Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Overview and Basic Concepts Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus -

Slides:

Advertisements

Similar presentations

Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.

Advertisements

CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

Cryptography The science of writing in secret code.

Cryptography. 2 Objectives Explain common terms used in the field of cryptography Outline what mechanisms constitute a strong cryptosystem Demonstrate.

Cryptography in World War II Jefferson Institute for Lifelong Learning at UVa Spring 2006 David Evans Class 4: Modern Cryptography

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

Cryptographic Technologies

Introduction to Signcryption November 22, /11/2004 Signcryption Public Key (PK) Cryptography Discovering Public Key (PK) cryptography has made.

Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from , semester’s past and others.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

CS426Fall 2010/Lecture 21 Computer Security CS 426 Lecture 2 Cryptography: Terminology & Classic Ciphers.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

ASYMMETRIC CIPHERS.

Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.

Introduction to Public Key Cryptography

Public Key Model 8. Cryptography part 2.

1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.

1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.

1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.

Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward.

© Neeraj Suri EU-NSF ICT March 2006 DEWSNet Dependable Embedded Wired/Wireless Networks MUET Jamshoro Computer Security: Principles and Practice Slides.

1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.

Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)

Cryptography Lecture 1: Introduction Piotr Faliszewski.

Lecture 19 Page 1 CS 111 Online Symmetric Cryptosystems C = E(K,P) P = D(K,C) E() and D() are not necessarily the same operations.

May 2002Patroklos Argyroudis1 A crash course in cryptography and network security Patroklos Argyroudis CITY Liberal Studies.

Cryptography, Authentication and Digital Signatures

CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1

Basic Cryptography 1. What is cryptography? Cryptography is a mathematical method of protecting information –Cryptography is part of, but not equal to,

Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 2 – Cryptographic.

11-Basic Cryptography Dr. John P. Abraham Professor UTPA.

Symmetric Cryptography, Asymmetric Cryptography, and Digital Signatures.

1 Security and Cryptography: basic aspects Ortal Arazi College of Engineering Dept. of Electrical & Computer Engineering The University of Tennessee.

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Encryption No. 1  Seattle Pacific University Encryption: Protecting Your Data While in Transit Kevin Bolding Electrical Engineering Seattle Pacific University.

Copyright 1999 S.D. Personick. All Rights Reserved. Telecommunications Networking II Lecture 41b Cryptography and Its Applications.

CRYPTOGRAPHY & NETWORK SECURITY Introduction and Basic Concepts Eng. Wafaa Kanakri Computer Engineering Umm Al-Qura University.

Lecture 2: Introduction to Cryptography

Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.

Overview of Cryptography & Its Applications

Códigos y Criptografía Francisco Rodríguez Henríquez Códigos y Criptografía Francisco Rodríguez Henríquez CINVESTAV

14-1 Last time Internet Application Security and Privacy Basics of cryptography Symmetric-key encryption.

+ Security. + What is network security? confidentiality: only sender, intended receiver should “understand” message contents sender encrypts message receiver.

Security fundamentals Topic 4 Encryption. Agenda Using encryption Cryptography Symmetric encryption Hash functions Public key encryption Applying cryptography.

CRYPTOGRAPHY PRESENTED BY : NILAY JAYSWAL BRANCH : COMPUTER SCIENCE & ENGINEERING ENTRY NO. : 14BCS033 1.

BZUPAGES.COM Cryptography Cryptography is the technique of converting a message into unintelligible or non-understandable form such that even if some unauthorized.

1.1 Introduction to Cryptography. 1.2 Basic Cryptography Cryptography is a deep mathematical subject. Cryptographic protocols provide a cornerstone for.

Network Security Celia Li Computer Science and Engineering York University.

IT 221: Introduction to Information Security Principles Lecture 5: Message Authentications, Hash Functions and Hash/Mac Algorithms For Educational Purposes.

Encryption Encryption: Transforms Message so that Interceptor Cannot Read it –Plaintext (original message) Not necessarily text; Can be graphics, etc.

Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.

