Data Encryption

Presented By:

Deepam Goyal

Department of Mechanical Engineering

UIET, Panjab University Chandigarh

Data Encryption Encryption Definition:

The action of disguising information so that it can be recoveredeasily by the persons who have the key, but is highly resistant torecovery by persons who do not have the key.

encryption is the process of transforming information (referred to as plaintext) using an algorithm (called cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key

Data Encryption

The encryption key may be changed from time to timeto make an intruder’s task more difficult.

Restoration of a ciphertext to cleartext is achieved by theaction of decryption using a decryption key.

Data Encryption A message is cleartext (plaintext) is encrypted

(disguised) through the use of an encryption key tocreate a Ciphertext.

Data Encryption

In symmetric (Single key):

The encryption and decryption keys are the same.

In asymmetric (two keys):

The encryption and decryption keys are different.

Comparison of Symmetrical and

Asymmetrical Cryptography

Data Encryption Encryption Methods:

Encryption is accomplished by scrambling the bits,characters, words, or phrases in the original message.Scrambling involves two activities:

Transposition

Substitution

Data Encryption Transposition:

In which the order of the bits patterns, characters, words or phrases is rearranged.

The word “hello” can be written backwards as “OLLEH”.

Substitution:

In which new bit patterns, characters, words, or phrasesare substituted for the originals without changing theirorder.

Data Encryption Data Encryption Standard (DES):

Most widely used algorithm

Pioneered by IBM

It is symmetric cryptosystem

Developed to protect sensitive, unclassified, US government, Computer data.

Used to provide authentication of electronic funds transfer messages.

Why encrypt? Protect data even in the event of a security breach

Safeguard patient information

HIPAA compliance, and

TO AVOID

Financial loss (large fines, lost patients & revenue)

Legal ramifications (regulatory or civil prosecution)

Damage to professional image (negative publicity & media fallout)

Data EncryptionDES Algorithm:

The algorithm accepts plaintext, P, and performs aninitial permutation, IP, on P producing P0, The block isthen broken into left and right halves, the Left (L0)being the first 32 bits of P0 and the right (R0) being thelast 32 bits of P0.

With L0 and R0, 16 rounds are performed until L16 andR16 are generated.

The inverse permutation, IP-1, is applied to L16R16 toproduce ciphertext C.

Data Encryption Public Key Cryptosystem

It is an asymmetric cryptosystem.

First announced in 1976.

Offer a radically different approach to encryption.

The idea depends on the use of a pair of keys that differ in a complementary way.

Several algorithms are proposed

RSA algorithm is considered to be highly secure.

Data Encryption Public key encryption can achieved:

Privacy

Authentication

MEANING

A digital signature is an electronic signature that can be used to authenticate the identity of the sender of a message or the signer of a document, and possibly to ensure that the original content of the message or document that has been sent is unchanged.

Digital signatures are easily transportable, cannot be imitated by someone else, and can be automatically time-stamped. The ability to ensure that the original signed message arrived means that the sender cannot easily repudiate it later.

A digital signature can be used with any kind of message, whether it is encrypted or not, simply so that the receiver can be sure of the sender's identity and that the message arrived intact. A digital certificate contains the digital signature of the certificate-issuing authority so that anyone can verify that the certificate is real.

HOW IT WORKSOriginal message

Hash function

Sender’s private key

Cipher text(including hash digest)

Sender’s public key

Recipient’s private key

Hash

receiver

Creating a Digital Signature

Hash

Function

Jrf843kjfgf*£$&Hdi

f*7oUsd*&@:<CH

DFHSD(**

Py75c%bn&*)9|fDe^b

DFaq#xzjFr@g5=&nm

dFg$5knvMd’rkvegMs”This is a really long

message about Bill’s…

Asymmetric

Encryption

Message or File Digital Signature128 bits Message Digest

Calculate a short message digest from even a long input using a one-

way message digest function (hash)

Signatory’s private key

private

Verifying a Digital Signature

Jrf843kjf

gf*£$&Hd

if*7oUsd

*&@:<CHD

FHSD(**

Py75c%bn&*)

9|fDe^bDFaq

#xzjFr@g5=

&nmdFg$5kn

vMd’rkvegMs”

Asymmetric

decryption

(e.g. RSA)

Everyone has

access to trusted

public key of the

signatory

Signatory’s

public key

Digital Signature

This is a

really long

message

about Bill’s…

Same hash function

(e.g. MD5, SHA…)

Original Message

Py75c%bn&*)

9|fDe^bDFaq

#xzjFr@g5=

&nmdFg$5kn

vMd’rkvegMs”

? == ?Are They Same?

23

Certificate:

body of data placed in a message to serve as

Proof of the sender’s authenticity.

consists of encrypted information that associates

a public key with the true identity of an individual

Includes the identification and electronic signature of

Certificate Authority (CA).

Includes serial number and period of time when the

certificate is Valid

24

Certificate Authority :

trusted organization that issues certificates for

both servers and clients.

create digital certificates that

securely bind the names of users to

their public keys.

Two types of CA:

* Commercial CA

* Self-certified private CA

Typ es of cer t if ica t es

Root

CERT

eeeee

SERVER

CERT

CLIENT

CERT

OBJECT

SIGNING

CERT

OBJECT

CERT

THANKS

Email ID: bkdeepamgoyal@gmail.com