1. Cryptography
Venkat Mutyala

2. Agenda
2
Q&A
History
Algorithms
ProgrammingLanguages
Types ofCryptography
Dell Confidential -Internal UseOnly
Overview

3. Dell Confidential -Internal UseOnly3
Overview

4. Cryptography is the practiceand study oftechniques for secure
communication in the presence of third parties
Authentication, Authorization, Data integrity, Confidentiality andnon-
repudiation are central to modern cryptography.
Applications of cryptography include ATM cards, computer passwords, electronic
commerce,cloud and mobile platforms
Dell Confidential -Internal UseOnly4

5. Overview Cont..
Cryptographyis theart/scienceofkeeping asecret.
In twentiethcentury,cryptographytobe rigorouslydefined andusefulto awideraudience,andit
waslargely doneso in threeseminal papers:
Communication Theory of Secret Systems by ClaudeShannon
New Directions In CryptographybyWhitfield Diffie andMartinHellman
AMethod for Obtaining Digital Signatures andPublic-Key Cryptosystems by Ronald Rivest, Adi Shamir and Leanard
Adleman
Steganographydealswithcomposing hiddenmessages sothatonlythe sender andthereceiver
knowthatthemessage even exists.
Ex:Stampsin olden days
mostpredictionsaboutthe futurearewrong
At&tprediction
Dell Confidential -Internal UseOnly5

6. Ciphers:
A cipheris analgorithm for performingencryption or decryption
Incryptography, ciphertext is the result of encryption performed on plaintext using an algorithm, called a
cipher.
Caesar Cipher : It is one of the simplest and most widely known encryptiontechniques. It is a type of
substitution cipher .
Transposition cipher, simple data encryption scheme inwhich plaintext characters areshifted insome
regularpattern to form ciphertext .
Vigenere cipher is a method of encrypting alphabetic text by using a series of different Caesar ciphersbased
on theletters of a keyword.
It is a simple form of polyalphabetic substitution
Ex:HRU
Dell Confidential -Internal UseOnly6

7. Cyber Security Importance
Confidential

8. Security Problems --BLI
Confidential
7Billion people
2.2 million cybersecurity
professionals
$7 Million
Averagecostofbreach
20:1
Ratioofdemandfor
trainedcybersecurity
personnel

9. Dell Confidential -Internal UseOnly9
History

10. Cryptography,the useof codes and ciphers to protect secrets, began thousands of years ago.
Inthe early20th century,the inventionof complex mechanical and electromechanical machines, suchas
the Enigma rotor machine,provided more sophisticated and efficient means of encryption
Thedevelopment of cryptographyhas been paralleled by thedevelopment of cryptanalysis — the
"breaking"of codes and ciphers.
ZimmermannTelegram triggered the UnitedStates' entryinto World War I; and Allied reading of Nazi
Germany'sciphers shortened World War II
Dell Confidential -Internal UseOnly10

11. Classical cryptography
Theearliestknown useof cryptographyisfoundfrom theOld Kingdom of Egypt circa 1900BC.
Some claytabletsfrom Mesopotamiasomewhatlater areclearlymeantto protect information—onedatednear1500BCE wasfoundto encrypt
Ex:Tonsure
Medieval cryptography
Al-Kindi,an Arabmathematician,sometimearoundAD 800
Examplesof the latterincludeCharlesBabbage'sCrimeanWar era work onmathematicalcryptanalysisof polyalphabeticciphers,redevelopedandpublished
somewhatlater bythe PrussianFriedrichKasiski
Howeveritsmost importantcontributionwasprobablyin decryptingtheZimmermannTelegram, a cablefrom the GermanForeignOffice sentvia Washingtonto
itsambassadorHeinrichvon Eckardt in Mexico which playeda majorpartin bringing the UnitedStatesintothe war.
WWII:
TheGermansmadeheavyuse, in severalvariants,of an electromechanicalrotormachineknown asEnigma
AlanTuring
A Turing machineis a hypotheticaldevicethat manipulatessymbolsona stripof tapeaccording to a tableof rules.Despite its simplicity,a Turingmachine can be
adaptedto simulatethelogic of anycomputer algorithm,andis particularlyusefulin explainingthefunctionsof a CPU insidea computer.
The"machine"was inventedin 1936 byAlan Turing whocalledit an "a-machine"(automaticmachine).The Turingmachineis not intendedaspracticalcomputing
technology,but ratherasa hypotheticaldevicerepresentinga computing machine. Turing machineshelpcomputer scientistsunderstandthelimitsof mechanical
computation.
Dell Confidential -Internal UseOnly11

