encrypton-rsa, pgp presented by aine reynolds eric hopkins rosanna madera susanti kusmiantoro
Post on 21-Dec-2015
213 views
TRANSCRIPT
Overview of Encryption
The issue of security and privacy is not a new one, however the old-age science of cryptography has been in use since people had information they wished to hide.
Cryptography has naturally been extended into the realm of computers, and provides a solution to electronic security and privacy issues
Encryption Encryption and decryption typically occur
using complex mathematical algorithms with the use of a key
There are two types of key-based encryption algorithms,– Symmetric (private key)– Asymmetric (public key)
Symmetric encryption Typically use 128-bit length keys The Same key is used to encrypt and
decrypt the message– Message encrypted using a key– Message sent to receiver– Encryption key communicated separately, to
allow the message to be decrypted by receiver
An Example is the use of a password, to encrypt and decrypt
Symmetric Encryption ..cont…
Simplicity is a source of its problem, along with how many keys needed for each message
N*(N-1)/2 Number of private keys that need to exist
As the number of N increases, the management of the private key becomes costly and cumbersome.
Asymmetric Encryption
Uses a pair of keys instead of a singular key One key is kept private while one is public Encryption by one can only be decrypted by
using the other The property of the key-pair can be used to
perform two functions, encryption and digital signatures
The public key of the recipient is used to encrypt the message
Asymmetric Encryption…cont.. Message encrypted using a one-use private key
(randomly generated for the specific message) This message specific key is then encrypted using
the recipient’s public key Both are sent together On receipt the recipient used his private key to
decrypt the message specific key, thus giving him access to the message
This combined approach provides speed of private key along with the manageability of public key encryption
History of Encrytion 1900 BC: carvings that incorporate simple forms of coding
inside tombs in Egypt 1500 B.C.: cyphered pottery glaze formula 400 BC: A physical method of disguising the meaning of
messages called "Skytale" was devised by the Spartans. The Greeks described several substitution ciphers Julius Caesar is known to have used a cryptographic system to
keep his orders secret 400 AC: The "art of secret writing" is even included in the Kama
Sutra as a skill that women should learn and practice One of the most popular pastimes of the vikings was to devise
riddles which were suitable to encrypt message content
History of Encryption Cont. In the turbulent medieval times, the renaissance, and later
through the French revolution, mathematicians of all countries devised more and more sophisticated encryption algorythms
Invention of Telegraph 1945 World War II, Cracking the German Enigma 1960 IBM creates “Lucifer” 1973 NIST standarized encryption with DES 1976 DES was authorized for public use 1977 RSA was developed 1986 PGP was developed The next breakthrough in cryptography will probably happen
with the arrival of quantum computers
Who Uses Encryption?• Bank records and other financial data - to protect privacy
and to protect against theft of funds. • Protecting Ones Identity Against Theft• Passwords and personal identification numbers used for
electronic funds transfers, automated teller machines, and so on.
• Any sensitive data stored in databases, such as medical records.
• Research and product development files - to protect trade secrets.
• Viruses using encryption
Who Uses Encryption? Cont.
• Sensitive business communications. • Email and telephone communications - to protect privacy. • Personal files on home computers. • Cable/Satellite television signals - to prevent reception by
people who have not paid. • Tests and student grade files kept by teachers• Military• Firewalls (VPN)• Multimedia
RSA Is the most trusted name in e-security to
help organizations build a secure, trusted foundation for e-business through their RSA Web Security Portfolio.– SecurID - two-factor authentication – BSAFE – encryption– Keon - public key infrastructure solution
All are based on the RSA algorithm. RSA security is the market leader.
RSA SecurID
Two-factor user authentication service for enterprise networks, operating systems, e-commerce Web sites and other IT infrastructures.
Function like an ATM card for a network, requiring users to identify themselves using a PIN number (public key) of some kind.
RSA BSAFE
BSAFE products provide a family of platform-independent encryption development tools, which enable corporate and commercial software developers to reliably incorporate security into a wide variety of applications.
Embedded in over 450 copies of Internet applications, including, Web browsers, commerce servers, email systems and virtual private network products.
RSA Keon
Interoperable product that are standard-based to work with PKI-enabled applications for managing digital certificates
Provides an environment for authenticated, private and legally binding electronic communications and transactions.
RSA Algorithm Consist of a public key, private key and a very complicated
factorial computation1. p and q, two large prime numbers and compute their
product(modulus)
n = (p)(q).
2. Choose e (public key), less than n and relatively prime to (p-1)(q-1).
3. Compute d (private key) such that (ed-1) is divisible by (p-1)(q-1).
Example: http://world.std.com/!franl/crypto/rsa-example.html
Breaking the RSA system
– Attackers discover the private key corresponding to the given public key
– Attackers aim not on the cryptosystem, but on the insecure implementation of the system or bad key management.
Market Leader
Web Security Portfolio allow organizations to work with a single vendor to provide quality security services.
Most widely used public-key cryptosystem Interoperability Strategic relationships and partnership
programs Global e-security provider
PGP – Pretty Good Privacy
PGP is a computer program that encrypts and decrypts data that enables email and files protections.
PGP uses RSA public key encryption system.
Philip Zimmermann is the creator.
PGP – How safe it is?
Nobody has publicly demonstrated the skill to outsmart PGP.
PGP uses the strongest encryption available outside the government.
Weak point = encryption schemes are totally open for peer review, algorithms are open to whoever interested, and vulnerability with the algorithm.