SlideShare uma empresa Scribd logo
1 de 23
Baixar para ler offline
Zahid Mian
Part of the Brown-bag Series
 History andTerms
 WhyWe Need Encryption
 How is Encryption Used In Systems
 Difference in Ciphers
 Various Implementations
 HashValues
 Digital Signatures
 Why Attacks Are Successful
 Hieroglyphs
 4000 years ago
 Use pictures to represent words/messages
 Caesar ShiftCipher
 Replace characters by an offset (or shifting)
 Offset = 2, then “hello” -> “jgnnq”
 Improvements over time
 Steganography,Vigenere Coding
 Modern really means digital
 Much more mathematically oriented
 Operating on bit values
 Use of public key and secret key
 Even though algorithm are public, it’s nearly
impossible to obtain original information
 Plaintext –The original information
 Cipher – A secret way of writing (an algorithm)
 Encryption Key – A value that is used to encrypt plaintext
(aka, public key)
 Decryption Key – A value that is used to decrypt
Ciphertext (aka, private key)
 Ciphertext -The encrypted information
 Algorithm – (Often) Public algorithm that uses keys to
encrypt or decrypt information
 Interceptor/Attacker – unauthorized entity that tries to
determine the cipher text (aka, hacker)
 Symmetric – single key used for encryption and
decryption
 Asymmetric – uses public key and private key
http://www.infosectoday.com/Articles/Intro_to_Cryptography/CryptoFig05a.jpg
This is how things generally work today, but there are a lot of
pieces that make this happen.
 Passive – Simply gaining unauthorized access to
information.
 Most common password is 123456
 Active – A hacker attempts to make changes to
data on the target or data en route
 Masquerading: hacker pretends to be someone
 Denial of Service (DoS): deny access to legitimate
users by overwhelming the system (common)
 Using technical information to steal user id (e.g.,
using session id)
 Known Plaintext Attack (KPA)
 Attacker knows plaintext of some part of the ciphertext; attempts to
decrypt the rest
 Chosen Plaintext Attack (CPA)
 Attacker has ciphertext and plaintext; attempts to determine key
 Brute Force Attack (BFA)
 Attacker tries to determine key by attempting all possible values
 Man in the Middle (MIM)
 Simple, but technically challenging method of duping both the sender
and the receiver into thinking keys came from correct source
 Side Channel Attacks (SCA)
 Data Remanence (reading data that should have been deleted)
 Row Hammer (low-level memory hack)
 Fault Analysis (forcing errors and reading outputs for clues)
 Traditionally Ciphers were single character
 Caesar Cipher: shift a single character
 Two-character Cipher (Playfair)
 Use two characters as key
 String Cipher (Vigenere)
 Use a string (word) as key
 One-Time Pad
 Key length equals length of plaintext
 Block/Stream (DES,AES)
 Plaintext is processed in blocks/streams of bits at a
time
Simple
Feedback
 Underlying model for many block ciphers
 Same algorithm for encryption/decryption
 Steps
 Input is split into two halves
 RHS input is transformed by function f which receives
a subkey
 LHS combined with transformed input from RHS
using XOR operation
 RHS and LHS are switched to obtain the input for next
round
 Repeat
32 bit 32 bit
f
32 bit 32 bit
32 bit 32 bit
Ki
LHSi-1 RHSi-1
LHSi-1 = RHSi-1 RHSi-1 = LHSi-1
 Block size is 64 bits
 Key length is 64 bits (though only 56 are used)
 Round-key generator creates 48-bit Key
• Very Strong Cipher
• Fallen out of favor
because small key value
• Can be hacked with
exhaustive search
 Don’t abandon original DES; change usage
 Effectively use 3 Keys (3X56 = 168)
 Problem of short key solved
 Kind of slow
 Process
 Encrypt plaintext using K1
 Decrypt output of Step1 using K2
 Encrypt output of Step2 using K3
 Output of Step3 is ciphertext
 Decrypt in reverse order
 The more popular algorithm today
 Much faster thanTriple DES
 128-bit data; 128/192/256-bit keys
 Key size depends on the number of rounds
 A “bit” more complex algorithm (pun
intended)
 For details see online resources
 To-Date no attacks againstAES have been
successful
 Asymmetric Cipher (diff keys)
 Necessary due to growth of
Internet
 Used for smaller pieces of data
 ThreeTypes
 RSA (widely used)
 ElGamal
 Elliptic Curve Cryptography (ECC)
http://etutorials.org/Programming/Programming+.net+security/Part+III+.NET+Cryptography/Chapter+15.+Asymmetric+Encryption/15.1+
Asymmetric+Encryption+Explained/
 Function that converts arbitrarily long numeric
input into a fixed numeric output called a hash
 Very Efficient
 Hard to reverse value
 Hard to produce same hash for diff inputs
 Some well known Hash Functions
 Message Digest (MD), Secure Hash Function (SHA),
RIPEMD
 Most Common Use: Password Storage
 Secure Apps will not save your password in plaintext
 How can we be sure a message is authentic?
 In the old days, a signature on a letter proved
authenticity
 Digital Signatures do the same thing-they
ensure that the message is from the original
sender with the original message
 Adds trust when exchanging data
 Using Encryption with Digital Signatures is
important
 Certifying Authority (CA) responsible for
management of certificates
 Generating, issuing, publishing, verifying, revoking
Encryption of Email
Decryption of Email
 User Carelessness / Stolen Credentials
 Stolen equipment (laptops, phones, etc.)
 Incorrect Implementation / Backdoor
 Broken Processes / InsiderThreats
 PhishingAttacks
 Sending sensitive data over plaintext
 Zero-day threats / Maintenance
 Application vulnerabilities
Intro to modern cryptography
Intro to modern cryptography

