際際滷

際際滷Share a Scribd company logo

9-crypthvvy6u7btyjibuibuibryjijighhnm.ppt

Download as PPT, PDF
V
vikashbharati917

etthhf ghr hrhtr ggttrg

1 of 44
Download to read offline
Computer Security Communications, Networking & Security Cryptography
Well established needs for secure communication War time communication Business transactions Illicit Love Affairs Requirements of secure communication 1. Secrecy Only intended receiver understands the message 2. Authentication Sender and receiver need to confirm each others identity 3. Message Integrity Ensure that their communication has not been altered, either maliciously or by accident during transmission Secure Communication Needs and Requirements
Cryptography is the science of secret, or hidden writing It has two main Components: 1. Encryption Practice of hiding messages so that they can not be read by anyone other than the intended recipient 2. Authentication & Integrity Ensuring that users of data/resources are the persons they claim to be and that a message has not been surreptitiously altered Cryptography Basics
Cipher is a method for encrypting messages Encryption algorithms are standardized & published The key which is an input to the algorithm is secret Key is a string of numbers or characters If same key is used for encryption & decryption the algorithm is called symmetric If different keys are used for encryption & decryption the algorithm is called asymmetric Encryption Cipher Plain Text Encryption Algorithm Key A Key B Cipher Text Plain Text Decryption Algorithm
Algorithms in which the key for encryption and decryption are the same are Symmetric Example: Caesar Cipher Types: 1. Block Ciphers Encrypt data one block at a time (typically 64 bits, or 128 bits) Used for a single message 2. Stream Ciphers Encrypt data one bit or one byte at a time Used if data is a constant stream of information Encryption Symmetric Algorithms
Strength of algorithm is determined by the size of the key The longer the key the more difficult it is to crack Key length is expressed in bits Typical key sizes vary between 48 bits and 448 bits Set of possible keys for a cipher is called key space For 40-bit key there are 240 possible keys For 128-bit key there are 2128 possible keys Each additional bit added to the key length doubles the security To crack the key the hacker has to use brute-force (i.e. try all the possible keys till a key that works is found) Super Computer can crack a 56-bit key in 24 hours It will take 272 times longer to crack a 128-bit key (Longer than the age of the universe) Symmetric Encryption Key Strength
Caesar Cipher is a method in which each letter in the alphabet is rotated by three letters as shown Substitution Ciphers Caesar Cipher A B C D E F G H I J K L M N O P Q R S T U V W X Y Z D E F G H I J K L M N O P Q R S T U V W X Y Z A B C Let us try to encrypt the message Attack at Dawn Assignment: Each student will exchange a secret message with his/her closest neighbor about some other person in the class and the neighbor will decipher it.
Substitution Ciphers Caesar Cipher Encryption Plain Text Message: Attack at Dawn Cipher Text Message: Dwwdfn Dw Gdyq Cipher: Caesar Cipher Algorithm Key (3) Decryption Plain Text Message: Attack at Dawn Cipher Text Message: Dwwdfn Dw Gdyq Cipher: Caesar Cipher Algorithm Key (3) How many different keys are possible?
Any letter can be substituted for any other letter Each letter has to have a unique substitute There are 26! pairing of letters (~1026 ) Brute Force approach would be too time consuming Statistical Analysis would make it feasible to crack the key Substitution Cipher Monoalphabetic Cipher A B C D E F G H I J K L M N O P Q R S T U V W X Y Z M N B V C X Z A S D F G H J K L P O I U Y T R E W Q Encrypted Message: Nkn, s gktc wky. mgsbc Message: Bob, I love you. Alice Cipher: Monoalphabetic Cipher Key
Developed by Blaise de Vigenere Also called Vigenere cipher Uses a sequence of monoalpabetic ciphers in tandem e.g. C1, C2, C2, C1, C2 Example Substitution Cipher Polyalphabetic Caesar Cipher Encrypted Message: Gnu, n etox dhz. tenvj Message: Bob, I love you. Alice Cipher: Monoalphabetic Cipher Key Plain Text A B C D E F G H I J K L M N O P Q R S T U V W X Y Z C1(k=6) F G H I J K L M N O P Q R S T U V W X Y Z A B C D E C2(k=20) T U V W X Y Z A B C D E F G H I J K L M N O P Q R S
Obtain a key to for the algorithm and then shift the alphabets For instance if the key is word we will shift all the letters by four and remove the letters w, o, r, & d from the encryption We have to ensure that the mapping is one-to-one no single letter in plain text can map to two different letters in cipher text no single letter in cipher text can map to two different letters in plain text Substitution Cipher Using a key to shift alphabet Encrypted Message: ?? Message: Bob, I love you. Alice Cipher: WORD Plain Text A B C D E F G H I J K L M N O P Q R S T U V W X Y Z C1(k=6) W O R D A B C E F G H I J K L M N P Q S T U V X Y Z
This involves rearrangement of characters on the plain text into columns The following example shows how letters are transformed If the letters are not exact multiples of the transposition size there may be a few short letters in the last column which can be padded with an infrequent letter such as x or z Transposition Cipher Columnar Transposition T H I S I S A M E S S A G E T O S H O W H O W A C O L U M N A R T R A N S P O S I T I O N W O R K S T S S O H O A N I W H A A S O L R S T O I M G H W U T P I R S E E O A M R O O K I S T W C N A S N S Plain Text Cipher Text
The amount of secrecy needed should determine the amount of labor appropriate for the encryption and decryption. The set of keys and the enciphering algorithm should be free from complexity. The implementation of the process should be as simple as possible. Errors in ciphering should not propagate and cause corruption of further information in the message. The size of the enciphered text should be no larger than the text of the original message. Ciphers Shannons Characteristics of Good Ciphers
It is based on sound mathematics. Good cryptographic algorithms are are derived from solid principles. It has been analyzed by competent experts and found to be sound. Since it is hard for the writer to envisage all possible attacks on the algorithm It has stood the test of time. Over time people continue to review both mathematical foundations of an algorithm and the way it builds upon those foundations. The flaws in most algorithms are discovered soon after their release. Encryption Systems Properties of Trustworthy Systems
Cryptanalysis is the process of breaking an encryption code Tedious and difficult process Several techniques can be used to deduce the algorithm Attempt to recognize patterns in encrypted messages, to be able to break subsequent ones by applying a straightforward decryption algorithm Attempt to infer some meaning without even breaking the encryption, such as noticing an unusual frequency of communication or determining something by whether the communication was short or long Attempt to deduce the key, in order to break subsequent messages easily Attempt to find weaknesses in the implementation or environment of use of encryption Attempt to find general weaknesses in an encryption algorithm, without necessarily having intercepted any messages Cryptanalysis Techniques
Goal of DES is to completely scramble the data and key so that every bit of cipher text depends on every bit of data and ever bit of key DES is a block Cipher Algorithm Encodes plaintext in 64 bit chunks One parity bit for each of the 8 bytes thus it reduces to 56 bits It is the most used algorithm Standard approved by US National Bureau of Standards for Commercial and nonclassified US government use in 1993 Data Encryption Standard (DES) Basics
DES run in reverse to decrypt Cracking DES 1997: 140 days 1999: 14 hours TripleDES uses DES 3 times in tandem Output from 1 DES is input to next DES Data Encryption Standard (DES) Basics 64-bit input L1 R1 F(L1, R1, K1) L2 R2 L3 R3 L17 R17 56-bit key 48-bit k1 48-bit k2 48-bit k3 48-bit k16 F(L2, R2, K2) F(L16, R16, K16)
Encryption Algorithm Summary Algorithm Type Key Size Features DES Block Cipher 56 bits Most Common, Not strong enough TripleDES Block Cipher 168 bits (112 effective) Modification of DES, Adequate Security Blowfish Block Cipher Variable (Up to 448 bits) Excellent Security AES Block Cipher Variable (128, 192, or 256 bits) Replacement for DES, Excellent Security RC4 Stream Cipher Variable (40 or 128 bits) Fast Stream Cipher, Used in most SSL implementations
Any exposure to the secret key compromises secrecy of ciphertext A key needs to be delivered to the recipient of the coded message for it to be deciphered Potential for eavesdropping attack during transmission of key Symmetric Encryption Limitations
Uses a pair of keys for encryption Public key for encryption Private key for decryption Messages encoded using public key can only be decoded by the private key Secret transmission of key for decryption is not required Every entity can generate a key pair and release its public key Asymmetric Encryption Basics Plain Text Cipher Public Key Private Key Cipher Text Plain Text Cipher
Two most popular algorithms are RSA & El Gamal RSA Developed by Ron Rivest, Adi Shamir, Len Adelman Both public and private key are interchangable Variable Key Size (512, 1024, or 2048 buts) Most popular public key algorithm El Gamal Developed by Taher ElGamal Variable key size (512 or 1024 bits) Less common than RSA, used in protocols like PGP Asymmetric Encryption Types
Choose two large prime numbers p & q Compute n=pq and z=(p-1)(q-1) Choose number e, less than n, which has no common factor (other than 1) with z Find number d, such that ed 1 is exactly divisible by z Keys are generated using n, d, e Public key is (n,e) Private key is (n, d) Encryption: c = me mod n m is plain text c is cipher text Decryption: m = cd mod n Public key is shared and the private key is hidden Asymmetric Encryption RSA
P=5 & q=7 n=5*7=35 and z=(4)*(6) = 24 e = 5 d = 29 , (29x5 1) is exactly divisible by 24 Keys generated are Public key: (35,5) Private key is (35, 29) Encrypt the word love using (c = me mod n) Assume that the alphabets are between 1 & 26 Asymmetric Encryption RSA Plain Text Numeric Representation me Cipher Text (c = me mod n) l 12 248832 17 o 15 759375 15 v 22 5153632 22 e 5 3125 10
