Presentation is loading. Please wait.

Presentation is loading. Please wait.

General Information: This document was created for use in the "Bridges to Computing" project of Brooklyn College. You are invited and encouraged to use.

Published byPaul Grant Modified over 8 years ago

Similar presentations

Presentation on theme: "General Information: This document was created for use in the "Bridges to Computing" project of Brooklyn College. You are invited and encouraged to use."— Presentation transcript:

1 General Information: This document was created for use in the "Bridges to Computing" project of Brooklyn College. You are invited and encouraged to use this presentation to promote computer science education in the U.S. and around the world. For more information about the Bridges Program, please visit our website at: http://bridges.brooklyn.cuny.edu/http://bridges.brooklyn.cuny.edu/ Disclaimers: IMAGES : All images in this presentation were created by our Bridges to Computing staff or were found online through open access media sites and are used under the Creative Commons Attribution-Share Alike 3.0 License. If you believe an image in this presentation is in fact copyrighted material, never intended for creative commons use, please contact us at http://bridges.brooklyn.cuny.edu/ so that we can remove it from this presentation.http://bridges.brooklyn.cuny.edu/ LINKS : This document may include links to sites and documents outside of the "Bridges to Computing" domain. The Bridges Program cannot be held responsible for the content of 3 rd party sources and sites. Bridges To Computing

2 Introduction to Cryptology II Cryptography & Cryptanalysis M. Meyer Bridges To Computing 2010

3 Modern Cryptography - Purpose Privacy/confidentiality: Ensuring that no one can read the message except the intended receiver. Integrity: Assuring the receiver that the received message has not been altered in any way from the original. Authentication: The process of proving one's identity. (The primary forms of host-to-host authentication on the Internet today are name-based or address-based, both of which are notoriously weak.) Non-repudiation: A mechanism to prove that the sender really sent this message.

4 Cryptographic Algorithms There are several ways of classifying cryptographic algorithms. We will categorized them by the number of keys that are employed for encryption and decryption o Secret Key Cryptography (SKC): Uses a single key for both encryption and decryption. o Public Key Cryptography (PKC): Uses one key for encryption and another for decryption. o Hash Functions: Uses a mathematical transformation to irreversibly "encrypt" information.

5

6 SKC - Secret Key With secret key cryptography, a single key is used for both encryption and decryption. With this form of cryptography, it is obvious that the key must be known to both the sender and the receiver; that, in fact, is the secret. The biggest difficulty with this approach, of course, is the distribution of the key. SKC algorithms fall into two general groups: Block Ciphers and Stream Ciphers.

7 SKC - Block Ciphers

8 Modern PKC Standards Data Encryption Standard (DES) and it's replacement Triple-DES (3DES) are the two most well known PKC standards. They are used for creating passwords for computers and for low-level security protocols for network communication. They are breakable and vulnerable to specific kinds of attacks. o If I can get enough of the messages that are encoded with the key. o If the text I am looking to find is an English word of phrase.

9 The problem of the key Even if I am going to use a one-time pass encryption key (in theory, unbreakable) to send you a message, I have a problem.... namely, you will need the key yourself, to decode the message. How then, can I get you the key safely? This problem was unanswerable until the late 1970's and the world had the problem that if a spy managed to steal the codebook from you, then all of your messages could then be read.

10 PKC - Public Key "Public-key cryptography has been said to be the most significant new development in cryptography in the last 300-400 years. Modern PKC was first described publicly by Stanford University professor Martin Hellman and graduate student Whitfield Diffie in 1976. Their paper described a two-key crypto system in which two parties could engage in a secure communication over a non-secure communications channel without having to share a secret key. PKC depends upon the existence of so-called one-way functions, or mathematical functions that are easy to computer whereas their inverse function is relatively difficult to compute. Let me give you two simple examples:"

11 PKC continued Multiplication vs. factorization: Suppose I tell you that I have two numbers, 9 and 16, and that I want to calculate the product; it should take almost no time to calculate the product, 144. Suppose instead that I tell you that I have a number, 144, and I need you tell me which pair of integers I multiplied together to obtain that number. You will eventually come up with the solution but whereas calculating the product took milliseconds, factoring will take longer because you first need to find the 8 pair of integer factors and then determine which one is the correct pair.

12 PKC continued Exponentiation vs. logarithms: o Suppose I tell you that I want to take the number 3 to the 6th power; again, it is easy to calculate 3^6=729. o But if I tell you that I have the number 729 and want you to tell me the two integers that I used, x and y so that log(x) 729 = y, it will take you longer to find all possible solutions and select the pair that I used. o There may in fact be more then one pair.

13 PKC - Standards The first, and still most common, PKC implementation, is named for the three MIT mathematicians who developed it — Ronald R ivest, Adi S hamir, and Leonard A dleman. RSA today is used in hundreds of software products and can be used for key exchange, digital signatures, or encryption of small blocks of data. The main idea, is that each of the keys is derived from the factoring of an extremely large prime number. AND what is encoded with one key, can only be decoded with the other.

14 Hash Algorithms Hash functions, also called message digests and one- way encryption, are algorithms that, in some sense, use no key. Instead, a fixed-length hash value is computed based upon the plaintext that makes it impossible for either the contents or length of the plaintext to be recovered. Hash algorithms are typically used to provide a digital fingerprint of a file's contents, often used to ensure that the file has not been altered by an intruder or virus. Hash functions are also commonly employed by many operating systems to encrypt passwords. Hash functions, then, provide a measure of the integrity of a file. Popular Hash Algorithm MD5.

15 Why 3 types?

16 Trust Models (1) Secure use of cryptography requires trust. SKC can ensure message confidentiality and hash codes can ensure integrity, but none of this works without trust. In SKC, Alice and Bob had to share a secret key. PKC solved the secret distribution problem, but how does Alice really know that Bob is who he says he is? Just because Bob has a public and private key, and purports to be "Bob," doesn't mean that he is Bob.

17 Trust Models There are a number of trust models employed by various cryptographic schemes: PGP- The web of trust employed by Pretty Good Privacy (PGP) users, who hold their own set of trusted public keys. Kerberos- a secret key distribution scheme using a trusted third party. Certificates- which allow a set of trusted third parties to authenticate each other and, by implication, each other's users

18 The End

Download ppt "General Information: This document was created for use in the "Bridges to Computing" project of Brooklyn College. You are invited and encouraged to use."

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Cryptography The science of writing in secret code.

Cryptography The science of writing in secret code.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Cryptographic Technologies

Cryptographic Technologies
Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.

Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Electronic Payment Systems 20-763 Lecture 6 Epayment Security II.

ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Electronic Payment Systems Lecture 6 Epayment Security II.
Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.

Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.

Similar presentations

Ads by Google