Encryption is a way to transform a message so that only the
sender and recipient can read, see or understand it. The mechanism
is based on the use of mathematical procedures to scramble data so
that it is extremely difficult for anyone other than authorized
recipients to recover the original message
Slide 3
The formula or algorithm converts the intended data (Credit
card number, Social security number etc.) into an encoded message
using a key to decode or decipher the message. Plaintext:- The
message that is being protected. Key:- A series of electronic
signals stored on a PCs hard disk or transmitted as blips of data
over transmission lines.
Slide 4
PKI:- Public Key Infrastructure creates the ability to
authenticate users, maintain privacy, ensure data integrity, and
process transactions without the risk of repudiation. It satisfies
four e-security needs. 1. Authentication 2. Integrity 3. No
repudiation- procedure that prevents sender and vendor from
credibly denying that they sent or received a specific message,
file etc. 4. Privacy
Slide 5
Cryptographic techniques are a means of securely transferring
data over Internet applications. It is the science of applying
complex mathematics to increase the security of electronic
transactions. Basic encryption relies on two components: an
algorithm and a key. Encrypting information is simple: A computer
program is used that has an encryption algorithm
Slide 6
For encryption to work, both sender and receiver have to know
the rules used to transform the original message or transaction
into its coded form. A set of rules for encoding and decoding
messages is called a cipher. The encoded message is called a
ciphertext. A message can be decrypted only if the decryption key
matches the encryption key.
Slide 7
3 cryptographic algorithms: Message-digest algorithms Map
variable-length plaintext to fixed-length ciphertext. Secret-key
algorithms Use one single key to encrypt and decrypt. Public-key
algorithms Use 2 different keys public key and private key.
Slide 8
It is a variable value that is used by cryptographic algorithms
to produce encrypted text, or decrypt encrypted text. The length of
the key reflects the difficulty to decrypt from the encrypted
message. EncryptionDecryption Plaintext Ciphertext Key
Slide 9
It is the number of bits (bytes) in the key. A 2-bit key has
four values 00, 01, 10, 11 in its key space A key of length n has a
key space of 2^n distinct values. E.g. the key is 128 bits
101010101010 .10010101111111 There are 2^128 combinations 340 282
366 920 938 463 463 374 607 431 768 211 456
Slide 10
CSC1720 Introduction to Internet 10 Encrypted Text Original
Text + Secret key = Encrypted Text Original TextSecret key + =
Encryption Decryption
Slide 11
Use a secret key to encrypt a message into ciphertext. Use the
same key to decrypt the ciphertext to the original message. Also
called Symmetric cryptography . 11 EncryptionDecryption Plaintext
Ciphertext Secret Key
Slide 12
All keys need to be replaced, if one key is compromised. Not
practical for the Internet environment. On the other hand, the
encryption speed is fast. Suitable to encrypt your personal data.
CSC1720 Introduction to Internet 12
Slide 13
Involves 2 distinct keys public, private. The private key is
kept secret and never be divulged, and it is password protected
(Passphase). The public key is not secret and can be freely
distributed, shared with anyone. It is also called asymmetric
cryptography . Two keys are mathematically related, it is
infeasible to derive the private key from the public key. 100 to
1000 times slower than secret-key algorithms. EncryptionDecryption
Plaintext Ciphertext Public KeyPrivate Key
Slide 14
First, create public and private key Public key Private key
Private key stored in your personal computer Public Key Directory
Public Key Public key stored in the directory
Slide 15
15 Public Key Directory Text User A User B s Public Key
Encryption Encrypted Text
Slide 16
User A Encrypted Text Encrypted Text Insecure Channel User
B
Slide 17
Encrypted Text User B s Private key Private key stored in your
personal computer Decryption Original Text User B
Slide 18
It maps a variable-length input message to a fixed-length
output digest. It is not feasible to determine the original message
based on its digest. It is impossible to find an arbitrary message
that has a desired digest. It is infeasible to find two messages
that have the same digest.
Slide 19
A hash function is a math equation that create a message digest
from message. A message digest is used to create a unique digital
signature from a particular document. Hash Function Original
Message (Document, E-mail) Digest
Slide 20
1. RSA Algorithm:- RSA is the most commonly used public key
algorithm, although it is vulnerable to attack. Named after its
inventors, Ron Rivest, Adi Shamir and Len Adleman of the
Massachusetts Institute of Technology (MIT). RSA was first
published in 1978. It is used for encryption as well as for
electronic signatures
Slide 21
2. Data Encryption Standards (DES):- DES was developed by IBM
in 1974 in response to a public solicitation form the U.S.
Department of Commerce. It was adopted as a U.S. federal standard
in 1977 and as a financial industry standard in 1981. DES is the
first symmetric system to be widely adopted commercially. Any
change to a message encrypted with DES turns the message into a
mess of unintelligible characters. As a block cipher with 64 bit
size, DES uses a 56-bit key to encrypt a 64- bit plaintext block
into a 64-bit ciphertext.
Slide 22
3. 3DES:- A stronger version of DES, called Triple DES(3DES),
uses three 56-bit keys to encrypt each block. The first key
encrypts the data block, the second key decrypts the data block,
and the third key encrypts the same data block again. The 3DES
version requires a 168-bit key that makes the process quite secure
and much safer than plain DES.
Slide 23
4. RC4 :- RC4 was designed by Ron Rivest Data Securtiy Inc.
This variable length cipher is widely used on the Internet as the
bulk encryption cipher in the Secure Sockets Layer (SSL) protocol,
with key length ranging from 40 to 128 bits. RC4 has a reputation
of being fast, although its security is unknown. 5. International
Data Encryption Algorithm (IDEA):- IDEA was created in Switzerland
in 1991. It offers strong encryption using a 128-bit key to encrypt
64-bit blocks.
Slide 24
Cryptoanalysis:- It is the science of deciphering encrypted
messages without knowing the right key. 1. Chosen-plaintext
attack:- The attacker uses an unknown key to encrypt any text or
document. The challenge is to find the key that is known only to
the attacker. 2. Known-plaintext attack:- The attacker knows the
plaintext for part(s) of the ciphertext. He or she uses this
information to decrypt the rest of the ciphertext.
Slide 25
3. Ciphertext-only attack:- The attacker has no idea what the
message contains and works primarily from ciphertext, making
guesses about the plaintext. Some ciphertext data might contain a
common word as a starter. Certain documents begin in a predictable
way that often gives away the contents.
Slide 26
4. Third-party attack:- An adversary breaks into the
communication line between two parties (e.g. buyer and vendor). He
or she uses a separate key with each party. Each party uses a
different key that is easily known to the adversary. The adversary,
in turn, decrypts the transmitted documents with the right key and
encrypts it with the other key before it is sent to the recipient.
Neither party has any idea that their communication system has been
intercepted.