Decrypt the word love using (m = cd mod n) n = 35, c=29 Asymmetric Encryption RSA Cipher Text cd (m = me mod n) Plain Text 17 481968572106750915091411825223072000 17 l 15 12783403948858939111232757568359400 15 o 22 85264331908653770195619449972111000000 0 22 v 10 100000000000000000000000000000 10 e
Efficiency is lower than Symmetric Algorithms A 1024-bit asymmetric key is equivalent to 128-bit symmetric key Potential for man-in-the middle attack It is problematic to get the key pair generated for the encryption Asymmetric Encryption Weaknesses
Hacker could generate a key pair, give the public key away and tell everybody, that it belongs to somebody else. Now, everyone believing it will use this key for encryption, resulting in the hacker being able to read the messages. If he encrypts the messages again with the public key of the real recipient, he will not be recognized easily. Asymmetric Encryption Man-in-the-middle Attack Bob Attacker David Bobs Message + Public key Cipher Davids Public Key Trudeau (Middle-man) Trudeaus Message + public key Cipher Trudeaus Public Key Bobs Encrypted Message Trudeaus Encrypted Message Davids Message + public key Cipher Trudeaus Encrypted Message Bobs Public Key Trudeaus New Message + public key Cipher Trudeaus Encrypted Message Davids Public Key
Used to improve efficiency Symmetric key is used for encrypting data Asymmetric key is used for encrypting the symmetric key Asymmetric Encryption Session-Key Encryption Plain Text Cipher (DES) Session Key Recipients Public Key Cipher Text Encrypted Key Cipher (RSA) Send to Recipient
Pretty Good Privacy (PGP) Used to encrypt e-mail using session key encryption Combines RSA, TripleDES, and other algorithms Secure/Multipurpose Internet Mail Extension (S/MIME) Newer algorithm for securing e-mail Backed by Microsoft, RSA, AOL Secure Socket Layer(SSL) and Transport Layer Socket(TLS) Used for securing TCP/IP Traffic Mainly designed for web use Can be used for any kind of internet traffic Asymmetric Encryption Encryption Protocols
Key agreement is a method to create secret key by exchanging only public keys. Example Bob sends Alice his public key Alice sends Bob her public key Bob uses Alices public key and his private key to generate a session key Alice uses Bobs public key and her private key to generate a session key Using a key agreement algorithm both will generate same key Bob and Alice do not need to transfer any key Asymmetric Encryption Key Agreement Cipher (DES) Session Key Cipher (DES) Bobs Public Key Alices Public Key Bobs Private Key Alices Private Key Alice and Bob Generate Same Session Key!
Asymmetric Encryption Key Diffie-Hellman Mathematical Analysis Bob & Alice agree on non-secret prime p and value a Generate Secret Random Number x Compute Public Key ax mod p Compute Session Key (ay )x mod p Generate Secret Random Number y Compute Public Key ay mod p Compute Session Key (ax )y mod p Bob Alice Identical Secret Key Bob & Alice exchange public keys
Diffie-Hellman is the first key agreement algorithm Invented by Whitfield Diffie & Martin Hellman Provided ability for messages to be exchanged securely without having to have shared some secret information previously Inception of public key cryptography which allowed keys to be exchanged in the open No exchange of secret keys Man-in-the middle attack avoided Asymmetric Encryption Key Agreement cont.
Authentication is the process of validating the identity of a user or the integrity of a piece of data. There are three technologies that provide authentication Message Digests / Message Authentication Codes Digital Signatures Public Key Infrastructure There are two types of user authentication: Identity presented by a remote or application participating in a session Senders identity is presented along with a message. Authentication Basics
A message digest is a fingerprint for a document Purpose of the message digest is to provide proof that data has not altered Process of generating a message digest from data is called hashing Hash functions are one way functions with following properties Infeasible to reverse the function Infeasible to construct two messages which hash to same digest Commonly used hash algorithms are MD5 128 bit hashing algorithm by Ron Rivest of RSA SHA & SHA-1 162 bit hashing algorithm developed by NIST Authentication Message Digests Message Message Digest Algorithm Digest
A message digest created with a key Creates security by requiring a secret key to be possesses by both parties in order to retrieve the message Message Authentication Codes Basics Message Message Digest Algorithm Digest Secret Key
Password is secret character string only known to user and server Message Digests commonly used for password authentication Stored hash of the password is a lesser risk Hacker can not reverse the hash except by brute force attack Problems with password based authentication Attacker learns password by social engineering Attacker cracks password by brute-force and/or guesswork Eavesdrops password if it is communicated unprotected over the network Replays an encrypted password back to the authentication server Password Authentication Basics
Set of rules that governs the communication of data related to authentication between the server and the user Techniques used to build a protocol are Transformed password Password transformed using one way function before transmission Prevents eavesdropping but not replay Challenge-response Server sends a random value (challenge) to the client along with the authentication request. This must be included in the response Protects against replay Time Stamp The authentication from the client to server must have time-stamp embedded Server checks if the time is reasonable Protects against replay Depends on synchronization of clocks on computers One-time password New password obtained by passing user-password through one-way function n times which keeps incrementing Protects against replay as well as eavesdropping Authentication Protocols Basics
Kerberos is an authentication service that uses symmetric key encryption and a key distribution center. Kerberos Authentication server contains symmetric keys of all users and also contains information on which user has access privilege to which services on the network Authentication Protocols Kerberos
Personal Tokens are hardware devices that generate unique strings that are usually used in conjunction with passwords for authentication Different types of tokens exist Storage Token: A secret value that is stored on a token and is available after the token has been unlocked using a PIN Synchronous one-time password generator: Generate a new password periodically (e.g. each minute) based on time and a secret code stored in the token Challenge-response: Token computes a number based on a challenge value sent by the server Digital Signature Token: Contains the digital signature private key and computes a computes a digital signature on a supplied data value A variety of different physical forms of tokens exist e.g. hand-held devices, Smart Cards, PCMCIA cards, USB tokens Authentication Personal Tokens
Uses certain biological characteristics for authentication Biometric reader measures physiological indicia and compares them to specified values It is not capable of securing information over the network Different techniques exist Fingerprint Recognition Voice Recognition Handwriting Recognition Face Recognition Retinal Scan Hand Geometry Recognition Authentication Biometrics
Probability of two irises producing exactly the same code: 1 in 10 to the 78th power Independent variables (degrees of freedom) extracted: 266 IrisCode record size: 512 bytes Operating systems compatibility: DOS and Windows (NT/95) Average identification speed (database of 100,000 IrisCode records): one to two seconds Authentication Iris Recognition The scanning process takes advantage of the natural patterns in people's irises, digitizing them for identification purposes Facts
A digital signature is a data item which accompanies or is logically associated with a digitally encoded message. It has two goals A guarantee of the source of the data Proof that the data has not been tampered with Authentication Digital Signatures Message Sent to Receiver Digest Algorithm Digital Signature Sent to Receiver Message Digest Senders Private Key Senders Public Key Message Digest Signature Algorithm Signature Algorithm Digest Algorithm Message Digest Sender Receiver Same?
A digital certificate is a signed statement by a trusted party that another partys public key belongs to them. This allows one certificate authority to be authorized by a different authority (root CA) Top level certificate must be self signed Any one can start a certificate authority Name recognition is key to some one recognizing a certificate authority Verisign is industry standard certificate authority Authentication Digital Cerftificates Identity Information Certificate Authoritys Private Key Senders Public Key Signature Algorithm Certificate
Chaining is the practice of signing a certificate with another private key that has a certificate for its public key Similar to the passport having the seal of the government It is essentially a persons public key & some identifying information signed by an authoritys private key verifying the persons identity The authorities public key can be used to decipher the certificate The trusted party is called the certificate authority Authentication Cerftificates Chaining Certificate Authoritys Private Key Signature Algorithm New Certificate Certificate
Practice of analyzing and breaking cryptography Resistance to crypt analysis is directly proportional to the key size With each extra byte strength of key doubles Cracking Pseudo Random Number Generators A lot of the encryption algorithms use PRNGs to generate keys which can also be cracked leading to cracking of algorithms Variety of methods for safe guarding keys (Key Management) Encryption & computer access protection Smart Cards Cryptanalysis Basics

