Agenda Cryptography ??. Encryption. Symmetric Encryption. Asymmetric Encryption. Diffie-hellman. Hashing. Digital signature. Authentication Protocols.

Slides:



Advertisements
Similar presentations
Chapter 3 Public Key Cryptography and Message authentication.
Advertisements

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing.
NSRC Workshop Some fundamental security concerns... Confidentiality - could someone else read my data? Integrity - has my data been changed? Authentication.
1 ITNS and CERIAS CISSP Luncheon Series: Cryptography Presented by Addam Schroll, CISSP.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
Review For Exam 3 (April 15, 2010) © Abdou Illia – Spring 2010.
ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Cryptography Basic (cont)
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Cryptographic Technologies
Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden
W O R L D W I D E L E A D E R I N S E C U R I N G T H E I N T E R N E T IKE Tutorial.
Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.
Chapter 12 Cryptography (slides edited by Erin Chambers)
Sorting Out Digital Certificates Bill blog.codingoutloud.com ··· Boston Azure ··· 13·Dec·2012 ···
Public Key Cryptography July Topics  Symmetric and Asymmetric Cryptography  Public Key Cryptography  Digital Signatures  Digital Certificates.
1 Public-Key Cryptography and Message Authentication Ola Flygt Växjö University, Sweden
Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.
Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward.
© Neeraj Suri EU-NSF ICT March 2006 DEWSNet Dependable Embedded Wired/Wireless Networks MUET Jamshoro Computer Security: Principles and Practice Slides.
Security. Cryptography Why Cryptography Symmetric Encryption – Key exchange Public-Key Cryptography – Key exchange – Certification.
Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)
Lecture 19 Page 1 CS 111 Online Symmetric Cryptosystems C = E(K,P) P = D(K,C) E() and D() are not necessarily the same operations.
Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.
1 Chapter 8 Copyright 2003 Prentice-Hall Cryptographic Systems: SSL/TLS, VPNs, and Kerberos.
每时每刻 可信安全 1The DES algorithm is an example of what type of cryptography? A Secret Key B Two-key C Asymmetric Key D Public Key A.
Symmetric versus Asymmetric Cryptography. Why is it worth presenting cryptography? Top concern in security Fundamental knowledge in computer security.
Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.
CHAPTER 6 Cryptography. An Overview It is origin from the Greek word kruptos which means hidden. The objective is to hide information so that only the.
Cryptography, Authentication and Digital Signatures
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!
Section 4.4: The RSA Cryptosystem Practice HW Handwritten and Maple Exercises p at end of class notes.
Public Key Cryptography. symmetric key crypto requires sender, receiver know shared secret key Q: how to agree on key in first place (particularly if.
Internet-security.ppt-1 ( ) 2000 © Maximilian Riegel Maximilian Riegel Kommunikationsnetz Franken e.V. Internet Security Putting together the.
Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Symmetric Cryptography, Asymmetric Cryptography, and Digital Signatures.
Cryptography Chapter 7 Part 3 Pages 812 to 833. Symmetric Cryptography Security Services – Only confidentiality, not authentication or non- repudiation.
Chapter 7: Cryptographic Systems
Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.
بسم الله. PKI Revealed Ayman Saeed Agenda Cryptography Review. PKI …… WHY and HOW!!!!!. X.509 Certificate. PKI Hierarchies Certification. Practical Implementation.
Security fundamentals Topic 4 Encryption. Agenda Using encryption Cryptography Symmetric encryption Hash functions Public key encryption Applying cryptography.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
1 Cryptography Troy Latchman Byungchil Kim. 2 Fundamentals We know that the medium we use to transmit data is insecure, e.g. can be sniffed. We know that.
Lecture 5 Page 1 CS 236 Online More on Cryptography CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.
INCS 741: Cryptography Overview and Basic Concepts.
This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
1 Public Key Cryptography. 2 Public Key Cryptography Agenda: Message authentication – authentication codes and hash functions Public key encryption –
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
Public Key Cryptography. Asymmetric encryption is a form of cryptosystem in which Encryption and decryption are performed using the different keys—one.
Basics of Cryptography
Security.
Public-Key, Digital Signatures, Management, Security
Presentation transcript:

Agenda Cryptography ??. Encryption. Symmetric Encryption. Asymmetric Encryption. Diffie-hellman. Hashing. Digital signature. Authentication Protocols. PKI. Cryptosystems. Cryptanalysis. Quantum Cryptography.

. Cryptography is a framework of methodologies used to ensure the CIA triad for our information ; C for confidentiality, I for Integrity and A for authenticity.. The need for cryptographic techs was as old as the need to keep the critical info secure, safe and authentic. the techs were invented in different forms that can be compatible with their current age, while the concept was the same.. Cryptography was known anciently as Encryption which means : Hiding the information from unauthorized entities. Various methods were used to adopt this purpose, it could be implemented manually, mechanically or even electronically. Cryptography ??

