisi 12345
– Baca per baris (UNIVERSITASDIPONEGORO)
McGraw-Hill
PR C (waktu 1 minggu)
 Dengan menggunakan metode Matrix
Encryption, bagaimanakah ciphertext yang
dihasilkan jika plaintext ="HARUS SEMANGAT
UNTUK PAHAM KRIPTOGRAFI" dan kunci =
246153 (berdasar kolom).
McGraw-Hill
Ada Pertanyaan?
 Terima kasih
 Sekian
McGraw-Hill

Keamanan Jaringan, Sistem, Host, Data, dan Sistem Informasi

Transcription

Similar documents

Pengurusan Landskap oleh Pihak Berkepentingan

Sambutan dari Kepala Galeri Nasional Indonesia S ejalan dengan

Kao Kalia Yang

sessi 8 - Organisasi..

Chapter 5: Principles of Design

cocos islands dhs - Cocos Island District High School

National Population Conference on the Inter

It - Pernec Corporation Berhad

Ulasan buku / artikel

perempuan yang meratapi mayat yang terkulai di lutut mereka. "The