BCIS 4630 Fundamentals of IT Security

Slides:



Advertisements
Similar presentations
Digital Signatures and Hash Functions. Digital Signatures.
Advertisements

NSRC Workshop Some fundamental security concerns... Confidentiality - could someone else read my data? Integrity - has my data been changed? Authentication.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Block Ciphers: Workhorses of Cryptography COMP 1721 A Winter 2004.
First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.
ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Cryptography Basic (cont)
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Cryptographic Technologies
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
Csci5233 Computer Security & Integrity 1 Cryptography: Basics (2)
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.5 Public Key Algorithms.
Encryption Methods By: Michael A. Scott
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.
Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.
Introduction to Public Key Cryptography
Public Key Model 8. Cryptography part 2.
Chapter 12 Cryptography (slides edited by Erin Chambers)
Sorting Out Digital Certificates Bill blog.codingoutloud.com ··· Boston Azure ··· 13·Dec·2012 ···
1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.
1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.
© Neeraj Suri EU-NSF ICT March 2006 DEWSNet Dependable Embedded Wired/Wireless Networks MUET Jamshoro Computer Security: Principles and Practice Slides.
1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.
Dr. Khalid A. Kaabneh Amman Arab University
Lecture 19 Page 1 CS 111 Online Symmetric Cryptosystems C = E(K,P) P = D(K,C) E() and D() are not necessarily the same operations.
Cryptography: RSA & DES Marcia Noel Ken Roe Jaime Buccheri.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 11 Basic Cryptography.
Chapter 8: Scrambling Through Cryptography Security+ Guide to Network Security Fundamentals Second Edition.
Cryptography, Authentication and Digital Signatures
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.
Day 37 8: Network Security8-1. 8: Network Security8-2 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key:
Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!
Chapter 21 Public-Key Cryptography and Message Authentication.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 2 “Cryptographic Tools”.
Public Key Cryptography. symmetric key crypto requires sender, receiver know shared secret key Q: how to agree on key in first place (particularly if.
1 Public-Key Cryptography and Message Authentication.
Cryptography and Network Security Chapter 9 - Public-Key Cryptography
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 2 – Cryptographic.
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
Symmetric Cryptography, Asymmetric Cryptography, and Digital Signatures.
Encryption No. 1  Seattle Pacific University Encryption: Protecting Your Data While in Transit Kevin Bolding Electrical Engineering Seattle Pacific University.
Lecture 2: Introduction to Cryptography
Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.
Overview of Cryptography & Its Applications
Security fundamentals Topic 4 Encryption. Agenda Using encryption Cryptography Symmetric encryption Hash functions Public key encryption Applying cryptography.
DATA & COMPUTER SECURITY (CSNB414) MODULE 3 MODERN SYMMETRIC ENCRYPTION.
1 Cryptography Troy Latchman Byungchil Kim. 2 Fundamentals We know that the medium we use to transmit data is insecure, e.g. can be sniffed. We know that.
Introduction to Pubic Key Encryption CSCI 5857: Encoding and Encryption.
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
INCS 741: Cryptography Overview and Basic Concepts.
Cryptography services Lecturer: Dr. Peter Soreanu Students: Raed Awad Ahmad Abdalhalim
Public Key Cryptography. Asymmetric encryption is a form of cryptosystem in which Encryption and decryption are performed using the different keys—one.
Basics of Cryptography
Review of Cryptography: Symmetric and Asymmetric Crypto Advanced Network Security Peter Reiher August, 2014.
Presentation transcript:

BCIS 4630 Fundamentals of IT Security CRYPTOGRAPHY Dr. Andy Wu

Overview Key crypto concepts Symmetric encryption Key terms XOR Symmetric encryption Asymmetric encryption Hashes

Cryptography Cryptography primarily protects confidentiality, integrity, authentication, and non-repudiation. All the current encryption schemes are based upon an algorithm, a recursive computational procedure for solving a problem in finite steps. Modern cryptography manipulates data in binary form. ASCII provides a standard way to map characters to numbers.

Key Terms (No Pun Intended) Plaintext The data that you want to keep secret. It is a human-readable text file or a computer-recognizable binary file. Ciphertext Once the plaintext is encrypted, it becomes ciphertext. No longer human-readable or computer-recognizable. Algorithm Predefined procedures regarding how the plaintext will be scrambled. Key Needed to scramble the plaintext.

