General Information: This document was created for use in the "Bridges to Computing" project of Brooklyn College. You are invited and encouraged to use.

Slides:

Advertisements

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Advertisements

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Digital Signatures and Hash Functions. Digital Signatures.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

Cryptography The science of writing in secret code.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

Cryptographic Technologies

Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Electronic Payment Systems Lecture 6 Epayment Security II.

Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.

Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,

1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.

Encryption Methods By: Michael A. Scott

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Cryptographic Security Cryptographic Mechanisms 1Mesbah Islam– Operating Systems.

Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.

Public Key Model 8. Cryptography part 2.

1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.

1 Public-Key Cryptography and Message Authentication Ola Flygt Växjö University, Sweden

Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.

1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.

Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward.

1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.

Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)

.Net Security and Performance -has security slowed down the application By Krishnan Ganesh Madras.

Linux Networking and Security Chapter 8 Making Data Secure.

Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.

Cryptography, Authentication and Digital Signatures

An Overview of Cryptography Ying Wang-Suorsa Helsinki University of Technology.

Public-Key Cryptography CS110 Fall Conventional Encryption.

Computer and Internet Security. Introduction Both individuals and companies are vulnerable to data theft and hacker attacks that can compromise data,

CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.

4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.

Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University.

Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!

11-Basic Cryptography Dr. John P. Abraham Professor UTPA.

Symmetric Cryptography, Asymmetric Cryptography, and Digital Signatures.

Encryption Questions answered in this lecture: How does encryption provide privacy? How does encryption provide authentication? What is public key encryption?

Public / Private Keys was a big year… DES: Adopted as an encryption standard by the US government. It was an open standard. The NSA calls it “One.

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

General Information: This document was created for use in the "Bridges to Computing" project of Brooklyn College. You are invited and encouraged to use.

Lecture 2: Introduction to Cryptography

Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.

Overview of Cryptography & Its Applications

Encryption. Introduction The incredible growth of the Internet has excited businesses and consumers alike with its promise of changing the way we live.

Cryptography Readings Encryption, Decryption, & Digital Certificates.

Cryptography Gerard Klonarides. What is cryptography? Symmetric Encryption Symmetric Encryption Asymmetric Encryption Asymmetric Encryption Other cryptography.

MM Clements Cryptography. Last Week Firewalls A firewall cannot protect against poor server, client or network configuration A firewall cannot.

EE 122: Lecture 24 (Security) Ion Stoica December 4, 2001.

Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.

INCS 741: Cryptography Overview and Basic Concepts.

Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.

CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.

최신정보보호기술 경일대학교 사이버보안학과 김 현성.

Basics of Cryptography

NETWORK SECURITY Cryptography By: Abdulmalik Kohaji.

Presentation transcript:

General Information: This document was created for use in the "Bridges to Computing" project of Brooklyn College. You are invited and encouraged to use this presentation to promote computer science education in the U.S. and around the world. For more information about the Bridges Program, please visit our website at: Disclaimers: IMAGES : All images in this presentation were created by our Bridges to Computing staff or were found online through open access media sites and are used under the Creative Commons Attribution-Share Alike 3.0 License. If you believe an image in this presentation is in fact copyrighted material, never intended for creative commons use, please contact us at so that we can remove it from this presentation. LINKS : This document may include links to sites and documents outside of the "Bridges to Computing" domain. The Bridges Program cannot be held responsible for the content of 3 rd party sources and sites. Bridges To Computing

Introduction to Cryptology II Cryptography & Cryptanalysis M. Meyer Bridges To Computing 2010

Modern Cryptography - Purpose Privacy/confidentiality: Ensuring that no one can read the message except the intended receiver. Integrity: Assuring the receiver that the received message has not been altered in any way from the original. Authentication: The process of proving one's identity. (The primary forms of host-to-host authentication on the Internet today are name-based or address-based, both of which are notoriously weak.) Non-repudiation: A mechanism to prove that the sender really sent this message.

Cryptographic Algorithms There are several ways of classifying cryptographic algorithms. We will categorized them by the number of keys that are employed for encryption and decryption o Secret Key Cryptography (SKC): Uses a single key for both encryption and decryption. o Public Key Cryptography (PKC): Uses one key for encryption and another for decryption. o Hash Functions: Uses a mathematical transformation to irreversibly "encrypt" information.

