FORESEC Academy FORESEC Academy Security Essentials (IV)

Slides:



Advertisements
Similar presentations
Public Key Cryptography INFSCI 1075: Network Security – Spring 2013 Amir Masoumzadeh.
Advertisements

Conventional Encryption: Algorithms
Chapter 3  Symmetric Key Cryptosystems 1 Overview  Modern symmetric-key cryptosystems o Data Encryption Standard (DES)  Adopted in 1976  Block size.
Discrete Methods in Mathematical Informatics Lecture 2: Elliptic Curve Cryptography 16 th October 2012 Vorapong Suppakitpaisarn
History Applications Attacks Advantages & Disadvantages Conclusion.
Dr. Lo’ai Tawalbeh Summer 2007 Chapter 9 – Public Key Cryptography and RSA Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus INCS.
Encryption CS 465 January 9, 2006 Tim van der Horst.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
1 A simple algebraic representation of Rijndael Niels Ferguson Richard Schroeppel Doug Whiting.
CSE331: Introduction to Networks and Security Lecture 18 Fall 2002.
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.
Dr. Lo’ai Tawalbeh Fall 2005 Chapter 10 – Key Management; Other Public Key Cryptosystems Dr. Lo’ai Tawalbeh Computer Engineering Department Jordan University.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
Cryptography1 CPSC 3730 Cryptography Chapter 13 Digital Signature Standard (DSS)
ECE578/7 #1 Spring 2010 © , Richard A. Stanley ECE578: Cryptography 7: Elliptic Curve Cryptographic Systems Professor Richard A. Stanley, P.E.
Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Introduction to Computer and Network Security Iliano Cervesato 26 August 2008 – Modern Cryptography.
1 Pertemuan 08 Public Key Cryptography Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
What is Cryptography? Definition: The science or study of the techniques of secret writing, esp. code and cipher systems, methods, and the like Google.
Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.
CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.
Network Security Essentials Fifth Edition by William Stallings Fifth Edition by William Stallings.
ASYMMETRIC CIPHERS.
Introduction to Public Key Cryptography
Chapter 12 Cryptography (slides edited by Erin Chambers)
By Sean Fisk.  Not a new technology  Inherently insecure  In recent years, increased popularity.
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 21 “Public-Key Cryptography.
Lecture 19 Page 1 CS 111 Online Symmetric Cryptosystems C = E(K,P) P = D(K,C) E() and D() are not necessarily the same operations.
DARPA AES Finalist Algorithm: The Rijndael Block Cipher Mel Tsai University of California at Berkeley.
Cryptography Lecture 4 Stefan Dziembowski
Classical &ontemporyryptology 1 AESAES Classical &ontemporyryptology 2 Advanced Encryption Standard Since DES was becoming less reliable as new cryptanalysis.
Chapter 21 Public-Key Cryptography and Message Authentication.
Cryptography and Network Security (CS435) Part Eight (Key Management)
Cryptography and Network Security Chapter 10 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Elliptical Curve Cryptography Manish Kumar Roll No - 43 CS-A, S-7 SOE, CUSAT.
Public Key Cryptography. symmetric key crypto requires sender, receiver know shared secret key Q: how to agree on key in first place (particularly if.
1 Public-Key Cryptography and Message Authentication.
CS461/ECE422 Spring 2012 Nikita Borisov — UIUC1.  Text Chapters 2 and 21  Handbook of Applied Cryptography, Chapter 8 
Cryptography Chapter 7 Part 2 Pages 781 to 812. Symmetric Cryptography Secret Key Figure 7-10 on page 782 Key distribution problem – Secure courier Many.
Symmetric Cryptography, Asymmetric Cryptography, and Digital Signatures.
PUBLIC-KEY CRYPTOGRAPH IT 352 : Lecture 2- part3 Najwa AlGhamdi, MSc – 2012 /1433.
Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.
May 30 th – 31 st, 2006 Sheraton Ottawa. Implementing Advanced Cryptography - Suite-B William Billings, CISSP Chief Security Advisor Microsoft US Federal.
Scott CH Huang COM 5336 Cryptography Lecture 6 Public Key Cryptography & RSA Scott CH Huang COM 5336 Cryptography Lecture 6.
Elliptic Curve Cryptography
Cryptography and Network Security
Chapter 9 Public Key Cryptography and RSA. Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender.
COMP 424 Lecture 04 Advanced Encryption Techniques (DES, AES, RSA)
1 Symmetric-Key Encryption CSE 5351: Introduction to Cryptography Reading assignment: Chapter 2 Chapter 3 (sections ) You may skip proofs, but are.
Cryptography issues – elliptic curves Presented by Tom Nykiel.
Lecture 9 Elliptic Curves. In 1984, Hendrik Lenstra described an ingenious algorithm for factoring integers that relies on properties of elliptic curves.
Public-Key encryption structure First publicly proposed by Diffie and Hellman in 1976First publicly proposed by Diffie and Hellman in 1976 Based on mathematical.
CSEN 1001 Computer and Network Security Amr El Mougy Mouaz ElAbsawi.
Key Management public-key encryption helps address key distribution problems have two aspects of this: – distribution of public keys – use of public-key.
1 CPCS425: Information Security (Topic 5) Topic 5  Symmetrical Cryptography  Understand the principles of modern symmetric (conventional) cryptography.
Public Key Cryptography. Asymmetric encryption is a form of cryptosystem in which Encryption and decryption are performed using the different keys—one.
Practical Aspects of Modern Cryptography Josh Benaloh & Brian LaMacchia.
Information Security and Management (Abstract) 5
Cryptographic Algorithms
Public Key Encryption and Digital Signatures
Mobile Communications Mobile Security Fundamentals-3
The Advanced Encryption Standard: Rijndael
مروري برالگوريتمهاي رمز متقارن(كليد پنهان)
Presentation transcript:

