- By
**verdi** - Follow User

- 52 Views
- Uploaded on

Download Presentation
## PowerPoint Slideshow about 'CRYPT OGRAPHY' - verdi

Download Now**An Image/Link below is provided (as is) to download presentation**
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

Download Now

Presentation Transcript

Overview

- Key crypto concepts
- Key terms
- XOR
- Symmetric encryption
- Asymmetric encryption
- Hashes

Cryptography

- Cryptography primarily protects confidentiality, integrity, authentication, and non-repudiation.
- All the current encryption schemes are based upon an algorithm, a recursive computational procedure for solving a problem in finite steps.
- Modern cryptography manipulates data in binary form.
- ASCII provides a standard way to map characters to numbers.

Key Terms (No Pun Intended)

- Plaintext
- The data that you want to keep secret.
- It is a human-readable text file or a computer-recognizable binary file.
- Ciphertext
- Once the plaintext is encrypted, it becomes ciphertext.
- No longer human-readable or computer-recognizable.
- Algorithm
- Predefined procedures regarding how the plaintext will be scrambled.
- Key
- Needed to scramble the plaintext.

Ensuring Security

- Putting the algorithm under public review actually improves the strength of the algorithm.
- A common attack on cryptography is the brute-force attack.
- It tries every possible key until the correct one is found.
- Advances in technology and computer performance have made brute-force attacks increasingly practical.
- Any predictability in key space makes the attacker’s job easier.

The Key

- The strength of a cryptosystem lies in the secrecy and length (size) of the keys that are used, rather than keeping the algorithm itself a secret.
- Key size is usually expressed in bits.
- A longer key increases the number of possible keys.
- The keyspace comprises all possible key values.

Exclusive OR (XOR)

- A useful bit manipulation technique in cryptography.
- The symbol for XOR is .
- The XOR product is
- 0, if the two bits are the same.
- 1, if the two bits are different.
- Encryption takes advantage of an important property of XOR:
- If A B = A’, then A’ B = A

Symmetric Encryption

- The same key is used to:
- Encrypt the plaintext into ciphertext.
- Decrypt the ciphertext into plaintext.

Symmetric Encryption Is Like A …

… dead bolt lock. The same key is used to lock (encrypt) the door (data) and to unlock (decrypt) the door (data).

DES

- DES cuts up the plaintext into 64-bit blocks. It uses 56-bit keys.
- It then “scrambles” the plaintext (via “substitution” and then “permutation”) with the key repeatedly. Each repetition is called a “round”.
- DES performs 16 rounds on the plaintext.
- This is carried on until the entire message has been encrypted with DES.

Source: William Stallings, Cryptography and Network Security.

3DES

- 3DES is a lot more than three times stronger than DES.
- Some times Key A = Key C.
- A brute force attack would have to try 2112 5.19 1033 possible key values.
- Suppose the processing speed is 1012 keys/second,
- 5.19 1033 @ 1012 keys/sec. = 5.19 1021 sec. = 1.65 1014 year).

Other Symmetric Algorithms

- AES (Rijndael)
- Pronounced as “Rain-Doll”, Flemish for “XYZ.”
- The candidate algorithm that NIST chose over the other four finalist as the replacement for DES.
- Supports 128-, 192-, and 256-bit keys.
- RC series
- RC4 is a stream cipher algorithm for symmetric encryption that normally uses a 128-bit key.
- RC4 is ten times faster than DES.
- IDEA
- CAST
- Blowfish

Introducing the Bad Guy

CHUCKY THE VILLAIN

Problems with Symmetric Crypto

- Requires the sender and the receiver to have the same key (a.k.a. shared key encryption).
- Prior arrangement for key distribution (called “out-of-band” communication) is a must.
- In practice, people also faced a lot of scenarios in which they need the ability to tell who has encrypted a piece of information.
- However, if a symmetric key is shared between two or more people, any one can encrypt it. To be able to decrypt it tells nothing about who has encrypted it; only that you also have the key.

Asymmetric Encryption

- Also known as public key cryptography.
- Typically are based on difficult math problems, many of which are simple to do in one direction but difficult to do in the opposite direction.
- Much slower than symmetric algorithms
- Rely on exponentiation, which is processor-intensive;
- Keys generally are larger (1024- or 2048-bit)
- Software implementation of RSA can be hundreds times slower than DES.
- Thus, asymmetric algorithms typically are used only for encryption of small amounts of information, e.g., the shared key for symmetric encryption.
- Slow ≠ Weak

Keys in Asymmetric Cryptography

- Uses two keys instead of one.
- The two keys are mathematically related through one-way functions.
- One is publicly available; this “public key” is not protected.
- The other key is the “private key” and should be kept by the owner only.
- If the private key is comprised, this key pair is no longer safe to use.
- Either key can be used to encrypt data. However, once a key is used to generate a ciphertext, it cannot be used to decrypt that same ciphertext. The other key has to be used for decryption.