Caesar’s Cipher A is now D; B is E; C is F; etc. Shift the alphabet by three positions (key) Plaintext: BCIS Ciphertext: EFLV To decrypt, shift back three positions (key)

Ensuring Security Putting the algorithm under public review actually improves the strength of the algorithm. A common attack on cryptography is the brute-force attack. It tries every possible key until the correct one is found. Advances in technology and computer performance have made brute-force attacks increasingly practical. Any predictability in key space makes the attacker’s job easier.

The Key The strength of a cryptosystem lies in the secrecy and length (size) of the keys that are used, rather than keeping the algorithm itself a secret. Key size is usually expressed in bits. A longer key increases the number of possible keys. The keyspace comprises all possible key values.

Exclusive OR (XOR) A useful bit manipulation technique in cryptography. The symbol for XOR is . The XOR product is 0, if the two bits are the same. 1, if the two bits are different. Encryption takes advantage of an important property of XOR: If A  B = A’, then A’  B = A XOR 1

XOR Example 11011001 10110011 = 01101010 = 11011001

Symmetric Encryption The same key is used to: Encrypt the plaintext into ciphertext. Decrypt the ciphertext into plaintext.

Symmetric Encryption Is Like A … … dead bolt lock. The same key is used to lock (encrypt) the door (data) and to unlock (decrypt) the door (data).

DES DES cuts up the plaintext into 64-bit blocks. It uses 56-bit keys. It then “scrambles” the plaintext (via “substitution” and then “permutation”) with the key repeatedly. Each repetition is called a “round”. DES performs 16 rounds on the plaintext. This is carried on until the entire message has been encrypted with DES.

A DES Round Source: William Stallings, Cryptography and Network Security.

3DES 3DES is a lot more than three times stronger than DES. Some times Key A = Key C. A brute force attack would have to try 2112  5.19  1033 possible key values. Suppose the processing speed is 1012 keys/second, 5.19  1033 @ 1012 keys/sec. = 5.19  1021 sec. = 1.65  1014 year).

Other Symmetric Algorithms AES (Rijndael) Pronounced as “Rain-Doll”, Flemish for “XYZ.” The candidate algorithm that NIST chose over the other four finalist as the replacement for DES. Supports 128-, 192-, and 256-bit keys. RC series RC4 is a stream cipher algorithm for symmetric encryption that normally uses a 128-bit key. RC4 is ten times faster than DES. IDEA CAST Blowfish

Problems with Symmetric Crypto Requires the sender and the receiver to have the same key (a.k.a. shared key encryption). Prior arrangement for key distribution (called “out-of-band” communication) is a must. In practice, people also faced a lot of scenarios in which they need the ability to tell who has encrypted a piece of information. However, if a symmetric key is shared between two or more people, any one can encrypt it. To be able to decrypt it tells nothing about who has encrypted it; only that you also have the key.

Symmetric Encryption

Asymmetric Encryption Also known as public key cryptography. Typically are based on difficult math problems, many of which are simple to do in one direction but difficult to do in the opposite direction. Much slower than symmetric algorithms Rely on exponentiation, which is processor-intensive; Keys generally are larger (1024- or 2048-bit) Software implementation of RSA can be hundreds times slower than DES. Thus, asymmetric algorithms typically are used only for encryption of small amounts of information, e.g., the shared key for symmetric encryption. Slow ≠ Weak

Keys in Asymmetric Cryptography Uses two keys instead of one. The two keys are mathematically related through one-way functions. One is publicly available; this “public key” is not protected. The other key is the “private key” and should be kept by the owner only. If the private key is comprised, this key pair is no longer safe to use. Either key can be used to encrypt data. However, once a key is used to generate a ciphertext, it cannot be used to decrypt that same ciphertext. The other key has to be used for decryption.

