Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security through Encryption

Published byCarmel O’Neal’ Modified over 6 years ago

Similar presentations

Presentation on theme: "Security through Encryption"— Presentation transcript:

1 Security through Encryption
James P. Skon

2 Encryption

3 Overview History What is encryption/decryption? Symmetrical encryption
Public-key encryption Current encryption standards Encryption

4 Caesar cipher Encryption

5 German Enigma Encryption

6 Cryptography Is Is not A tremendous tool
The basis for many security mechanisms Is not The solution to all security problems Reliable unless implemented properly Reliable unless used properly Something you should try to invent yourself unless you spend a lot of time becoming an expert you subject your design to outside review Encryption

7 Basic Cryptographic Concepts
Encryption scheme: functions to encrypt, decrypt data Symmetric encryption Block, stream ciphers, same key for both sides Hash function, MAC Map any input to short hash; ideally, no collisions MAC (keyed hash) used for message integrity Public-key cryptography PK encryption: public key does not reveal key-1 Signatures: sign data, verify signature Encryption

8 Unsecure message Plain Text ah-ha!! Encryption Dear Sally,
The secret ... ah-ha!! Encryption

9 network transactions Assume attackers can control the network
We will talk about how they do this later Attackers can intercept packets, tamper with or suppress them, and inject arbitrary packets Encryption

10 Encryption Ciphertext Plain Text Encryption Algorithm
Ad44fgt6&55tgt Ciphertext Ee8e0w8e*WEdlGlr98& d(D9ED- …. Encryption Algorithm Plain Text Dear Sally, The secret ... Encryption

11 Decryption Plain Text Ciphertext Decryption Algorithm Dear Sally,
Ad44fgt6&55tgt Plain Text Decryption Algorithm Dear Sally, The secret ... Ciphertext Ee8e0w8e*WEdlGlr98& d(D9ED- …. Encryption

12 Secure Message Ciphertext Plain Text Plain Text ????? Encryption
Ee8e0w8e*WEdlGlr98&d(D9ED fssdfsdf sfd sd- Dear Sally, The secret ... Dear Sally, The secret ... Plain Text Plain Text ????? Encryption

13 Encryption Destination Source insecure key Plaintext Plaintext key
Algorithm Encrypted message Algorithm Plaintext key Encryption

14 Cryptanalysis breaking the code with brute force computation attack
Types Ciphertext-only attack Known-plaintext attack Chosen-plaintext attack Adaptive-chosen-plaintext attack Others... Encryption

15 Symmetric Key Encryption
Both parties must have the same key Often encryption and decryption done by the exact same algorithm Typically the algorithm is publicly known (only the key is secret) Called the “secret key” method, since secrecy of key is essential Encryption

16 One-time pad Method Each character from the plaintext is encrypted by a modular addition with a character from a secret random key (or pad) of the same length as the plaintex Key must be length of message Must be random, never reused Encryption

17 One Time Pad Method Message: "THE BRITISH ARE COMING”
Key: DKJFOISJOGIJPAPDIGN A B C D E F G H I J K  L  M  N  O  P  Q  R  S  T  U  V  W  X  Y  Z Encryption (T(19)+D(03)=22) MOD 26 = 22 = W (H(07)+K(10)=17) MOD 26 = 17 = R (E(04)+J(09)=13) MOD 26 = 13 = N (B(01)+F(05)=06) MOD 26 = 06 = G (R(17)+O(14)=31) MOD 26 = 05 = F Encryption

18 One Time Pad THEBRITISHARECOMING DKJFOISJOGIJPAPDIGN
Result: WRNGFQLRGNIATCDPQTT Decryption (W(22)-D(03)= ) MOD 26 = 19 = T (R(17)-K(10)= ) MOD 26 = 07 = H (N(13)-J(09)= ) MOD 26 = 04 = E (G(06)-F(05)= ) MOD 26 = 01 = B (F(05)-O(14)= ) MOD 26 = 17 = R Encryption

19 Stream ciphers Generate a long key with a pseudo random number generator. Encryption

20 Block Cipher DES, AES Build a key for each block from the start key, and the previous block Encryption

21 Strong Symmetric Key Encryption
Weak encryption is vulnerable to cryptanalysis Strong encryption is an algorithm for which cryptanalysis is intractable (possible, but takes too long) Strength of an algorithm is related to key length (algorithm complexity) Encryption