Two Uses of Asymmetric Encryption

- For Confidentiality
- Alice wants to send a secret message to Bob
- Aliceuses Bob’s public key to encrypt message
- Bob uses Bob’s private key to decrypt message
- For Authentication
- Alice needs to let Bob know she is the sender of a message
- Alice encrypts the message with Alice’s private key
- Bob decrypts the message with Alice’s public key

Asymmetric Cryptography

- No key distribution headache
- If Alice wants to send an encrypted message to Bob, she doesn’t have to share a key with him beforehand. She just encrypts the data with his public key.
- The ciphertext can only be decrypted by Bob with his private key.
- Better authentication than symmetric encryption.
- If a messaged can be decrypted by Alice’s public key, then it must be from Alice as Alice supposedly is the only one who has the matching private key.

RSA

- Name after its creators, Rivest, Shamir, and Adleman.
- One of the most popular and secure asymmetric algorithms.
- It capitalizes on the fact that there is no efficient way to factor very large (100-200 digits) prime numbers.
- A prime number is a real number that is only divisible by 1 and itself, e.g., 1, 3, 5, 7, 11, …
- Factoring is the process of determining whether an integer x is a prime number, and if not, which two numbers when multiplied will render the product x.
- Multiplying two large integers to arrive at an even larger number is easy to do. To do the reverse (factoring) is extremely, if possible at all, difficult.

Other Asymmetric Algorithms

- Diffie-Hellman
- Enables two people to share a secret key without prior contacts.
- It relies on the difficulty in modular logarithms.
- El Gamal
- An extension of the Diffie-Hellman key exchange algorithm.
- It is based on the difficulty of calculating discrete logarithms in a finite field.
- Elliptic Curve Cryptography (ECC)
- Its mathematic basis is the study of elliptic curves.

Hash Function

- A hash function is a special mathematical algorithm that performs one-way manipulate on a file.
- Widely used functions include MD5 and SHA-1.
- The algorithm takes a message of any length and produces a fixed-length output.
- The hash is often called message digest.

Property 1: Non-Reversibility

- Both symmetric and asymmetric algorithms are reversible.
- They can be converted from plaintext to ciphertext and back again, if the right key is used.
- Hash algorithms, however, are not reversible.
- Once the hash is created, there is no way to take the hash and retrieve the file that was used to generate it.
- That is, you cannot reconstruct the message from the digest.

Property 2: Uniqueness

- You can’t find two files that produce the same hash.
- A hash value is always mathematically unique because it is extremely dependent on the contents of the file.
- If anyone changes the file by so much as one binary digit, the resulting hash value will be different.
- The hash value can be used as a smaller, easier-to-handle identifier of the file.

Collisions

- A collision occurs when two different inputs are hashed to the same value.
- Collisions are possible.
- Both SHA-1 and MD5 have been cracked.
- Fortunately, it is also unlikely that two documents with the same hash value both make sense.
- The other file is likely to be a series of random characters that just happens to result in the same hash value.
- Therefore, the hash of a file can be used as the file’s unique identifier.

Hash Length

- Usually, the longer the hash value produced by the hashing algorithm, the less susceptible it is to collisions.
- SHA-1 and RIPEMD-160 hashes are 160-bit long.
- MD5 hashes are 128-bit long.

Source: Carlton Davis, IPSec, Securing VPNs.

Secure Hash Algorithm (SHA)

- SHA was developed in 1993 by the NIST for secure hashing in the U.S. Digital Signature Standard (DSS).
- The revised version is SHA-1.
- It uses block mode, accepting an input of up to 264 bits and compressing it to 160 bits.

MD5

- Message Digest 5 is similar to the MD4 algorithm, but it is slightly slower and more secure.
- MD5 creates a 128-bit hash of a message of any length.

Common Uses of Hashes

- Hash can be used to guard integrity of files.
- The sender sends with a message the hash value of the message. The recipient runs the message through the same hash function and obtains her own hash value.
- If HSender = HRecipient, then the file has not been tampered with.
- This use is based on the “uniqueness” property.

Download Presentation

Connecting to Server..