Mais conteúdo relacionado

Mais procurados

Mais procurados (20)

Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)
 
DES
DESDES
DES
 
Key management
Key managementKey management
Key management
 
Message authentication
Message authenticationMessage authentication
Message authentication
 
DES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationDES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentation
 
Message authentication and hash function
Message authentication and hash functionMessage authentication and hash function
Message authentication and hash function
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Symmetric and asymmetric key
Symmetric and asymmetric keySymmetric and asymmetric key
Symmetric and asymmetric key
 
MAC-Message Authentication Codes
MAC-Message Authentication CodesMAC-Message Authentication Codes
MAC-Message Authentication Codes
 
Cryptography
CryptographyCryptography
Cryptography
 
Hash Function
Hash FunctionHash Function
Hash Function
 
cryptography
cryptographycryptography
cryptography
 
symmetric key encryption algorithms
 symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithms
 
Asymmetric Cryptography
Asymmetric CryptographyAsymmetric Cryptography
Asymmetric Cryptography
 
2. Stream Ciphers
2. Stream Ciphers2. Stream Ciphers
2. Stream Ciphers
 
Cryptography
CryptographyCryptography
Cryptography
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket Layer
 
Block cipher modes of operation
Block cipher modes of operation Block cipher modes of operation
Block cipher modes of operation
 
Cryptography
CryptographyCryptography
Cryptography
 

Destaque

Information Security Cryptography ( L02- Types Cryptography)
Information Security Cryptography ( L02- Types Cryptography)Information Security Cryptography ( L02- Types Cryptography)
Information Security Cryptography ( L02- Types Cryptography)Anas Rock
 
Cryptography using rsa cryptosystem
Cryptography using rsa cryptosystemCryptography using rsa cryptosystem
Cryptography using rsa cryptosystemSamdish Arora
 
Apprenticeship artifact
Apprenticeship  artifactApprenticeship  artifact
Apprenticeship artifactShooter24
 
Data Encryption and Decryption using Hill Cipher
Data Encryption and Decryption using Hill CipherData Encryption and Decryption using Hill Cipher
Data Encryption and Decryption using Hill CipherAashirwad Kashyap
 
Cryptography by Epul
Cryptography by EpulCryptography by Epul
Cryptography by EpulAgate Studio
 
Rsa algorithm key generation
Rsa algorithm key generation Rsa algorithm key generation
Rsa algorithm key generation swarnapatil
 