Recommended

Computer systems security 7-cryptography.ppt
Computer systems security 7-cryptography.pptComputer systems security 7-cryptography.ppt
Computer systems security 7-cryptography.ppt
stephen972973
cryptography.ppt
cryptography.pptcryptography.ppt
cryptography.ppt
AkshayaPriyaJanartha
CryptographyCryptographyCryptography.ppt
CryptographyCryptographyCryptography.pptCryptographyCryptographyCryptography.ppt
CryptographyCryptographyCryptography.ppt
AntareepMajumder
encryptcryptographyyyyyyyyyyyyyyyyyy.ppt
encryptcryptographyyyyyyyyyyyyyyyyyy.pptencryptcryptographyyyyyyyyyyyyyyyyyy.ppt
encryptcryptographyyyyyyyyyyyyyyyyyy.ppt
SnehaPavithran6
Cryptography - Overview
Cryptography - OverviewCryptography - Overview
Cryptography - Overview
Mohammed Adam
Fundamentals of Cryptography: Securing Data in the Digital Age
Fundamentals of Cryptography: Securing Data in the Digital AgeFundamentals of Cryptography: Securing Data in the Digital Age
Fundamentals of Cryptography: Securing Data in the Digital Age
avengersimran16
cryptography.ppt by karthika kumar hirehegaalla
cryptography.ppt by karthika kumar hirehegaallacryptography.ppt by karthika kumar hirehegaalla
cryptography.ppt by karthika kumar hirehegaalla
hhjhona939
CISSP EXAM PREPARATION FOR A PASSED SCORE
CISSP EXAM PREPARATION FOR A PASSED SCORECISSP EXAM PREPARATION FOR A PASSED SCORE
CISSP EXAM PREPARATION FOR A PASSED SCORE
rinelaam
Information system security Unit 2.pptx
Information system security Unit 2.pptxInformation system security Unit 2.pptx
Information system security Unit 2.pptx
Dr. Pallawi Bulakh
Cryptography cryptography CryptographyCryptography
Cryptography cryptography CryptographyCryptographyCryptography cryptography CryptographyCryptography
Cryptography cryptography CryptographyCryptography
rohanbawadkar
Cryptography Introduction
Cryptography IntroductionCryptography Introduction
Cryptography Introduction
indupps
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network Security
Ramki M
Class 17
Class 17Class 17
Class 17
Dr. Ajith Sundaram
Information security powerpoint presentation
Information security powerpoint presentationInformation security powerpoint presentation
Information security powerpoint presentation
MuneebZahid10
Chapter# 3 modified.pptx
Chapter# 3 modified.pptxChapter# 3 modified.pptx
Chapter# 3 modified.pptx
Maryam522887
groupWork.pptx
groupWork.pptxgroupWork.pptx
groupWork.pptx
KennedyKiplangat1
Symmetric Encryption Techniques
Symmetric Encryption Techniques Symmetric Encryption Techniques
Symmetric Encryption Techniques
Dr. Kapil Gupta
NS Classical Encryption Techniqnbbghghgues.pptx
NS Classical Encryption Techniqnbbghghgues.pptxNS Classical Encryption Techniqnbbghghgues.pptx
NS Classical Encryption Techniqnbbghghgues.pptx
HumaKashafKhan
Unit III.pptx
Unit III.pptxUnit III.pptx
Unit III.pptx
PriyankaPawar57960
Cryptography
CryptographyCryptography
Cryptography
Rutuja Solkar
Detailed description about the concept of E Commerce UNIT IV.pptx
Detailed description about the concept of E Commerce UNIT IV.pptxDetailed description about the concept of E Commerce UNIT IV.pptx
Detailed description about the concept of E Commerce UNIT IV.pptx
gstagra
Basic Cryptography.pdf
Basic Cryptography.pdfBasic Cryptography.pdf
Basic Cryptography.pdf
Setiya Nugroho
CISSP - Chapter 3 - Cryptography
CISSP - Chapter 3 - CryptographyCISSP - Chapter 3 - Cryptography
CISSP - Chapter 3 - Cryptography
Karthikeyan Dhayalan
HER2-Targeting Therapy in HER2+ MBC With and Without CNS Metastases: Selectio...
HER2-Targeting Therapy in HER2+ MBC With and Without CNS Metastases: Selectio...HER2-Targeting Therapy in HER2+ MBC With and Without CNS Metastases: Selectio...
HER2-Targeting Therapy in HER2+ MBC With and Without CNS Metastases: Selectio...
PVI, PeerView Institute for Medical Education
4-PuroKalusugasan 2025 DM 2025-0024.pptx
4-PuroKalusugasan 2025 DM 2025-0024.pptx4-PuroKalusugasan 2025 DM 2025-0024.pptx
4-PuroKalusugasan 2025 DM 2025-0024.pptx
NashiedaLilangBuale
Stability of Dosage Forms as per ICH Guidelines
Stability of Dosage Forms as per ICH GuidelinesStability of Dosage Forms as per ICH Guidelines
Stability of Dosage Forms as per ICH Guidelines
KHUSHAL CHAVAN
Eye assessment in polytrauma for undergraduates.pptx
Eye assessment in polytrauma for undergraduates.pptxEye assessment in polytrauma for undergraduates.pptx
Eye assessment in polytrauma for undergraduates.pptx
KafrELShiekh University
MLS 208 - UNIT 1- Lecture Notes - ETANDO AYUK - SANU - Secured.pdf
MLS 208 - UNIT 1- Lecture Notes - ETANDO AYUK - SANU - Secured.pdfMLS 208 - UNIT 1- Lecture Notes - ETANDO AYUK - SANU - Secured.pdf
MLS 208 - UNIT 1- Lecture Notes - ETANDO AYUK - SANU - Secured.pdf
Eswatini Medical Christian University - EMCU / Southern Nazarene University - SANU
Local Anesthetic Use in the Vulnerable Patients
Local Anesthetic Use in the Vulnerable PatientsLocal Anesthetic Use in the Vulnerable Patients
Local Anesthetic Use in the Vulnerable Patients
Reza Aminnejad
Presentaci坦 "Projecte Benestar". MWC 2025
Presentaci坦 "Projecte Benestar". MWC 2025Presentaci坦 "Projecte Benestar". MWC 2025
Presentaci坦 "Projecte Benestar". MWC 2025
Badalona Serveis Assistencials