. SCYTALE, is an example for a really old tech that was used to cipher (encrypt) information. The concept of operation is so simple. Get a long strip of leather and wind it over a rode like the picture, write the clear data on the leather over the rod and then unwind it.. “ HELP ME I AM UNDER ATTACK “ will be and it totally depends on the diameter of the rode, which is the key to decipher the message.. “ HELP ME I AM UNDER ATTACK “ will be "HENTEIDTLAEAPMRCMUAK“, and it totally depends on the diameter of the rode, which is the key to decipher the message.

. Nowadays are a bit different, as we are not talking about only encryption when dealing with cryptography, hashing shares the place with encryption to form the whole framework (cryptographic framework) ; hashing role is to ensure the integrity of the message. So, back to the CIA triad, encryption is used to insure the confidentiality, hashing is for ensuring the integrity and a combination of encryption & hashing for ensuring the authenticity of the message sender.. Encryption and Hashing can be considered now as systems that need an input to deliver an output, this system is controlled by a set of mathematical equations which is known as an algorithm.

Encryption. As we stated before, Encryption is considered as a component of the cryptographic framework. It’s role is to offer the confidentiality axis of the CIA triad.. Recalling the systematic view of any cryptographic component, Encryption needs an input (Clear message & key) to deliver the cipher form (output), this cipher form to be decrypted (converted to the clear form ) we shall need a key and the same algorithm.

. Encryption can be implemented symmetrically or asymmetrically.. If we are using symmetric encryption, then we will encrypt the clear message with one key and decrypt it with the same key ; encryptor and decryptor should have the same key.

. On the other hand, for Asymmetric encryption, the sender will use a key to encrypt the message and the receiver will use a different key to decrypt the message, in case we have a bidirectional communication, each pair will use two keys one of them is public for others and a private key for himself.

Symmetric Encryption. To wrap the concept let us discuss a case for three entities that need to communicate securely using symmetric encryption.. From the figure, we can conclude that we will use 9 different private keys for achieving bidirectional communication between xyz and abc.. We can conclude also that we need to define a way by which we can exchange these private keys in a secure manner between distant entities.. We will recall these two conclusions a bit later.

. DES, 3DES, Blowfish, IDEA, RC5, Safer, Serpent and AES are the well known symmetric encryption algorithms.. We will go deeply for DES and AES in the Demos section.

Asymmetric Encryption. Back to the same case that was assumed when using symmetric encryption.. ABC and XYZ have their public keys distributed over each other, anyone needs to talk to the other will use the other’s public key to encrypt the traffic and the other will use his own private key to decrypt the traffic, X will use A’s public key to encrypt clear traffic A will receive the cipher to decrypt it using his own private key.. Less number of keys and simple key distribution.

. RSA is the famous asymmetric key encryption algorithm. Ron Rivest ## left Adi Shamir ## Middle Leonard Adleman ## Right. RSA operation will be discussed in the Demos section.

. Let us now compare them (symmetric and asymmetric) : 1- Symmetric key encryption suffers from scalability issues ; to achieve a secure communication between N points, we will need to generate (N(N-1))/2 different keys. 3- Symmetric key encryption requires “ out of band “ secure exchange of keys, because, both the communicating parties needs to know about the keys before proceeding into the communication. 4- Asymmetric key encryption systems are incredibly complex, and that complexity will surely impact the performance. Asymmetric key encryption is up to 1000 times slower than symmetric key encryption.. Now how can we deal with that problem ?!!!, Diffie and Hellman will answer this question for us.

Diffie-hellman Diffie-Hellman algorithm will use public key encryption to only distribute symmetric keys for communicating parties, symmetric key encryption will be used to deal with clear data to create the cipher, so we will have no odds :: high performance using symmetric key encryption and simple key distribution process using Diffie-Hellman algorithm, as we will sure see here and the demos section.Diffie-Hellman algorithm will use public key encryption to only distribute symmetric keys for communicating parties, symmetric key encryption will be used to deal with clear data to create the cipher, so we will have no odds :: high performance using symmetric key encryption and simple key distribution process using Diffie-Hellman algorithm, as we will sure see here and the demos section.

Khaled will generate two (public and private ) keys using his own Diffie- Hellman algorithm, Ali will do the same thing ; both of them will exchange his own public key, khaled will have his own private key and Ali’s public key, he will use his Diffie-Hellman algorithm to generate a new private key ; Ali will have the same private key if he executed the same operation. Khaled will generate two (public and private ) keys using his own Diffie- Hellman algorithm, Ali will do the same thing ; both of them will exchange his own public key, khaled will have his own private key and Ali’s public key, he will use his Diffie-Hellman algorithm to generate a new private key ; Ali will have the same private key if he executed the same operation.

Hashing Hashing is the second component of the cryptographic framework, its role is to ensure the integrity of a message. The most important aspect of integrity violation is that the target of the attack is not aware about the violation occurrence, simply, if he knew he will request for a retransmission.Hashing is the second component of the cryptographic framework, its role is to ensure the integrity of a message. The most important aspect of integrity violation is that the target of the attack is not aware about the violation occurrence, simply, if he knew he will request for a retransmission. The problem is that I am communicating with my co- workers basing on a false information.The problem is that I am communicating with my co- workers basing on a false information. Hashing is an irreversible process with no keys, the clear message is the only input for the hashing process.Hashing is an irreversible process with no keys, the clear message is the only input for the hashing process.

