Presentation is loading. Please wait.

Presentation is loading. Please wait.

CHAPTER 6 Cryptography. An Overview It is origin from the Greek word kruptos which means hidden. The objective is to hide information so that only the.

Published byLenard Daniels Modified over 8 years ago

Similar presentations

Presentation on theme: "CHAPTER 6 Cryptography. An Overview It is origin from the Greek word kruptos which means hidden. The objective is to hide information so that only the."— Presentation transcript:

1 CHAPTER 6 Cryptography

2 An Overview It is origin from the Greek word kruptos which means hidden. The objective is to hide information so that only the intended recipient can unhide it. The hiding of information is called encryption and the unhidden of information is called decryption. A cipher is used to accomplish encryption and decryption. A cipher is a method of transforming a text in order to conceal its meaning.

3 An Overview The information that is being hidden is called plaintext and the information that has been encrypted is called ciphertext.

4 Encryption Key Types Cryptography uses two types of keys: symmetric and asymmetric. Symmetric A single key is used for both encryption and decryption of ciphertext. This type of key is called secret key because it must be kept secret from anyone. Problems 1. How to make sure the sender and receiver each have the same key. 2. The recipient does not have the same key to decrypt the ciphertext sent by the sender.

5 Encryption Key Types Asymmetric In asymmetric, two different keys are used: one for encryption and one for decryption. These two key are called public key and private key, respectively.

6 Algorithms Symmetric Algorithms This algorithm use a single key. There are two popular kinds of symmetric algorithms: DES (Data Encryption Standard) and IDEA (International Data Encryption Algorithm). DES It was first developed by IBM in 1974 with the name Lucifer. It is a block cipher meaning that it works on blocks of data.

7 Algorithms The key is 64 bits length, however, only 56 bits are actually used and are called active key. The other 8 bits are used for parity. DES uses two different techniques: substitution and transportation (also known as confusion and diffusion, respectively). There are several variations of DES have been created to help protect the integrity of the ciphertext. The two variations are 3DES (uses multiple keys) and DESX (uses 64 bits of additional key).

8 Algorithms IDEA It uses a 128-bit key and operates on a 64-bit plaintext block. There are several different symmetric algorithms available today such as Blowfish, RC2, RC4 and CAST (Carlisle, Adams and Stafford Tavares). Asymmetric Algorithms Asymmetric algorithms use multiple keys called public and private. There are two popular algorithms: Diffie- Hellman and RSA (Rivest, Shamir, Adleman).

9 Algorithms Diffie-Hellman It uses a key pair that public key is used to encode a message and private key is used to decode the message. It is very difficult to derive the corresponding private key, if the keys are of sufficient length. DH is commonly called a key exchange mechanism as it is used to exchange a secret key over insecure medium, such as Internet. RSA RSA is used for both encryption and authentication and is widely used.

10 Cryptography Problems MITM Attack DH is vulnerable to man-in-the-middle (MITM) attacks. The attacker can change the public and private key into one key. This happens because the DH exchange is totally anonymous. A method to prevent this type of attack is to use some sort of authentication such as digital signatures.

11 Cryptography Problems Secret Storage This problem can occur when storing the secret somewhere that can easily be attacked. In this case it doesn’t matter using 3DES, as long as the key is stored somewhere can be attacked. Universal Secret This problem happens where products containing cryptography are allowed to talk to each other without having to exchange authenticated session keys, for example, in DVD and DSS cryptography.

12 Entropy Entropy is a process of degradation or running down or a trend to disorder. The relevant of cryptography is it doesn’t matter how good of an algorithms implemented in an application if a poor password is picked by a human. It can happens when relying on passwords or passphrases of the end user even the applications use strong cryptographic algorithms. There are two software could have problem with entropy, PGP or Steganos II Security Suite.

13 Brute Force Introduction A primitive programming style, in which programmer relies on the computer’s processing power instead of using their intelligence to simplify the problems. In cryptography, it means, the programmer try every possible key combination within the key space until they find the correct one in order to attack the system. There are some software that can perform brute force, for example, L0phtCrack, Crack and John the Ripper.

14 Brute Force L0phtCrack This is a Windows NT password auditing tool and a commercial software. It provides mechanisms for retrieving the passwords from the hashes and has brute force capabilities. Crack This is a password-guessing program for UNIX systems. Crack can test for common variants that people use, who think they are picking more secure passwords.

15 Brute Force Crack 7, one of the crack variation, is a brute force password cracker that can be used if dictionary-based fails. John the Ripper This is primarily a UNIX password-cracking program. It differs from Crack because it can be run not only UNIX systems, but also Windows NT/9x and DOS. It supports brute force but it calls it incremental mode – MODE is replaced with a word you want to use when starting John the Ripper.

16 Brute Force Distributed.net Distributed.net was dedicated to the advancement of distributing processing. Distributing processing is harnessing the unused CPU cycles of computers all over the world in order to work on a specific task or problem. It concentrated their efforts on breaking cryptography algorithms by using computers around the world to tackle a portion of the problem. So far, it has been successful in cracking DES.

17 Brute Force Deep Crack This is a special hardware that used together with Distributed.net. Deep crack consist of six cabinets that house 29 circuit boards.

18 Cryptanalysis Cryptanalysis is the process of attacking cryptography that can be done by the person who is very expert in cryptography. It can stand up to several years to become expert in attack and analysis. There are two kind of cryptanalysis techniques: differential cryptanalysis and side-channel attack. Differential Cryptanalysis The basic idea is that by knowing the plaintext through a DES encryption and then examining the ciphertext, attacker can calculate the key.

19 Real Cryptanalysis Side-Channel Attack A side-channel attack is an attack against a particular implementation of a crypto algorithm, not the algorithm. Particular implement might be called embodiment because these attacks against the hardware the algorithm is living in.

Download ppt "CHAPTER 6 Cryptography. An Overview It is origin from the Greek word kruptos which means hidden. The objective is to hide information so that only the."

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Cryptography Ch-1 prepared by: Diwan.

Cryptography Ch-1 prepared by: Diwan.
Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.

Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
Cryptography. 2 Objectives Explain common terms used in the field of cryptography Outline what mechanisms constitute a strong cryptosystem Demonstrate.

Cryptography. 2 Objectives Explain common terms used in the field of cryptography Outline what mechanisms constitute a strong cryptosystem Demonstrate.
Cryptography Basic (cont)

Cryptography Basic (cont)
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptographic Technologies

Cryptographic Technologies
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Cryptography April 20, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.

8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,

Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.

Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.

Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.
Public Key Model 8. Cryptography part 2.

Public Key Model 8. Cryptography part 2.
1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.

1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.
Chapter 12 Cryptography (slides edited by Erin Chambers)

Chapter 12 Cryptography (slides edited by Erin Chambers)
Cryptography Week-6.

Cryptography Week-6.
1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.

1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.

Similar presentations

Ads by Google