More Related Content

Similar to 9-crypthvvy6u7btyjibuibuibryjijighhnm.ppt (15)

Information system security Unit 2.pptx
Information system security Unit 2.pptxInformation system security Unit 2.pptx
Information system security Unit 2.pptx
Dr. Pallawi Bulakh
Cryptography cryptography CryptographyCryptography
Cryptography cryptography CryptographyCryptographyCryptography cryptography CryptographyCryptography
Cryptography cryptography CryptographyCryptography
rohanbawadkar
Cryptography Introduction
Cryptography IntroductionCryptography Introduction
Cryptography Introduction
indupps
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network Security
Ramki M
Class 17
Class 17Class 17
Class 17
Dr. Ajith Sundaram
Information security powerpoint presentation
Information security powerpoint presentationInformation security powerpoint presentation
Information security powerpoint presentation
MuneebZahid10
Chapter# 3 modified.pptx
Chapter# 3 modified.pptxChapter# 3 modified.pptx
Chapter# 3 modified.pptx
Maryam522887
groupWork.pptx
groupWork.pptxgroupWork.pptx
groupWork.pptx
KennedyKiplangat1
Symmetric Encryption Techniques
Symmetric Encryption Techniques Symmetric Encryption Techniques
Symmetric Encryption Techniques
Dr. Kapil Gupta
NS Classical Encryption Techniqnbbghghgues.pptx
NS Classical Encryption Techniqnbbghghgues.pptxNS Classical Encryption Techniqnbbghghgues.pptx
NS Classical Encryption Techniqnbbghghgues.pptx
HumaKashafKhan
Unit III.pptx
Unit III.pptxUnit III.pptx
Unit III.pptx
PriyankaPawar57960
Cryptography
CryptographyCryptography
Cryptography
Rutuja Solkar
Detailed description about the concept of E Commerce UNIT IV.pptx
Detailed description about the concept of E Commerce UNIT IV.pptxDetailed description about the concept of E Commerce UNIT IV.pptx
Detailed description about the concept of E Commerce UNIT IV.pptx
gstagra
Basic Cryptography.pdf
Basic Cryptography.pdfBasic Cryptography.pdf
Basic Cryptography.pdf
Setiya Nugroho
CISSP - Chapter 3 - Cryptography
CISSP - Chapter 3 - CryptographyCISSP - Chapter 3 - Cryptography
CISSP - Chapter 3 - Cryptography
Karthikeyan Dhayalan
Information system security Unit 2.pptx
Information system security Unit 2.pptxInformation system security Unit 2.pptx
Information system security Unit 2.pptx
Dr. Pallawi Bulakh
Cryptography cryptography CryptographyCryptography
Cryptography cryptography CryptographyCryptographyCryptography cryptography CryptographyCryptography
Cryptography cryptography CryptographyCryptography
rohanbawadkar
Cryptography Introduction
Cryptography IntroductionCryptography Introduction
Cryptography Introduction
indupps
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network Security
Ramki M
Class 17
Class 17Class 17
Class 17
Dr. Ajith Sundaram
Information security powerpoint presentation
Information security powerpoint presentationInformation security powerpoint presentation
Information security powerpoint presentation
MuneebZahid10
Chapter# 3 modified.pptx
Chapter# 3 modified.pptxChapter# 3 modified.pptx
Chapter# 3 modified.pptx
Maryam522887
groupWork.pptx
groupWork.pptxgroupWork.pptx
groupWork.pptx
KennedyKiplangat1
Symmetric Encryption Techniques
Symmetric Encryption Techniques Symmetric Encryption Techniques
Symmetric Encryption Techniques
Dr. Kapil Gupta
NS Classical Encryption Techniqnbbghghgues.pptx
NS Classical Encryption Techniqnbbghghgues.pptxNS Classical Encryption Techniqnbbghghgues.pptx
NS Classical Encryption Techniqnbbghghgues.pptx
HumaKashafKhan
Unit III.pptx
Unit III.pptxUnit III.pptx
Unit III.pptx
PriyankaPawar57960
Cryptography
CryptographyCryptography
Cryptography
Rutuja Solkar
Detailed description about the concept of E Commerce UNIT IV.pptx
Detailed description about the concept of E Commerce UNIT IV.pptxDetailed description about the concept of E Commerce UNIT IV.pptx
Detailed description about the concept of E Commerce UNIT IV.pptx
gstagra
Basic Cryptography.pdf
Basic Cryptography.pdfBasic Cryptography.pdf
Basic Cryptography.pdf
Setiya Nugroho
CISSP - Chapter 3 - Cryptography
CISSP - Chapter 3 - CryptographyCISSP - Chapter 3 - Cryptography
CISSP - Chapter 3 - Cryptography
Karthikeyan Dhayalan

Recently uploaded (20)

