Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Systems Security

Published byBaldric Sharp Modified over 8 years ago

Similar presentations

Presentation on theme: "Information Systems Security"— Presentation transcript:

1 Information Systems Security
Introduction to Cryptography

2 What is Cryptography It is an applied branch of mathematics
It is used to provide Confidentiality Integrity Authentication Authorization Non-repudiation

3 Why Cryptography Encrypting data against disclosure, modification
Signing data against modification, repudiation To provide security for eCommerce

4 Application area Storing data encrypted Transmitting data securely
Even access would not lead to disclosure Transmitting data securely Prevent eavesdropping Identifying your partner Prevent man in the middle attack Proof of identity Avoiding impersonation

5 Terms used Encryption Decryption Plaintext Cipher text
The process of encoding a message so that the meaning is not obvious Decryption The reverse process of encryption Plaintext The original form of the message Cipher text The disguised (encrypted) text

6 Terms used C = E(P) P = D(C) P = D(E(P)) P – plaintext C – cipher text
E – encryption algorithm D – decryption algorithm C = E(P) P = D(C) P = D(E(P))

7 Terms used C = EK(P) P = DK(C) P = DK(EK(P))
The encryption process involves An algorithm – mostly public A key – must be private C = EK(P) P = DK(C) P = DK(EK(P))

8 Software components Hash functions: handling the whole document takes too long Encryption/decryption: same algorithm for symmetric but different for asymmetric and signature Signature: combine a document with a private key Key agreement: creating a shared secret Key generation: creating secure keys

9 Classification of Cryptographic Systems
The way the plaintext is processed Block cipher Stream cipher Type of operations performed Substitution Transposition Number of keys used Symmetric Asymmetric

10 Block encryption Data divided into fixed size blocks and symmetric encryption worked on them one at a time (e.g. 64 bits in 64 bits out) Main method is substitution and permutation by using S-boxes Early block cipher: Playfair Present block cipher: DES, AES

11 Stream encryption Symmetric encryption done on the bit stream (1 bit in, 1 bit out) The usual method is to use symmetric encryption in chain mode (cipher block chaining) where the previous cipher block is XOR to next plaintext block Early stream cipher: Vigerene Present stream cipher: RC4

12 Classical techniques - Substitution
Substitute a character, digit or symbol for each character in plaintext Examples Mono alphabetic cipher Caesar cipher Atbash cipher Poly alphabetic cipher Playfair cipher

13 The Caesar cipher - Cryptanalysis
Try all 25 possible keys Use the nature of the plain text Single character occurrences Digrams Trigrams

14 The Caesar cipher – Cryptanalysis Frequency Table of single letters

15 The Caesar cipher – Cryptanalysis Digrams and Trigrams
an, re, er, nt, th, on, in, am, is, to, be, he, we, no, of Trigrams ent, ion, and, the, are, you, she, not

16 Playfair cipher Use a 5 x 5 matrix Use a keyword
Use 2 characters at a time

17 Playfair cipher - rules
Repeating plaintext letters are separated with a filling letter e.g. X Plaintext letters on the same row is replaced by letters right to it Plaintext letters on the same column is replaced by letters beneath it Else, replace plaintext by the corner letters of the rectangle formed by the 2 letters

18 Playfair example Key: PLAYFAIR EXAMPLE P L A Y F 1 R E X M B C D G H J
N O S T U V W Z

19 Playfair example Plain text Hide the gold in the tree stump
Change into capital letters HI DE TH EG OL DI NT HE TR EE ST UM P Check for repeating letters HI DE TH EG OL DI NT HE TR EX ES TU MP Encrypt

20 Playfair example What is the cipher text?
BM ND ZB XD KY BE JV DM UI XM MN UV IF

21 Transposition Change the location of a character Examples
Rail fence cipher Columnar transposition Enigma machine

22 Rail fence cipher Rail fence cipher of 3 rails Cipher text Plain text
we are discovered flee at once Rail fence cipher of 3 rails W..R..I..O..R..F..E..O..E .E..E..S..V..E..L..A..N.. ..A..D..C..E..D..E..T..C. Cipher text WRIORFEOEEESVELANADCEDETC

23 Symmetric encryption Based on a shared secret by the participants and an algorithm The secret is used for both encryption and decryption key To protect the confidentiality of the data Are usually efficient and fast Main weakness is the need for the shared secret

24 Symmetric encryption

25 Asymmetric encryption
Designed to overcome issues relating to key distribution Also offers authenticity 2 keys Public key – known by everyone Private key – known only by owner Keys operate as inverse, one key can decrypt message encrypted by the other

26 Asymmetric encryption

27 Symmetric vs Asymmetric
Number of keys 1 2 Protection Must be secret Public & Private Key distribution Out of band Used to exchange other keys Speed Fast 10,000 times slower Usage Security & integrity of data Key exchange, authentication

28 Hash A hash is a cryptographic one way function that produces a record smaller than the plaintext The plaintext cannot be recovered from the hash and for a good hash function it is impossible for 2 plaintexts to produce the same hash (collision)

29 Hash A hash encrypted by the document signer’s private key can be used as a signature for a document Used to produce Message Authentication Codes (MAC) to verify the integrity of a message

30 Digital signature

31 Algorithms Symmetric Asymmetric Hash Others DES, 3DES, AES
RSA, DSA (only for signature) Hash Sha-1, MD5 Others Diffie-Hellman for key agreement

32 PGP (Pretty Good Privacy)
Designed by Phil Zimmermann for providing cryptographic protection of and file storage Uses the strong cryptographic algorithm Offers Authentication using digital signatures Confidentiality with use of encryption Bytes conversion to ASCII for

33 PGP design philosophy Written for individual technically skilled end users Every user creates and manages their own keys Every user has a freedom to choose whom to trust No administrative organisation or government involved in operation

34 Sending a PGP message

35 Receiving a PGP message

Download ppt "Information Systems Security"

Similar presentations

CLASSICAL ENCRYPTION TECHNIQUES

CLASSICAL ENCRYPTION TECHNIQUES
Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.

Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.

Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
BITS Pilani Crypto Make-Up #1 Regular Session #2.

BITS Pilani Crypto Make-Up #1 Regular Session #2.
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
CC3.12 Erdal KOSE Privacy & Digital Security Encryption.

CC3.12 Erdal KOSE Privacy & Digital Security Encryption.
Cryptography Basic (cont)

Cryptography Basic (cont)
Chapter 5 Cryptography Protecting principals communication in systems.

Chapter 5 Cryptography Protecting principals communication in systems.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptographic Technologies

Cryptographic Technologies
Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.

Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.

ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
Computer Science CSC 774Dr. Peng Ning1 CSC 774 Advanced Network Security Topic 2. Review of Cryptographic Techniques.

Computer Science CSC 774Dr. Peng Ning1 CSC 774 Advanced Network Security Topic 2. Review of Cryptographic Techniques.
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.

Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.

Similar presentations

Ads by Google