CHAPTER 6 Cryptography. An Overview It is origin from the Greek word kruptos which means hidden. The objective is to hide information so that only the.

Slides:



Advertisements
Similar presentations
Chapter 3 Public Key Cryptography and Message authentication.
Advertisements

Cryptography Ch-1 prepared by: Diwan.
Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
Cryptography. 2 Objectives Explain common terms used in the field of cryptography Outline what mechanisms constitute a strong cryptosystem Demonstrate.
Cryptography Basic (cont)
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptographic Technologies
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.
Public Key Model 8. Cryptography part 2.
1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.
Chapter 12 Cryptography (slides edited by Erin Chambers)
Cryptography Week-6.
1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.
© Neeraj Suri EU-NSF ICT March 2006 DEWSNet Dependable Embedded Wired/Wireless Networks MUET Jamshoro Computer Security: Principles and Practice Slides.
1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 21 “Public-Key Cryptography.
Security. Cryptography Why Cryptography Symmetric Encryption – Key exchange Public-Key Cryptography – Key exchange – Certification.
Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)
Lecture 19 Page 1 CS 111 Online Symmetric Cryptosystems C = E(K,P) P = D(K,C) E() and D() are not necessarily the same operations.
10/1/2015 9:38:06 AM1AIIS. OUTLINE Introduction Goals In Cryptography Secrete Key Cryptography Public Key Cryptograpgy Digital Signatures 2 10/1/2015.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 11 Basic Cryptography.
Crypto Bro Rigby. History
Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.
Chapter 8: Scrambling Through Cryptography Security+ Guide to Network Security Fundamentals Second Edition.
Cryptography, Authentication and Digital Signatures
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
Day 37 8: Network Security8-1. 8: Network Security8-2 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key:
Chapter 21 Public-Key Cryptography and Message Authentication.
Internet Security. Four Issues of Internet Security Authenticity: Is the sender of a message who they claim to be? Privacy: Are the contents of a message.
Strength of Cryptographic Systems Dr. C F Chong, Dr. K P Chow Department of Computer Science and Information Systems The University of Hong Kong.
Public Key Cryptography. symmetric key crypto requires sender, receiver know shared secret key Q: how to agree on key in first place (particularly if.
Computer Security and Penetration Testing Chapter 6 Encryption and Password Cracking.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 2 – Cryptographic.
Encryption No. 1  Seattle Pacific University Encryption: Protecting Your Data While in Transit Kevin Bolding Electrical Engineering Seattle Pacific University.
Lecture 2: Introduction to Cryptography
Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.
1 CHAPTER 6 CRYPTOGRAPHY. 2 An Overview of Cryptography and Some of its Algorithms Crypto, origins in Greek word ‘kruptos’ means hidden Crypto, origins.
Security fundamentals Topic 4 Encryption. Agenda Using encryption Cryptography Symmetric encryption Hash functions Public key encryption Applying cryptography.
Encryption Basics Module 7 Section 2. History of Encryption Secret - NSA National Security Agency –has powerful computers - break codes –monitors all.
Intro to Cryptography Lesson Introduction
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
BZUPAGES.COM Cryptography Cryptography is the technique of converting a message into unintelligible or non-understandable form such that even if some unauthorized.
DATA & COMPUTER SECURITY (CSNB414) MODULE 3 MODERN SYMMETRIC ENCRYPTION.
Cryptography Gerard Klonarides. What is cryptography? Symmetric Encryption Symmetric Encryption Asymmetric Encryption Asymmetric Encryption Other cryptography.
MM Clements Cryptography. Last Week Firewalls A firewall cannot protect against poor server, client or network configuration A firewall cannot.
CSI-09 COMMUNICATION TECHNOLOGY SECURITY MECHANISMS IN A NETWORK AUTHOR - V. V. SUBRAHMANYAM.
Lecture 5 Page 1 CS 236 Online More on Cryptography CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Computer Security By Rubel Biswas. Introduction History Terms & Definitions Symmetric and Asymmetric Attacks on Cryptosystems Outline.
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
Public Key Cryptography. Asymmetric encryption is a form of cryptosystem in which Encryption and decryption are performed using the different keys—one.
USAGE OF CRYPTOGRAPHY IN NETWORK SECURITY
Outline Desirable characteristics of ciphers Uses of cryptography
Outline Desirable characteristics of ciphers Uses of cryptography
DISSERTATION ON CRYPTOGRAPHY.
PUBLIC-KEY CRYPTOGRAPHY AND RSA – Chapter 9
Introduction to Cryptography
Fluency with Information Technology Lawrence Snyder
Presentation transcript:

CHAPTER 6 Cryptography

An Overview It is origin from the Greek word kruptos which means hidden. The objective is to hide information so that only the intended recipient can unhide it. The hiding of information is called encryption and the unhidden of information is called decryption. A cipher is used to accomplish encryption and decryption. A cipher is a method of transforming a text in order to conceal its meaning.

