2.
Introduction
In the era of www and portable pc’s ,electronic
data security is under great threat from prowling
hackers and information stealers.
Information has become so important that it has
achieved the achieved the status of currency.
Encryption is a main tool used by IT geeks to
protect terabytes of data criss – crossing the
information highway .
2
3.
Information Security Requirements : Confidentiality – accessibility of data only to
authorized users.
Authentication – verification of the identity of
communicating user at the other end.
Integrity control – allowing the modification of
data only by authorized personnel.
3
4.
TERMINOLOGY
Cryptography : science of encrypting information to
form a scrambled or randomized text by using
mathematical transformations such that it becomes
indecipherable until it is decrypted.
Cryptanalysis : process aimed at cracking the
encrypted text either by breaking the algorithm or by
guessing or inferencing the decryption key.
Brute force attack : process of key spacing the
algorithm by inducing trial of every possible key in
succession until text is deciphered. If the key length is
k bits , then key space is 2^k bits, and for large keys,
even the fastest computer is unable to try out all the
possible combinations in key space .
4
5.
Encryption Model :ENCRYPTION KEY , K
PLAINTEXT
ENCRYPTION
DECRYPTION KEY
DECRYPTION
PLAINTEXT
CIPHERTEXT, C = E k ( PLAINTEXT )
Plaintext : original data or message fed as input.
Ciphertext : scrambled message produced as output.
Encryption : conversion of plaintext to ciphertext.
Decryption : conversion of ciphertext to plaintext.
5
6.
TYPES OF ENCRYPTION
ALGORITHMS :
Symmetric Key Algorithm : is implemented using
a secret key shared by both sender & reciever for
encryption & decryption respectively .
Shared secret key
PLAINTEXT
ENCRYPTION
CIPHERTEXT
DECRYPTION
PLAINTEXT
6
7.
Asymmetric Key Algorithm
It implies use of two different keys ,one for
encryption which is made public & the other private
key which serves as the unique decryption key.
PUBLIC KEY
PLAINTEXT
ENCRYPTION
PRIVATE
CIPHERTEXT
KEY
DECRYPTION
7
PLAINTEXT
8.
PREVALENT ENCRYPTION ALGORITHMS
Symmetric Key algorithms –
DES : (DATA ENCRYPTION STANDARD ).
IDEA : (INTERNATIONAL DATA ENCRYPTION ALGORITHM).
BLOWFISH: (LATEST & MOST SECURE).
Asymmetric Key algorithms –
RSA :(RIVEST,SHAMIR,ADLEMAN).
PGP : (PRETTY GOOD PRIVACY).
8
9.
- Relative Strength Comparisons of Encryption
Algorithms -
Type
Security Level
Implementation
Speed
Idea
Military Grade
128 bit Shared
Secret
Fast
Blowfish
Military Grade
256 to 448 bit
Shared Secret
Fastest
DES
Low
40 to 56 bit Shared
Secret
Fast
RSA
Military Grade
2048 bit
Public Key
Very Slow
9
10.
DES Encryption Algorithm :L ( i-1)
LEFT 32 BIT INPUT
R ( i-1)
RIGHT 32 BIT INPUT
L (i-1) EX-OR f (R (i-1) ,Ki )
LEFT 32 BIT OUTPUT
LEFT32 BIT OUTPUT
L ( i )
RIGHT 32 BIT OUTPUT
R ( i )
Plaintext encrypted in blocks of 64 bits ,using 56 bit key and 16
iterations. Initial permutation of 64 bit plaintext block is
followed by iterations .Each iteration involves production of
two 32 bit outputs from two 32 bit inputs.. Left output is a
copy of right output and right output is bitwise EX-OR of left
input , a function of right input and key for this iteration Ki.
After each iteration the two 32 bit halves are swapped. After
final iteration a final permutation or transposition is applied to
get ciphertext block. decryption is done with 10 same key by
the
running steps in reverse order.
11.
RSA ALGORITHM : It is based on a concept of number theory which implies
computational infeasibility of the factorization of large
numbers in real time which increases exponentially with
the geometric growth of numbers.
Formulation of method by Rivest, Shamir, Adleman : Choose two large primes, p and q (greater than 10 ^ 100).
Compute n = p * q and z = (p – 1 ) * (q – 1).
Choose a number relatively prime to z, and denote it by d.
Compute e such that e = (1 mod z) / d .
C = P ^ e (mod n)
P = C ^ d (mod n) where C and P are ciphertext and
plaintext
11
blocks of k bits where k is largest integer such that 2 ^ k < n.
12.
DIGITAL SIGNATURES
A digital signature does not refer to a digitized image of paper signature, but is
created using asymmetric cryptography in which private key is known only to
signer and is used to create digital signature while public key is used to verify
the signature. Message digest is calculated by putting the data through one
way hash function .then the digital signature is created by encrypting this
message digest with sender’s private key. Receiver will be able to ensure that
this document has been signed by that particular person if message digest can
be obtained by using sender’s public key and it matches message digest of
Message sent
message sent along with it.
Message
sent
Hash function
Message digest
Private key of sender
Digital
signature
Received
message
Digital
signature
Hash function
Message
digest
Digital
signature
Digital
signature
Sender’s
public key
12
Message
digest
13.
LATEST ENCRYPTION
TECHNOLOGIES
Virtual matrix algorithm: The basis of VME is a Virtual Matrix,
a matrix of random binary values which is, in theory, is infinite
in size and therefore contains no redundant values. The data to
be encrypted is compared to the data in the Virtual Matrix.
Once a match is found, a set of pointers that indicate how to
navigate inside the Virtual Matrix is created. That set of pointers
is then further encrypted using dozens of other algorithms using
key. The data sent consists of pointers to locations of the
content of the message within a virtual matrix .
The key size which can reach up to 1 million bits is not sent ,
but recreated at a remote location from an electronic file
available at both sender and receiver computer .VME
.
encryption results in a statistically even distribution of
13
characters .
14.
QUANTUM CRYPTOGRAPHY
Quantum cryptography is based on the fundamental physical law that
observation by eavesdroppers inevitably affects the quantum system and the
information of the system , making the information incomplete. That is, once
communication content is tapped on the channel, the content itself changes
irreversibly. The eavesdropped content, then, becomes meaningless and the
legitimate recipient can detect the eavesdropper by the change in content. .
14
15.
CONCLUSION
Better and more secure algorithms are being
developed with a very large key space so that no
computer can bruteforce some encrypted text.
Encryption applications range from providing secure
email ,authenticating users by digital signatures and
providing credibility through digital certificates.
Thus as we can see encryption technology which
has great utility in transferring information securely
over networks is an emerging field of research and
new progress is being made day by day.
15
A particular slide catching your eye?
Clipping is a handy way to collect important slides you want to go back to later.