is case study
Post on 22-Nov-2014
280 Views
Preview:
DESCRIPTION
TRANSCRIPT
Introduction to Crytographic Techniques
What is Cryptography?
- Cryptography is the science of keeping oral and written as well as other forms of communications secret.
- Cryptography provides a means of authentication of communicating parties.
- Cryptography is the study of codes and ciphers for use in secret transmission of messages from a sender to a recipient.
- Cryptology is composed of crytography - the art and science of keeping messages secure.
- Cryptographic algorithms --> methods for transforming plaintext messages into ciphertext.
- Secret key cryptography (or symmetrical)- Public key cryptography (or asymmetrical)
By:Shehrevar DavierwalaBy:Shehrevar Davierwala
In cryptographics, a message in human readable form is referred to plaintext or cleartext.
Encryption:Encryption refers to a process which disguises a cleartext message to hide its substance and generates a message, known as ciphertext.Plaintext is denoted by P, whereas ciphertext is denoted by C.The encryption function E operates on P to produce C based on a key value K:
E k (P) = C
Encryption and Decryption
Encryption
Key
Plaintext
Ciphtext
By:Shehrevar DavierwalaBy:Shehrevar Davierwala
Encryption and Decryption
Decryption:
The reverse process of encryption is known as a decryption, in which a cihhertext is converted back to its original cleartext form.
In the reverse process, the decryption function D operates on C to produce Pbased on a key value K:
D k (C) = P
Decryption
Key
Ciphertext
Plaintext
By:Shehrevar DavierwalaBy:Shehrevar Davierwala
Simple Encryption System
Encryption
Encryption Key(s)
CiphertextPlaintex
tDecryption
Decryption Key(s)
Plainrtext
Cryptography is both the lock and the combination (or keys) that helps us protect our communication data and transformation messages.
There are varieties of locks, there are varieties of crytographic methods and keys.
Two limits of Encryption:- it cannot protect data on a computer- it can no better than the weakest link.
By:Shehrevar DavierwalaBy:Shehrevar Davierwala
Different Types of Cryptography Methods
Transposition Ciphers:
In transposition ciphers, the letters of the message to be secretly transmitted are scrambled,that is, rewritten in a pattern way, and is then sent in a different order from its original form..
N O W - I S - T H E - T I M E F O R - A L L - G O O D - M EN - T O - C O M E - T O - T HE - A I D - O F - T H E I R -P A R T I E S - S T O P Z Z Z
would be transmitted as:
NFNEP OO - A WRTAR - OIT IA - DI SLC-E-LOOS T - ME - HE - SEO - TT - OTHO TDOEP I - IZ MMTRZ EEH-Z
By:Shehrevar DavierwalaBy:Shehrevar Davierwala
Different Types of Cryptography Methods
Transposition Ciphers:
In transposition ciphers, the letters of the message to be secretly transmitted are scrambled,that is, rewritten in a pattern way, and is then sent in a different order from its original form..
Key word: C O M P U T E RLetter order: 1 4 3 5 8 7 2 6
M E E T M E A TT H E F R O N TD O O R O F T HH I L T O N H OT E L A T 9 P M
would be transmitted as:
MTDHT ANTHP EEOLL EHOIE TFRTA TTHOM EOFN9 MROOT
By:Shehrevar DavierwalaBy:Shehrevar Davierwala
Different Types of Cryptography Methods
Substitution Ciphers:
Substitution ciphers are created by replacing one symbol, such as a letter of a message,with another symbol or letter in some patterned way.
Let’s assume that we have a replacement letter pattern as follows:
A B C D E F G H I J K L M N O P Q R S T U V W X Y ZD E F G H I J K L M N O P Q R S T U V W X Y X A B C
Plaintext: NOW IS THE TIME FOR ALL GOOD PEOPLE TO COME TO THE
Ciphertext: KLT FP QEB QFJB CLO XII DLLA MBLMIB QL ZLIB QL QEB
More complex symbol replancement pattern can be applied.
By:Shehrevar DavierwalaBy:Shehrevar Davierwala
Different Types of Cryptography Methods
Product Ciphers:
Product ciphers are created by using substitution and transposition together.
Current Data Encryption Standard (3DES) and Rijndael ( The Advanced Encryption Standard. Winner) use multiple combinations of transposition and substitution to achievesuperior cryptosecurity.
Although this approach become more complex and secure than the previous two,they could be attacked using statistical methods.
Ideally, ciphertext could present itself as a random string of letters of bits or be data key-stroked by a monkey.
Diffusion is defined as the dispersion or distribution of plaintext in a statistically random manner over the ciphertext.
The principle of confusion prevents the cryptanalyst from using the ciphertext to deduce the secret key. It may take the form of a complex substitution method. Confusion hides the relationship between ciphertext and the secret key.
By:Shehrevar DavierwalaBy:Shehrevar Davierwala
Symmetric Encryption
Symmetric encryption (secret-key encryption, or single-key encryption):
Secret-key encryption refers to the use of a shared key for both encryption bythe transmitter and decryption by the receiver.
Work step:- Sender sends a message after encryption with a secret-key.- Receiver decrypt the message with the same secret key after receiving it.