An Overview The information that is being hidden is called plaintext and the information that has been encrypted is called ciphertext.

Encryption Key Types Cryptography uses two types of keys: symmetric and asymmetric. Symmetric A single key is used for both encryption and decryption of ciphertext. This type of key is called secret key because it must be kept secret from anyone. Problems 1. How to make sure the sender and receiver each have the same key. 2. The recipient does not have the same key to decrypt the ciphertext sent by the sender.

Encryption Key Types Asymmetric In asymmetric, two different keys are used: one for encryption and one for decryption. These two key are called public key and private key, respectively.

Algorithms Symmetric Algorithms This algorithm use a single key. There are two popular kinds of symmetric algorithms: DES (Data Encryption Standard) and IDEA (International Data Encryption Algorithm). DES It was first developed by IBM in 1974 with the name Lucifer. It is a block cipher meaning that it works on blocks of data.

Algorithms The key is 64 bits length, however, only 56 bits are actually used and are called active key. The other 8 bits are used for parity. DES uses two different techniques: substitution and transportation (also known as confusion and diffusion, respectively). There are several variations of DES have been created to help protect the integrity of the ciphertext. The two variations are 3DES (uses multiple keys) and DESX (uses 64 bits of additional key).

Algorithms IDEA It uses a 128-bit key and operates on a 64-bit plaintext block. There are several different symmetric algorithms available today such as Blowfish, RC2, RC4 and CAST (Carlisle, Adams and Stafford Tavares). Asymmetric Algorithms Asymmetric algorithms use multiple keys called public and private. There are two popular algorithms: Diffie- Hellman and RSA (Rivest, Shamir, Adleman).

Algorithms Diffie-Hellman It uses a key pair that public key is used to encode a message and private key is used to decode the message. It is very difficult to derive the corresponding private key, if the keys are of sufficient length. DH is commonly called a key exchange mechanism as it is used to exchange a secret key over insecure medium, such as Internet. RSA RSA is used for both encryption and authentication and is widely used.

Cryptography Problems MITM Attack DH is vulnerable to man-in-the-middle (MITM) attacks. The attacker can change the public and private key into one key. This happens because the DH exchange is totally anonymous. A method to prevent this type of attack is to use some sort of authentication such as digital signatures.

Cryptography Problems Secret Storage This problem can occur when storing the secret somewhere that can easily be attacked. In this case it doesn’t matter using 3DES, as long as the key is stored somewhere can be attacked. Universal Secret This problem happens where products containing cryptography are allowed to talk to each other without having to exchange authenticated session keys, for example, in DVD and DSS cryptography.

Entropy Entropy is a process of degradation or running down or a trend to disorder. The relevant of cryptography is it doesn’t matter how good of an algorithms implemented in an application if a poor password is picked by a human. It can happens when relying on passwords or passphrases of the end user even the applications use strong cryptographic algorithms. There are two software could have problem with entropy, PGP or Steganos II Security Suite.

Brute Force Introduction A primitive programming style, in which programmer relies on the computer’s processing power instead of using their intelligence to simplify the problems. In cryptography, it means, the programmer try every possible key combination within the key space until they find the correct one in order to attack the system. There are some software that can perform brute force, for example, L0phtCrack, Crack and John the Ripper.

Brute Force L0phtCrack This is a Windows NT password auditing tool and a commercial software. It provides mechanisms for retrieving the passwords from the hashes and has brute force capabilities. Crack This is a password-guessing program for UNIX systems. Crack can test for common variants that people use, who think they are picking more secure passwords.

Brute Force Crack 7, one of the crack variation, is a brute force password cracker that can be used if dictionary-based fails. John the Ripper This is primarily a UNIX password-cracking program. It differs from Crack because it can be run not only UNIX systems, but also Windows NT/9x and DOS. It supports brute force but it calls it incremental mode – MODE is replaced with a word you want to use when starting John the Ripper.

Brute Force Distributed.net Distributed.net was dedicated to the advancement of distributing processing. Distributing processing is harnessing the unused CPU cycles of computers all over the world in order to work on a specific task or problem. It concentrated their efforts on breaking cryptography algorithms by using computers around the world to tackle a portion of the problem. So far, it has been successful in cracking DES.

Brute Force Deep Crack This is a special hardware that used together with Distributed.net. Deep crack consist of six cabinets that house 29 circuit boards.

Cryptanalysis Cryptanalysis is the process of attacking cryptography that can be done by the person who is very expert in cryptography. It can stand up to several years to become expert in attack and analysis. There are two kind of cryptanalysis techniques: differential cryptanalysis and side-channel attack. Differential Cryptanalysis The basic idea is that by knowing the plaintext through a DES encryption and then examining the ciphertext, attacker can calculate the key.

Real Cryptanalysis Side-Channel Attack A side-channel attack is an attack against a particular implementation of a crypto algorithm, not the algorithm. Particular implement might be called embodiment because these attacks against the hardware the algorithm is living in.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.