Public Key Encryption
Introduction The Problem Network security Public Key Encryption Encryption/Decryption Public Key Encryption How is data transmitted? Secure Socket Language Conclusion Questions and Comments
The Problem Trough the Internet, people can: Buy products online Buy services online Do bank transactions online
The Problem Threats to network security include: Data diddling Salami attack Piggybacking Denial of Service (DoS) Distributed Denial of Service (DDoS)
The Problem Several network security schemes have been developed and used throughout the years
Network Security Protection alternatives include: Use of passwords Use of security modems Encryption/decryption methods
Encryption / Decryption Network Security The most secure protection methods are those which use Encryption / Decryption
History Network Security Used since Roman Empire Used by governments for military purposes Nowadays it is being performed by computers
Encryption / Decryption What is encryption/decryption? Network Security Encryption / Decryption "Enryption is the translation of data into a secret code."
Transposition Algorithm What is encryption/decryption? Network Security Transposition Algorithm An example
Network Security Key = PUBLIC P U B L I C 5 6 1 4 3 2 What is encryption/decryption? Network Security Key = PUBLIC P U B L I C 5 6 1 4 3 2
Public key encryption is secure now What is encryption/decryption? Network Security Message to send: Public key encryption is secure now
Network Security 5 6 1 4 3 2 P U B L I C K E Y E N C R Y P T I O N I S What is encryption/decryption? Network Security 5 6 1 4 3 2 P U B L I C K E Y E N C R Y P T I O N I S S E C U R E N O W B Y P
Network Security The message will now be … What is encryption/decryption? Network Security The message will now be … BYPSE CCOCF INIEF LETSF PKRNU UEYIR Unauthorised users who do not have the key will not be able to convert it back to the original message
What is encryption/decryption? Network Security A key or password is necessary for encryption and decryption. Decryption is the changing back of encrypted code (or cipher text) to plain text.
What is encryption/decryption? Network Security
What is encryption/decryption? Network Security There are two main types of encryption / decryption security measures: Public Key Encryption (Asymmetric) Symmetric Key Encryption
Public Key Encryption Network Security Uses two keys: Public Private Public Key (Asymmetric) Encryption Network Security Public Key Encryption Uses two keys: Public Private A popular implementation is the SSL (Secure Socket Layer)
Symmetric Key Network Security Uses only one key Symmetric Key Encryption Network Security Symmetric Key Uses only one key Key must be known only by the sender and receiver Faster encryption/decryption
Public Key Encryption History First invented in early 1970s by Clifford Cocks. Reinvented by Rivest, Shamir and Adleman in 1976 and was called RSA. It was published. In 1984 ElGamal created his algorithm. In 1989 Koblitz created his hyperelliptic curve cryptography algorithm
How is data sent using public key encryption? Sender encrypts the message using its private key Sender encrypts its private key using the receiver’s public key Receiver uses its private key to decrypt the sender’s private key Receiver uses the sender’s private key to decrypt the message.
Digital signatures Public Key Encryption Authentication is also done using digital signatures. Digital signatures are sent to the receiving computer to make sure that the sender is who it says it is.
Public Key Encryption Digital certificates are used. A large scale Public Key Encryption Digital certificates are used. Before communication starts the certificate authority confirms that every computer is who it says it is.
Public Key Encryption Hashing algorithms are used to create keys. A simple example: Input number Hashing Algorithm Hash Value 32,569 Input # x 138 4,494,522
Hashing algorithms Public Key Encryption If the algorithm is not known, it is very difficult to determine the input number. In reality more complex numbers are used, usually 40-bit or 128-bit
Public Key Encryption Checks for data corruption Validation and Verification of data Public Key Encryption Checks for data corruption Two popular algorithms: Checksum Cyclic Redundancy check (CRC)
Public Key Encryption An implementation of Public key encryption Secure Socket Layer (SSL) Public Key Encryption An implementation of Public key encryption Developed by Netscape Used extensively by Netscape and Internet explorer
Secure Socket Layer (SSL) Public Key Encryption URL of an SSL-enabled website starts with https:// An example is the Go Mobile page for topping up your mobile credit
Secure Socket Layer (SSL) Public Key Encryption It has become part of the transport layer in the OSI Model Is known as the TLS (Transport Layer Security)
Public Key Encryption Sender creates a private key What happens in an SSL? Public Key Encryption Sender creates a private key Sender sends it to the receiving computer using the receiver’s public key
What happens in an SSL? Public Key Encryption Communication is then encrypted/decrypted using the private key After communication between the two computers ends the key is discarded
Conclusion The most common protection alternatives used are those that use the encryption/decryption methods. Encryption is the translation of data into a code that is not understandable without the key. Decryption is the changing back of code from cipher text to plain text. A key or password is necessary.
Conclusion There are two types: Public key encryption Private / Symmetric key Private key encryption uses only one key, which is private. Public key encryption uses two keys: Public key Private key
How is data sent using public key encryption? Conclusion How is data sent using public key encryption?
Conclusion Authentication is done using digital signatures Digital certificates are used in a large scale communication Hashing algorithms are used to create keys and passwords. Checksum and CRC are used to check for data corruption
Conclusion SSL is an implementation of public key encryption. Private keys are created before every communication session, and deleted afterwards
For notes and references for further reading Visit www.geocities.com/publickeyencryption For notes and references for further reading