1 / 36

Crytography

Crytography. Chapter 8. Cryptology. Cryptography Comes from Greek Kryptos meaning “hidden” Grahein meaning “to write” Process of making and using codes to secure the transmission of information Cryptanalysis Process of obtaining the original message form encrypted message. Cryptology.

howland
Download Presentation

Crytography

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Crytography Chapter 8

  2. Cryptology • Cryptography • Comes from Greek • Kryptos meaning “hidden” • Grahein meaning “to write” • Process of making and using codes to secure the transmission of information • Cryptanalysis • Process of obtaining the original message form encrypted message

  3. Cryptology • Encryption • Process of converting an original message into a form that is unreadable to unauthorized individuals • Decryption • Process of converting the encrypted message (cipertext) into an easily read message (plain text)

  4. Basic Definitions • Algorithm • Programmatic steps to encrypt message • Cipher • Encryption method or process • Ciphertext or cryptogram • Encrypted message • Code • Process of converting unencrypted components into encrypted components

  5. Basic Definitions • Decipher • Convert to plaintext • Encipher • To encrypt • Key or crypto-variable • Information used with the algorithm to encrypt • Key-space • Entire range of values that can possibly be used to construct an individual key

  6. Basic Definitions • Link encryption • Series of encryptions /decryptions between a number of systems • Plaintext or clear text • The original message • Steganography • Process of hiding messages • Work factor • Amount - effort required to perform cryptanalysis

  7. Cipher methods • Bit stream method • Each bit in the plaintext is transformed bit by bit • Most common use XOR • Block cipher method • Messaged divided into blocks • Each block is encoded • Substitution, transposition, XOR or combination

  8. Substitution Cipher • Substitute one value for another • 3 character substitution to the right Original alphabet: ABCDEFGHIJKLMNOPQRSTUVWXYZ Encrypted alphabet: DEFGHIJKLMNOPQRSTUVWXYZABC • Simple by itself – powerful when combined with other operations

  9. Substitution Cipher • Polyalphabetic substitution Orig: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Sub1: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C Sub2: G H I J K L M N O P Q R S T U V W X Y Z A B C D E F Sub3: J K L M N O P Q R S T U V W X Y Z A B C D E F G H I Sub4: M N O P Q R S T U V W X Y Z A B C D E F G H I J K L Sub5: P Q R S T U V W X Y Z A B C D E F G H I J K L M N O Using this technique what is? ZTPG • 3 shift to the right is know as the Caesar Cipher

  10. Vigenere Cipher • Implemented using the Vigenere Square • 26 distinct cipher alphabets • Header row – normal order • Each additional row – shift right • Start in first row and find a substitution for one letter • Move down the rows for each subsequent letter of plaintext

  11. Transposition Cipher • Simply rearranges the values within a block • Can be done at the bit level or the byte level Key pattern: 1 4, 2 8, 3 1, 4 5,5 7, 7 6,8 3 • Julius Caesar was associated with the early version of this cipher also • Larger blocks or keys makes cipher stronger

  12. Exclusive OR (XOR) • Function of Boolean algebra • Two bits are compared • If identical, result is binary 0 • If not identical, result is binary 1 • Very simple encryption • Not very secure

  13. Vernam Cipher • One-time pad • Uses a set of characters only one time for each encryption process • Each character of the plaintext is turned into a number and a pad value for that position is added • Sum is then converted back to a cipher text • Decryption requires knowledge of pad values or difficult cryptanalysis.

  14. Book or Running Key Cipher • Cipher text • List of codes representing a page number, line number, and word number of the plaintext word. • Must know which book was used

  15. Hash functions • Not an encryption methodology • Mathematical algorithm -generates a message summary or digest • Fingerprinting • Used to determine if it is the same message • Not used to decypher • Message always provide same hash value if unaltered

  16. Hash functions • Do not require keys • Uses Message Authentication Code (MAC) • Key-dependent • Used in password verification systems

  17. Secure Hash Standard (SHS) • Secure algorithm • Standard issued by National Institute of Standards and Technology (NIST) • SHA-1 Produces a 160 bit digest • Family of SHA • SHA-256 • A 256-bit cipher algorithm • Creates a key - encrypting the intermediate hash value with the message block functioning as the key

  18. Cryptographic Algorithms • Symmetric and asymmetric and hybrid • Distinguished by the types of keys they use • Symmetric Encryption • Requires the same secret key • Encryption methods use mathematical operations • Both the sender and receiver must have the secret key • Primary challenge – getting key to receiver