Message digest & digital signature
Message digest & digital signatureMessage digest & digital signature
Message digest & digital signatureDinesh Kodam
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
13 asymmetric key cryptography
13   asymmetric key cryptography13   asymmetric key cryptography
13 asymmetric key cryptographydrewz lin
 
Lesson 1 the pstn
Lesson 1 the pstnLesson 1 the pstn
Lesson 1 the pstnkongara
 
Presentation on DSL & ADSL
Presentation on DSL & ADSLPresentation on DSL & ADSL
Presentation on DSL & ADSLrewa_monami
 
DSL - ADSL
DSL - ADSLDSL - ADSL
DSL - ADSLtucho
 

Destaque (20)

Ch31
Ch31Ch31
Ch31
 
Information Security Cryptography ( L02- Types Cryptography)
Information Security Cryptography ( L02- Types Cryptography)Information Security Cryptography ( L02- Types Cryptography)
Information Security Cryptography ( L02- Types Cryptography)
 
Cryptography using rsa cryptosystem
Cryptography using rsa cryptosystemCryptography using rsa cryptosystem
Cryptography using rsa cryptosystem
 
Modern Cryptography
Modern CryptographyModern Cryptography
Modern Cryptography
 
Apprenticeship artifact
Apprenticeship  artifactApprenticeship  artifact
Apprenticeship artifact
 
Data Encryption and Decryption using Hill Cipher
Data Encryption and Decryption using Hill CipherData Encryption and Decryption using Hill Cipher
Data Encryption and Decryption using Hill Cipher
 
Cryptography by Epul
Cryptography by EpulCryptography by Epul
Cryptography by Epul
 
Rsa algorithm key generation
Rsa algorithm key generation Rsa algorithm key generation
Rsa algorithm key generation
 
Cryptography
Cryptography Cryptography
Cryptography
 
Message digest & digital signature
Message digest & digital signatureMessage digest & digital signature
Message digest & digital signature
 
Forouzan isdn
Forouzan isdnForouzan isdn
Forouzan isdn
 
PSTN
PSTNPSTN
PSTN
 
Basic ISDN
Basic ISDNBasic ISDN
Basic ISDN
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITY
 
ISDN & DSL
ISDN & DSLISDN & DSL
ISDN & DSL
 
Diffiehellman
DiffiehellmanDiffiehellman
Diffiehellman
 
13 asymmetric key cryptography
13   asymmetric key cryptography13   asymmetric key cryptography
13 asymmetric key cryptography
 
Lesson 1 the pstn
Lesson 1 the pstnLesson 1 the pstn
Lesson 1 the pstn
 
Presentation on DSL & ADSL
Presentation on DSL & ADSLPresentation on DSL & ADSL
Presentation on DSL & ADSL
 
DSL - ADSL
DSL - ADSLDSL - ADSL
DSL - ADSL
 

Semelhante a Intro to modern cryptography

Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI TechnologySylvain Maret
 
Cryptography
CryptographyCryptography
CryptographyRohan04
 
Unit V network management and security
Unit V network management and securityUnit V network management and security
Unit V network management and securitysangusajjan
 
Seminar on Encryption and Authenticity
Seminar on Encryption and AuthenticitySeminar on Encryption and Authenticity
Seminar on Encryption and AuthenticityHardik Manocha
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network securityNagendra Um
 
CH02-CompSec4e.pptx
CH02-CompSec4e.pptxCH02-CompSec4e.pptx
CH02-CompSec4e.pptxams1ams11
 
Basic Cryptography.pdf
Basic Cryptography.pdfBasic Cryptography.pdf
Basic Cryptography.pdfSetiya Nugroho
 
Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...Mazin Alwaaly
 
Cryptography101
Cryptography101Cryptography101
Cryptography101NCC Group
 
Cryptography - A Brief History
Cryptography - A Brief HistoryCryptography - A Brief History
Cryptography - A Brief Historyprasenjeetd
 
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptx
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptxSecret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptx
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptxjibonjibon5
 
Password based encryption
Password based encryptionPassword based encryption
Password based encryptionSachin Tripathi
 

Semelhante a Intro to modern cryptography (20)

