Presentation is loading. Please wait.

Presentation is loading. Please wait.

Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.

Published byNoah Black Modified over 8 years ago

Similar presentations

Presentation on theme: "Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures."— Presentation transcript:

1 Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures

2 Definitions (Encryption, Decryption, Plaintext, Ciphertext) Symmetric Key Algorithms Public Key Cryptography Cryptography Basics EncryptionDecryption PlaintextCiphertext Original Plaintext EncryptionDecryption PlaintextCiphertext Original Plaintext Key EncryptionDecryption PlaintextCiphertext Original Plaintext Encryption Key Decryption Key

3 Types of cipher Stream cipher –Each bit (or byte) is encrypted or decrypted individually –Simple substitution ciphers (ROT13, XOR) Example - ROT13 –abcdefghijklmnopqrstuvwxyz –nopqrstuvwxyzabcdefghijklm Block cipher –A sequence of bits (or bytes) is used at each step in the encryption and decryption process (DES) rot is insecure ebg vf vafrpher

4 Symmetric Algorithms Substitution (ROT13, Cryptoquotes) Transposition XOR One Time Pad DES IDEA RC2, RC4, RC5 Not the mo st secure algorithm in the wor ld. Nsail otlnd t g sot. terh hcie eut rhw memo o r Not the most secure algorithm in the world. Nsailotlndt g sot.terh hcie eut rhw memo o r

5 Digital Encryption Standard (DES) A block cipher with a 56-bit key length –Acutally a 64-bit number, but every 8th bit is ignored Operates on a 64-bit block of plain text at a time –64 bits of plaintext come in --> 64 bits of ciphertext come out Performs 16 rounds, where in each round –the input bits are permuted –a key is applied to the resulting permutation The key is shifted before each round The same algorithm and key are used for encryption and decryption, with a different key schedule

6 Advanced Encryption Standard (AES) A block cipher with a 128-bit block size Key lengths of 128, 192, and 256 bits supported Operates on a 4x4 array of bytes Each round has four steps: –AddRoundKey (uses XOR operation with subkey) –SubBytes (Each byte is replaced based on a lookup table) –ShiftRows (bytes in each row are shifted to the left) –MixColumns (each column is multiplied by a fixed polynomial)

7 Public Key Cryptography A public key - private key pair are used, one for encryption and the other for decryption Public Key: n - product of two primes, p and q (p and q are secret) e - relatively prime to (p-1)(q-1) Private Key: d - e -1 mod ((p-1)(q-1)) Encrypting: c = m e mod n Decrypting: m = c d mod n

8 Let p=3, q=11 n=pq=33 e must be relatively prime to (p-1)(q-1)=20 choose e = 7, then d = 7 -1 mod 20 = 3 Plaintext is 3,4,2 (m 1 =3, m 2 =4, m 3 =2) c 1 =m 1 e mod n = 3 7 mod 33 = 9 c2 = m 2 e mod n = 4 7 mod 33 = 15 c3 = m 3 e mod n = 2 7 mod 33 = 29 Ciphertext is 9,15,29 m 1 =c 1 d mod n = 9 3 mod 33 = 3 m 2 =c 2 d mod n = 15 3 mod 33 = 4 m 3 =c 3 d mod n = 29 3 mod 33 = 2 Plaintext is 3,4,2

9 Message Digests A message digest is a one-way function which maps the information contained in a (small or large) file to a single large number, typically between 128 bits and 256 bits in length. A good message digest function should have the following properties: –Every bit of the output is influenced by every bit of the input –Changing a single bit in the input results in every output bit having a 50% chance of changing –Given an input file, its corresponding digest, and the digest function, it is computationally infeasible to produce another input file which maps to the same digest

10 Message Digest Algorithm Hash Block Cipher Message Authentication Code MACMessage Secret Key Operation of a message digest function to produce a message authentication code

11 Message Digests (continued) HMAC The Hashed Message Authentication Code uses a secret key in combination with a message digest function to produce a secret message authentication code Since an attacker doesn’t know the secret, the attacker cannot produce a correct authentication code if they alter the message in an way SHA-1 Developed by the NSA for use with the Digital Signature Standard

12 Private Key Message Hash Function Digest Encrypt Signature Message Signature Hash Function Decrypt Public Key Message Actual Digest Expected Digest If actual and expected match, the signature is verified OriginatorRecipientTransmitted Message RSA Digital Signature

13 Roles for Cryptography Authentication –Digital signatures Authorization –Distribution of lists of authorized users Confidentiality –Information is scrambled in transit or on disk Integrity –Digitally signed message digest codes Non-repudiation –Cryptographic receipts

14 Cryptography can’t: protect unencrypted documents protect against stolen encryption keys protect against DOS (denial of service) protect against traffic analysis protect against a passerby

15 SSL Resides above TCP/IP on the protocol stack Adds numerous features to TCP, including –Authentication to server (digital signature) –Authentication to client (digital signature) –Data confidentiality (encryption) –Data integrity (Message authentication codes)

Download ppt "Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures."

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Lecture 7 Overview. Advanced Encryption Standard 10, 12, 14 rounds for 128, 192, 256 bit keys – Regular Rounds (9, 11, 13) – Final Round is different.

Lecture 7 Overview. Advanced Encryption Standard 10, 12, 14 rounds for 128, 192, 256 bit keys – Regular Rounds (9, 11, 13) – Final Round is different.
MAC Raushan. DES simple fiestel network 3131 PlainText Blocks 2*4=8bits 31 f f =0011 xor 0011=0000 = 0 f(r,k)=(2*r+k^2)%8 f(1,5)=(2*1+5^2)%8=3 xor 3 3.

MAC Raushan. DES simple fiestel network 3131 PlainText Blocks 2*4=8bits 31 f f =0011 xor 0011=0000 = 0 f(r,k)=(2*r+k^2)%8 f(1,5)=(2*1+5^2)%8=3 xor 3 3.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.

Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
 Stream ciphers o Encrypt chars/bits one at a time o Assume XOR w the key, need long key to be secure  Keystream generators (pseudo-random key) o Synchronous.

 Stream ciphers o Encrypt chars/bits one at a time o Assume XOR w the key, need long key to be secure  Keystream generators (pseudo-random key) o Synchronous.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Chapter 5 Cryptography Protecting principals communication in systems.

Chapter 5 Cryptography Protecting principals communication in systems.
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.

ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.

How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Cryptography April 20, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Lecture 13 Message Signing

Lecture 13 Message Signing

Similar presentations

Ads by Google