HER2-Targeting Therapy in HER2+ MBC With and Without CNS Metastases: Selectio...
HER2-Targeting Therapy in HER2+ MBC With and Without CNS Metastases: Selectio...HER2-Targeting Therapy in HER2+ MBC With and Without CNS Metastases: Selectio...
HER2-Targeting Therapy in HER2+ MBC With and Without CNS Metastases: Selectio...
PVI, PeerView Institute for Medical Education
4-PuroKalusugasan 2025 DM 2025-0024.pptx
4-PuroKalusugasan 2025 DM 2025-0024.pptx4-PuroKalusugasan 2025 DM 2025-0024.pptx
4-PuroKalusugasan 2025 DM 2025-0024.pptx
NashiedaLilangBuale
Stability of Dosage Forms as per ICH Guidelines
Stability of Dosage Forms as per ICH GuidelinesStability of Dosage Forms as per ICH Guidelines
Stability of Dosage Forms as per ICH Guidelines
KHUSHAL CHAVAN
Eye assessment in polytrauma for undergraduates.pptx
Eye assessment in polytrauma for undergraduates.pptxEye assessment in polytrauma for undergraduates.pptx
Eye assessment in polytrauma for undergraduates.pptx
KafrELShiekh University
MLS 208 - UNIT 1- Lecture Notes - ETANDO AYUK - SANU - Secured.pdf
MLS 208 - UNIT 1- Lecture Notes - ETANDO AYUK - SANU - Secured.pdfMLS 208 - UNIT 1- Lecture Notes - ETANDO AYUK - SANU - Secured.pdf
MLS 208 - UNIT 1- Lecture Notes - ETANDO AYUK - SANU - Secured.pdf
Eswatini Medical Christian University - EMCU / Southern Nazarene University - SANU
Local Anesthetic Use in the Vulnerable Patients
Local Anesthetic Use in the Vulnerable PatientsLocal Anesthetic Use in the Vulnerable Patients
Local Anesthetic Use in the Vulnerable Patients
Reza Aminnejad
Presentaci坦 "Projecte Benestar". MWC 2025
Presentaci坦 "Projecte Benestar". MWC 2025Presentaci坦 "Projecte Benestar". MWC 2025
Presentaci坦 "Projecte Benestar". MWC 2025
Badalona Serveis Assistencials
4. Cardiac cycle.pptx cardiovascular system
4. Cardiac cycle.pptx cardiovascular system4. Cardiac cycle.pptx cardiovascular system
4. Cardiac cycle.pptx cardiovascular system
Pooja Rani
Non-Invasive ICP Monitoring for Neurosurgeons
Non-Invasive ICP Monitoring for NeurosurgeonsNon-Invasive ICP Monitoring for Neurosurgeons
Non-Invasive ICP Monitoring for Neurosurgeons
Dhaval Shukla
Flag Screening in Physiotherapy Examination.pptx
Flag Screening in Physiotherapy Examination.pptxFlag Screening in Physiotherapy Examination.pptx
Flag Screening in Physiotherapy Examination.pptx
BALAJI SOMA
IMMUNO-ONCOLOGY DESCOVERING THE IMPORTANCE OF CLINICAL IMUNOLOGY IN MEDICINE
IMMUNO-ONCOLOGY DESCOVERING THE IMPORTANCE OF CLINICAL IMUNOLOGY IN MEDICINEIMMUNO-ONCOLOGY DESCOVERING THE IMPORTANCE OF CLINICAL IMUNOLOGY IN MEDICINE
IMMUNO-ONCOLOGY DESCOVERING THE IMPORTANCE OF CLINICAL IMUNOLOGY IN MEDICINE
RelianceNwosu
Regulation of tubular reabsorption _AntiCopy.pdf
Regulation of tubular reabsorption _AntiCopy.pdfRegulation of tubular reabsorption _AntiCopy.pdf
Regulation of tubular reabsorption _AntiCopy.pdf
MedicoseAcademics
bacterial-genetics-variation-new (1).pptx
bacterial-genetics-variation-new (1).pptxbacterial-genetics-variation-new (1).pptx
bacterial-genetics-variation-new (1).pptx
Dauda Yahaya masani
Correlation of vitamin D level with prediabetes status_Dr Ahmed Al Montasir_f...
Correlation of vitamin D level with prediabetes status_Dr Ahmed Al Montasir_f...Correlation of vitamin D level with prediabetes status_Dr Ahmed Al Montasir_f...
Correlation of vitamin D level with prediabetes status_Dr Ahmed Al Montasir_f...
zilkerapurbo
4-PuroKalusugan 2025 DM 2025-0024 (1).pptx
4-PuroKalusugan 2025 DM 2025-0024 (1).pptx4-PuroKalusugan 2025 DM 2025-0024 (1).pptx
4-PuroKalusugan 2025 DM 2025-0024 (1).pptx
NashiedaLilangBuale
Renal Physiology - Regulation of GFR and RBF
Renal Physiology - Regulation of GFR and RBFRenal Physiology - Regulation of GFR and RBF
Renal Physiology - Regulation of GFR and RBF
MedicoseAcademics
legal Rights of individual, children and women.pptx
legal Rights of individual, children and women.pptxlegal Rights of individual, children and women.pptx
legal Rights of individual, children and women.pptx
Rishika Rawat
Rabies Bali 2008-2020_WRD Webinar_WSAVA 2020_Final.pptx
Rabies Bali 2008-2020_WRD Webinar_WSAVA 2020_Final.pptxRabies Bali 2008-2020_WRD Webinar_WSAVA 2020_Final.pptx
Rabies Bali 2008-2020_WRD Webinar_WSAVA 2020_Final.pptx
Wahid Husein
Biography of Dr. Vincenzo Giordano
Biography of Dr. Vincenzo GiordanoBiography of Dr. Vincenzo Giordano
Biography of Dr. Vincenzo Giordano
Dr. Vincenzo Giordano
Sudurpaschim logsewa aayog Medical Officer 8th Level Curriculum
Sudurpaschim logsewa aayog Medical Officer 8th Level CurriculumSudurpaschim logsewa aayog Medical Officer 8th Level Curriculum
Sudurpaschim logsewa aayog Medical Officer 8th Level Curriculum
Dr Ovels
HER2-Targeting Therapy in HER2+ MBC With and Without CNS Metastases: Selectio...
HER2-Targeting Therapy in HER2+ MBC With and Without CNS Metastases: Selectio...HER2-Targeting Therapy in HER2+ MBC With and Without CNS Metastases: Selectio...
HER2-Targeting Therapy in HER2+ MBC With and Without CNS Metastases: Selectio...
PVI, PeerView Institute for Medical Education
4-PuroKalusugasan 2025 DM 2025-0024.pptx
4-PuroKalusugasan 2025 DM 2025-0024.pptx4-PuroKalusugasan 2025 DM 2025-0024.pptx
4-PuroKalusugasan 2025 DM 2025-0024.pptx
NashiedaLilangBuale
Stability of Dosage Forms as per ICH Guidelines
Stability of Dosage Forms as per ICH GuidelinesStability of Dosage Forms as per ICH Guidelines
Stability of Dosage Forms as per ICH Guidelines
KHUSHAL CHAVAN
Eye assessment in polytrauma for undergraduates.pptx
Eye assessment in polytrauma for undergraduates.pptxEye assessment in polytrauma for undergraduates.pptx
Eye assessment in polytrauma for undergraduates.pptx
KafrELShiekh University
MLS 208 - UNIT 1- Lecture Notes - ETANDO AYUK - SANU - Secured.pdf
MLS 208 - UNIT 1- Lecture Notes - ETANDO AYUK - SANU - Secured.pdfMLS 208 - UNIT 1- Lecture Notes - ETANDO AYUK - SANU - Secured.pdf
MLS 208 - UNIT 1- Lecture Notes - ETANDO AYUK - SANU - Secured.pdf
Eswatini Medical Christian University - EMCU / Southern Nazarene University - SANU
Local Anesthetic Use in the Vulnerable Patients
Local Anesthetic Use in the Vulnerable PatientsLocal Anesthetic Use in the Vulnerable Patients
Local Anesthetic Use in the Vulnerable Patients
Reza Aminnejad
Presentaci坦 "Projecte Benestar". MWC 2025
Presentaci坦 "Projecte Benestar". MWC 2025Presentaci坦 "Projecte Benestar". MWC 2025
Presentaci坦 "Projecte Benestar". MWC 2025
Badalona Serveis Assistencials
4. Cardiac cycle.pptx cardiovascular system
4. Cardiac cycle.pptx cardiovascular system4. Cardiac cycle.pptx cardiovascular system
4. Cardiac cycle.pptx cardiovascular system
Pooja Rani
Non-Invasive ICP Monitoring for Neurosurgeons
Non-Invasive ICP Monitoring for NeurosurgeonsNon-Invasive ICP Monitoring for Neurosurgeons
Non-Invasive ICP Monitoring for Neurosurgeons
Dhaval Shukla
Flag Screening in Physiotherapy Examination.pptx
Flag Screening in Physiotherapy Examination.pptxFlag Screening in Physiotherapy Examination.pptx
Flag Screening in Physiotherapy Examination.pptx
BALAJI SOMA
IMMUNO-ONCOLOGY DESCOVERING THE IMPORTANCE OF CLINICAL IMUNOLOGY IN MEDICINE
IMMUNO-ONCOLOGY DESCOVERING THE IMPORTANCE OF CLINICAL IMUNOLOGY IN MEDICINEIMMUNO-ONCOLOGY DESCOVERING THE IMPORTANCE OF CLINICAL IMUNOLOGY IN MEDICINE
IMMUNO-ONCOLOGY DESCOVERING THE IMPORTANCE OF CLINICAL IMUNOLOGY IN MEDICINE
RelianceNwosu
Regulation of tubular reabsorption _AntiCopy.pdf
Regulation of tubular reabsorption _AntiCopy.pdfRegulation of tubular reabsorption _AntiCopy.pdf
Regulation of tubular reabsorption _AntiCopy.pdf
MedicoseAcademics
bacterial-genetics-variation-new (1).pptx
bacterial-genetics-variation-new (1).pptxbacterial-genetics-variation-new (1).pptx
bacterial-genetics-variation-new (1).pptx
Dauda Yahaya masani
Correlation of vitamin D level with prediabetes status_Dr Ahmed Al Montasir_f...
Correlation of vitamin D level with prediabetes status_Dr Ahmed Al Montasir_f...Correlation of vitamin D level with prediabetes status_Dr Ahmed Al Montasir_f...
Correlation of vitamin D level with prediabetes status_Dr Ahmed Al Montasir_f...
zilkerapurbo
4-PuroKalusugan 2025 DM 2025-0024 (1).pptx
4-PuroKalusugan 2025 DM 2025-0024 (1).pptx4-PuroKalusugan 2025 DM 2025-0024 (1).pptx
4-PuroKalusugan 2025 DM 2025-0024 (1).pptx
NashiedaLilangBuale
Renal Physiology - Regulation of GFR and RBF
Renal Physiology - Regulation of GFR and RBFRenal Physiology - Regulation of GFR and RBF
Renal Physiology - Regulation of GFR and RBF
MedicoseAcademics
legal Rights of individual, children and women.pptx
legal Rights of individual, children and women.pptxlegal Rights of individual, children and women.pptx
legal Rights of individual, children and women.pptx
Rishika Rawat
Rabies Bali 2008-2020_WRD Webinar_WSAVA 2020_Final.pptx
Rabies Bali 2008-2020_WRD Webinar_WSAVA 2020_Final.pptxRabies Bali 2008-2020_WRD Webinar_WSAVA 2020_Final.pptx
Rabies Bali 2008-2020_WRD Webinar_WSAVA 2020_Final.pptx
Wahid Husein
Biography of Dr. Vincenzo Giordano
Biography of Dr. Vincenzo GiordanoBiography of Dr. Vincenzo Giordano
Biography of Dr. Vincenzo Giordano
Dr. Vincenzo Giordano
Sudurpaschim logsewa aayog Medical Officer 8th Level Curriculum
Sudurpaschim logsewa aayog Medical Officer 8th Level CurriculumSudurpaschim logsewa aayog Medical Officer 8th Level Curriculum
Sudurpaschim logsewa aayog Medical Officer 8th Level Curriculum
Dr Ovels