Day5
Day5Day5
Day5
 
Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI Technology
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Unit V network management and security
Unit V network management and securityUnit V network management and security
Unit V network management and security
 
Cryptography
CryptographyCryptography
Cryptography
 
Seminar on Encryption and Authenticity
Seminar on Encryption and AuthenticitySeminar on Encryption and Authenticity
Seminar on Encryption and Authenticity
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network security
 
Moein
MoeinMoein
Moein
 
Encryption Primer por Cathy Nolan
Encryption Primer por Cathy NolanEncryption Primer por Cathy Nolan
Encryption Primer por Cathy Nolan
 
CH02-CompSec4e.pptx
CH02-CompSec4e.pptxCH02-CompSec4e.pptx
CH02-CompSec4e.pptx
 
Unit-2-IS (1).pdf
Unit-2-IS (1).pdfUnit-2-IS (1).pdf
Unit-2-IS (1).pdf
 
Basic Cryptography.pdf
Basic Cryptography.pdfBasic Cryptography.pdf
Basic Cryptography.pdf
 
Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...
 
Cryptography101
Cryptography101Cryptography101
Cryptography101
 
Cryptography - A Brief History
Cryptography - A Brief HistoryCryptography - A Brief History
Cryptography - A Brief History
 
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptx
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptxSecret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptx
Secret-Key-Cryptography-ppt-by-alljobs.co_.in_.pptx
 
Password based encryption
Password based encryptionPassword based encryption
Password based encryption
 
Digital signatures
Digital signaturesDigital signatures
Digital signatures
 
Digital signatures
Digital signaturesDigital signatures
Digital signatures
 

Mais de zahid-mian

Mongodb Aggregation Pipeline
Mongodb Aggregation PipelineMongodb Aggregation Pipeline
Mongodb Aggregation Pipelinezahid-mian
 
MongoD Essentials
MongoD EssentialsMongoD Essentials
MongoD Essentialszahid-mian
 
Hadoop Technologies
Hadoop TechnologiesHadoop Technologies
Hadoop Technologieszahid-mian
 
Hadoop M/R Pig Hive
Hadoop M/R Pig HiveHadoop M/R Pig Hive
Hadoop M/R Pig Hivezahid-mian
 
NoSQL Databases
NoSQL DatabasesNoSQL Databases
NoSQL Databaseszahid-mian
 
Statistics101: Numerical Measures
Statistics101: Numerical MeasuresStatistics101: Numerical Measures
Statistics101: Numerical Measureszahid-mian
 
Amazon SimpleDB
Amazon SimpleDBAmazon SimpleDB
Amazon SimpleDBzahid-mian
 
C# 6 New Features
C# 6 New FeaturesC# 6 New Features
C# 6 New Featureszahid-mian
 
Introduction to d3js (and SVG)
Introduction to d3js (and SVG)Introduction to d3js (and SVG)
Introduction to d3js (and SVG)zahid-mian
 

Mais de zahid-mian (9)

Mongodb Aggregation Pipeline
Mongodb Aggregation PipelineMongodb Aggregation Pipeline
Mongodb Aggregation Pipeline
 
MongoD Essentials
MongoD EssentialsMongoD Essentials
MongoD Essentials
 
Hadoop Technologies
Hadoop TechnologiesHadoop Technologies
Hadoop Technologies
 
Hadoop M/R Pig Hive
Hadoop M/R Pig HiveHadoop M/R Pig Hive
Hadoop M/R Pig Hive
 
NoSQL Databases
NoSQL DatabasesNoSQL Databases
NoSQL Databases
 
Statistics101: Numerical Measures
Statistics101: Numerical MeasuresStatistics101: Numerical Measures
Statistics101: Numerical Measures
 
Amazon SimpleDB
Amazon SimpleDBAmazon SimpleDB
Amazon SimpleDB
 
C# 6 New Features
C# 6 New FeaturesC# 6 New Features
C# 6 New Features
 
Introduction to d3js (and SVG)
Introduction to d3js (and SVG)Introduction to d3js (and SVG)
Introduction to d3js (and SVG)
 

