Presentation is loading. Please wait.

Presentation is loading. Please wait.

MM Clements Cryptography. Last Week....... Firewalls A firewall cannot protect against poor server, client or network configuration A firewall cannot.

Published byMolly Jennings Modified over 8 years ago

Similar presentations

Presentation on theme: "MM Clements Cryptography. Last Week....... Firewalls A firewall cannot protect against poor server, client or network configuration A firewall cannot."— Presentation transcript:

1 MM Clements Cryptography

2 Last Week....... Firewalls A firewall cannot protect against poor server, client or network configuration A firewall cannot configure itself, or prevent the firewall administrator from configuring it badly A firewall should be considered as part of a network security solution, not as the network security solution 2 ENS

3 This week - Cryptography The purpose of cryptography History of cryptography Types of algorithms in cryptography Security requirements Message digests Digital Signatures & Certificates Authentication, non-repudiation 3 ENS

4 Why use cryptography? Privacy of information Industrial information – recipes of bakers were once encrypted Military information – strategies etc. Computer records need to be kept safe Banking and other financial information ENS 4

5 History of cryptography c. 1900 BC non-standard hieroglyphs used in Egypt Used by Greeks, Romans and many other civilizations to keep military information secret Mathematician Al-Kindi wrote a book on cryptography in 9 th century Rotor machines e.g. Enigma used in WW2 by Germans Computers made complex cryptography possible ENS 5

6 Security Requirements Authentication: Am I who I say I am? Privacy/confidentiality: Nobody can read the message except the intended receiver Integrity: The received message has not been changed Non-repudiation: Proof that the message has been sent (or received) ENS 6

7 Algorithms in cryptography Generally three types of cryptographic schemes – Secret key (or symmetric) cryptography – Public-key (or asymmetric) cryptography – Hash functions Start with plaintext, encrypted into ciphertext then decrypted to plaintext at the destination ENS 7

8 Bob, Alice and Eve Cryptography uses Bob and Alice as examples Helps when describing processes Bob wants to send a message to Alice over an insecure channel, how does he do this? Eve is the eavesdropper ENS 8

9 9 http://www.garykessler.net/library/images/crypto_types.gif

10 Secret Key Cryptography Symmetric encryption This is a system where an algorithm is used to convert text into ciphertext and at the receiver, the same algorithm is used in reverse to recover the original message Simple example is substitution cipher where different letters are used to represent letters of the alphabet ENS 10

11 A Substitution Cipher ENS 11

12 Breaking Ciphers Done using frequency analysis Letters are used more frequently in any particular language. Letters appear together in pairs and have frequencies too See resources for this week for an example ENS 12

13 Problems with Symmetric Cryptography Both users need the same key If users are remote, how do we send keys? Analogue methods may need to be used e.g. a courier ENS 13

14 Symmetric Cryptography Operation Generally either stream ciphers or block ciphers Stream ciphers encrypt a single bit (byte or computer word) at a time and implement some form of feedback mechanism so that the key is constantly changing Block ciphers encrypt one block of data at a time using the same key on each block Work very well and quickly on today’s hardware ENS 14

15 Symmetric Technologies DES, replaced by 3DES (triple DES) Advanced Encryption Standard (AES) International Data Encryption Algorithm (IDEA) Rivest Ciphers, RC1 – RC6 Blowfish Twofish Etc. ENS 15

16 Public or Asymmetric Key Cryptography The principles of public key cryptography (PKC) were first invented by James Ellis, Clifford Cocks and Malcolm Williamson at GCHQ in the early 1970s – Classified by British Government until 1997 – See http://cryptome.org/ukpk-alt.htmhttp://cryptome.org/ukpk-alt.htm Uses two keys, a public key and a private key Can publish the encryption key Decryption key is kept secret Now there is no need to distribute the decryption key – problem solved ENS 16

17 ENS 17

18 Publishing of Public-Key Research Martin Hellman and graduate student Whitfield Diffie published their work in 1976 Public-Key (PK) Relies on one-way functions Multiplication vs. Factorization I have two numbers 5 and 12. Their product is 60 (5 x 12 = 60) If I give you the answer, how long will it take you to discover the initial numbers 5 & 12? ENS 18

19 PK Cryptography Implementation RSA: The first, and still most common Diffie-Hellman Digital Signature Algorithm (DSA) ElGamal Unfortunately, PKC does not work very quickly so is used to pass the keys for symmetric encryption rather than passing messages ENS 19

20 PK Cryptography Keys Keys are mathematically related Knowledge of one key does not allow Eve to discover the second key Knowledge of the ciphertext plus one key will not allow Eve to discover the second key It does not matter which key is used first One is public, the other becomes private key ENS 20

