Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cryptography: Securing the Information Age Source: www.aep.ie/product/ technical.html "If you think cryptography can solve your problem, then you don't.

Published byHorace Branden Daniel Modified over 9 years ago

Similar presentations

Presentation on theme: "Cryptography: Securing the Information Age Source: www.aep.ie/product/ technical.html "If you think cryptography can solve your problem, then you don't."— Presentation transcript:

1 Cryptography: Securing the Information Age Source: www.aep.ie/product/ technical.html "If you think cryptography can solve your problem, then you don't understand your problem and you don't understand cryptography." -- Bruce Schneider

2 Essential Terms Cryptography Encryption Plain text  Cipher text Decryption Cipher text  Plain text Cryptanalysis Cryptology Source: http://www.unmuseum.org/enigma.jpg

3 Information Security for… Defending against external/internal hackers Defending against industrial espionage Securing E-commerce Securing bank accounts/electronic transfers Securing intellectual property Avoiding liability

4 Types of Secret Writing Secret writing SteganographyCryptography

5 Our Concern.. Secret writing SteganographyCryptography SubstitutionTransposition Code Cipher

6 Copyright 1999 Jay D. Dyson All right reserved Overview of Cryptography Cryptography is an often misunderstood and misused security tool. Today more than ever, privacy is a necessary part of business communications. The following is an overview of public key cryptography and one of its more widely-used implementations, Pretty Good Privacy (PGP). What is Cryptography?

7 Overview of cryptography.. Terminology: Cryptographic/Cipher System - A method of disguising a message so only authorized users may read it. Cryptology - The study of cryptography. Encryption - The process of converting plaintext into cipher text. Decryption - The process of converting cipher text back to its original plaintext. Cryptographic Algorithm - The computational procedure used to encrypt and decrypt messages. Cryptanalysis - The process of finding a weakness in, or actual breaking of, a cryptographic system.

8 The simplest and oldest way to send a secret message to someone. The code must be known to the sender or recipient. Types of Cryptographic Systems Secret Codes Code PhraseTrue Meaning My coffee is cold Pass the cream Launch the missiles Don’t launch the missiles

9 Types of Cryptographic Systems Ciphers Substitution ciphers are the simplest type of cipher system. Each letter of the alphabet is assigned to a number or different letter. ROT13 is a commonly used cipher. A B C D E F G H I J K L M 1 2 3 4 5 6 7 8 9 A B C...

10 Types of Cryptographic Systems One-Time Pads One-Time Pads uses a different key for a specific time period. Truly secure, no patterns evolve. Most vulnerabilities due to human carelessness. Copyright 1999 Jay D. Dyson All right reserved 14 07 09 06 10 02 25 13 17 08 15 One-Time Pad - Shift each encrypted letter x places to the right fazmyqbgnke Encrypted Message This is a test

11 Crypto Keys & Algorithms General Concepts and Definitions As a password is used to access a computer system, a cryptographic key is a password or passphrase that is used to unlock an encrypted message. Different encryption systems offer different key lengths - Just as a longer password provides more security (Windows NT excluded) the longer and more complex the key is, the more security an encryption system provides. A cryptographic algorithm is a mathematical function used for encryption and decryption. Most algorithms contain a certain number of “rounds.” This determines how many times the text will be run through the algorithm

12 Cryptographic Methods Secret Key (symmetric) Cryptography A single key is used to both encrypt and decrypt a message. A secure channel must be in place for users to exchange this common key. Plaintext Message Secret Key Encrypted Message Secret Key

13 Cryptographic Methods Public Key (asymmetric) Cryptography Two keys are used for this method, the public key is used to encrypt. The private key is used to decrypt. This is used when it isn’t feasible to securely exchange keys. Jay’s Public Key Jay’s Private Key Frank Encrypted Message Clear Text

14 Cryptographic Methods One-Way Functions One-way functions: Used to generate a fixed-length hash (also known as a message-digest) of a file. This hash is essentially a ‘digital fingerprint’ of the file that would be sent along with a document. The recipient would use the same method to generate a hash. If the hashes do not match the file has been altered. Message Crypto-Algorithm 5058f1af8388633f609cadb75a75dc9d 128 bit digital fingerprint

15 Private vs. public Cryptography Private (symmetric, secret) key – the same key used for encryption/decryption Problem of key distribution Public (asymmetric) key cryptography – a public key used for encryption and private key for decryption Key distribution problem solved

16 Currently Available Crypto Algorithms (private key) DES (Data Encryption Standard) and derivatives: double DES and triple DES IDEA (International Data Encryption Standard) Blowfish RC5 (Rivest Cipher #5) AES (Advance Encryption Standard)

17 Currently Available Crypto Algorithms (public key) RSA (Rivest, Shamir, Adleman) DH (Diffie-Hellman Key Agreement Algorithm) ECDH (Elliptic Curve Diffie-Hellman Key Agreement Algorithm) RPK (Raike Public Key)