Último

Technical improvements. Reasons. Methods. Estimations. CJ
Technical improvements.  Reasons. Methods. Estimations. CJTechnical improvements.  Reasons. Methods. Estimations. CJ
Technical improvements. Reasons. Methods. Estimations. CJpolinaucc
 
Unlocking AI: Navigating Open Source vs. Commercial Frontiers
Unlocking AI:Navigating Open Source vs. Commercial FrontiersUnlocking AI:Navigating Open Source vs. Commercial Frontiers
Unlocking AI: Navigating Open Source vs. Commercial FrontiersRaphaël Semeteys
 
Revolutionize Your Field Service Management with FSM Grid
Revolutionize Your Field Service Management with FSM GridRevolutionize Your Field Service Management with FSM Grid
Revolutionize Your Field Service Management with FSM GridMathew Thomas
 
Practical Advice for FDA’s 510(k) Requirements.pdf
Practical Advice for FDA’s 510(k) Requirements.pdfPractical Advice for FDA’s 510(k) Requirements.pdf
Practical Advice for FDA’s 510(k) Requirements.pdfICS
 
Steps to Successfully Hire Ionic Developers
Steps to Successfully Hire Ionic DevelopersSteps to Successfully Hire Ionic Developers
Steps to Successfully Hire Ionic Developersmichealwillson701
 
Mobile App Development company Houston
Mobile  App  Development  company HoustonMobile  App  Development  company Houston
Mobile App Development company Houstonjennysmithusa549
 
8 Steps to Build a LangChain RAG Chatbot.
8 Steps to Build a LangChain RAG Chatbot.8 Steps to Build a LangChain RAG Chatbot.
8 Steps to Build a LangChain RAG Chatbot.Ritesh Kanjee
 
VuNet software organisation powerpoint deck
VuNet software organisation powerpoint deckVuNet software organisation powerpoint deck
VuNet software organisation powerpoint deckNaval Singh
 
renewable energy renewable energy renewable energy renewable energy
renewable energy renewable energy renewable energy  renewable energyrenewable energy renewable energy renewable energy  renewable energy
renewable energy renewable energy renewable energy renewable energyjeyasrig
 
MUT4SLX: Extensions for Mutation Testing of Stateflow Models
MUT4SLX: Extensions for Mutation Testing of Stateflow ModelsMUT4SLX: Extensions for Mutation Testing of Stateflow Models
MUT4SLX: Extensions for Mutation Testing of Stateflow ModelsUniversity of Antwerp
 
8 key point on optimizing web hosting services in your business.pdf
8 key point on optimizing web hosting services in your business.pdf8 key point on optimizing web hosting services in your business.pdf
8 key point on optimizing web hosting services in your business.pdfOffsiteNOC
 
openEuler Community Overview - a presentation showing the current scale
openEuler Community Overview - a presentation showing the current scaleopenEuler Community Overview - a presentation showing the current scale
openEuler Community Overview - a presentation showing the current scaleShane Coughlan
 
MinionLabs_Mr. Gokul Srinivas_Young Entrepreneur
MinionLabs_Mr. Gokul Srinivas_Young EntrepreneurMinionLabs_Mr. Gokul Srinivas_Young Entrepreneur
MinionLabs_Mr. Gokul Srinivas_Young EntrepreneurPriyadarshini T
 
User Experience Designer | Kaylee Miller Resume
User Experience Designer | Kaylee Miller ResumeUser Experience Designer | Kaylee Miller Resume
User Experience Designer | Kaylee Miller ResumeKaylee Miller
 
BATbern52 Swisscom's Journey into Data Mesh
BATbern52 Swisscom's Journey into Data MeshBATbern52 Swisscom's Journey into Data Mesh
BATbern52 Swisscom's Journey into Data MeshBATbern
 
Splashtop Enterprise Brochure - Remote Computer Access and Remote Support Sof...
Splashtop Enterprise Brochure - Remote Computer Access and Remote Support Sof...Splashtop Enterprise Brochure - Remote Computer Access and Remote Support Sof...
Splashtop Enterprise Brochure - Remote Computer Access and Remote Support Sof...Splashtop Inc
 