INCS 741: Cryptography Overview and Basic Concepts.

Cryptography services Lecturer: Dr. Peter Soreanu Students: Raed Awad Ahmad Abdalhalim

Computer Security By Rubel Biswas. Introduction History Terms & Definitions Symmetric and Asymmetric Attacks on Cryptosystems Outline.

Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.

People want and need privacy and security while communicating. In the past, cryptography is heavily used for military applications to keep sensitive information.

CIT 380: Securing Computer Systems

Computer Communication & Networks

مروري برالگوريتمهاي رمز متقارن(كليد پنهان)

Security through Encryption

Presentation transcript:

Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Overview and Basic Concepts Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus

Dr. Lo’ai Tawalbeh 2007 Announcements Textbook W. Stallings. Cryptography & Network Security, Third/Fourth Edition, Prentice Hall, 2003/2005. More Information about the Book Prentice Hall Webpage for the Book

Dr. Lo’ai Tawalbeh 2007 Overview of Cryptography & Its Applications Privacy and security are needed in communicating among people In the past, cryptography is heavily used for military applications to keep sensitive information secret from enemies (adversaries). Julius Caesar used a simple shift cipher to communicate with his generals in the battlefield. Nowadays, with the technologic progress as our dependency on electronic systems has increased we need more sophisticated techniques. Cryptography provides most of the methods and techniques for a secure communication

Dr. Lo’ai Tawalbeh 2007 Cryptology: All-inclusive term used for the study of secure communication over non-secure channels and related problems. Cryptography: The process of designing systems to realize secure communications over non-secure channels. Cryptoanalysis: The attempts of breaking the cryptographic systems. Coding Theory: Deals with representing the information using codes. It covers: compression and error-correction. Recently, it is predominantly associated with error-correcting codes which ensures the correct transmissions over noisy-channels. Terminology

Dr. Lo’ai Tawalbeh 2007 The Aspects of Cryptography Modern cryptography heavily depends on mathematics and the usage of digital systems. It is a inter-disciplinary study of basically three fields: Mathematics Computer Science Electrical Engineering Without having a complete understanding of cryptoanalysis (or cryptoanalytic techniques) it is impossible to design good (secure, unbreakable) cryptographic systems. It makes use of other disciplines such as error-correcting codes compression.

Dr. Lo’ai Tawalbeh 2007 Secure Communications Encrypt Decrypt Alice Bob Eve Encryption KeyDecryption Key plaintextciphertext Basic Communication Scenario Enemy or Adversary Oscar Mallory

Dr. Lo’ai Tawalbeh 2007 Eve’s Goals 1.Read the message 2.Figure out the key Alice is using and read all the messages encrypted with that key 3.Modify the content of the message in such a way that Bob will think Alice sent the altered message. 4.Impersonate Alice and communicate with Bob who thinks he is communicating with Alice. Oscar is a passive observer who is trying to perform (1) and (2). Mallory is more active and evil who is trying to perform (3) And (4).

Dr. Lo’ai Tawalbeh 2007 Attack Methods 1.Ciphertext only: Eve has only a copy of ciphertext 2.Known Plaintext: Eve has a copy of ciphertext and the corresponding plaintext and tries the deduce the key. 3.Chosen Plaintext: Eve has temporary access to the encryption machine. She can encrypt large number of plaintexts and use them to deduce the key. 4.Chosen Ciphertext: Eve has temporary access to the decryption machine. She can decrypt large number of ciphertexts and symbols and use them to deduce the key.

Dr. Lo’ai Tawalbeh 2007 Kerckhkoffs’s Principle While assessing the strength of a cryptosystem, one should always assume that the enemy knows the cryptographic algorithm used. The security of the system, therefore, should be based: mainly on the key length and on the quality of the algorithm.

Dr. Lo’ai Tawalbeh 2007 Symmetric & Public Key Algorithms Symmetric Key Algorithms Encryption and decryption keys are known to both communicating parties (Alice and Bob). They are usually related and it is easy to derive the decryption key once one knows the encryption key. In most cases, they are identical. All of the classical (pre-1970) cryptosystems are symmetric. Examples : DES and AES (Rijndael) A Secret key should be shared (or agreed) btw the communicating parties.