18 Simplified-DES Popularly called S-DES Very simple Uses a 10bit key to encrypt an 8bit data block Formed the basis of DES Provide a low grade of security Hence not much secure

19 Data Encryption Standard(DES) Most widely used private key cryptographic technique Was not feasible to crack till 1980’s Encrypts 64bit data block with 56bit key Contains many permutation functions hence making it more and more complex. Paved way for double, triple and advanced DES

20 RSA Developed by Rivest, Shamir and Adleman Uses a pair of public and private key Very much secure and efficient Simple approach Security based on the fact that factorizing n to get p and q is very difficult if n is a large number(>5digits)

21 Private-key versus public-key cryptography Prime advantage of public-key cryptography is increased security - the private keys do not ever need to be transmitted or revealed to anyone. Public key cryptography is not meant to replace secret-key cryptography, but rather to supplement it, to make it more secure. Example RSA and DES are usually combined as follows 1. The message is encrypted with a random DES key 2. DES-key is encrypted with RSA 3. DES-encrypted message and RSA-encrypted DES-key are sent. This protocol is called RSA digital envelope.

22 DES vs. RSA RSA is about 1500 times slower than DES – Exponentiation and modulus Generation of numbers used in RSA can take time Generally infeasible to crack RSA with limited resources and time – http://www.rsasecurity.com/rsalabs/challenges/factoring/numbers.html

23 Pretty Good Privacy (PGP) Overview & History PGP is a personal high-security cryptographic software application that allows people to exchange messages or files with privacy, authentication, and convenience. PGP can be used to encrypt and digitally sign files and e-mail. Developed by Phil Zimmerman in the mid ‘80s. First version released on the Internet in 1991; got immediate NSA attention and encountered legal issues on its use of RSA and Merkle-Hellman cryptography patents. Purchased by ViaCrypt in 1993 (they had RSA license). Re-released in 1994 with RSAREF toolkit license. Purchased by Network Associates in 1998.

24 PGP (Pretty Good Privacy) a hybrid encryption technology Message is encrypted using a private key algorithm (IDEA or DES as previously used) Key is then encrypted using a public key algorithm (RSA) For file encryption, only IDEA algorithm is used PGP is free for home use

25 Authentication and Digital Signatures Preventing impostor attacks Preventing content tampering Preventing timing modification Preventing repudiation By: Encryption itself Cryptographic checksum and hash functions

26 Digital Signatures Made by encrypting a message digest (cryptographic checksum) with the sender’s private key Receiver decrypts with the sender’s public key (roles of private and public keys are flipped)

27 Benefits of Cryptographic Technologies Data secrecy Data integrity Authentication of message originator Electronic certification and digital signature Non-repudiation

28 Potential Problems with Cryptographic Technologies? False sense of security if badly implemented Government regulation of cryptographic technologies/export restrictions Encryption prohibited in some countries

29 How Secure are Today’s Technologies? $250,000 machine cracks 56 bit key DES code in 56 hours IDEA, RC5, RSA, etc. resist complex attacks when properly implemented distributed.net cracked 64 bit RC5 key (1,757 days and 331,252 people) in July, 2002 A computer that breaks DES in 1 second will take 149 trillion years to break AES! Algorithms are not theoretically unbreakable: successful attacks in the future are possible

30 How Secure are Today’s Technologies? Encryption does not guarantee security! Many ways to beat a crypto system NOT dependent on cryptanalysis, such as: – Viruses, worms, hackers, etc. – TEMPEST attacks, – Unauthorized physical access to secret keys Cryptography is only one element of comprehensive computer security Source: The Gartner Group

31 What is to be done? The Gartner Group recommends: Develop migration plans to stronger crypto. Begin implementation of modified and stronger algorithmic techniques.

32 Your questions are welcome! Presented by:- Akshay kumar Ekta raghav Himanshu chaudhary

Download ppt "Cryptography: Securing the Information Age Source: www.aep.ie/product/ technical.html "If you think cryptography can solve your problem, then you don't."

Similar presentations

Cryptography Ch-1 prepared by: Diwan.

Cryptography Ch-1 prepared by: Diwan.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
NSRC Workshop Some fundamental security concerns... Confidentiality - could someone else read my data? Integrity - has my data been changed? Authentication.

NSRC Workshop Some fundamental security concerns... Confidentiality - could someone else read my data? Integrity - has my data been changed? Authentication.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Cryptography Basic (cont)

Cryptography Basic (cont)
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Cryptographic Technologies

Cryptographic Technologies
Overview of Cryptography What is Cryptography?

Overview of Cryptography What is Cryptography?
Cryptography April 20, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
Public Key Cryptography & PGP Jay D. Dyson, Computer Systems Specialist If you think cryptography can solve your problem, then you don't understand your.

Public Key Cryptography & PGP Jay D. Dyson, Computer Systems Specialist "If you think cryptography can solve your problem, then you don't understand your.
Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)

Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.

Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.

Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.
Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.

Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.

Similar presentations

Ads by Google