Flutter the Future of Mobile App Development - 5 Crucial Reasons.pdf
Flutter the Future of Mobile App Development - 5 Crucial Reasons.pdfFlutter the Future of Mobile App Development - 5 Crucial Reasons.pdf
Flutter the Future of Mobile App Development - 5 Crucial Reasons.pdfMind IT Systems
 
Take Advantage of Mx Tracking Flight Scheduling Solutions to Streamline Your ...
Take Advantage of Mx Tracking Flight Scheduling Solutions to Streamline Your ...Take Advantage of Mx Tracking Flight Scheduling Solutions to Streamline Your ...
Take Advantage of Mx Tracking Flight Scheduling Solutions to Streamline Your ...MyFAA
 
Large Scale Architecture -- The Unreasonable Effectiveness of Simplicity
Large Scale Architecture -- The Unreasonable Effectiveness of SimplicityLarge Scale Architecture -- The Unreasonable Effectiveness of Simplicity
Large Scale Architecture -- The Unreasonable Effectiveness of SimplicityRandy Shoup
 

Último (20)

Technical improvements. Reasons. Methods. Estimations. CJ
Technical improvements.  Reasons. Methods. Estimations. CJTechnical improvements.  Reasons. Methods. Estimations. CJ
Technical improvements. Reasons. Methods. Estimations. CJ
 
Unlocking AI: Navigating Open Source vs. Commercial Frontiers
Unlocking AI:Navigating Open Source vs. Commercial FrontiersUnlocking AI:Navigating Open Source vs. Commercial Frontiers
Unlocking AI: Navigating Open Source vs. Commercial Frontiers
 
Revolutionize Your Field Service Management with FSM Grid
Revolutionize Your Field Service Management with FSM GridRevolutionize Your Field Service Management with FSM Grid
Revolutionize Your Field Service Management with FSM Grid
 
Practical Advice for FDA’s 510(k) Requirements.pdf
Practical Advice for FDA’s 510(k) Requirements.pdfPractical Advice for FDA’s 510(k) Requirements.pdf
Practical Advice for FDA’s 510(k) Requirements.pdf
 
Steps to Successfully Hire Ionic Developers
Steps to Successfully Hire Ionic DevelopersSteps to Successfully Hire Ionic Developers
Steps to Successfully Hire Ionic Developers
 
Mobile App Development company Houston
Mobile  App  Development  company HoustonMobile  App  Development  company Houston
Mobile App Development company Houston
 
8 Steps to Build a LangChain RAG Chatbot.
8 Steps to Build a LangChain RAG Chatbot.8 Steps to Build a LangChain RAG Chatbot.
8 Steps to Build a LangChain RAG Chatbot.
 
VuNet software organisation powerpoint deck
VuNet software organisation powerpoint deckVuNet software organisation powerpoint deck
VuNet software organisation powerpoint deck
 
renewable energy renewable energy renewable energy renewable energy
renewable energy renewable energy renewable energy  renewable energyrenewable energy renewable energy renewable energy  renewable energy
renewable energy renewable energy renewable energy renewable energy
 
MUT4SLX: Extensions for Mutation Testing of Stateflow Models
MUT4SLX: Extensions for Mutation Testing of Stateflow ModelsMUT4SLX: Extensions for Mutation Testing of Stateflow Models
MUT4SLX: Extensions for Mutation Testing of Stateflow Models
 
8 key point on optimizing web hosting services in your business.pdf
8 key point on optimizing web hosting services in your business.pdf8 key point on optimizing web hosting services in your business.pdf
8 key point on optimizing web hosting services in your business.pdf
 
20140812 - OBD2 Solution
20140812 - OBD2 Solution20140812 - OBD2 Solution
20140812 - OBD2 Solution
 
openEuler Community Overview - a presentation showing the current scale
openEuler Community Overview - a presentation showing the current scaleopenEuler Community Overview - a presentation showing the current scale
openEuler Community Overview - a presentation showing the current scale
 
MinionLabs_Mr. Gokul Srinivas_Young Entrepreneur
MinionLabs_Mr. Gokul Srinivas_Young EntrepreneurMinionLabs_Mr. Gokul Srinivas_Young Entrepreneur
MinionLabs_Mr. Gokul Srinivas_Young Entrepreneur
 