Asymmetric Encryption If this is used to encrypt … This has to be used to decrypt. Therefore … Public key, which is available to anyone Private key, which supposedly is accessible only to the owner If Alice wants to encrypt a message to Bob, she will go find Bob’s public key. Bob is the only one having the matching private key to decrypt it. (used for confidentiality) which supposedly is accessible only to the owner which is available to anyone If Alice can use Bob’s public key to decrypt an encrypted file, Bob must be the one who encrypted the file. (used for authentication)

Asymmetric Encryption - Confidentiality

Asymmetric Encryption - Authentication

Two Uses of Asymmetric Encryption For Confidentiality Alice wants to send a secret message to Bob Alice uses Bob’s public key to encrypt message Bob uses Bob’s private key to decrypt message For Authentication Alice needs to let Bob know she is the sender of a message Alice encrypts the message with Alice’s private key Bob decrypts the message with Alice’s public key

Asymmetric Cryptography No key distribution headache If Alice wants to send an encrypted message to Bob, she doesn’t have to share a key with him beforehand. She just encrypts the data with his public key. The ciphertext can only be decrypted by Bob with his private key. Better authentication than symmetric encryption. If a messaged can be decrypted by Alice’s public key, then it must be from Alice as Alice supposedly is the only one who has the matching private key.

RSA Name after its creators, Rivest, Shamir, and Adleman. One of the most popular and secure asymmetric algorithms. It capitalizes on the fact that there is no efficient way to factor very large (100-200 digits) prime numbers. A prime number is a real number that is only divisible by 1 and itself, e.g., 1, 3, 5, 7, 11, … Factoring is the process of determining whether an integer x is a prime number, and if not, which two numbers when multiplied will render the product x. Multiplying two large integers to arrive at an even larger number is easy to do. To do the reverse (factoring) is extremely, if possible at all, difficult.

Other Asymmetric Algorithms Diffie-Hellman Enables two people to share a secret key without prior contacts. It relies on the difficulty in modular logarithms. El Gamal An extension of the Diffie-Hellman key exchange algorithm. It is based on the difficulty of calculating discrete logarithms in a finite field. Elliptic Curve Cryptography (ECC) Its mathematic basis is the study of elliptic curves.

Symmetric vs. Asymmetric Algorithm Manipulation of bits Mathematics Number of Keys One Two Key distribution The key has to be shared “out-of-band” before encryption. No prior arrangement is necessary. Just use the recipient's public key Authentication Cannot pinpoint the sender if key is shared by more than two people. Can trace the message to the owner of the related private key. Use Bulk encryption Key distribution Digital signature Speed Fast Slow

Hash Function A hash function is a special mathematical algorithm that performs one-way manipulate on a file. Widely used functions include MD5 and SHA-1. The algorithm takes a message of any length and produces a fixed-length output. The hash is often called message digest.

Properties of Hash

Property 1: Non-Reversibility Both symmetric and asymmetric algorithms are reversible. They can be converted from plaintext to ciphertext and back again, if the right key is used. Hash algorithms, however, are not reversible. Once the hash is created, there is no way to take the hash and retrieve the file that was used to generate it. That is, you cannot reconstruct the message from the digest.

Property 2: Uniqueness You can’t find two files that produce the same hash. A hash value is always mathematically unique because it is extremely dependent on the contents of the file. If anyone changes the file by so much as one binary digit, the resulting hash value will be different. The hash value can be used as a smaller, easier-to-handle identifier of the file.

Collisions A collision occurs when two different inputs are hashed to the same value. Collisions are possible. Both SHA-1 and MD5 have been cracked. Fortunately, it is also unlikely that two documents with the same hash value both make sense. The other file is likely to be a series of random characters that just happens to result in the same hash value. Therefore, the hash of a file can be used as the file’s unique identifier.

# of Messages Required to Find Collision Hash Length Usually, the longer the hash value produced by the hashing algorithm, the less susceptible it is to collisions. SHA-1 and RIPEMD-160 hashes are 160-bit long. MD5 hashes are 128-bit long. Algorithm # of Messages Required to Find Collision MD5 264 ≈ 1.8 x 1019 SHA-1 280 ≈ 1.2 x 1024 RIPEMD-160 Source: Carlton Davis, IPSec, Securing VPNs.

Secure Hash Algorithm (SHA) SHA was developed in 1993 by the NIST for secure hashing in the U.S. Digital Signature Standard (DSS). The revised version is SHA-1. It uses block mode, accepting an input of up to 264 bits and compressing it to 160 bits.

MD5 Message Digest 5 is similar to the MD4 algorithm, but it is slightly slower and more secure. MD5 creates a 128-bit hash of a message of any length.

Common Uses of Hashes Hash can be used to guard integrity of files. The sender sends with a message the hash value of the message. The recipient runs the message through the same hash function and obtains her own hash value. If HSender = HRecipient, then the file has not been tampered with. This use is based on the “uniqueness” property.

Verifying File Integrity with Hashes

Verifying File Integrity with Hashes

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.