12. Moderncryptography
Encryptionin moderntimesisachievedbyusingalgorithmsthathaveakeytoencryptanddecryptinformation.Thesekeysconvertthe
messagesanddatainto“digitalgibberish”throughencryptionand thenreturnthemtotheoriginalformthroughdecryption.Ingeneral,the
longerthekeyis, themoredifficultitistocrackthecode
Beginningaroundthe1990s,theuse oftheInternetforcommercialpurposesandtheintroductionofe-commercecalledfora widespread
standardforencryption.BeforetheintroductionoftheAdvancedEncryptionStandard(AES), informationsentovertheInternet,suchas
financialdata,wasencryptedusingtheDataEncryptionStandard(DES), asymmetric-keycipher
Themid-1970ssawtwomajorpublic (i.e.,non-secret)advances.FirstwasthepublicationofthedraftDataEncryptionStandard intheU.S
TheagingDESwasofficiallyreplacedbytheAdvancedEncryptionStandard(AES) in2001
Theseconddevelopment,in 1976, wasperhapsevenmoreimportant,foritfundamentallychanged thewaycryptosystemsmightwork.This
wasthepublicationofthepaperNewDirectionsinCryptographybyWhitfield DiffieandMartinHellman
Dell Confidential -Internal UseOnly12

13. Dell Confidential -Internal UseOnly13
Types of Cryptography
Symmetric
Same key for encryption and decryption
Key distribution problem
Asymmetric
Mathematically related key pairs for encryption and
decryption
Public and private keys
Hashing
Hashing is a common technique used in cryptography to
encode information quickly using typical algorithms.
Generally, an algorithm is applied to a string of text, and
the resulting string becomes the “hash value”.

14. Symmetric
DES
3DES
AES
IDEA
Blowfish
RC4
RC5
CAST
SAFER
Twofish
Dell Confidential -Internal UseOnly14

15. Asymmetric
Diffie-Hellman
RSA
EllipticCurve Cryptography (ECC)
Dell Confidential -Internal UseOnly15

16. Hashing
MD5
Computes128-bithashvalue
Widelyused forfileintegritychecking
SHA-1
Computes160-bithashvalue
NISTapprovedmessage digest algorithm
HAVAL
Computesbetween 128and256bithash
Between 3 and5 rounds
RIPEMD-160
Developed in Europepublishedin 1996
Patent-free
Dell Confidential -Internal UseOnly16

17. 17
Encryption Management
Dell Confidential -Internal UseOnly17
Key Distribution Center (KDC)
Uses master keys to issue
session keys
Example: Kerberos
ANSI X9.17
Used by financial institutions
Hierarchical set of keys
Higher levels used to distribute
lower

18. 18
PublicKey Infrastructure
Dell Confidential -Internal UseOnly18
All components needed to enable
secure communication
Policies and Procedures
Keys and Algorithms
Software and Data Formats
Assures identity to users
Provides key management features

19. 19
PKI Components
Dell Confidential -Internal UseOnly19
Digital Certificates
Contains identity and verification info
Certificate Authorities
Trusted entity that issues certificates
Registration Authorities
Verifies identity for certificate requests
Certificate Revocation List (CRL)

20. 20
Cryptanalysis
Dell Confidential -Internal UseOnly20
The study of methods to break cryptosystems
Often targeted at obtaining a key
Attacks may be passive or active
Kerckhoff’s Principle
The only secrecy involved with a
cryptosystem should be the key
Cryptosystem Strength
How hard is it to determine the secret
associated with the system?

21. 21
Cryptanalysis Attacks
Dell Confidential -Internal UseOnly21
Brute force
Trying all key values in the keyspace
Frequency Analysis
Guess values based on frequency of occurrence
Dictionary Attack
Find plaintext based on common words
Replay Attack
Repeating previous known values
Factoring Attacks
Find keys through prime factorization

22. 22
Network Security
Dell Confidential -Internal UseOnly22
Link Encryption
Encrypt traffic headers + data
Transparent to users
End-to-End Encryption
Encrypts application layer data only
Network devices need not be aware
SSL/TLS
•Supports mutual authentication
•Secures a number of popular network services
IPSec
•Security extensions for TCP/IP protocols
•Supports encryption and authentication
•Used for VPNs

23. Dell Confidential -Internal UseOnly23
Algorithms

24. RSAis an algorithm used by modern computers toencrypt anddecrypt messages.
Itis an asymmetric cryptographic algorithm.
Asymmetric means that there are two different keys. This is also called public key cryptography, because one ofthem can
be given toeveryone. The other key must be kept private.
RSAis made ofthe initial letters ofthe surnames of Ron Rivest, Adi ShamirandLeonard Adleman
RSAisactually aset oftwoalgorithms:
KeyGeneration: Akey generation algorithm.
RSAFunction Evaluation:Afunction F,thattakes asinputapointxandakey kandproduces either anencrypted resultor
plaintext,depending ontheinputandthekey.
Dell Confidential -Internal UseOnly24

