Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction to Cryptography Techniques How secure is that banking network traffic?

Published byIsabella Williamson Modified over 9 years ago

Similar presentations

Presentation on theme: "Introduction to Cryptography Techniques How secure is that banking network traffic?"— Presentation transcript:

1 Introduction to Cryptography Techniques How secure is that banking network traffic?

2 Social and Computing Implications of Cryptography The internet is a collection of networks designed to deliver data packets. The internet is a collection of networks designed to deliver data packets. Packets are easy to sniff. Packets are easy to sniff. The internet is not secure, but is used to connect banks, the power grid, pipelines, transportation systems, etc. The internet is not secure, but is used to connect banks, the power grid, pipelines, transportation systems, etc.

3 Terms Plaintext – the readable message Plaintext – the readable message Ciphertext – the coded message Ciphertext – the coded message EncryptionDecryption plaintext ciphertext plaintext key

4 Types of Attacks Ciphertext Only Ciphertext Only – adversary uses just the ciphertext to gain either the key or the plaintext (really bad encryption) Known Plaintext Known Plaintext – adversary gets the key using some ciphertext and its plaintext Chosen Plaintext Chosen Plaintext – adversary introduces some plaintext to generate some ciphertext

5 Symmetric Key Encryption Both parties share a secret key The single key is used for both encryption and decryption Encryption and decryption are equal efforts

6 Shift Ciphers key = amount to shift each character Example: Rotate13 ‘A’ + 13 = 1 + 13 = 14 = ‘N’ So, the message “aardvark” becomes “nneqinex”.

7 Shift Ciphers Advantage of Rot13: Easy to implement. Rot13('A') = 'N' (1 + 13)%26 = 14 Rot13('N') = 'A' (14 + 13)%26 = 1 So, one function does both encoding and decoding. Disadvantage of Any Rotation: Very easy to break – just try all 26 possibilities. Brute Force aka - Brute Force attack.

8 Substitution Cipher Key = list of character substitutions Example: Key = “Chair” A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Y Z c h a i r B D E F G J K L M N O P Q S T U V W X Disadvantage: Susceptible to Character Frequency Analysis

9 Character Frequencies

10

11 Polyalphbetic Ciphers Key is repeated and used to shift characters. Example plaintextnow is the time for all + keyaar dv ark aard var kaa Ciphertextopo mo uzp ujei bpj lmm

12 Polyalphbetic Ciphers Advantage: Thwarts character frequency analysis. For example, an “e” will encrypt to several different letters. Disadvantage: Statistics can still be used to break the code.

13 Polyalphbetic Ciphers How to Break Them: 1 - Look for repeated strings. For example, if the characters “thi” appear together frequently, then it could be because the key is hitting a common word. Text = and we need to test and retest Key = ste ve stev es teve ste vestev Sum = thi sj gyjz yh njoy thi njmyxp

14 Polyalphbetic Ciphers How to Break Them: 2 – Determine Probable Key Length The start of strings “thi” are frequently separated by distances that are multiples of 5. So, key length is probably five. 3A – Try keys of that length. 3B – Use CharFreqAnal on characters separated by that length.

15 One-Time Pad Key is used to shift the plaintext. Key is used only once. Key has same length as the message. Advantage: Unbreakable! Disadvantage: Requires lots of keys.

16 DES History DES Data Encryption Standard Solicited in 1973 by the National Bureau of Standards (National Institute of Standards and Technology) Developed by IBM and the NSA Adopted in 1977

17 DES Design Principles Confusion Confusion – complicate the relationship between key and ciphertext Diffusion Diffusion – spread structure of plaintext around the ciphertext

18 DES Design Overview http://www.itl.nist.gov/fipspubs/fip46-2.htm Key = 56 bits plus 8 parity bits 70,000,000,000,000,000 possible keys of 56 bits Key generates 16 subkeys 16 rounds of functions

19

20 Breaking DES 1993 1993 – design of $1M machine to search entire key space in one day 1997 1997 – design of $1M machine to search entire key space in one hour 1999 1999 - “DES Challenge” prize claimed in 22 hours by distributed.net University of Bochum and Kiel, Germany, uses $10,000 hardware cost to get average time of 6.4 days. 2006 - University of Bochum and Kiel, Germany, uses $10,000 hardware cost to get average time of 6.4 days. triple DES is much less breakable

21 Unix Crypt “man 3 crypt” #include char *crypt(const char *key, const char *salt); crypt is the password encryption function. It is based on the Data Encryption Standard algorithm with variations intended (among other things) to discourage use of hardware implementations of a key search.

22 Password Salt Based on time when password created Based on time when password created First two letters in the passwd field First two letters in the passwd field Used to discourage a brute force attack Used to discourage a brute force attack Encrypting every dictionary word then comparing that list to passwd entries will not work since every dictionary word can yield 4096 different possibilities. Even if my password is the same for two systems, they have different salts so they look different Even if my password is the same for two systems, they have different salts so they look different

23 Public Key Encryption Two Keys : encryption and decryption Encryption key is public Decryption key is private Once sender encrypts a message, even they can’t decrypt it

24 Public Key Encryption 1.Receiver sends their public key to the sender 2.Sender encrypts message using that public key 3.Sender sends encrypted message 4.Receiver decrypts message using their private key

25 Summary Nothing on a public network is completely safe.

Download ppt "Introduction to Cryptography Techniques How secure is that banking network traffic?"

Similar presentations

CLASSICAL ENCRYPTION TECHNIQUES

CLASSICAL ENCRYPTION TECHNIQUES
Relations, Functions, and Matrices Mathematical Structures for Computer Science Chapter 4 Copyright © 2006 W.H. Freeman & Co.MSCS SlidesThe Mighty Mod.

Relations, Functions, and Matrices Mathematical Structures for Computer Science Chapter 4 Copyright © 2006 W.H. Freeman & Co.MSCS SlidesThe Mighty Mod.
1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.

1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.
Computer Science 101 Data Encryption And Computer Networks.

Computer Science 101 Data Encryption And Computer Networks.
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.

CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
Cryptology  Terminology  plaintext - text that is not encrypted.  ciphertext - the output of the encryption process.  key - the information required.

Cryptology  Terminology  plaintext - text that is not encrypted.  ciphertext - the output of the encryption process.  key - the information required.
Cryptography and Network Security Chapter 3

Cryptography and Network Security Chapter 3
Block Ciphers and the Data Encryption Standard

Block Ciphers and the Data Encryption Standard
CSE331: Introduction to Networks and Security Lecture 17 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 17 Fall 2002.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
ICS 454: Principles of Cryptography

ICS 454: Principles of Cryptography
15-441 Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from 15-441, semester’s past and others.

Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from , semester’s past and others.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
Lecture 23 Symmetric Encryption

Lecture 23 Symmetric Encryption
Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)

Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)
CSE 651: Introduction to Network Security

CSE 651: Introduction to Network Security
Encryption Methods By: Michael A. Scott 20140508.

Encryption Methods By: Michael A. Scott
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Data Encryption Standard (DES). Symmetric Cryptography  C = E(P,K)  P = D(C,K)  Requirements  Given C, the only way to obtain P should be with  the.

Data Encryption Standard (DES). Symmetric Cryptography  C = E(P,K)  P = D(C,K)  Requirements  Given C, the only way to obtain P should be with  the.
Chapter 2 – Classical Encryption Techniques

Chapter 2 – Classical Encryption Techniques

Similar presentations

Ads by Google