9-crypthvvy6u7btyjibuibuibryjijighhnm.ppt

  • 2. Well established needs for secure communication War time communication Business transactions Illicit Love Affairs Requirements of secure communication 1. Secrecy Only intended receiver understands the message 2. Authentication Sender and receiver need to confirm each others identity 3. Message Integrity Ensure that their communication has not been altered, either maliciously or by accident during transmission Secure Communication Needs and Requirements
  • 3. Cryptography is the science of secret, or hidden writing It has two main Components: 1. Encryption Practice of hiding messages so that they can not be read by anyone other than the intended recipient 2. Authentication & Integrity Ensuring that users of data/resources are the persons they claim to be and that a message has not been surreptitiously altered Cryptography Basics
  • 4. Cipher is a method for encrypting messages Encryption algorithms are standardized & published The key which is an input to the algorithm is secret Key is a string of numbers or characters If same key is used for encryption & decryption the algorithm is called symmetric If different keys are used for encryption & decryption the algorithm is called asymmetric Encryption Cipher Plain Text Encryption Algorithm Key A Key B Cipher Text Plain Text Decryption Algorithm
  • 5. Algorithms in which the key for encryption and decryption are the same are Symmetric Example: Caesar Cipher Types: 1. Block Ciphers Encrypt data one block at a time (typically 64 bits, or 128 bits) Used for a single message 2. Stream Ciphers Encrypt data one bit or one byte at a time Used if data is a constant stream of information Encryption Symmetric Algorithms
  • 6. Strength of algorithm is determined by the size of the key The longer the key the more difficult it is to crack Key length is expressed in bits Typical key sizes vary between 48 bits and 448 bits Set of possible keys for a cipher is called key space For 40-bit key there are 240 possible keys For 128-bit key there are 2128 possible keys Each additional bit added to the key length doubles the security To crack the key the hacker has to use brute-force (i.e. try all the possible keys till a key that works is found) Super Computer can crack a 56-bit key in 24 hours It will take 272 times longer to crack a 128-bit key (Longer than the age of the universe) Symmetric Encryption Key Strength
  • 7. Caesar Cipher is a method in which each letter in the alphabet is rotated by three letters as shown Substitution Ciphers Caesar Cipher A B C D E F G H I J K L M N O P Q R S T U V W X Y Z D E F G H I J K L M N O P Q R S T U V W X Y Z A B C Let us try to encrypt the message Attack at Dawn Assignment: Each student will exchange a secret message with his/her closest neighbor about some other person in the class and the neighbor will decipher it.
  • 8. Substitution Ciphers Caesar Cipher Encryption Plain Text Message: Attack at Dawn Cipher Text Message: Dwwdfn Dw Gdyq Cipher: Caesar Cipher Algorithm Key (3) Decryption Plain Text Message: Attack at Dawn Cipher Text Message: Dwwdfn Dw Gdyq Cipher: Caesar Cipher Algorithm Key (3) How many different keys are possible?
  • 9. Any letter can be substituted for any other letter Each letter has to have a unique substitute There are 26! pairing of letters (~1026 ) Brute Force approach would be too time consuming Statistical Analysis would make it feasible to crack the key Substitution Cipher Monoalphabetic Cipher A B C D E F G H I J K L M N O P Q R S T U V W X Y Z M N B V C X Z A S D F G H J K L P O I U Y T R E W Q Encrypted Message: Nkn, s gktc wky. mgsbc Message: Bob, I love you. Alice Cipher: Monoalphabetic Cipher Key
  • 10. Developed by Blaise de Vigenere Also called Vigenere cipher Uses a sequence of monoalpabetic ciphers in tandem e.g. C1, C2, C2, C1, C2 Example Substitution Cipher Polyalphabetic Caesar Cipher Encrypted Message: Gnu, n etox dhz. tenvj Message: Bob, I love you. Alice Cipher: Monoalphabetic Cipher Key Plain Text A B C D E F G H I J K L M N O P Q R S T U V W X Y Z C1(k=6) F G H I J K L M N O P Q R S T U V W X Y Z A B C D E C2(k=20) T U V W X Y Z A B C D E F G H I J K L M N O P Q R S
  • 11. Obtain a key to for the algorithm and then shift the alphabets For instance if the key is word we will shift all the letters by four and remove the letters w, o, r, & d from the encryption We have to ensure that the mapping is one-to-one no single letter in plain text can map to two different letters in cipher text no single letter in cipher text can map to two different letters in plain text Substitution Cipher Using a key to shift alphabet Encrypted Message: ?? Message: Bob, I love you. Alice Cipher: WORD Plain Text A B C D E F G H I J K L M N O P Q R S T U V W X Y Z C1(k=6) W O R D A B C E F G H I J K L M N P Q S T U V X Y Z
  • 12. This involves rearrangement of characters on the plain text into columns The following example shows how letters are transformed If the letters are not exact multiples of the transposition size there may be a few short letters in the last column which can be padded with an infrequent letter such as x or z Transposition Cipher Columnar Transposition T H I S I S A M E S S A G E T O S H O W H O W A C O L U M N A R T R A N S P O S I T I O N W O R K S T S S O H O A N I W H A A S O L R S T O I M G H W U T P I R S E E O A M R O O K I S T W C N A S N S Plain Text Cipher Text
  • 13. The amount of secrecy needed should determine the amount of labor appropriate for the encryption and decryption. The set of keys and the enciphering algorithm should be free from complexity. The implementation of the process should be as simple as possible. Errors in ciphering should not propagate and cause corruption of further information in the message. The size of the enciphered text should be no larger than the text of the original message. Ciphers Shannons Characteristics of Good Ciphers
  • 14. It is based on sound mathematics. Good cryptographic algorithms are are derived from solid principles. It has been analyzed by competent experts and found to be sound. Since it is hard for the writer to envisage all possible attacks on the algorithm It has stood the test of time. Over time people continue to review both mathematical foundations of an algorithm and the way it builds upon those foundations. The flaws in most algorithms are discovered soon after their release. Encryption Systems Properties of Trustworthy Systems
  • 15. Cryptanalysis is the process of breaking an encryption code Tedious and difficult process Several techniques can be used to deduce the algorithm Attempt to recognize patterns in encrypted messages, to be able to break subsequent ones by applying a straightforward decryption algorithm Attempt to infer some meaning without even breaking the encryption, such as noticing an unusual frequency of communication or determining something by whether the communication was short or long Attempt to deduce the key, in order to break subsequent messages easily Attempt to find weaknesses in the implementation or environment of use of encryption Attempt to find general weaknesses in an encryption algorithm, without necessarily having intercepted any messages Cryptanalysis Techniques
  • 16. Goal of DES is to completely scramble the data and key so that every bit of cipher text depends on every bit of data and ever bit of key DES is a block Cipher Algorithm Encodes plaintext in 64 bit chunks One parity bit for each of the 8 bytes thus it reduces to 56 bits It is the most used algorithm Standard approved by US National Bureau of Standards for Commercial and nonclassified US government use in 1993 Data Encryption Standard (DES) Basics
  • 17. DES run in reverse to decrypt Cracking DES 1997: 140 days 1999: 14 hours TripleDES uses DES 3 times in tandem Output from 1 DES is input to next DES Data Encryption Standard (DES) Basics 64-bit input L1 R1 F(L1, R1, K1) L2 R2 L3 R3 L17 R17 56-bit key 48-bit k1 48-bit k2 48-bit k3 48-bit k16 F(L2, R2, K2) F(L16, R16, K16)
  • 18. Encryption Algorithm Summary Algorithm Type Key Size Features DES Block Cipher 56 bits Most Common, Not strong enough TripleDES Block Cipher 168 bits (112 effective) Modification of DES, Adequate Security Blowfish Block Cipher Variable (Up to 448 bits) Excellent Security AES Block Cipher Variable (128, 192, or 256 bits) Replacement for DES, Excellent Security RC4 Stream Cipher Variable (40 or 128 bits) Fast Stream Cipher, Used in most SSL implementations
  • 19. Any exposure to the secret key compromises secrecy of ciphertext A key needs to be delivered to the recipient of the coded message for it to be deciphered Potential for eavesdropping attack during transmission of key Symmetric Encryption Limitations
  • 20. Uses a pair of keys for encryption Public key for encryption Private key for decryption Messages encoded using public key can only be decoded by the private key Secret transmission of key for decryption is not required Every entity can generate a key pair and release its public key Asymmetric Encryption Basics Plain Text Cipher Public Key Private Key Cipher Text Plain Text Cipher
  • 21. Two most popular algorithms are RSA & El Gamal RSA Developed by Ron Rivest, Adi Shamir, Len Adelman Both public and private key are interchangable Variable Key Size (512, 1024, or 2048 buts) Most popular public key algorithm El Gamal Developed by Taher ElGamal Variable key size (512 or 1024 bits) Less common than RSA, used in protocols like PGP Asymmetric Encryption Types
  • 22. Choose two large prime numbers p & q Compute n=pq and z=(p-1)(q-1) Choose number e, less than n, which has no common factor (other than 1) with z Find number d, such that ed 1 is exactly divisible by z Keys are generated using n, d, e Public key is (n,e) Private key is (n, d) Encryption: c = me mod n m is plain text c is cipher text Decryption: m = cd mod n Public key is shared and the private key is hidden Asymmetric Encryption RSA
  • 23. P=5 & q=7 n=5*7=35 and z=(4)*(6) = 24 e = 5 d = 29 , (29x5 1) is exactly divisible by 24 Keys generated are Public key: (35,5) Private key is (35, 29) Encrypt the word love using (c = me mod n) Assume that the alphabets are between 1 & 26 Asymmetric Encryption RSA Plain Text Numeric Representation me Cipher Text (c = me mod n) l 12 248832 17 o 15 759375 15 v 22 5153632 22 e 5 3125 10