The message will be delivered as an input to the hashing system, hashing system will create message digest (hash) from the clear message, it will then append the digest to the message and then send them over the media ; The recipient will have the message to create a new digest and then compare the two digests.The message will be delivered as an input to the hashing system, hashing system will create message digest (hash) from the clear message, it will then append the digest to the message and then send them over the media ; The recipient will have the message to create a new digest and then compare the two digests.

A simple newbie can execute an MITM attack, he will be able to receive the message with the digest from the sender so as to create a new fake message with a new generated hash from the fake message (using the same hashing algorithm) to be sent to the poor receiver.A simple newbie can execute an MITM attack, he will be able to receive the message with the digest from the sender so as to create a new fake message with a new generated hash from the fake message (using the same hashing algorithm) to be sent to the poor receiver. HMAC, the solution for this problem.HMAC, the solution for this problem.

MD5 and SHA are the most used hashing algorithms, SHA is more secure than MD5.MD5 and SHA are the most used hashing algorithms, SHA is more secure than MD5. We will have a demo for HMAC in the demos section.We will have a demo for HMAC in the demos section.

Digital signature This is our last step for completing the CIA triad, how can we ensure authenticity using cryptography !!!This is our last step for completing the CIA triad, how can we ensure authenticity using cryptography !!! Digital signature is a mechanism by which we can authenticate the message sender on a message basis, each message needs to be authenticated, this needs to be clarified, digital signature is not a connection based authentication mechanism like pap, chap, kerborse, TACACS Digital signature is a mechanism by which we can authenticate the message sender on a message basis, each message needs to be authenticated, this needs to be clarified, digital signature is not a connection based authentication mechanism like pap, chap, kerborse, TACACS Digital signature uses a combination of encryption and hashing.Digital signature uses a combination of encryption and hashing.

The message will be hashed, the digest will be encrypted by the sender private key and then sent with message to the recipient.The message will be hashed, the digest will be encrypted by the sender private key and then sent with message to the recipient. We have a demo for Digital signature.We have a demo for Digital signature.

Authentication Protocols As we are taking about connection based authentication mechanism, we will deal with protocols rather than algorithms. This is to briefly list famous authentication protocols :As we are taking about connection based authentication mechanism, we will deal with protocols rather than algorithms. This is to briefly list famous authentication protocols : 1- PAP 2- CHAP 3- MS-CHAP 4- NTLM 5- EAP 6- PEAP 7- Kerberos 8- TACACS+ 9- Radius 10- Diameter

PKI Public Key Infrastructure is a Trust Connectivity media, I need to trust the sender before beginning a new session with him, how can I know that this public key is the one owned by the real sender; I need someone between us, someone that I can trust and that can trust this remote sender.Public Key Infrastructure is a Trust Connectivity media, I need to trust the sender before beginning a new session with him, how can I know that this public key is the one owned by the real sender; I need someone between us, someone that I can trust and that can trust this remote sender. How can I trust you?How can I trust you? Answer: The CA trusts me. How can I know the CA trusts you?How can I know the CA trusts you? Answer: You can see my certificate issued by the CA..So, PKI is not for authentication, but it can be considered as a pre- authentication phase..We will have a full PKI course.

Cryptosystems Cryptosystem is an implemented form of the cryptographic framework, it consists of three components :Cryptosystem is an implemented form of the cryptographic framework, it consists of three components : 1- algorithms : cryptographic engines for doing encryption and hashing. 2- protocols : for establishing connections and negotiating parameters between the communicating parties. 3- keys : for encryption algorithms. IPSEC, SSL, SSH, PPTP, L2TP and WEP all of them are cryptosystems, some of them provide the full CIA tirade. The only factor that differentiate between these cryptosystems is the protocol used to establish the connection and negotiate the parameters.IPSEC, SSL, SSH, PPTP, L2TP and WEP all of them are cryptosystems, some of them provide the full CIA tirade. The only factor that differentiate between these cryptosystems is the protocol used to establish the connection and negotiate the parameters. These cryptosystems will be discussed deeply in the VPN course.These cryptosystems will be discussed deeply in the VPN course.

Cryptanalysis Bruce Schneier.“ Breaking a cipher doesn't necessarily mean finding a practical way for an eavesdropper to recover the plaintext from just the ciphertext. In academic cryptography, the rules are relaxed considerably. Breaking a cipher simply means finding a weakness in the cipher that can be exploited with a complexity less than brute- force ” Bruce Schneier.

Quantum Cryptography “While I like the science of quantum cryptography -- my undergraduate degree was in physics -- I don't see any commercial value in it. I don't believe it solves any security problem that needs solving. I don't believe that it's worth paying for, and I can't imagine anyone but a few technophiles buying and deploying it. Systems that use it don't magically become unbreakable, because the quantum part doesn't address the weak points of the system. Bruce Schneier.” Bruce Schneier.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.