- 102 Views
- Uploaded on

Download Presentation
## PowerPoint Slideshow about 'Cryptography I' - almira

**An Image/Link below is provided (as is) to download presentation**

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript

### Cryptography I

Dimitrios Delivasilis

Department of Information and Communication Systems Engineering

University of Aegean

Who am I …

- Dr. Dimitrios Delivasilis
- E-mail: [email protected]
- Web:http://www.icsd.aegean.gr/info-sec-lab/userpages/fellows/d.delivasilis/d.delivasilis_start.htm
- Office: 2nd Floor, Lymberis Building
- Office Telephone: TBA
- Office Hours: Monday all day

Course Breakdown

- Objective: Introduce main principles of conventional cryptography and explore modern cryptographic techniques
- The module is approximately consisted of 12 three-hour lectures and 2 revision sessions.
- Overall course mark: 60% Exam + 40% Coursework

Bibliography

- B. Schneier, “Applied Cryptography,” Second Edition, John Wiley & Sons, 1996
- A. Menezes, P. van Oorschot, S. Vanstone, “Handbook of Applied Cryptography,” CRC Press, 1996

http://www.cacr.math.uwaterloo.ca/hac

- I. Niven, H. S. Zuckerman, H. L. Montgomery, “An Introduction to the Theory of Numbers,” John Wiley and Sons Inc., 1991.
- T.M. Cover, J. A. Thomas, “Elements of Information Theory,” John Wiley and Sons Inc., 1991

Topics to be covered

- One way and trap door functions
- Pseudorandom bit generators and functions
- Block ciphers and modes of operation
- Stream ciphers
- Private key encryption
- Public key encryption
- Message authentication
- Digital signatures
- Key distribution
- Cryptographic protocols
- Mathematics for cryptography

Need for Security

We describe the IT industry as s $2-3 trillion business but do we really have an idea of the value of data that the IT industry support?

Security is a necessity, we cannot afford to treat it as a luxury.

Current Security Attitude

- Information security hasn’t yet adopted risk management as a philosophy
- Instead of creating a culture of security, we are often creating a culture of getting around security
- We treat any information security activity as burning corporations’ money without any return value

Consequences

- Security breaches with catastrophic monetary implications:
- “Melissa” in 1999 caused $80 million damages worldwide
- “I Love You” in 2000, within one day, caused $100 million in United States damages and over $1billion worldwide.
- Security reported incidents are seriously mining corporation’s profile, creating more complications and spreading fear among its customers

The Security Trinity

The security trinity should be the foundation for all security policies and measures that an organisation develops and deploys

Get to know your opponent

- Hacker or else adversary: People trying to access and even use/alter data on sites without the necessary permission
- They are divided into three categories:
- Amateurs
- Crackers
- Career Criminals

Security Requirements

Computer security may be described in terms of its main six characteristics:

1. Integrity

2. Confidentiality

3. Availability

4. Authentication

5. Non-repudiation

6. Access control

Destination

Source

Destination

(a) Normal flow of information from a source to a destination

(b) Interruption

Source

Destination

Source

Destination

Non authorised Destination

Non authorised Destination

(d) Fabrication

(c) Modification

Source

Destination

Non authorised Destination

(e) Interception

Security Threats and AttacksThe main four categories of possible security attacks

Interception

Release of message contents

Traffic Analysis

Active Threats

Masquerade

Replay

Modification of message contents

Denial of Service

Passive vs. Active AttacksBasics of Conventional Cryptography…

Definition: Cryptography is the study of mathematical techniques related to aspects of information security such as confidentiality, data integrity, entity authentication, and data origin authentication (Menezes et al., 1997)

Milestones of Cryptography

1918 William F. Friedman, “The index of Coincidence and its applications in Cryptography.”

- Edward H. Herbern filed the first patern for a rotor machine
- Claude Shannon, “The Communication Theory of Secrecy Systems.”
- David Kahn, “The codebreakers.”
- W. Diffie and M. Hellman proposed Public Key Cryptography

1978 Rivest, Shamir and Adleman: 1st public encryption and signature scheme, referred to as RSA.

1980 NSA via the American Council on Education seek Congress’s approval to obtain legal control of publications in the field of cryptography

Cryptographic Objectives

- Confidentiality
- Data Integrity
- Authentication
- Non-repudiation

Cryptosystem Evaluation

- Level of security
- Functionality
- Methods of Operation
- Performance
- Ease of Implementation

Background on functions…

- What is function f?
- 1-1, onto, bijection
- Inverse function
- One way functions:
- Function f from X to Y, one-way, if f(x) “easy” to compute for all x X, but for “essentially all” y Im(f) “computationally infeasible” to find any x X such that f(x)=y

… Background on functions

- Trapdoor one-way functions:
- Trapdoor one-way function is a one-way function with the additional property that given some extra information (trapdoor information) it becomes feasible to find for any given y Im(f), an x X such that f(x)=y
- Permutation
- Involution

Basic Terminology

- A: denotes a finite set called the alphabet of definition
- M: denotes a set called the message space
- C: denotes a set called the ciphertext space

Encryption and Decryption…

- Encryption is the transformation of text or other data into coded form, often compressed in addition, for transmission over a public network or for protection of data stored on disks.
- "Encryption is basically an indication of users\' distrust of the security of the system, the owner or operator of the system, or law enforcement authorities." L. Rose, 1995.
- K: denotes a set called the key space.

Download Presentation

Connecting to Server..