O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.
Próximos SlideShares
Cryptography Ashik
Avançar
Transfira para ler offline e ver em ecrã inteiro.

Compartilhar

Class 16

Baixar para ler offline

Cryptography

Livros relacionados

Gratuito durante 30 dias do Scribd

Ver tudo
  • Seja a primeira pessoa a gostar disto

Class 16

  1. 1. Cryptography
  2. 2. Objectives of Information Security • Confidentiality (secrecy) – Only the sender and intended receiver should be able to understand the contents of the transmitted message • Authentication – Both the sender and receiver need to confirm the identity of other party involved in the communication • Data integrity – The content of their communication is not altered, either maliciously or by accident, in transmission. • Availability – Timely accessibility of data to authorized entities. Friday, 11 March 2016 2
  3. 3. Objectives of Information Security • Non-repudiation – An entity is prevented from denying its previous commitments or actions • Access control – An entity cannot access any entity that it is not authorized to. • Anonymity – The identity of an entity if protected from others. Friday, 11 March 2016 3
  4. 4. Basic Terminology • plaintext - the original message • ciphertext - the coded message • cipher - algorithm for transforming plaintext to ciphertext • key - info used in cipher known only to sender/receiver • encipher (encrypt) - converting plaintext to ciphertext • decipher (decrypt) - recovering ciphertext from plaintext • cryptography - study of encryption principles/methods • cryptanalysis (codebreaking) - the study of principles/ methods of deciphering ciphertext without knowing key • cryptology - the field of both cryptography and cryptanalysis Friday, 11 March 2016 4
  5. 5. Basic Terminology • unconditional security – no matter how much computer power is available, the cipher cannot be broken since the ciphertext provides insufficient information to uniquely determine the corresponding plaintext • computational security – given limited computing resources (eg time needed for calculations is greater than age of universe), the cipher cannot be broken Friday, 11 March 2016 5
  6. 6. History – The Manual Era • Dates back to at least 2000 B.C. • Pen and Paper Cryptography • Examples – Scytale – Spartan method involved wrapping a belt around a rod of a given diameter and length – Atbash – Hewbrew cipher which mirrored the normal alphabet (shown in The DaVinci Code) – Caesar – Shift all letters by a given number of letters in the alphabet – Vignère – Use of a key and multiple alphabets to hide repeated characters in an encrypted message Friday, 11 March 2016 6
  7. 7. History – The Mechanical Era • Invention of cipher machines • Examples – Confederate Army’s Cipher Disk – Japanese Red and Purple Machines – German Enigma Friday, 11 March 2016 7
  8. 8. History – The Modern Era • Computers! • Examples – Lucifer – Rijndael – RSA – ElGamal Friday, 11 March 2016 8
  9. 9. Cryptography • Cryptography is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it. Friday, 11 March 2016 9
  10. 10. Cryptographic Methods • Symmetric – Same key for encryption and decryption – Key distribution problem • Asymmetric – Mathematically related key pairs for encryption and decryption – Public and private keys Friday, 11 March 2016 10
  11. 11. Symmetric • Fast • Only provide confidentiality • Need secure channel for key distribution • Key management headaches from large number of key pairs to maintain Friday, 11 March 2016 11
  12. 12. Symmetric or Private Key Friday, 11 March 2016 12
  13. 13. Symmetric Algorithms • DES – Modes: ECB, CBC, CFB, OFB, CM • 3DES • AES • IDEA • Blowfish • RC4 • RC5 • CAST • SAFER • Twofish Friday, 11 March 2016 13
  14. 14. Asymmetric • Large mathematical operations make it slower than symmetric algorithms • No need for out of band key distribution (public keys are public!) • Scales better since only a single key pair needed per individual • Can provide authentication and nonrepudiation Friday, 11 March 2016 14
  15. 15. Asymmetric or Public Key Friday, 11 March 2016 15
  16. 16. Asymmetric Algorithms • Diffie-Hellman • RSA • El Gamal • Elliptic Curve Cryptography (ECC) Friday, 11 March 2016 16
  17. 17. Hybrid • Combines strengths of both methods • Asymmetric distributes symmetric key – Also known as a session key • Symmetric provides bulk encryption • Example: – SSL negotiates a hybrid method Friday, 11 March 2016 17
  18. 18. Cipher text PCQ VMJYPD LBYK LYSO KBXBJXWXV BXV ZCJPO EYPD KBXBJYUXJ LBJOO KCPK. CP LBO LBCMKXPV XPV IYJKL PYDBL, QBOP KBO BXV OPVOV LBO LXRO CI SX'XJMI, KBO JCKO XPV EYKKOV LBO DJCMPV ZOICJO BYS, KXUYPD: 'DJOXL EYPD, ICJ X LBCMKXPV XPV CPO PYDBLK Y BXNO ZOOP JOACMPLYPD LC UCM LBO IXZROK CI FXKL XDOK XPV LBO RODOPVK CI XPAYOPL EYPDK. SXU Y SXEO KC ZCRV XK LC AJXNO X IXNCMJ CI UCMJ SXGOKLU?' Any Guesses??? Friday, 11 March 2016 18
  19. 19. THE SOLUTION • Code • X Z A V O I D B Y G E R S P C F H J K L M N Q T U W • A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Friday, 11 March 2016 19
  20. 20. Plaintext • Now during this time Shahrazad had borne King Shahriyar three sons. On the thousand and first night, when she had ended the tale of Ma'aruf, she rose and kissed the ground before him, saying: 'Great King, for a thousand and one nights I have been recounting to you the fables of past ages and the legends of ancient kings. May I make so bold as to crave a favour of your majesty?’ Friday, 11 March 2016 20
