management information systems n.
Skip this Video
Download Presentation
Management Information Systems

Loading in 2 Seconds...

play fullscreen
1 / 35

Management Information Systems - PowerPoint PPT Presentation

  • Uploaded on

CLARK UNIVERSITY College of Professional and Continuing Education (COPACE). Management Information Systems. Lection 05 Coding and encryption. Plan. Со ding Encryption. Information security.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Management Information Systems' - zudora

Download Now An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
management information systems


College of Professional and Continuing Education


Management Information Systems

Lection 05

Coding and encryption

  • Соding
  • Encryption
information security
Information security
  • Information security (sometimes InfoSec) is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. It is a general term that can be used regardless of the form the data may take (electronic, physical, etc...)
basic terms
Basic terms
  • IT Security(sometimes computer security) is information security when applied to technology (most often some form of computer system).
  • IT security specialists are responsible for keeping all of the technology within the company secure from malicious cyber attacks that often attempt to breach into critical private information or gain control of the internal systems.
basic terms1
Basic terms
  • Information Assurance = The act of ensuring that data is not lost when critical issues arise. These issues include but are not limited to; natural disasters, computer/server malfunction, physical theft, or any other instance where data has the potential of being lost.
  • One of the most common methods of providing information assurance is to have an off-site backup of the data
basic terms2
Basic terms
  • The CIA triad (confidentiality, integrity and availability) is one of the core principles of information security.
  • Confidentiality refers to preventing the disclosure of information to unauthorized individuals or systems.
  • Integritymeans that data cannot be modified undetectably.
  • The information must be available when it is needed (the computing systems used to store the information, the security controls are used to protect it, and the communication channels are used to access it, and it all must be functioning correctly).
coding and encryption
Coding and encryption
  • Are the terms “coding” and “encryption” synonyms?
coding and encryption1
Coding and encryption


of information


may leave the old form, but changes, masks the contents. In order to read it is not enough to know only the algorithm, we must know the key


changes the form, but leaves the same content. For reading we must know the algorithm and coding table

  • Codeis a rule of conformity of the characters of a set X to characters of another set Y.
  • Coding (encoding) is the process of converting characters (words) of the alphabet X to the characters (words) of the alphabet Y.
  • If for each character X it corresponds a separate character Y, then it is called coding.
  • If for each character Y it is uniquely found on some rule his prototype X, then it is called decoding.
  • Example

If each color is coded:

by 2 bits, then we can code not more then 22= 4 colors,

by 3bits, then we can code not more then 23= 8 colors,

by 8 bits (= 1 byte), then we can code not more then 256 color.


Open text is a message, the text of which is necessary to make incomprehensible for outsiders.

Cipher is a set of invertible transformations of the set of the possible open data into the set of possible ciphertext carried out according to certain rules with the use of keys.

  • Encryption is the process of applying the cipher to the protected information, i.e. the transformation of the protected information in an encrypted message with the help of certain rules contained in the cipher.

Original message: “A”Encrypted message: “B”Rule for encryption: “f”Encrypting scheme: f(A)=B

The encryption rule “f” cannot be arbitrary. It should be such that having the encrypted text “B” we could uniquely recover the open message using the rule “g”.

  • Decryption is the process of reversing the encryption, i.e. the conversion of encrypted messages in the original information with the help of certain rules contained in the cipher.Rule for decryption: “g”Decrypting scheme: g(B)=A
  • Key is a specific secret status of a particular parameter (parameters), providing a choice of one transformation among all possible transformations for the encryption.
  • Key is an interchangeable element of the cipher.

If “k” is a key, then f(k(A)) = B

For each key “k”, the transformation f(k) should be reversible, that is,g(k(B)) = A

the difference between coding and encryption
The difference between coding and encryption
  • There is not a secret key while coding, as the coding aims to only a more concise and compact presentation of the message.
cryptology is a field of secret communications
Cryptology is a field of secret communications


«cryptos» - secret

«logos» - word


The science about the opening of ciphers


The science about the creation of ciphers

classification of crypto algorithms
Classification of crypto algorithms

The basic scheme of classification:Cryptogram and Cryptography with a keyBy the nature of the key:Symmetric and AsymmetricBy the nature of the impacts on the data:Permutation and SubstitutionDepending on the size of the block of information:Stream and Block

symmetric cryptography
Symmetric cryptography
  • If in a process of exchanging information we use the same key for the encryption and the decryption of information, then this cryptographic process is called symmetric.
disadvantages of symmetric encryption
Disadvantages of symmetric encryption
  • The necessity in a secure communication channel for transferring the key.