25. KeyGeneration:
ThekeygenerationalgorithmisthemostcomplexpartofRSA.Theaimof thekeygenerationalgorithmis to
generateboth thepublic andtheprivateRSAkeys.Soundssimpleenough!Unfortunately,weakkey
generationmakesRSAveryvulnerabletoattack.Soithastobedonecorrectly.Hereiswhathastohappenin
ordertogeneratesecureRSAkeys:
LargePrimeNumberGeneration:Twolargeprimenumberspandqneedtobegenerated.Thesenumbers
areverylarge:Atleast 512digits, but1024digits is consideredsafe.
Modulus: Fromthetwolargenumbers,a modulusnis generatedbymultiplyingpandq.
Totient:Thetotient of n,ϕ(n)iscalculated.
PublicKey:Aprimenumberis calculatedfromtherange (1,ϕ(n))that hasagreatest commondivisor of1
withϕ(n).
PrivateKey:Becausetheprimein abovestep hasagcd of1withϕ(n),weareable todetermineit'sinverse
withrespect to modϕ(n).
Dell Confidential -Internal UseOnly25

26. RSAFunction Evaluation
Thisistheprocess oftransformingaplaintext message into ciphertext, orvice-versa. TheRSAfunction,for
message mandkeykisevaluatedasfollows:
F(m,k)=mkmodn
Thereareobviously twocases:
Encryptingwiththepublickey,andthendecryptingwiththeprivate key.
Encryptingwiththeprivate key,andthendecryptingwiththepublickey.
Thetwocases abovearemirrors.Iwill explainthefirstcase, thesecondfollows fromthefirst
Encryption:F(m,e)=memodn=c, wheremisthemessage, eis thepublic keyandcis thecipher.
Decryption:F(c,d)=cdmodn=m.
Dell Confidential -Internal UseOnly26

27. CalculationofModulusAnd Totient
Letschoose twoprimes:p=11andq=13.Hence themodulusisn=p×q=143.Thetotientofn ϕ(n)=(p−1)⋅(q−1)=120.
Ex:
Choosep = 3andq = 11
Computen = p *q =3*11= 33
Computeφ(n)= (p- 1) *(q - 1) =2*10= 20
Choosee suchthat1<e < φ(n)and eandn arecoprime.Lete =7
Computeavaluefordsuch that(d *e)% φ(n)= 1.Onesolutionisd = 3[(3*7) % 20= 1]
Public keyis(e, n)=>(7, 33)
Privatekeyis(d, n) =>(3, 33)
Theencryptionof m=2isc=27 %33=29
Thedecryptionof c=29ism=293 %33=2
Dell Confidential -Internal UseOnly27

28. The Diffie-Hellman key exchange:
Thequestion of keyexchangewas one of the first problems addressed by a cryptographicprotocol.
This was prior to the invention of public keycryptography. The Diffie-Hellman keyagreementprotocol
(1976)was the first practical method for establishing a sharedsecret over an unsecuredcommunication
channel.
Thepoint is to agreeon a keythat two parties can usefor a symmetricencryption,in sucha way that an
eavesdropper cannot obtain the key.
Discovering the shared secret given g, p, g a mod p and g b
mod p would take longer thanthe lifetime of the universe, using
the best known algorithm. This is calledthediscrete logarithm
problem.
Dell Confidential -Internal UseOnly28

29. Dell Confidential -Internal UseOnly29
Implementation-JAVA

30. Theimportance of web security will continue to increase as companies and individuals
alike arepaying moreattention to ensuring that their resourcesare protected and
their interactions are private. TheServlet specification provides methods and guidelines
for implementing security in web applications.
Below things areto be considered whenwe write secure program.
Authentication
Authorization
Data integrity
Confidentiality and non-repudiation
Auditing
Malicious code
Web attacks
Dell Confidential -Internal UseOnly30

31. Theimportance of web security will continue to increase as companies and individuals
alike arepaying moreattention to ensuring that their resourcesare protected and
their interactions are private. TheServlet specification provides methods and guidelines
for implementing security in web applications.
Below things areto be considered whenwe write secure program.
Authentication
Authorization
Data integrity
Confidentiality and non-repudiation
Auditing
Malicious code
Web attacks
Dell Confidential -Internal UseOnly31

32. TheServlet specificationdefinesfourmechanisms toauthenticateusers:
• HTTPBasicauthentication
• HTTPDigest authentication
• HTTPSClient authentication
• HTTPFORM-basedauthentication
Dell Confidential -Internal UseOnly32

33. Dell Confidential -Internal UseOnly33

34. FRS 34
DellConfidentialThe power to do more
But really it’s simple

35. 35
What
questions u
have in
mind?