Presentation is loading. Please wait.

Presentation is loading. Please wait.

Symmetric versus Asymmetric Cryptography. Why is it worth presenting cryptography? Top concern in security Fundamental knowledge in computer security.

Published byErica Cannon Modified over 8 years ago

Similar presentations

Presentation on theme: "Symmetric versus Asymmetric Cryptography. Why is it worth presenting cryptography? Top concern in security Fundamental knowledge in computer security."— Presentation transcript:

1 Symmetric versus Asymmetric Cryptography

2 Why is it worth presenting cryptography? Top concern in security Fundamental knowledge in computer security  A review for those who have taken the course Computer Security (and Integrity)  A need for those who have not

3 Two kinds of Cryptography Symmetric 1)Alice and Bob agree on a cryptosystem 2)Alice and Bob agree on a key 3)Alice takes her plaintext message and encrypts it using the encryption algorithm and the key. This creates a ciphertext message 4)Alice sends the ciphertext message to Bob 5)Bob decrypts the ciphertext message with the same algorithm and key and reads it Asymmetric 1)Alice and Bob agree on a public-key cryptosystem 2)Bob sends Alice his public key 3)Alice encrypts her message using Bob’s public key and sends it to Bob 4)Bob decrypts Alice’s message using his private key

4 Problems Symmetric Keys must be distributed in secret If a key is compromised, Eve (eavesdropper) can  decrypt any message  pretend to be one of the parties A network requires a great number of keys Asymmetric slow (~1000 times slower than the symmetric) vulnerable to chosen- plaintext attacks

5 Public-key algorithms are not a substitute for symmetric algorithms are not used to encrypt messages, they are used to encrypt keys (session keys used with symmetric algorithms to secure message traffic)

6 Hybrid Cryptosystems 1)Bob sends Alice his public key. 2)Alice generates a random session key, K, encrypts it using Bob’s public key, and sends it to Bob. E B (K) 3)Bob decrypts Alice’s message using his private key to recover the session key. D B (E B (K)) = K 4)Both of them encrypt their communications using the same session key.

7 Signing Documents Symmetric 1)Alice encrypts her message to Bob with K A and sends it to Trent 2)Trent decrypts the message with K A 3)Trent takes the decrypted message and a statement that he has received this message from Alice, and encrypts the whole bundle with K B 4)Trent sends the encrypted bundle to Bob 5)Bob decrypts the bundle with K B. He can now read both the message and Trent’s certification that Alice sent it Asymmetric 1)Alice encrypts the document with her private key, thereby signing the document 2)Alice sends the signed document to Bob 3)Bob decrypts the document with Alice’s public key, thereby verifying the signature

8 Digital Signatures with Encryption 1)Alice signs the message with her private key S A (M) 2)Alice encrypts the signed message with Bob’s public key and sends it to Bob E B (S A (M)) 3)Bob decrypts the message with his private key D B (E B (S A (M))) = S A (M) 4)Bob verifies with Alice’s public key and recovers the message V A (S A (M)) = M

9 Problem with resending the message as a Receipt Bob signs the message with his private key, encrypts it with Alice’s public key, and sends it back to Alice E A (S B (M)) If Mallory captures the message that Alice sent to Bob and claims that it came from him V M (S A (M)) = ? Bob still sends Mallory a receipt: E M (S B (V M (S A (M)))) =E M (D B (E M (D A (M))))  Mallory can read the message M by using his private key and public keys of Alice and Bob.

10 Attacks against Public-key Cryptography How Alice gets Bob’s public key?  from secure database How to protect the public key?  database is read-only to everyone, only writable to Trent  Trent can sign each public key by his own private key (Key Certification Authority or Key Distribution Center)

11 Conclusion No perfect method  each has its own weaknesses  be aware of being attacked Good to combine different methods

12 Reference [1] Thomas H. Cormen, Charles E. Leiserson, Ronald L. Rivest, and Clifford Stein. Introduction to Algorithms. MIT Press and McGraw-Hill, 2001. ISBN 0-262-03293-7. Section 31.7: The RSA public-key cryptosystem, pp.881–887 [2] Bruce Schneier. Applied Cryptography. John Wiley & Sons, Inc. 1996. (ISBN: 0471128457)

Download ppt "Symmetric versus Asymmetric Cryptography. Why is it worth presenting cryptography? Top concern in security Fundamental knowledge in computer security."

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing.

Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.
95-712 OOP/Java1 Public Key Crytography From: Introduction to Algorithms Cormen, Leiserson and Rivest.

OOP/Java1 Public Key Crytography From: Introduction to Algorithms Cormen, Leiserson and Rivest.
Attacks on Digital Signature Algorithm: RSA

Attacks on Digital Signature Algorithm: RSA
Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.

Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Public Key Crytography1 From: Introduction to Algorithms Cormen, Leiserson and Rivest.

Public Key Crytography1 From: Introduction to Algorithms Cormen, Leiserson and Rivest.
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Cryptographic Technologies

Cryptographic Technologies
Chap 3: Key exchange protocols In most systems, we distinguish the short term keys from the long term ones: –A short term key (session key) is used to.

Chap 3: Key exchange protocols In most systems, we distinguish the short term keys from the long term ones: –A short term key (session key) is used to.
Overview of Cryptography Oct. 29, 2002 Su San Im CS Dept. EWU.

Overview of Cryptography Oct. 29, 2002 Su San Im CS Dept. EWU.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.

Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.
Remarks on Voting using Cryptography Ronald L. Rivest MIT Laboratory for Computer Science.

Remarks on Voting using Cryptography Ronald L. Rivest MIT Laboratory for Computer Science.
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,

Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
Public-Key Cryptography and RSA CSE 651: Introduction to Network Security.

Public-Key Cryptography and RSA CSE 651: Introduction to Network Security.

Similar presentations

Ads by Google