0
Upcoming SlideShare
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Standard text messaging rates apply

Cryptography Intro

6,234

Published on

A very basic introduction to cryptography, used for a test teach at my old job.

A very basic introduction to cryptography, used for a test teach at my old job.

Published in: Technology, Education
4 Likes
Statistics
Notes
• Full Name
Comment goes here.

Are you sure you want to Yes No
• Be the first to comment

Views
Total Views
6,234
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
631
0
Likes
4
Embeds 0
No embeds

No notes for slide
• Transcript

• 1. Introduction to Cryptography Christopher Martin
• 2. What is Cryptography?
• “ There are two kinds of cryptography in the world: the kind that will keep your kid sister from reading your files, and the kind that will keep major governments from reading your files” - Bruce Schneier, preface to Applied Cryptography
• Cryptography is the science of keeping things secret, this is known formally as confidentiality .
• Cryptography can be asked to do other things as well.
• 3. But what can crypto do for me?
• Authentication
• Proof of identity
• Integrity
• Proof of content
• Nonrepudiation
• Proof of transmission
• 4. Terminology
• Plaintext or Cleartext
• The message
• Ciphertext
• The encrypted message
• Encryption or Enciphering
• The process of turning plaintext into ciphertext
• E(M) = C
• Decryption or Deciphering
• The opposite of the above
• D(C) = M or D(E(M)) = M
• 5. Son of Terminology
• Cryptography
• Art and science of keeping secrets secret
• Practitioners are called Cryptographers
• Cryptanalysis
• The art and science of making secrets not. Breaking Cryptography
• Practitioners are called Cryptanalysts
• Cryptology
• The branch of mathematics that encompasses both of the above.
• Practitioners are called Cryptologists
• 6. Return of Son of Terminology
• Key
• The “shared secret” used to keep the message secret.
• Can be one value from any sized range, called the keyspace
• Cryptographic Algorithm
• The series of steps applied to the message and the key
• Also called a cipher
• Cryptosystem
• A single algorithm, plus all possible plaintexts, ciphertexts, and keys
• 7. A brief digression on secrecy
• All secrecy resides in the key
• Kerchoffs’ Law
• Restricted Algorithms
• 8. Types of encryption algorithms
• Asymmetric
• Also known as public key
• Uses two keys, public and private
• Symmetric
• Uses one key that is shared between parties
• Historical/Classical
• Substitution ciphers, polyalphabetic cipers, codes
• Hash
• Not technically encryption algorithms but are part of cryptography
• 9. Symmetric Encryption
• E k (M) = C, D k (C) = M, D k (E k (M)) = M
• The encryption key can be calculated from the decryption key, and vice versa
• Usually, however, there is only one key
• The primary Achilles heel is that the key must be shared between n parties
• DES, 3DES, Blowfish, Twofish, Serpent, IDEA, AES (Rijndael)
• Can operate in two modes: stream and block, and most modern algorithms have variable key size
• Subset of Symmetric ciphers
• Offers theoretically perfect security
• Key is comprised of a large sheet of truly random letters.
• Each key is used only once
• Encryption is the addition modulo 26 of the key letter, and the plaintext letter
• 11. Asymmetric Encryption
• E k-pub (M) = C, D k-priv (C) = M, D k-priv (E k-pub (M)) = M
• Given the public key, it is computationally infeasible to calculate the private key
• Can also be used for digital signatures
• Examples: RSA, DSA, ElGamal,Diffe-Hellman
• 12. Hashing Algorithms
• There is no key involved in hashing
• Takes an arbitrary sized input, and produces a unique fixed size output
• The smallest change in the input should produce a totally different output
• The process is non reversible
• Examples: MD4, MD5, SHA-1, SHA-128, SHA-256
• 13. Attacking Cryptography
• Cryptanalysis
• Ciphertext Only Attack
• Known Plaintext Attack
• Chosen Plaintext Attack
• Chosen Ciphertext Attack
• Chosen Key Attack
• Rubber Hose Cryptanalysis
• 14. Where to use cryptography?
• Anywhere you want to have something remain secret
• SSL, TLS, IPv6, SSH, IPSec all keep information secure in transit
• Any Symmetric Algorithm can keep your files safe in storage
• There are file systems available that will encrypt your data on the fly. EncFS and Loop-AES for unix, EFS for windows, FileVault for Mac OS X
• You can add encryption at the application level, or at the server level for storing database information securely
• 15. Where can I get cryptography?
• Your best bet it to have it bundled with the Operating System, or to buy supported add-on hardware that does what you want.
• OpenBSD is the de facto standard for operating system supported cryptography.
• Add on libraries like OpenSSL and libTomCrypt are also available for most unix like platforms.