Dr. Lo’ai Tawalbeh 2007 Public Key Cryptosystems Why public key cryptography ? Key Distribution and Management is difficult in Symmetric Cryptoystems (DES, 3DES, AES(Rijndael) over large networks. No Electronic Signature with symmetric ciphers Also makes it possible to implement Key Exchange, Secret Key Derivation, Secret Sharing functions.

Dr. Lo’ai Tawalbeh 2007 Public Key Cryptosystems (PKC) Each user has a pair of keys which are generated together under a scheme: Private Key - known only to the owner Public Key - known to anyone in the systems with assurance Encryption with PKC: Sender encrypts the message by the Public Key of the receiver Only the receiver can decrypt the message by her/his Private Key

Dr. Lo’ai Tawalbeh 2007 Non-mathematical PKC Bob has a box and a padlock which only he can unlock once it is locked. Alice want to send a message to Bob. Bob sends his box and the padlock unlocked to Alice. Alice puts its message in the box and locks the box using Bob’s padlock and sends the box to Bob thinking that the message is safe since it is Bob that can unlock the padlock and accesses the contents of the box. Bob receives the box, unlocks the padlock and read the message. Attack: However, Eve can replace Bob’s padlock with hers when he is sending it to Alice.

Dr. Lo’ai Tawalbeh 2007 Aspects of PKC Powerful tools with their own intrinsic problems. Computationally intensive operations are involved. Resource intensive operations are involved. Implementation is always a challenge. Much slower than the symmetric key algorithms. PKC should not be used for encrypting large quantities of data. Example PKCs RSA Discrete Logarithm based cryptosystems. (El-Gamal) Elliptic Curve Cryptosystems

Dr. Lo’ai Tawalbeh 2007 Key Length in Cryptosystems Following the Kerckhkoffs’s Principle, the strength (security) of cryptosystems based on two important properties: the quality of the algorithm the key length. The security of cryptographic algorithms is hard to measure However, one thing is obvious: the key should be large enough to prevent the adversary to determine the key simply by trying all possible keys in the key space. This is called brute force or exhaustive search attack. For example, DES utilizes 56-bit key, therefore there are 2 56 (or approx 7.2 x ) possible keys in the key space.

Dr. Lo’ai Tawalbeh 2007 Key Length in Cryptosystems Assume that there are possible key you need to try And you can only try 10 9 key in a second. Since there are only around 3x10 7 seconds in year brute force attack would take more than 3x10 13 years to try out the keys. This time period is longer than the predicted life of the universe. For a cryptoanalyst, brute force should be the last choice. He needs to take advantage of the weakness in the algorithm or in it’s implementation, in order to reduce the possible keys to try out. Longer keys do not necessarily improve the security

Dr. Lo’ai Tawalbeh 2007 Fundamental Cryptographic Applications There are four main objectives of cryptography: Confidentiality Integrity Authentication Non-repudiation Hiding the contents of the messages exchanged in a transaction Ensuring that the origin of a message is correctly identified. Bob wants to make sure that Alice’s massage hasn’t been altered Bob wants to make sure that Alice could have sent the message he received. Two types: 1) Identification: Identity of the sender. 2) Data-origin authentication: info. About the data origin, who creates it and when. Requires that neither of the authorized parties deny the aspects of a valid transaction. Alice can’t deny sending the message.

Dr. Lo’ai Tawalbeh 2007 Other Cryptographic Applications Digital Signatures: allows electronically sign (personalize) the electronic documents, messages and transactions Identification: is capable of replacing password-based identification methods with more powerful (secure) techniques. Key Establishment: To communicate a key to your correspondent (or perhaps actually mutually generate it with him) whom you have never physically met before. Secret Sharing: Distribute the parts of a secret to a group of people who can never exploit it individually. E-commerce: carry out the secure transaction over an insecure channel like Internet. E-cash Games