1 / 13

Summary of Encryption

Summary of Encryption. What is encryption. In encryption, we use a key or key to control an algorithim with changes a plain text file to a cypertext file that, hopefully can only be decrypted by the intended recipient. We do this to gain

johnbbryant
Download Presentation

Summary of Encryption

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Summary of Encryption

  2. What is encryption • In encryption, we use a key or key to control an algorithim with changes a plain text file to a cypertext file that, hopefully can only be decrypted by the intended recipient. • We do this to gain • Privacy – our message is only read by the intended recepient • Authenticity – the recepient knows who sent the message

  3. Types of keys • Symetrical Keys • The same key decrypts and encrypts the message • Gives us • Privacy • Authenticity • The problem is how to get the key to the recipient. This problem is as large as sending the encrypted message

  4. Types of Keys • Public Key • In public key cryptography there are two keys. • A public key, used to encrypt the message. This is publicly available • A private key, used to decrypt the message. This is know only to the intended recipient. • There is no key exchange problem. The public key is publicly available. (how we will discuss)

  5. Public Key Cryptography • With public key cryptography we get • Privacy • We do not get authenticity. • The recipient can not prove who the message is from • To regain this, we use digital signatures as described in the last lecture. • Public Key Cryptography is the only form used in most internet and email communication.

  6. Practical Cryptography • In practice, we need to obtain public keys in a manner we can trust to avoid a, Man in the Middle, attack. • In a man in the middle attack, a malicious individual places him/herself in between two parties trying to communicate, and impersonates both.

  7. Practical Cryptography • To avoid this, we incorporate public keys into digital certificates issued by Certificate Authorities • To use Cryptography, we generally need to obtain a digital certificate, from an authority. • To do this, we first need a certificate, for the Certificate Authority. • Lets look at those.

  8. Certificate Authorities • Versign – Major player • Web site for email certificates • www.verisign.com/authentication/individualauthentication/digital_id.index.html • Thawte – a “Trust” Network • Originally independent • Absorbed by Verisign in 2000 • www.thawte.com

  9. Using the certificate • Note: • Certificate allows you to receive encrypted email • To send encrypted email to someone, they must have a digital certificate. • To begin you must send your certificate to them, and they must send their certificate to you.

  10. Outlook tutorial • Tutorial Website • support.gateway.com/s/tutorials/Tu_842008.shtml • Gives the basics for setting up encrypted email

  11. Mac OS X tutorial • Long tutorial, including obtaining the key on • http://www.macdevcenter.com/pub/a/mac/2003/01/20/mail.html • In short, once the key is obtained, it needs to be installed in keychain. • From that point on, encryption is transparent. You click on an icon to encrypt outgoing mail. The Certificates are attached to entries in your address book. • Certificates are automatically captured when attached to incoming mail.

  12. Onion Routing • A way to mask your surfing from your ip • Website • www.torproject.org

  13. TorPark • Secure browsing from public locations • www.xerobank.com • Originally called Torpark • Released by our old friends, the Cult of the Dead Cow • Hacktivismo branch • Now commercial. (sigh) ;-( • Featured, I am told on the series, “Smallville”

More Related