1 / 11

Encryption

Encryption. ITIS 6201 – Computer Security and Privacy. Dr. Foley. Objectives of Part One. Learn some terms and definitions Take a look at early text encryption concepts and their progress Alpha and numeric substitutions Transpositions Complex combinations.

harmon
Download Presentation

Encryption

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Encryption ITIS 6201 – Computer Security and Privacy Dr. Foley

  2. Objectives of Part One • Learn some terms and definitions • Take a look at early text encryption concepts and their progress • Alpha and numeric substitutions • Transpositions • Complex combinations ITIS 6201 - Foley

  3. CRYPTOGRAPHY – An Evolution • Cryptology means “hidden writing” • Comes from the Greek words “hidden” or “secret” and “writing” • A tool for • Secrecy • Integrity • Authentication • Non-repudiation ITIS 6201 - Foley

  4. TERMINOLOGY • Encryption: the process of coding a message such that its meaning is concealed • Decryption: the process of transforming an encrypted message into the original form Encrypt – Decrypt Encode – Decode Encipher – Decipher Plaintext – Ciphertext ITIS 6201 - Foley

  5. TERMINOLOGY, continued • Cryptosystem : A system for encryption and decryption • Plaintext : A message in its original form • Ciphertext : A message in the encrypted form • Cryptographer : invents encryption algorithms • Cryptanalyst : attempts understand, perhaps to break encryption algorithms ITIS 6201 - Foley

  6. Substitutions • Text (alpha) substitutions • Simple a b c d e f g h i … d e f g h i j k l … • Complex a b c d e f g h i … d e f g h i j k l … or large block of text q r s t u v w x y… • Numerical substitutions(modular math) • Sample a b c d e f g h i… 12 13 14 15 16 17 18 19 20 … ITIS 6201 - Foley

  7. Now its all about the keys ITIS 6201 - Foley A shift in encryption strategy— A move to all mathematics Instead of making the key a secret (shared or otherwise), make the key algorithms public with the odds of picking the right one very high. This “open standards” based approach ends up being a good thing. Why?

  8. Encryption Key Types • Symmetric Keys (DES, Triple DES, AES) • 64 Bit Blocks/56 bit key for DES and 112 bit key in 3DES • 128 Bit Blocks for AES for keys of 128, 192, an 256 bits • Use of substitutions, transpositions, permutations, XOR • Asymmetric Keys (RSA and Elliptical Curve) • Related key pairs—based on prime number for RSA and elliptical curve properties in EC • Hash Algorithms (one way encryption) • Use of difficult inverse mathematical functions *RSA – Rivest, Sharmir, and Adleman ITIS 6201 - Foley

  9. Public/Private Key Encryption Asymmetric Key (Exchanged Public Keys) Server Generate a Key Pair Secret Key (S) Browser Exchange Public Keys Public Key (S) Generate a Key Pair Public Key (B) Secret Key (B) The Critical Point of Public Key A public and private key pair is mathematically related in such a way that when one key in the pair is used for encryption, only the other key can decrypt the message. ITIS 6201 - Foley

  10. How SSL Works SSL Handshake Steps: (SSLv2) ITIS 6201 - Foley Client Hello. SSL versions, cipher suites, and data compression methods Server Hello. Selected cipher and compression method Server sends its signed certificate and certificate chain if needed No certificate alert is sent by client ClientKeyExchange. Client uses a random number generator to generate a pre-master key. Client encrypts the master secret with the server public key creating a digital envelope which is sent to the server. ChangeCipherSpec. Verifies that both sides have the negotiated cipher and session key. Finish. Ready to send encrypted data.

  11. Current Uses of PKI(Digital Signatures) ITIS 6201 - Foley • Authentication/Authorization • Individuals/entities • Device to device • SSL (Server and mutual) • Secure E-mail (S-MIME) • Code Signing • Transaction signing • Document signing (E-Signature)

More Related