- 96 Views
- Uploaded on
- Presentation posted in: General

Cryptography I

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Cryptography I

Dimitrios Delivasilis

Department of Information and Communication Systems Engineering

University of Aegean

- Dr. Dimitrios Delivasilis
- E-mail: d.delivasilis@isecure-e.com
- Web:http://www.icsd.aegean.gr/info-sec-lab/userpages/fellows/d.delivasilis/d.delivasilis_start.htm
- Office: 2nd Floor, Lymberis Building
- Office Telephone: TBA
- Office Hours: Monday all day

- Objective: Introduce main principles of conventional cryptography and explore modern cryptographic techniques
- The module is approximately consisted of 12 three-hour lectures and 2 revision sessions.
- Overall course mark: 60% Exam + 40% Coursework

- B. Schneier, “Applied Cryptography,” Second Edition, John Wiley & Sons, 1996
- A. Menezes, P. van Oorschot, S. Vanstone, “Handbook of Applied Cryptography,” CRC Press, 1996
http://www.cacr.math.uwaterloo.ca/hac

- I. Niven, H. S. Zuckerman, H. L. Montgomery, “An Introduction to the Theory of Numbers,” John Wiley and Sons Inc., 1991.
- T.M. Cover, J. A. Thomas, “Elements of Information Theory,” John Wiley and Sons Inc., 1991

- One way and trap door functions
- Pseudorandom bit generators and functions
- Block ciphers and modes of operation
- Stream ciphers
- Private key encryption
- Public key encryption
- Message authentication
- Digital signatures
- Key distribution
- Cryptographic protocols
- Mathematics for cryptography

We describe the IT industry as s $2-3 trillion business but do we really have an idea of the value of data that the IT industry support?

Security is a necessity, we cannot afford to treat it as a luxury.

- Information security hasn’t yet adopted risk management as a philosophy
- Instead of creating a culture of security, we are often creating a culture of getting around security
- We treat any information security activity as burning corporations’ money without any return value

- Security breaches with catastrophic monetary implications:
- “Melissa” in 1999 caused $80 million damages worldwide
- “I Love You” in 2000, within one day, caused $100 million in United States damages and over $1billion worldwide.

- Security reported incidents are seriously mining corporation’s profile, creating more complications and spreading fear among its customers

The security trinity should be the foundation for all security policies and measures that an organisation develops and deploys

- Hacker or else adversary: People trying to access and even use/alter data on sites without the necessary permission
- They are divided into three categories:
- Amateurs
- Crackers
- Career Criminals

Computer security may be described in terms of its main six characteristics:

1. Integrity

2. Confidentiality

3. Availability

4. Authentication

5. Non-repudiation

6. Access control

Source

Destination

Source

Destination

(a) Normal flow of information from a source to a destination

(b) Interruption

Source

Destination

Source

Destination

Non authorised Destination

Non authorised Destination

(d) Fabrication

(c) Modification

Source

Destination

Non authorised Destination

(e) Interception

The main four categories of possible security attacks

Passive Threats

Interception

Release of message contents

Traffic Analysis

Active Threats

Masquerade

Replay

Modification of message contents

Denial of Service

Definition: Cryptography is the study of mathematical techniques related to aspects of information security such as confidentiality, data integrity, entity authentication, and data origin authentication (Menezes et al., 1997)

1918 William F. Friedman, “The index of Coincidence and its applications in Cryptography.”

- Edward H. Herbern filed the first patern for a rotor machine
- Claude Shannon, “The Communication Theory of Secrecy Systems.”
- David Kahn, “The codebreakers.”
- W. Diffie and M. Hellman proposed Public Key Cryptography
1978Rivest, Shamir and Adleman: 1st public encryption and signature scheme, referred to as RSA.

1980NSA via the American Council on Education seek Congress’s approval to obtain legal control of publications in the field of cryptography

- Confidentiality
- Data Integrity
- Authentication
- Non-repudiation

- Level of security
- Functionality
- Methods of Operation
- Performance
- Ease of Implementation

- What is function f?
- 1-1, onto, bijection
- Inverse function
- One way functions:
- Function f from X to Y, one-way, if f(x) “easy” to compute for all x X, but for “essentially all” y Im(f) “computationally infeasible” to find any x X such that f(x)=y

- Trapdoor one-way functions:
- Trapdoor one-way function is a one-way function with the additional property that given some extra information (trapdoor information) it becomes feasible to find for any given y Im(f), an x X such that f(x)=y

- Permutation
- Involution

- A: denotes a finite set called the alphabet of definition
- M: denotes a set called the message space
- C: denotes a set called the ciphertext space

- Encryption is the transformation of text or other data into coded form, often compressed in addition, for transmission over a public network or for protection of data stored on disks.
- "Encryption is basically an indication of users' distrust of the security of the system, the owner or operator of the system, or law enforcement authorities." L. Rose, 1995.
- K: denotes a set called the key space.