Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does.

Slides:

Advertisements

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Advertisements

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

CIS 193A – Lesson6 CRYPTOGRAPHY RAPELCGRQ. CIS 193A – Lesson6 Focus Question Which cryptographic methods help computer users maintain confidentiality,

Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing.

Cryptography. 2 Objectives Explain common terms used in the field of cryptography Outline what mechanisms constitute a strong cryptosystem Demonstrate.

Pretty Good Privacy (PGP). How PGP works PGP uses both public-key cryptography and symmetric key cryptography, and includes a system which binds the public.

Principles of Information Security, 2nd edition1 Cryptography.

CC3.12 Erdal KOSE Privacy & Digital Security Encryption.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

Cryptographic Technologies

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.

Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)

Encryption Methods By: Michael A. Scott

Cryptographic Security Cryptographic Mechanisms 1Mesbah Islam– Operating Systems.

Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.

Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.

What is Encryption? - The translation of data into a secret code - To read an encrypted file, you must have access to a secret key or password that enables.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/

1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.

Lecture 19 Page 1 CS 111 Online Security for Operating Systems: Cryptography, Authentication, and Protecting OS Resources CS 111 On-Line MS Program Operating.

CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.

1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.

1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.

Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward.

1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.

Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.

Cryptography ECT 582 – Winter 2004 Robin Burke. Discussion.

Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.

Network Security – Part 2 (Continued) Lecture Notes for May 8, 2006 V.T. Raja, Ph.D., Oregon State University.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.

10/1/2015 9:38:06 AM1AIIS. OUTLINE Introduction Goals In Cryptography Secrete Key Cryptography Public Key Cryptograpgy Digital Signatures 2 10/1/2015.

Security.  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.

Symmetric versus Asymmetric Cryptography. Why is it worth presenting cryptography? Top concern in security Fundamental knowledge in computer security.

Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.

Cryptography, Authentication and Digital Signatures

E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.

Public-Key Cryptography CS110 Fall Conventional Encryption.

Review of basic cryptographically algorithm Asymmetric encoding (Private and Public Keys), Hash Function, Digital Signatures and Certification.

David Evans CS200: Computer Science University of Virginia Computer Science Class 36: Public-Key Cryptography If you want.

CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1

Dr. Susan Al Naqshbandi The word “Cryptography” is derived from Greek words κρυπτός kryptós meaning “hidden” and γράφω gráfo meaning.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 50 Cryptography, Privacy, and Digital Certificates.

Chapter 15: Electronic Mail Security

Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.

1 Information Security Practice I Lab 5. 2 Cryptography and security Cryptography is the science of using mathematics to encrypt and decrypt data.

Encryption. What is Encryption? Encryption is the process of converting plain text into cipher text, with the goal of making the text unreadable.

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

What is Digital Signature Building confidentiality and trust into networked transactions. Kishankant Yadav

Security fundamentals Topic 4 Encryption. Agenda Using encryption Cryptography Symmetric encryption Hash functions Public key encryption Applying cryptography.

Encryption Basics Module 7 Section 2. History of Encryption Secret - NSA National Security Agency –has powerful computers - break codes –monitors all.

BZUPAGES.COM Cryptography Cryptography is the technique of converting a message into unintelligible or non-understandable form such that even if some unauthorized.

Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.

Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.

M2 Encryption techniques Gladys Nzita-Mak. What is encryption? Encryption is the method of having information such as text being converted into a format.

Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.

CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.

Unit 3 Section 6.4: Internet Security

Topic 1: Data, information, knowledge and processing

Fluency with Information Technology Lawrence Snyder

10/7/2019 Created by Omeed Mustafa 1 st Semester M.Sc (Computer Science department) Cyber-Security.

Presentation transcript:

Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does it work?

Electronic Commerce School of Library and Information Science IV. PGP and cryptography What is encryption? Oesday isthay ountcay? Ps uijt? Encryption is a method for protecting information by making it as difficult as possible to read or view Why encrypt? Privacy Authentication Integrity Availability

Electronic Commerce School of Library and Information Science Plain text Cipher text Blah Blah Blah xdffhliouse345 fjged09e5fjsks qwfnxpdifuw0 awdbczoksrya aaksjhaswe4u fdnaweaa2wfs awrkjsfya38yf kpo80sdw304v Key Encryption Decryption The key uses a mathematical algorithm to transform plaintext into ciphertext and back again The basis of cryptography