21 Uses of PKC – non-repudiation This method could be also used to prove who sent a message Alice can encrypt some plaintext with her private key Bob decrypts using Alice's public key Bob knows that Alice sent the message and Alice cannot deny having sent the message (non- repudiation). ENS 21

22 Hash Functions Also called message digests and one-way encryption Uses no key A fixed-length hash value is computed from the plaintext Cannot recover plaintext but provides digital fingerprint to show file has not been altered in any way ENS 22

23 Uses of Hashing Operating systems often store a hashed version of a password to keep password hidden When a user logs in, the hashed password is compared against the stored hash ENS 23

24 Hash Implementations MD algorithms – MD2, MD4, MD5 Secure Hash Algorithm (SHA) RIPEMD HAVAL (HAsh of VAriable Length) Etc. ENS 24

25 ENS 25 http://www.garykessler.net/library/images/crypto_3ways.gif

26 Hybrid use of techniques Can now create digital signature and digital envelope Digital envelope comprises an encrypted message and an encrypted session key Alice uses secret key cryptography to encrypt her message using the session key Alice then encrypts the session key using Bob's public key This becomes the digital envelope Bob is able to decrypt firstly the session key and then the encrypted message ENS 26

27 Digital Signature Alice creates a hash value of her message Alice encrypts the hash value with her private key Bob recovers the hash value with Alice’s public key Bob uses the hash algorithm to check the hash values are the same for the received message and Alice’s hash value ENS 27

28 Public Key Certificates Allows public keys to be shared Allows revocation in case of compromise Certificate contains a public key, a name, an expiration date, the name of the authority that issued the certificate Typically found in browsers Certificate authorities are the repositories for public-keys and can be any agency that issues certificates ENS 28

29 ENS 29

30 Conclusion Three main methods for cryptography Symmetric, asymmetric, hash Used in unique combinations Allow Bob and Alice to communicate without Eve knowing ENS 30

31 References Kessler, G, 1998, An Overview of Cryptography, Handbook on Local Area Networks, Auerbach ENS 31

32 Image References http://www.digitalcomputersecurity.com/Encryption/asymmetric.html accessed 07/02/2011 10:31 http://www.digitalcomputersecurity.com/Encryption/asymmetric.html accessed 07/02/2011 10:31 http://skeptisys.files.wordpress.com/2008/04/qqxsge-mail-privacy.gif 07/02/2011 10:33 http://skeptisys.files.wordpress.com/2008/04/qqxsge-mail-privacy.gif 07/02/2011 10:33 http://www.tech-faq.com/wp- content/uploads/images/Authentication.jpg 07/02/2011 10:35 http://www.tech-faq.com/wp- content/uploads/images/Authentication.jpg 07/02/2011 10:35 http://1.bp.blogspot.com/_7ZAZR4FHNV0/TRqhRxKp1DI/AAAAAAAA AbU/ZMyxfVCSVAo/s1600/symmetric_key.gif 07/02/2011 10:51 http://1.bp.blogspot.com/_7ZAZR4FHNV0/TRqhRxKp1DI/AAAAAAAA AbU/ZMyxfVCSVAo/s1600/symmetric_key.gif 07/02/2011 10:51 http://static.tvtropes.org/pmwiki/pub/images/0.jpg 07/02/2011 11:30 http://mindlessones.com/wp-content/uploads/2009/03/interlac.jpg 07/02/2011 11:39 http://mindlessones.com/wp-content/uploads/2009/03/interlac.jpg ENS 32

Download ppt "MM Clements Cryptography. Last Week....... Firewalls A firewall cannot protect against poor server, client or network configuration A firewall cannot."

Similar presentations

Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
Information Security & Cryptographic Principles. Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction.

Information Security & Cryptographic Principles. Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Cryptography Basic (cont)

Cryptography Basic (cont)
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.

Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.
Cryptography April 20, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.

Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
Encryption Methods By: Michael A. Scott 20140508.

Encryption Methods By: Michael A. Scott
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Cryptographic Security Cryptographic Mechanisms 1Mesbah Islam– Operating Systems.

Cryptographic Security Cryptographic Mechanisms 1Mesbah Islam– Operating Systems.
Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.

Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.
Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.

Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.
1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.

1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.
Sorting Out Digital Certificates Bill blog.codingoutloud.com ··· Boston Azure ··· 13·Dec·2012 ···

Sorting Out Digital Certificates Bill blog.codingoutloud.com ··· Boston Azure ··· 13·Dec·2012 ···

Similar presentations

Ads by Google