Presentation is loading. Please wait.

Presentation is loading. Please wait.

Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does.

Published byGeorge Stone Modified over 8 years ago

Similar presentations

Presentation on theme: "Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does."— Presentation transcript:

1 Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does it work?

2 Electronic Commerce School of Library and Information Science IV. PGP and cryptography What is encryption? Oesday isthay ountcay? Ps uijt? Encryption is a method for protecting information by making it as difficult as possible to read or view Why encrypt? Privacy Authentication Integrity Availability

3 Electronic Commerce School of Library and Information Science Plain text Cipher text Blah Blah Blah xdffhliouse345 fjged09e5fjsks qwfnxpdifuw0 awdbczoksrya aaksjhaswe4u fdnaweaa2wfs awrkjsfya38yf kpo80sdw304v Key Encryption Decryption The key uses a mathematical algorithm to transform plaintext into ciphertext and back again The basis of cryptography

4 Electronic Commerce School of Library and Information Science Cryptographic systems There are two kinds of cryptosystems: symmetric and asymmetric Symmetric cryptosystems use the same key (the secret key) to encrypt and decrypt a message Asymmetric cryptosystems use one key (the public key) to encrypt a message and a different key (the private key) to decrypt it These cryptosystems are also called “public key” cryptosystems

5 Electronic Commerce School of Library and Information Science http://www.certicom.com/ecc/wecc1.htm

6 Electronic Commerce School of Library and Information Science Symmetric cryptography (single or private key encryption) ~Two people agree on using a system* ~They agree to use a key ~ A takes a plaintext message, encrypts it with the system and the key ~A sends the ciphertext message to “ B ” @ ~B decrypts the message with the same system and key * Listen in on the agreement discussion @ Attack by interception

7 Electronic Commerce School of Library and Information Science http://www.certicom.com/ecc/wecc1.htm

8 Electronic Commerce School of Library and Information Science Asymmetric, or public-key cryptography is more secure It uses two keys, which are the property of people, not documents Public key This key is shared with the world It is used to encrypt messages but should not be used to decrypt them (with one exception) Private key This is your private key and should not be shared It is used to decrypt messages and should not be used for encryption (with one exception)

9 Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does it work?

10 Electronic Commerce School of Library and Information Science PGP, created by Phil Zimmermann, is a good example of public key cryptography It gives you privacy by allowing you to encrypt your files and email so that nobody can read them except the people you choose PGP allows you to create a digital signature on your files and email A digital signature allows a reader to verify that it was you who wrote the email and that the email has not been altered

11 Electronic Commerce School of Library and Information Science PGP is basically used for 3 things 1. Encrypting a message or file so that only the recipient can decrypt and read it The sender, by signing, guarantees to the recipient, that the message or file must have come from the sender and not an impostor 2. Clear signing a plain text message guarantees that it can only have come from the sender and not an impostor In a plain text message, text is readable by anyone, but a PGP signature is attached

12 Electronic Commerce School of Library and Information Science 3. Encrypting computer files so that they can't be decrypted by anyone other than the person who encrypted them PGP uses public and private keys Public keys are kept in individual key certificates These include the owner ’ s user ID (the person ’ s name), a timestamp of when the key pair was generated, and the actual key “ certificate ”

13 Electronic Commerce School of Library and Information Science Secret key certificates contain the secret key “ certificate ” Each secret key is also encrypted with its own password, in case it gets stolen A key file, or key ring contains one or more of these key certificates Public key rings contain public key certificates Secret key rings contain secret key certificates

14 Electronic Commerce School of Library and Information Science The keys are symmetrical and are generated from the same algorithm They are distinct Knowing the public key tells you nothing about the private key Anyone can slip a message under my door... Only I can use my key to open the door to get the message So long as I keep the key securely, no one has access to the message

15 Electronic Commerce School of Library and Information Science Using public key cryptography 1. A and B agree on a public key crypto system 2. B sends A her public key 3. A encrypts with B ’ s public key and sends the message to B 4. B decrypts the message using her private key Or: 1. A gets B ’ s public key from a secure database 2. A encrypts the message with B ’ s key and sends the message to B 3. B decrypts the message using her private key

16 Electronic Commerce School of Library and Information Science Blah A uses B ’ s public key B uses her secret key Encryption algorithm Decryption algorithm albhlabl BalhHbla albhhbla bahlBlah Encrypted message Public Key Encryption to produce to read Decrypted message

17 Electronic Commerce School of Library and Information Science Public key cryptography is strengthened by using a “ digital signature ” This allows “ digital authentication ” “ Non-reputiability ” is allows the receiver to verify that the sender actually sent the message This uses the exception mentioned earlier The private key is used to encrypt the digital signature The public key is used to decrypt the digital signature

18 Electronic Commerce School of Library and Information Science Simple form 1. A uses her private key to encrypt her signature 2. B uses A ’ s public key to decrypt the signature A more realistic version: 1. A creates a message and encrypts her signature with her private key 2. A encrypts the message and signature with B ’ s public key and sends it to B 3. B decrypts the message with her private key 4. B decrypts A ’ s signature using A ’ s public key, verifying the message

19 Electronic Commerce School of Library and Information Science A more secure version: 1. A signs a message with her private key, encrypts it with her public key and sends it to B 2. B decrypts with her private key and verifies the signature with A ’ s public key 3. B signs the same message with her private key, encrypts it with A ’ s public key and sends it back to A 4. A decrypts it with her private key and verifies B ’ s signature with B ’ s public key 5. If the message A has is the same one she sent, she knows B received it This can be used to sign digital contracts! Now, on to PGP

Download ppt "Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does."

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
CIS 193A – Lesson6 CRYPTOGRAPHY RAPELCGRQ. CIS 193A – Lesson6 Focus Question Which cryptographic methods help computer users maintain confidentiality,

CIS 193A – Lesson6 CRYPTOGRAPHY RAPELCGRQ. CIS 193A – Lesson6 Focus Question Which cryptographic methods help computer users maintain confidentiality,
Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing.

Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing.
Cryptography. 2 Objectives Explain common terms used in the field of cryptography Outline what mechanisms constitute a strong cryptosystem Demonstrate.

Cryptography. 2 Objectives Explain common terms used in the field of cryptography Outline what mechanisms constitute a strong cryptosystem Demonstrate.
Pretty Good Privacy (PGP). How PGP works PGP uses both public-key cryptography and symmetric key cryptography, and includes a system which binds the public.

Pretty Good Privacy (PGP). How PGP works PGP uses both public-key cryptography and symmetric key cryptography, and includes a system which binds the public.
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
CC3.12 Erdal KOSE Privacy & Digital Security Encryption.

CC3.12 Erdal KOSE Privacy & Digital Security Encryption.
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Cryptographic Technologies

Cryptographic Technologies
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.

Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.
Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)

Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)
Encryption Methods By: Michael A. Scott 20140508.

Encryption Methods By: Michael A. Scott
Cryptographic Security Cryptographic Mechanisms 1Mesbah Islam– Operating Systems.

Cryptographic Security Cryptographic Mechanisms 1Mesbah Islam– Operating Systems.
Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.

Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.

Similar presentations

Ads by Google