Electronic Commerce School of Library and Information Science Cryptographic systems There are two kinds of cryptosystems: symmetric and asymmetric Symmetric cryptosystems use the same key (the secret key) to encrypt and decrypt a message Asymmetric cryptosystems use one key (the public key) to encrypt a message and a different key (the private key) to decrypt it These cryptosystems are also called “public key” cryptosystems

Electronic Commerce School of Library and Information Science

Electronic Commerce School of Library and Information Science Symmetric cryptography (single or private key encryption) ~Two people agree on using a system* ~They agree to use a key ~ A takes a plaintext message, encrypts it with the system and the key ~A sends the ciphertext message to “ B ~B decrypts the message with the same system and key * Listen in on the agreement Attack by interception

Electronic Commerce School of Library and Information Science

Electronic Commerce School of Library and Information Science Asymmetric, or public-key cryptography is more secure It uses two keys, which are the property of people, not documents Public key This key is shared with the world It is used to encrypt messages but should not be used to decrypt them (with one exception) Private key This is your private key and should not be shared It is used to decrypt messages and should not be used for encryption (with one exception)

Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does it work?

Electronic Commerce School of Library and Information Science PGP, created by Phil Zimmermann, is a good example of public key cryptography It gives you privacy by allowing you to encrypt your files and so that nobody can read them except the people you choose PGP allows you to create a digital signature on your files and A digital signature allows a reader to verify that it was you who wrote the and that the has not been altered

Electronic Commerce School of Library and Information Science PGP is basically used for 3 things 1. Encrypting a message or file so that only the recipient can decrypt and read it The sender, by signing, guarantees to the recipient, that the message or file must have come from the sender and not an impostor 2. Clear signing a plain text message guarantees that it can only have come from the sender and not an impostor In a plain text message, text is readable by anyone, but a PGP signature is attached

Electronic Commerce School of Library and Information Science 3. Encrypting computer files so that they can't be decrypted by anyone other than the person who encrypted them PGP uses public and private keys Public keys are kept in individual key certificates These include the owner ’ s user ID (the person ’ s name), a timestamp of when the key pair was generated, and the actual key “ certificate ”

Electronic Commerce School of Library and Information Science Secret key certificates contain the secret key “ certificate ” Each secret key is also encrypted with its own password, in case it gets stolen A key file, or key ring contains one or more of these key certificates Public key rings contain public key certificates Secret key rings contain secret key certificates

Electronic Commerce School of Library and Information Science The keys are symmetrical and are generated from the same algorithm They are distinct Knowing the public key tells you nothing about the private key Anyone can slip a message under my door... Only I can use my key to open the door to get the message So long as I keep the key securely, no one has access to the message

Electronic Commerce School of Library and Information Science Using public key cryptography 1. A and B agree on a public key crypto system 2. B sends A her public key 3. A encrypts with B ’ s public key and sends the message to B 4. B decrypts the message using her private key Or: 1. A gets B ’ s public key from a secure database 2. A encrypts the message with B ’ s key and sends the message to B 3. B decrypts the message using her private key

Electronic Commerce School of Library and Information Science Blah A uses B ’ s public key B uses her secret key Encryption algorithm Decryption algorithm albhlabl BalhHbla albhhbla bahlBlah Encrypted message Public Key Encryption to produce to read Decrypted message

Electronic Commerce School of Library and Information Science Public key cryptography is strengthened by using a “ digital signature ” This allows “ digital authentication ” “ Non-reputiability ” is allows the receiver to verify that the sender actually sent the message This uses the exception mentioned earlier The private key is used to encrypt the digital signature The public key is used to decrypt the digital signature

Electronic Commerce School of Library and Information Science Simple form 1. A uses her private key to encrypt her signature 2. B uses A ’ s public key to decrypt the signature A more realistic version: 1. A creates a message and encrypts her signature with her private key 2. A encrypts the message and signature with B ’ s public key and sends it to B 3. B decrypts the message with her private key 4. B decrypts A ’ s signature using A ’ s public key, verifying the message

Electronic Commerce School of Library and Information Science A more secure version: 1. A signs a message with her private key, encrypts it with her public key and sends it to B 2. B decrypts with her private key and verifies the signature with A ’ s public key 3. B signs the same message with her private key, encrypts it with A ’ s public key and sends it back to A 4. A decrypts it with her private key and verifies B ’ s signature with B ’ s public key 5. If the message A has is the same one she sent, she knows B received it This can be used to sign digital contracts! Now, on to PGP