FORESEC Academy FORESEC Academy Security Essentials (IV)

FORESEC Academy Why do I Care about Crypto?

FORESEC Academy Concepts in Cryptography

FORESEC Academy Concepts in Cryptography (2) Tractable ProblemsIntractable Problems “Easy” problems. Can be solved in polynomial time (i.e., “quickly”) for certain inputs Examples : constant problems linear problems quadratic problems cubic problems “Hard” problems. Cannot be solved in polynomial time (i.e., “quickly”) Examples : exponential or super-polynomial problems factoring large integers into primes (RSA) solving the discrete logarithm problem(ElGamal) computing elliptic curves in a finite field (ECC) Computational Complexity deals with time and space requirements for the execution of algorithms. Problems can be classified as tractable or intractable.

FORESEC Academy Concepts in Cryptography (3) An Example of an Intractable Problem... Difficulty of factoring a large integer into its two prime factors  A “hard” problem  Years of intense public scrutiny suggest intractability  No mathematical proof so far Example: RSA based on difficulty of factoring a large integer into its prime factors ~1000 times slower than DES considered “secure” de facto standard patent expired in 2000

FORESEC Academy Concepts in Cryptography (4)  A “hard” problem  Years of intense public scrutiny suggest intractability  No mathematical proof so far  The discrete logarithm problem is as difficult as the problem of factoring a large integer into its prime factors Another Intractable Problem… Difficulty of solving the discrete logarithm problem --for finite fields Examples El Gamal encryption and signature schemes Diffie-Hellman key agreement scheme Schnorr signature scheme NIST.s Digital Signature Algorithm (DSA)

FORESEC Academy Concepts in Cryptography (5)  A “hard” Problem  Years of intense public scrutiny suggest intractability  No mathematical proof so far  In general, elliptic curve cryptosystems (ECC) offer higher speed, lower power consumption, and tighter code Yet Another Intractable Problem... Difficulty of solving the discrete logarithm problem--as applied to elliptic curves Examples Elliptic curve El Gamal encryption and signature schemes Elliptic curve Diffie-Hellman key agreement scheme Schnorr signature scheme NIST.s Digital Signature Algorithm (DSA)

FORESEC Academy Voila! We Can Now Build...

FORESEC Academy DES: Data Encryption Standard  Released March 17, 1975  Rather fast encryption algorithm  Widely used; a de facto standard  Symmetric-key, 64 -bit block cipher  56 -bit key size ! Small 256 keyspace  Today, DES is not considered secure

FORESEC Academy DES Weaknesses  DES is considered non-secure for very sensitive encryption. It is crackable in a short period of time.  See the Cracking DES book by O’Reilly.  Multiple encryptions and key size will increase the security.  Double DES is vulnerable to the meet-in-the- middle attack and only has an effective key length of 57 bits.  Triple DES is preferred.

FORESEC Academy DES  In 1992 it was proven that DES is not a group. This means that multiple DES encryptions are not equivalent to a single encryption. THIS IS A GOOD THING.  If something is a group then - E(K 2,E(K,M)) = E(K 3,M)  Since DES is not a group, multiple encryptions will increase the security.

FORESEC Academy Meet-in-the-middle Attack

FORESEC Academy Triple DES USAGEVULNERABILITIES Supported in latest releases of Web clients, such as Microsoft Internet Explorer & Netscape Communicator Prefer Triple DES over DES (which is. officially. No longer considered to be secure) Cracking Triple DES means examining all possible pairs of crypto-variables (a task considered to be beyond today’s technology) So far, there have been no public reports claiming to have cracked Triple DES...

FORESEC Academy Triple DES (2)

FORESEC Academy AES THE FIVE “AES” FINALISTS !  MARS IBM  RC6 tm RSA Laboratories  Rijndael Joan Daemen, Vincent Rijmen  Serpent Ross Anderson, Eli Biham, Lars Knudsen  Twofish Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, Niels Ferguson Significance Developing “good” cryptographic algorithms that can be trusted is hard. The only practical way to develop such algorithms is to perform the development process in an open manner, and under intense public scrutiny of the global cryptographic community. Can you think of a recent example in which this was not followed? Advanced Encryption Standard AES is a new encryption algorithm(s) that is being designed to be effective well into the 21st century Countdown to AES ! 1/2/1997, the quest for AES begins... 8/9/1999, five finalist algorithms announced Announced winner – Rijndeal 12/26/2001 – AES approved!

FORESEC Academy AES Algorithm

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.