  • 24. Decrypt the word love using (m = cd mod n) n = 35, c=29 Asymmetric Encryption RSA Cipher Text cd (m = me mod n) Plain Text 17 481968572106750915091411825223072000 17 l 15 12783403948858939111232757568359400 15 o 22 85264331908653770195619449972111000000 0 22 v 10 100000000000000000000000000000 10 e
  • 25. Efficiency is lower than Symmetric Algorithms A 1024-bit asymmetric key is equivalent to 128-bit symmetric key Potential for man-in-the middle attack It is problematic to get the key pair generated for the encryption Asymmetric Encryption Weaknesses
  • 26. Hacker could generate a key pair, give the public key away and tell everybody, that it belongs to somebody else. Now, everyone believing it will use this key for encryption, resulting in the hacker being able to read the messages. If he encrypts the messages again with the public key of the real recipient, he will not be recognized easily. Asymmetric Encryption Man-in-the-middle Attack Bob Attacker David Bobs Message + Public key Cipher Davids Public Key Trudeau (Middle-man) Trudeaus Message + public key Cipher Trudeaus Public Key Bobs Encrypted Message Trudeaus Encrypted Message Davids Message + public key Cipher Trudeaus Encrypted Message Bobs Public Key Trudeaus New Message + public key Cipher Trudeaus Encrypted Message Davids Public Key
  • 27. Used to improve efficiency Symmetric key is used for encrypting data Asymmetric key is used for encrypting the symmetric key Asymmetric Encryption Session-Key Encryption Plain Text Cipher (DES) Session Key Recipients Public Key Cipher Text Encrypted Key Cipher (RSA) Send to Recipient
  • 28. Pretty Good Privacy (PGP) Used to encrypt e-mail using session key encryption Combines RSA, TripleDES, and other algorithms Secure/Multipurpose Internet Mail Extension (S/MIME) Newer algorithm for securing e-mail Backed by Microsoft, RSA, AOL Secure Socket Layer(SSL) and Transport Layer Socket(TLS) Used for securing TCP/IP Traffic Mainly designed for web use Can be used for any kind of internet traffic Asymmetric Encryption Encryption Protocols
  • 29. Key agreement is a method to create secret key by exchanging only public keys. Example Bob sends Alice his public key Alice sends Bob her public key Bob uses Alices public key and his private key to generate a session key Alice uses Bobs public key and her private key to generate a session key Using a key agreement algorithm both will generate same key Bob and Alice do not need to transfer any key Asymmetric Encryption Key Agreement Cipher (DES) Session Key Cipher (DES) Bobs Public Key Alices Public Key Bobs Private Key Alices Private Key Alice and Bob Generate Same Session Key!
  • 30. Asymmetric Encryption Key Diffie-Hellman Mathematical Analysis Bob & Alice agree on non-secret prime p and value a Generate Secret Random Number x Compute Public Key ax mod p Compute Session Key (ay )x mod p Generate Secret Random Number y Compute Public Key ay mod p Compute Session Key (ax )y mod p Bob Alice Identical Secret Key Bob & Alice exchange public keys
  • 31. Diffie-Hellman is the first key agreement algorithm Invented by Whitfield Diffie & Martin Hellman Provided ability for messages to be exchanged securely without having to have shared some secret information previously Inception of public key cryptography which allowed keys to be exchanged in the open No exchange of secret keys Man-in-the middle attack avoided Asymmetric Encryption Key Agreement cont.
  • 32. Authentication is the process of validating the identity of a user or the integrity of a piece of data. There are three technologies that provide authentication Message Digests / Message Authentication Codes Digital Signatures Public Key Infrastructure There are two types of user authentication: Identity presented by a remote or application participating in a session Senders identity is presented along with a message. Authentication Basics
  • 33. A message digest is a fingerprint for a document Purpose of the message digest is to provide proof that data has not altered Process of generating a message digest from data is called hashing Hash functions are one way functions with following properties Infeasible to reverse the function Infeasible to construct two messages which hash to same digest Commonly used hash algorithms are MD5 128 bit hashing algorithm by Ron Rivest of RSA SHA & SHA-1 162 bit hashing algorithm developed by NIST Authentication Message Digests Message Message Digest Algorithm Digest
  • 34. A message digest created with a key Creates security by requiring a secret key to be possesses by both parties in order to retrieve the message Message Authentication Codes Basics Message Message Digest Algorithm Digest Secret Key
  • 35. Password is secret character string only known to user and server Message Digests commonly used for password authentication Stored hash of the password is a lesser risk Hacker can not reverse the hash except by brute force attack Problems with password based authentication Attacker learns password by social engineering Attacker cracks password by brute-force and/or guesswork Eavesdrops password if it is communicated unprotected over the network Replays an encrypted password back to the authentication server Password Authentication Basics
  • 36. Set of rules that governs the communication of data related to authentication between the server and the user Techniques used to build a protocol are Transformed password Password transformed using one way function before transmission Prevents eavesdropping but not replay Challenge-response Server sends a random value (challenge) to the client along with the authentication request. This must be included in the response Protects against replay Time Stamp The authentication from the client to server must have time-stamp embedded Server checks if the time is reasonable Protects against replay Depends on synchronization of clocks on computers One-time password New password obtained by passing user-password through one-way function n times which keeps incrementing Protects against replay as well as eavesdropping Authentication Protocols Basics
  • 37. Kerberos is an authentication service that uses symmetric key encryption and a key distribution center. Kerberos Authentication server contains symmetric keys of all users and also contains information on which user has access privilege to which services on the network Authentication Protocols Kerberos
  • 38. Personal Tokens are hardware devices that generate unique strings that are usually used in conjunction with passwords for authentication Different types of tokens exist Storage Token: A secret value that is stored on a token and is available after the token has been unlocked using a PIN Synchronous one-time password generator: Generate a new password periodically (e.g. each minute) based on time and a secret code stored in the token Challenge-response: Token computes a number based on a challenge value sent by the server Digital Signature Token: Contains the digital signature private key and computes a computes a digital signature on a supplied data value A variety of different physical forms of tokens exist e.g. hand-held devices, Smart Cards, PCMCIA cards, USB tokens Authentication Personal Tokens
  • 39. Uses certain biological characteristics for authentication Biometric reader measures physiological indicia and compares them to specified values It is not capable of securing information over the network Different techniques exist Fingerprint Recognition Voice Recognition Handwriting Recognition Face Recognition Retinal Scan Hand Geometry Recognition Authentication Biometrics
  • 40. Probability of two irises producing exactly the same code: 1 in 10 to the 78th power Independent variables (degrees of freedom) extracted: 266 IrisCode record size: 512 bytes Operating systems compatibility: DOS and Windows (NT/95) Average identification speed (database of 100,000 IrisCode records): one to two seconds Authentication Iris Recognition The scanning process takes advantage of the natural patterns in people's irises, digitizing them for identification purposes Facts
  • 41. A digital signature is a data item which accompanies or is logically associated with a digitally encoded message. It has two goals A guarantee of the source of the data Proof that the data has not been tampered with Authentication Digital Signatures Message Sent to Receiver Digest Algorithm Digital Signature Sent to Receiver Message Digest Senders Private Key Senders Public Key Message Digest Signature Algorithm Signature Algorithm Digest Algorithm Message Digest Sender Receiver Same?
  • 42. A digital certificate is a signed statement by a trusted party that another partys public key belongs to them. This allows one certificate authority to be authorized by a different authority (root CA) Top level certificate must be self signed Any one can start a certificate authority Name recognition is key to some one recognizing a certificate authority Verisign is industry standard certificate authority Authentication Digital Cerftificates Identity Information Certificate Authoritys Private Key Senders Public Key Signature Algorithm Certificate
  • 43. Chaining is the practice of signing a certificate with another private key that has a certificate for its public key Similar to the passport having the seal of the government It is essentially a persons public key & some identifying information signed by an authoritys private key verifying the persons identity The authorities public key can be used to decipher the certificate The trusted party is called the certificate authority Authentication Cerftificates Chaining Certificate Authoritys Private Key Signature Algorithm New Certificate Certificate
  • 44. Practice of analyzing and breaking cryptography Resistance to crypt analysis is directly proportional to the key size With each extra byte strength of key doubles Cracking Pseudo Random Number Generators A lot of the encryption algorithms use PRNGs to generate keys which can also be cracked leading to cracking of algorithms Variety of methods for safe guarding keys (Key Management) Encryption & computer access protection Smart Cards Cryptanalysis Basics