User Experience Designer | Kaylee Miller Resume
User Experience Designer | Kaylee Miller ResumeUser Experience Designer | Kaylee Miller Resume
User Experience Designer | Kaylee Miller Resume
 
BATbern52 Swisscom's Journey into Data Mesh
BATbern52 Swisscom's Journey into Data MeshBATbern52 Swisscom's Journey into Data Mesh
BATbern52 Swisscom's Journey into Data Mesh
 
Splashtop Enterprise Brochure - Remote Computer Access and Remote Support Sof...
Splashtop Enterprise Brochure - Remote Computer Access and Remote Support Sof...Splashtop Enterprise Brochure - Remote Computer Access and Remote Support Sof...
Splashtop Enterprise Brochure - Remote Computer Access and Remote Support Sof...
 
Flutter the Future of Mobile App Development - 5 Crucial Reasons.pdf
Flutter the Future of Mobile App Development - 5 Crucial Reasons.pdfFlutter the Future of Mobile App Development - 5 Crucial Reasons.pdf
Flutter the Future of Mobile App Development - 5 Crucial Reasons.pdf
 
Take Advantage of Mx Tracking Flight Scheduling Solutions to Streamline Your ...
Take Advantage of Mx Tracking Flight Scheduling Solutions to Streamline Your ...Take Advantage of Mx Tracking Flight Scheduling Solutions to Streamline Your ...
Take Advantage of Mx Tracking Flight Scheduling Solutions to Streamline Your ...
 
Large Scale Architecture -- The Unreasonable Effectiveness of Simplicity
Large Scale Architecture -- The Unreasonable Effectiveness of SimplicityLarge Scale Architecture -- The Unreasonable Effectiveness of Simplicity
Large Scale Architecture -- The Unreasonable Effectiveness of Simplicity
 