  21. 21. Types of Cryptography • Stream-based Ciphers – One at a time – Mixes plaintext with key stream – Good for real-time services • Block Ciphers – Amusement Park Ride – Substitution and transposition Friday, 11 March 2016 21
  22. 22. Encryption Systems • Substitution Cipher – Convert one letter to another – Cryptoquip • Transposition Cipher – Change position of letter in text – Word Jumble • Monoalphabetic Cipher – Caesar Friday, 11 March 2016 22
  23. 23. Encryption Systems • Polyalphabetic Cipher – Vigenère • Modular Mathematics – Running Key Cipher • One-time Pads – Randomly generated keys Friday, 11 March 2016 23
  24. 24. Types of Cryptanalytic Attacks • ciphertext only – only know algorithm / ciphertext, statistical, can identify plaintext • known plaintext – know/suspect plaintext & ciphertext to attack cipher • chosen plaintext – select plaintext and obtain ciphertext to attack cipher • chosen ciphertext – select ciphertext and obtain plaintext to attack cipher • chosen text – select either plaintext or ciphertext to en/decrypt to attack cipher Friday, 11 March 2016 24
  25. 25. Steganography • Hiding a message within another medium, such as an image • No key is required • Example – Modify colour map of JPEG image Friday, 11 March 2016 25
  26. 26. Public Key Infrastructure • All components needed to enable secure communication – Policies and Procedures – Keys and Algorithms – Software and Data Formats • Assures identity to users • Provides key management features Friday, 11 March 2016 26
  27. 27. PKI Components • Digital Certificates – Contains identity and verification info • Certificate Authorities – Trusted entity that issues certificates • Registration Authorities – Verifies identity for certificate requests • Certificate Revocation List (CRL) Friday, 11 March 2016 27
  28. 28. Data Encryption standard Friday, 11 March 2016 28
  29. 29. History • In 1971, IBM developed an algorithm, named LUCIFER which operates on a block of 64 bits, using a 128-bit key • Walter Tuchman, an IBM researcher, refined LUCIFER and reduced the key size to 56-bit, to fit on a chip. • In 1977, the results of Tuchman’s project of IBM was adopted as the Data Encryption Standard by NSA (NIST). Friday, 11 March 2016 29
  30. 30. DES (Data Encryption Standard) • Authors: NSA & IBM, 1977 • Data block size: 64-bit (64-bit input, 64-bit output) • Key size: 56-bit key • Encryption is fast – DES chips – DES software: a 500-MIP CPU can encrypt at about 30K octets per second • Security – No longer considered secure: 56 bit keys are vulnerable to exhaustive search Friday, 11 March 2016 30
  31. 31. Data Encryption Standard (DES) • Goal of DES is to completely scramble the data and key so that every bit of cipher text depends on every bit of data and ever bit of key • DES is a block Cipher Algorithm – Encodes plaintext in 64 bit chunks – One parity bit for each of the 8 bytes thus it reduces to 56 bits • It is the most used algorithm – Standard approved by US National Bureau of Standards for Commercial and nonclassified US government use in 1993 Friday, 11 March 2016 31
  32. 32. DES Encryption Friday, 11 March 2016 32
  33. 33. OSI Security Architecture • ITU-T X.800 “Security Architecture for OSI” • Defines a systematic way of defining and providing security requirements Friday, 11 March 2016 33
  34. 34. Aspects of Security • The OSI security architecture focuses on security attacks, mechanisms, and services. These can be defined briefly as follows: – Security attack: Any action that compromises the security of information owned by an organization. – Security mechanism: A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack. – Security service: A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization. The services are intended to counter security attacks, and they make use of one or more security mechanisms to provide the service. Friday, 11 March 2016 34
  35. 35. Security Attack • any action that compromises the security of information owned by an organization • information security is about how to prevent attacks, or failing that, to detect attacks on information-based systems • often threat & attack used to mean same thing • have a wide range of attacks • can focus of generic types of attacks – passive – active Friday, 11 March 2016 35
  36. 36. Passive Attacks Friday, 11 March 2016 36
  37. 37. Active Attacks Friday, 11 March 2016 37
  38. 38. Security Services • X.800: • “a service provided by a protocol layer of communicating open systems, which ensures adequate security of the systems or of data transfers” • RFC 2828: • “a processing or communication service provided by a system to give a specific kind of protection to system resources” Friday, 11 March 2016 38
  39. 39. Model for Network Security Friday, 11 March 2016 39
  40. 40. Model for Network Access Security Friday, 11 March 2016 40
  41. 41. Friday, 11 March 2016 41

Cryptography

Vistos

Vistos totais

153

No Slideshare

0

De incorporações

0

Número de incorporações

0

Ações

Baixados

8

Compartilhados

0

Comentários

0

Curtir

0

×