Editor's Notes

  • #4: 1. Must have done this as an assignment last year.
  • #6: 1. Must have done this as an assignment last year.
  • #8: The key can be different -
  • #9: Statistical Analysis Knowing % of occurrences of different letters (e.g. e occurs 13% of time in the document and t occurs 19% of times) Knowing commonly occurring two and three letter combinations (e.g. in, it, the, ion, ing, ) If some knowledge about the content is available it is even easier to crack
  • #10: Statistical Analysis Knowing % of occurrences of different letters (e.g. e occurs 13% of time in the document and t occurs 19% of times) Knowing commonly occurring two and three letter combinations (e.g. in, it, the, ion, ing, ) If some knowledge about the content is available it is even easier to crack
  • #11: Statistical Analysis Knowing % of occurrences of different letters (e.g. e occurs 13% of time in the document and t occurs 19% of times) Knowing commonly occurring two and three letter combinations (e.g. in, it, the, ion, ing, ) If some knowledge about the content is available it is even easier to crack
  • #12: Statistical Analysis Knowing % of occurrences of different letters (e.g. e occurs 13% of time in the document and t occurs 19% of times) Knowing commonly occurring two and three letter combinations (e.g. in, it, the, ion, ing, ) If some knowledge about the content is available it is even easier to crack
  • #13: Statistical Analysis Knowing % of occurrences of different letters (e.g. e occurs 13% of time in the document and t occurs 19% of times) Knowing commonly occurring two and three letter combinations (e.g. in, it, the, ion, ing, ) If some knowledge about the content is available it is even easier to crack
  • #14: Statistical Analysis Knowing % of occurrences of different letters (e.g. e occurs 13% of time in the document and t occurs 19% of times) Knowing commonly occurring two and three letter combinations (e.g. in, it, the, ion, ing, ) If some knowledge about the content is available it is even easier to crack
  • #15: Statistical Analysis Knowing % of occurrences of different letters (e.g. e occurs 13% of time in the document and t occurs 19% of times) Knowing commonly occurring two and three letter combinations (e.g. in, it, the, ion, ing, ) If some knowledge about the content is available it is even easier to crack
  • #16: Statistical Analysis Knowing % of occurrences of different letters (e.g. e occurs 13% of time in the document and t occurs 19% of times) Knowing commonly occurring two and three letter combinations (e.g. in, it, the, ion, ing, ) If some knowledge about the content is available it is even easier to crack
  • #17: DES consists of two permutations steps (the first and last steps of the algorithm) Operation of each round is identical taking output of the pervious round as input During each round the rightmost 32 bits of input are moved to left 32 bits of the output The entire 64 bit input to the ith round and the 48-bit key for the ith round are taken as an input to a function The function involves expansion of 4-bit chunks into 6-bit chunks , exclusive or-ing with the expanded 6-bit chunks of the 48-bit key Ki, a substitution operation and further exclusive OR-ing with the leftmost 32 bits of the input. The resulting 32 bits of the input of the function is then used as the rightmost 32 bits of the rounds 64-bit output
  • #18: Statistical Analysis Knowing % of occurrences of different letters (e.g. e occurs 13% of time in the document and t occurs 19% of times) Knowing commonly occurring two and three letter combinations (e.g. in, it, the, ion, ing, ) If some knowledge about the content is available it is even easier to crack
  • #19: 1. Must have done this as an assignment last year.
  • #20: 1. Must have done this as an assignment last year.
  • #21: 1. Must have done this as an assignment last year.
  • #22: 1. Must have done this as an assignment last year.
  • #23: 1. Must have done this as an assignment last year.
  • #24: 1. Must have done this as an assignment last year.
  • #25: 1. Must have done this as an assignment last year.
  • #26: 1. Must have done this as an assignment last year.
  • #27: 1. Must have done this as an assignment last year.
  • #28: 1. Must have done this as an assignment last year.
  • #29: 1. Must have done this as an assignment last year.
  • #31: 1. Must have done this as an assignment last year.
  • #32: Page 120-131, Secure Electronic Commerce
  • #33: 1. Must have done this as an assignment last year.
  • #34: 1. Must have done this as an assignment last year.
  • #35: 1. Must have done this as an assignment last year.
  • #36: 1. Must have done this as an assignment last year.
  • #37: 1. Must have done this as an assignment last year.
  • #38: 1. Must have done this as an assignment last year.
  • #39: 1. Must have done this as an assignment last year.
  • #40: 1. Must have done this as an assignment last year.
  • #41: To create a digital signature, the user simple creates a message digest of the document to be signed and then encrypts it with their private key.
  • #42: 1. Must have done this as an assignment last year.
  • #43: A web browser has a digital certificate from verisign which is the root certification authority.
  • #44: A web browser has a digital certificate from verisign which is the root certification authority.
AboutCopyright
息 2025 際際滷