SKC - Secret Key With secret key cryptography, a single key is used for both encryption and decryption. With this form of cryptography, it is obvious that the key must be known to both the sender and the receiver; that, in fact, is the secret. The biggest difficulty with this approach, of course, is the distribution of the key. SKC algorithms fall into two general groups: Block Ciphers and Stream Ciphers.

SKC - Block Ciphers

Modern PKC Standards Data Encryption Standard (DES) and it's replacement Triple-DES (3DES) are the two most well known PKC standards. They are used for creating passwords for computers and for low-level security protocols for network communication. They are breakable and vulnerable to specific kinds of attacks. o If I can get enough of the messages that are encoded with the key. o If the text I am looking to find is an English word of phrase.

The problem of the key Even if I am going to use a one-time pass encryption key (in theory, unbreakable) to send you a message, I have a problem.... namely, you will need the key yourself, to decode the message. How then, can I get you the key safely? This problem was unanswerable until the late 1970's and the world had the problem that if a spy managed to steal the codebook from you, then all of your messages could then be read.

PKC - Public Key "Public-key cryptography has been said to be the most significant new development in cryptography in the last years. Modern PKC was first described publicly by Stanford University professor Martin Hellman and graduate student Whitfield Diffie in Their paper described a two-key crypto system in which two parties could engage in a secure communication over a non-secure communications channel without having to share a secret key. PKC depends upon the existence of so-called one-way functions, or mathematical functions that are easy to computer whereas their inverse function is relatively difficult to compute. Let me give you two simple examples:"

PKC continued Multiplication vs. factorization: Suppose I tell you that I have two numbers, 9 and 16, and that I want to calculate the product; it should take almost no time to calculate the product, 144. Suppose instead that I tell you that I have a number, 144, and I need you tell me which pair of integers I multiplied together to obtain that number. You will eventually come up with the solution but whereas calculating the product took milliseconds, factoring will take longer because you first need to find the 8 pair of integer factors and then determine which one is the correct pair.

PKC continued Exponentiation vs. logarithms: o Suppose I tell you that I want to take the number 3 to the 6th power; again, it is easy to calculate 3^6=729. o But if I tell you that I have the number 729 and want you to tell me the two integers that I used, x and y so that log(x) 729 = y, it will take you longer to find all possible solutions and select the pair that I used. o There may in fact be more then one pair.

PKC - Standards The first, and still most common, PKC implementation, is named for the three MIT mathematicians who developed it — Ronald R ivest, Adi S hamir, and Leonard A dleman. RSA today is used in hundreds of software products and can be used for key exchange, digital signatures, or encryption of small blocks of data. The main idea, is that each of the keys is derived from the factoring of an extremely large prime number. AND what is encoded with one key, can only be decoded with the other.

Hash Algorithms Hash functions, also called message digests and one- way encryption, are algorithms that, in some sense, use no key. Instead, a fixed-length hash value is computed based upon the plaintext that makes it impossible for either the contents or length of the plaintext to be recovered. Hash algorithms are typically used to provide a digital fingerprint of a file's contents, often used to ensure that the file has not been altered by an intruder or virus. Hash functions are also commonly employed by many operating systems to encrypt passwords. Hash functions, then, provide a measure of the integrity of a file. Popular Hash Algorithm MD5.

Why 3 types?

Trust Models (1) Secure use of cryptography requires trust. SKC can ensure message confidentiality and hash codes can ensure integrity, but none of this works without trust. In SKC, Alice and Bob had to share a secret key. PKC solved the secret distribution problem, but how does Alice really know that Bob is who he says he is? Just because Bob has a public and private key, and purports to be "Bob," doesn't mean that he is Bob.

Trust Models There are a number of trust models employed by various cryptographic schemes: PGP- The web of trust employed by Pretty Good Privacy (PGP) users, who hold their own set of trusted public keys. Kerberos- a secret key distribution scheme using a trusted third party. Certificates- which allow a set of trusted third parties to authenticate each other and, by implication, each other's users

The End