Intro to modern cryptography

  • 1. Zahid Mian Part of the Brown-bag Series
  • 2.  History andTerms  WhyWe Need Encryption  How is Encryption Used In Systems  Difference in Ciphers  Various Implementations  HashValues  Digital Signatures  Why Attacks Are Successful
  • 3.  Hieroglyphs  4000 years ago  Use pictures to represent words/messages  Caesar ShiftCipher  Replace characters by an offset (or shifting)  Offset = 2, then “hello” -> “jgnnq”  Improvements over time  Steganography,Vigenere Coding
  • 4.  Modern really means digital  Much more mathematically oriented  Operating on bit values  Use of public key and secret key  Even though algorithm are public, it’s nearly impossible to obtain original information
  • 5.  Plaintext –The original information  Cipher – A secret way of writing (an algorithm)  Encryption Key – A value that is used to encrypt plaintext (aka, public key)  Decryption Key – A value that is used to decrypt Ciphertext (aka, private key)  Ciphertext -The encrypted information  Algorithm – (Often) Public algorithm that uses keys to encrypt or decrypt information  Interceptor/Attacker – unauthorized entity that tries to determine the cipher text (aka, hacker)  Symmetric – single key used for encryption and decryption  Asymmetric – uses public key and private key
  • 6. http://www.infosectoday.com/Articles/Intro_to_Cryptography/CryptoFig05a.jpg This is how things generally work today, but there are a lot of pieces that make this happen.
  • 7.  Passive – Simply gaining unauthorized access to information.  Most common password is 123456  Active – A hacker attempts to make changes to data on the target or data en route  Masquerading: hacker pretends to be someone  Denial of Service (DoS): deny access to legitimate users by overwhelming the system (common)  Using technical information to steal user id (e.g., using session id)
  • 8.  Known Plaintext Attack (KPA)  Attacker knows plaintext of some part of the ciphertext; attempts to decrypt the rest  Chosen Plaintext Attack (CPA)  Attacker has ciphertext and plaintext; attempts to determine key  Brute Force Attack (BFA)  Attacker tries to determine key by attempting all possible values  Man in the Middle (MIM)  Simple, but technically challenging method of duping both the sender and the receiver into thinking keys came from correct source  Side Channel Attacks (SCA)  Data Remanence (reading data that should have been deleted)  Row Hammer (low-level memory hack)  Fault Analysis (forcing errors and reading outputs for clues)
  • 9.  Traditionally Ciphers were single character  Caesar Cipher: shift a single character  Two-character Cipher (Playfair)  Use two characters as key  String Cipher (Vigenere)  Use a string (word) as key  One-Time Pad  Key length equals length of plaintext  Block/Stream (DES,AES)  Plaintext is processed in blocks/streams of bits at a time
  • 11.  Underlying model for many block ciphers  Same algorithm for encryption/decryption  Steps  Input is split into two halves  RHS input is transformed by function f which receives a subkey  LHS combined with transformed input from RHS using XOR operation  RHS and LHS are switched to obtain the input for next round  Repeat
  • 12. 32 bit 32 bit f 32 bit 32 bit 32 bit 32 bit Ki LHSi-1 RHSi-1 LHSi-1 = RHSi-1 RHSi-1 = LHSi-1
  • 13.  Block size is 64 bits  Key length is 64 bits (though only 56 are used)  Round-key generator creates 48-bit Key • Very Strong Cipher • Fallen out of favor because small key value • Can be hacked with exhaustive search
  • 14.  Don’t abandon original DES; change usage  Effectively use 3 Keys (3X56 = 168)  Problem of short key solved  Kind of slow  Process  Encrypt plaintext using K1  Decrypt output of Step1 using K2  Encrypt output of Step2 using K3  Output of Step3 is ciphertext  Decrypt in reverse order
  • 15.  The more popular algorithm today  Much faster thanTriple DES  128-bit data; 128/192/256-bit keys  Key size depends on the number of rounds  A “bit” more complex algorithm (pun intended)  For details see online resources  To-Date no attacks againstAES have been successful
  • 16.  Asymmetric Cipher (diff keys)  Necessary due to growth of Internet  Used for smaller pieces of data  ThreeTypes  RSA (widely used)  ElGamal  Elliptic Curve Cryptography (ECC)
  • 18.  Function that converts arbitrarily long numeric input into a fixed numeric output called a hash  Very Efficient  Hard to reverse value  Hard to produce same hash for diff inputs  Some well known Hash Functions  Message Digest (MD), Secure Hash Function (SHA), RIPEMD  Most Common Use: Password Storage  Secure Apps will not save your password in plaintext
  • 19.  How can we be sure a message is authentic?  In the old days, a signature on a letter proved authenticity  Digital Signatures do the same thing-they ensure that the message is from the original sender with the original message  Adds trust when exchanging data  Using Encryption with Digital Signatures is important  Certifying Authority (CA) responsible for management of certificates  Generating, issuing, publishing, verifying, revoking
  • 21.  User Carelessness / Stolen Credentials  Stolen equipment (laptops, phones, etc.)  Incorrect Implementation / Backdoor  Broken Processes / InsiderThreats  PhishingAttacks  Sending sensitive data over plaintext  Zero-day threats / Maintenance  Application vulnerabilities

Notas do Editor

  1. Which of these are likely to happen? Some are more theoretical than practical.
  2. In feedback cipher, the encrypted text of the previous step is used to encrypt the next block
  3. Right side image shows the all 16 rounds of encryption. Number of rounds is configurable Left side shows a single round of encryption. LHS = Left Hand Side RHS = Right Hand Side
  4. Each person adopting this scheme has a public-private key pair. the key pairs used for encryption/decryption and signing/verifying are different. The private key used for signing is referred to as the signature key and the public key as the verification key. Signer feeds data to the hash function and generates hash of data. Hash value and signature key are then fed to the signature algorithm which produces the digital signature on given hash. Signature is appended to the data and then both are sent to the verifier. Verifier feeds the digital signature and the verification key into the verification algorithm. The verification algorithm gives some value as output. Verifier also runs same hash function on received data to generate hash value. For verification, this hash value and output of verification algorithm are compared. Based on the comparison result, verifier decides whether the digital signature is valid. Since digital signature is created by ‘private’ key of signer and no one else can have this key; the signer cannot repudiate signing the data in future.