  19. Symmetric Encryption Cryptosystems • Data Encryption Standard (DES) • Key length of 128 bits • 64-bit block size • 56-bit key • Too weak • Triple DES (3DES) • Advanced Encryption Standards • Used by federal agencies other than national defense • Declassified, publicly disclosed, royalty-free • Uses block cipher, variable length block, key length of 128, 192, or 256

  20. Asymmetric Encryption • Uses two different but related keys • Either key can encrypt or decrypt • Must use other to perform other function • One key private • One key public • Also know as public key encryption • Based on one-way functions • One is simple to compute , the opposite is complex

  21. Asymmetric Encryption • Based on hash value • Uses mathematical trapdoor • Secret mechanism that enable you to easily accomplish the reverse function in a one-way function. • Public key becomes the true key • Private is derived form public key using trapdoor

  22. Public Key • RSA (Rivest-Shamir-Adlemann) • First public key encryption algorithm • Published for commercial use • E-commerce browsers • Has become the de facto standard

  23. Encryption Key Size • Cryptovariable or key size must be decided • Length of key increase the number of random selections to be guessed • Length of key influences strength • The security of encrypted data is NOT dependent on keeping the algorithm secret • Depends on keeping some or all of the elements of the keys secret • See table on page 367

  24. Public Key Infrastructure (PKI) • Integrated system of software, encryption methodologies, protocols, legal agreements, and 3rd part services • Based on public key • Include digital certificates and certificate authorities

  25. Digital Certificates • Public key container files that allow computer program to validate the key and identify to whom it belongs. • Allows integration of key characteristics to be integrated into business practices • Authentication • Integrity • Privacy • Authorization • Non-repudiation

  26. Digital Certificate • Used by third party • Certifies the authenticity of the • Digital signature is attached • Certify that file is from the entity that it claims to be • Has not been modified • Certificate authority • Software agent • Manages the issuance of certificates • Serves as the electronic notary pubic • Verify the certificates worth and integrity

  27. PKI • Common implementation • Systems to issue digital certificates to users and servers • Directory enrollment • Key issuing systems • Tools for managing the key issuance • Verification and return cetificates

  28. Digital Signatures • Created to verify information transferred using electronic systems • Currently asymmetric encryption processes are used to create digital signatures • Encrypted messages that can be mathematically authentic • Used when using DSS (digital Signature Standard)

  29. Digital Signatures • Process • Create a message digest using the hash • Input into the digital signature algorithm along with a random number to be used for generating the digital signature • Depends upon the sender’s private key and other info provided by the CA • Verified by the recipient through use of the sender’s public key

  30. Hybrid Cryptography Systems • Pure asymmetric keys encryption is not widely used except in digital certificates • More widely used as part of hybrid system • Diffie-Hellman Key Exchange method • Exchanging private keys using public key encryption • Asymmetric encryption is used to exchange session keys • Limited use keys • Temporary communications

  31. Steganography • Process of hiding information • Not technically a form of cryptography • Most popular version • Hiding information within files that appear to contain digital picture or other images • Use one bit per color or 3 bits per pixel to store information. • Compute files that don’t use all available bits

  32. Protocols for Secure Communication • Secure Socket Layer (SSL) • Used public key encryption to secure channel • Support by most internet browsers • Client and server establish HTTP session • Client requests access part of web site - requires secure communications • Server sends message to client • Client respond - sending its public key & security parameters • Server finds a public key match • Sends a digital certificate to the client • Client must verify - digital certificate –received, valid & trustworthy • Lasts for duration of session

  33. Protocols for Secure Communication • SSL • Two layers of protocol • SSL Record Protocol • Compression, encryption and attachment of SSL header • Received encrypted messages are decrypted and reassembled • Basic security at top level of SSL protocol stack • Standard HTTP • Internet communication services

  34. Protocols for Secure Communication • S-HTTP (Secure Hypertext Transfer Protocol) • Extended version of hypertext transfer protocol • Provides for encryption of individual messages between client and server • No session • Designed for sending individual messages

  35. Securing E-mail • Secure Multipurpose Internet mail Extensions (S/MIME) • Adds encryption of MIME (Multipurpose Internet Mail Extensions) • PEM • Uses 3DES symmetric key encryption and RSA for key exchanges and digital signature • PGP • Pretty Good Privacy • Used IDEA Cipher

More Related