22 Symmetric Key Encryption - Algorithms
DES (Data Encryption Standard) 56-bit key Adopted in 1977 by the National Bureau of Standards. Originally proposed key length of 128-bits. Powerful computers can now break DES. Double and Triple DES - use two or three keys for greater safety Encryption

23 Major Systems Data Encryption Standard (DES) 1978 56-bit keys
very hard to break a key requires 255 steps on average never been broken in genera, but can be broken for a specific key given enough CPU power. Usually implemented in hardware Encryption

24 Major Systems Advanced Encryption Standard
adopted by the U.S. government and is now used worldwide Algorithm well known, generally trusted Attacks: Brute Force Cryptoanalysis In 2011 a key-recovery attack created which is about 4 times faster then brute force. Encryption

25 Symmetric Key Problems
How do we safely exchange keys? How do we authenticate the source (I.e. who really sent this message) Encryption

26 Encryption secret-key Sender and receiver must have an identical key
Key is used for both encryption and decryption Problems: Secret keys must be exchanged in private. Each side must trust each other with their secret key. Called the key management problem. Encryption

27 Encryption public-key Solution to key management problem.
Each persons has a pair of keys, a public key and a private key Public key is published in trusted directory Private key known only to owner. Encryption

28 Encryption public-key
Anyone can use public key to encrypt data to be sent to the owner of the public key. ONLY the owner of the private key can decrypt the message. Thus security is assured across unsecure media. Encryption

29 Public-key Encryption
Destination Source insecure Private key Plaintext Algorithm Encrypted message Algorithm Plaintext Public key Encryption

30 Authentication process whereby the receiver of a digital message can be confident of the identity of the sender or the integrity of the message Encryption

31 Authentication Public-key Encryption provides concept of digital signature General operation: Bob sends to Mary Mary’s Public key Mary’s Private key Message decryption algorithm Message encryption algorithm encrypted message Bob’s Public key A mathematical relationship that will hold ONLY if Bob’s private key was used. function Digital signature Bob’s Private key function Encryption

32 Advantages of Public Key Systems
Private keys need not be transmitted Digital signature possible Messages can be proven authentic to a third party (such as judge) allowing for legal agreements via network Encryption

33 Disadvantages of Public Key Systems
Speed symmetrical (secret) key algorithms much, much faster Public key very computationally intensive Encryption

34 Disadvantages of Public Key Systems
Solution to speed problem: For a transfer, generate a random session key Send the session key using a public key method Use the session key with a symmetrical key algorithm for actual data transfer. Encryption

35 Crypto Policy Perspectives
Issues Law Enforcement National Security Right to Privacy Encryption

Download ppt "Security through Encryption"

Similar presentations

Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.

Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.

CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
What is Cryptography? Definition: The science or study of the techniques of secret writing, esp. code and cipher systems, methods, and the like Google.

What is Cryptography? Definition: The science or study of the techniques of secret writing, esp. code and cipher systems, methods, and the like Google.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.

Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.
Introduction to Public Key Cryptography

Introduction to Public Key Cryptography
Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)

Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)
Lecture 19 Page 1 CS 111 Online Symmetric Cryptosystems C = E(K,P) P = D(K,C) E() and D() are not necessarily the same operations.

Lecture 19 Page 1 CS 111 Online Symmetric Cryptosystems C = E(K,P) P = D(K,C) E() and D() are not necessarily the same operations.
Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.

Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.
CSCE 201 Introduction to Information Security Fall 2010 Data Protection.

CSCE 201 Introduction to Information Security Fall 2010 Data Protection.
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.

CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
EE515/IS523 Think Like an Adversary Lecture 4 Crypto in a Nutshell Yongdae Kim.

EE515/IS523 Think Like an Adversary Lecture 4 Crypto in a Nutshell Yongdae Kim.
Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!

Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!
Public Key Cryptography. symmetric key crypto requires sender, receiver know shared secret key Q: how to agree on key in first place (particularly if.

Public Key Cryptography. symmetric key crypto requires sender, receiver know shared secret key Q: how to agree on key in first place (particularly if.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

Similar presentations

Ads by Google