Internet
Anne sends a message
BobreceivesAnne’smessage
Encryptwith a secret key
Decryptwith a secret key
EncryptedMessage
EncryptedMessage
By:Shehrevar DavierwalaBy:Shehrevar Davierwala
Symmetric Encryption
Special features of symmetric encryption:- Two communication parties use and share the same key.- Encryption and decryption is carried out based on the same key.- Both parties must agree on the secret key before communications.
Advantages:- Useful in many cases which only involves two-party communications.
Problems and limitations:
- Complex in key distribution (key generation, transmission, and storage).- Not scalable.- Impractical to support large group of communications in networks.- Impossible to support exchanging messages with a large group of previouslyunknown parties over a public open network.
Example: DES (the Data Encryption Standard)
By:Shehrevar DavierwalaBy:Shehrevar Davierwala
Asymmetric Encryption
Asymmetric encryption (public-key encryption):Public-key encryption (asymmetric encryption) use a pair of keys for each party.- One key is known as a “public key”, which is known to other parties.- One key is known as a “private key” or a “secret key”, which must be confidential, and is known only to its owner.
- The public key encrypts the message.- The private key decrypts the message.
Internet
Anne sends a message
BobreceivesAnne’smessage
Encryptwith a public keyPK(Bob)
Decryptwith Bob’ private keySK(Bob)
ScrambledMessage
ScrambledMessage
By:Shehrevar DavierwalaBy:Shehrevar Davierwala
Asymmetric Encryption
Special features of asymmetric encryption (public-key encryption):
SK(PK(M)) = MAdvantages:
- Easy to key distribution (key generation, maintain and storage)- Scalable to support large group of users in an public network- Easy to support unknown users since no previous consent is needed.- Better protection than symmetric encryption.
Problems and limitations:- Slow performance
Applications: E-commerce, snoop-proof email system.
Standards: the best known public-key encryption algorithm --> RSA
By:Shehrevar DavierwalaBy:Shehrevar Davierwala
, Sh
RSA Algorithm
The RSA algorithm was developed by Rivest, Shamir, and Adleman at MIT in 1978.
The basic algorithm is outlined below:
1: Choose two large distinct primes, p and q.2: Compute the product (modulus) n = pq. 3: Randomly choose encryption key e, such that e and (p-1)(q-1) are relatively prime.4: Finally use Euclid’s algorithm to compute the decryption key, d such that
e . d = 1 (mod (p-1) . (q -1)).
Where, d and n are relatively prime. e and n are the public key. d is the secret key.
To encrypt a message M, eC = M mod n
To decrypt C, dM = C mod n
By:Shehrevar DavierwalaBy:Shehrevar Davierwala
Comparing Symmetric Encryption and Asymmetric Encryption
Features Secret-Key Encryption Public-Key Encryption
No. of keys Single Key Public Key and Secret Key
Application Bulk data encryption Key exchange, digital signatures
Key Management Simple but difficult to Need digital certificatesmanage and trusted third parties
Performance Fast Slower
Key exchange difficult and risk to Easy and less risky to delivertransfer a secret key a public key.
Key Length 56-bit (old) 1024 bit (RSA)126-bit (safe) Many used 2048 bits
Standards DES, Triple DES RSA, Diffie-HellmanRijndael DSA, Elliptic curves
By:Shehrevar DavierwalaBy:Shehrevar Davierwala
Comparing Symmetric Encryption and Asymmetric Encryption
Features Secret-Key Encryption Public-Key Encryption
Years in use over 1000 years less than 50 years
Types of keys Secret Key only One Public Key andone Private Key
Confidentiality Yes Yes
Authentication Yes Yes
Message integrity Yes Yes
No-repudiation No YesDon’t need trusted Digital signatures: third party need trusted third party
Attack Simple but difficult to Need digital certificatesmanage and trusted third parties
By:Shehrevar DavierwalaBy:Shehrevar Davierwala
Digital Signatures
What is a digital signature?
- Digital signatures are implemented using public-key encryption.
- A digital signature is a cryptographic mechanism that performs a similar function to a written signature.
- Created using PPK cryptograph and message digests.
Encryption allows a messagesender the ability to digitally sign messages, thus creating a digital signature for themessage. When a message digest is computed and then encrypted using the sender’s private key, and later append to the message, the result is called the digital signatureof the message.
By:Shehrevar DavierwalaBy:Shehrevar Davierwala
Digital Signatures
Purposes: Digital signatures are used to ensure the integrity and authentication.-- To verify the origin and contents of a message.-- Digital signatures are used for sender authentication.
Why digital signatures?
- Public-key algorithms are computation-intensive. With large messages they may be too expensive or too slow for the application.
- Digital signatures based on digested message provide alternative solutions.
Application:Digital signatures can be used to endorse an electronic document in a way that can be later validated for authenticity.
By:Shehrevar DavierwalaBy:Shehrevar Davierwala
Generating A Digital Signature
Message
MessageSignature
Message Digest
Encrypt
HashingAlgorithm
Sender’sPrivate Key(SK sender)
To Receiver
By:Shehrevar DavierwalaBy:Shehrevar Davierwala
top related