Let us consider the payment of the client's goods or services by a credit card. The trading company must create one key for each customer and somehow give them the keys.

It is very inconvenient.

asymmetric cryptography
Asymmetric cryptography
  • It is used two keys: public and private.
  • In fact it is like two halves of one whole key associated with each other
asymmetric cryptography1
Asymmetric cryptography
  • The keys are working so that a message encrypted by the one half of the key, can be decrypted only by the other half of the key (not by that one, which it was encoded).
  • Creating a pair of keys, the company widely distributes the public key and securely stores the secret key.
asymmetric cryptography2
Asymmetric cryptography
  • Public key and private key constitute a certain sequence.
  • The public key can be published on the server, from where everyone can get it. If the client wants to make an order in a company, he must take the public key and use it to encrypt the message about his order and his credit card.
  • After encrypting this message can be read only by the owner of the private key. None of the actors in the chain, in which the information is transferring, can do that.
  • Even the sender can't read his own message. Only the recipient can read the message, because only he has the secret key, supplementing the used public key.
asymmetric cryptography3
Asymmetric cryptography


  • If a company have to send to the client a receipt that the order is accepted for execution, then it encrypts this receipt by the private key.
  • The client is able to read the receipt, using the public key of that company.
  • The client can be sure that the receipt was sent by that company, because nobody else has an access to the private key.
the principle of the adequacy of the protection
The principle of the adequacy of the protection
  • There is no need to hide the public key for encryption algorithms. Usually it is accessible, often it is widely published.
  • The knowledge of the algorithm does not yet mean the possibility to reconstruct the key in a reasonable time.
the principle of the adequacy of the protection1
The principle of the adequacy of the protection
  • The protection of information is considered sufficient if the cost of its overcoming exceeds the expected value of the information itself.
  • The protection is not absolute and the methods of its overcoming are known, but it is still sufficient to make this event inappropriate.
  • When the other means to get the encrypted information in a reasonable time appear, then the principle of the algorithm is changing, and the problem is repeated at a higher level.
  • The search of the secret key is produced not only by the method of simple exhaustive search.
  • There are special methods for this purpose, they are based on the study of the peculiarities of interaction between the public key and the specific data structures.
  • The area of science, dedicated to these researches, is called cryptanalysis.
  • The average time required for the reconstruction of the private key on the published public key, is called crypto resistance of the encryption algorithm.
  • In Russia for using in state and commercial organizations only those encryption software products are permitted, which have passed the state certification, in particular, in the Federal Agency for government communications and information of the President of Russian Federation.
electronic signature
Electronic signature
  • The client gives instructions to the bank about the transfer of his money on the accounts of other persons and organizations. However, how can the bank know that the instruction was received by that client, not by some attacker?
  • This problem is solved with the help of the electronic signature.
electronic signature1
Electronic signature
  • While creating an electronic signature two keys are created: public and private.
  • The public key is transmitted to the bank.
  • Now you have to send an order to the Bank for the operation with a current account, it is encrypted with the public key of the Bank, and the signature is encrypted with the secret key.
  • The Bank does vice versa.
  • If the signature can be read then it is 100% proof of the authorship of the sender.
the principle of kirchhoff
The principle of Kirchhoff
  • All modern cryptosystems are built on the principle Kirchhoff: the secrecy of encrypted messages is determined by the secrecy of the key.
  • Even if the encryption algorithm is known to a cryptanalyst, nevertheless he won’t be able to decrypt the message without the relevant key.
the principle of kirchhoff1
The principle of Kirchhoff
  • All classical ciphers correspond to this principle and designed in such a way that there is no way to break them only by the exhaustive search of the whole key space, that is, by the trying all possible key values.
  • It is clear that the resistance of such codes is determined by the amount of the used key.