Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide


  1. 1. <ul><li>ENCRYPTION </li></ul><ul><li>Presented by </li></ul><ul><li>Amit Choudhary </li></ul>
  2. 2. <ul><li>ENCRYPTION </li></ul><ul><li>Data that can be read and understood without any special measures is called plaintext or cleartext . </li></ul><ul><li>The method of disguising plaintext in such a way as to hide its substance is called encryption . </li></ul><ul><li>Encrypting plaintext results in unreadable gibberish called ciphertext . </li></ul><ul><li>The process of reverting ciphertext to its original plaintext is called decryption . </li></ul>
  3. 3. <ul><li>DEFINITIONS OF SECURITY </li></ul><ul><li>Semantic Security </li></ul><ul><li>An encryption scheme is semantically secure if it is infeasible to learn anything about the plaintext from the ciphertext. </li></ul><ul><li>Defining more accurately, it means that whatever can be efficiently computed from the ciphertext, can be efficiently computed when given only the length of the plaintext. </li></ul><ul><li>Indistinguishability of Encryptions </li></ul><ul><li>It interprets security as the infeasibility of distinguishing between encryptions of a given pair of messages which are of same length. </li></ul>
  4. 4. <ul><li>ENCRYPTION ALGORITHMS </li></ul><ul><li>Private Key Algorithms </li></ul><ul><li>Single, Shared, Symmetric. </li></ul><ul><li>Used for bulk data encryption, broadcast applications. </li></ul><ul><li>Requires a secret key to be known by both parties. </li></ul><ul><li>Examples are DES, RC4, Blowfish, IDEA. </li></ul><ul><li>Public Key Algorithms </li></ul><ul><li>Two, Asymmetric. </li></ul><ul><li>Used for key agreement and distribution. </li></ul><ul><li>Require a public and a private key pair for each party. </li></ul><ul><li>Examples are RSA, Diffie-Hellman, ElGamal </li></ul><ul><li>Hash Functions </li></ul><ul><li>Used to compress data down to a fixed size for signing. </li></ul><ul><li>Examples are MD5, SHA-1 </li></ul>
  5. 5. <ul><li>DES – Private Key Cryptosystem </li></ul><ul><li>IBM developed Lucifer in 1974 which was adopted in 1977 as DES . </li></ul><ul><li>DES encrypts and decrypts data in 64-bit blocks, using a 64-bit key (although the effective key strength is only 56 bits). </li></ul><ul><li>Although the input key for DES is 64 bits long, the actual key used by DES is only 56 bits in length. Why?? </li></ul><ul><li>It takes a 64-bit block of plaintext as input and outputs a 64-bit block of ciphertext. </li></ul><ul><li>DES has 16 rounds, i.e. the algorithm is repeated 16 times to produce the ciphertext. </li></ul><ul><li>It has been found that the number of rounds is exponentially proportional to the amount of time required to find a key using a brute-force attack. So as the number of rounds increases, the security of the algorithm increases exponentially. </li></ul>
  6. 6. <ul><li>What After DES?? </li></ul><ul><li>DES is the workhorse of cryptography algorithms, and it's long past time to replace the 19-year-old standard. The recent design of a $1M machine that could recover a DES key in 3.5 hours only confirmed what everybody knew: DES's key size is far too small for today. </li></ul><ul><li>The world only partly trusted DES because it survived the scrutiny of the NSA. Experts trusted DES because it was a published standard, and because it survived 20 years of intensive cryptanalysis by cryptographers around the world. </li></ul><ul><li>Candidates for a replacement are emerging, but none has taken widespread hold. </li></ul><ul><li>Triple-DES is the conservative approach. </li></ul><ul><li>IDEA (used in PGP) is the most promising new algorithm. </li></ul><ul><li>And there is a bevy of unpatented ones, RC4 ,SAFER, and Blowfish. </li></ul>
  7. 7. <ul><li>Triple-DES Algorithm </li></ul><ul><li>Triple DES is simply another mode of DES operation. </li></ul><ul><li>It takes three 64-bit keys, for an overall key length of 192 bits.(168 bits) </li></ul><ul><li>The procedure for encryption is exactly the same as regular DES, but it is repeated three times. Hence the name Triple DES. </li></ul><ul><li>The data is encrypted with the first key, decrypted with the second key, and finally encrypted again with the third key. </li></ul><ul><li>Consequently, Triple DES runs three times slower than standard DES, but is much more secure if used properly . </li></ul>
  8. 8. <ul><li>Triple Des Encryption - Problem </li></ul><ul><li>Unfortunately, there are some weak keys that one should be aware of. </li></ul><ul><li>If all three keys, the first and second keys, or the second and third keys are the same, then the encryption procedure is essentially the same as standard DES. </li></ul><ul><li>Why is it a problem?? </li></ul><ul><li>This situation is to be avoided because it is the same as using a really slow version of regular DES. </li></ul>
  9. 9. <ul><li>Advantages of Public Key Cryptography </li></ul><ul><li>Secure key exchange without prior exchange of secrets. </li></ul><ul><li>Can provide a method for digital signatures and hence in authentication. </li></ul><ul><li>Authentication of documents. </li></ul><ul><li>Instead of encrypting information using someone else's public key, we encrypt it with our private key. If the information can be decrypted with our public key, then it must have originated by us. </li></ul>
  10. 10. <ul><li>RSA – Public Key Cryptosystem </li></ul><ul><li>Invented in 1977 by Ron Rivest , Adi Shamir and Leonard Adleman . </li></ul><ul><li>Algorithm: </li></ul><ul><li>Take two large primes p and q and find their product n = pq. </li></ul><ul><li>Choose a number e less than n and relatively prime to p-1 and q-1. </li></ul><ul><li>Find its inverse d mod (p-1)(q-1). </li></ul><ul><li>This means ed = 1 mod (p-1)(q-1). </li></ul><ul><li>e and d are called public and private exponents. </li></ul><ul><li>The public key is the pair (e,n) and the private key is d . </li></ul>
  11. 11. <ul><li>Security concern? </li></ul><ul><li>It is difficult to obtain the private key d from public key pair (e,n). </li></ul><ul><li>However not impossible. Let’s see how? </li></ul><ul><li>The Factoring Problem </li></ul><ul><li>Factoring is the underlying foundation on which several Public Key Cryptosystems have been designed. </li></ul><ul><li>Factoring an RSA modulus can help the attacker get a private key. </li></ul><ul><li>Make factoring difficult by increasing the modulus n. </li></ul><ul><li>Do hardware improvements make RSA less secure? </li></ul><ul><li>No, since any improvement that allows an attacker to factor a number 2 digits longer than before will allow the RSA user to use a key dozens of digits longer than before. </li></ul><ul><li>A lot of factoring algorithms have been designed in the recent years. </li></ul><ul><li>Some of these methods and their running times are: </li></ul><ul><li>Pollard rho method – O(sqrt(p)). </li></ul><ul><li>Elliptic Curve Method – O(exp(sqrt(2 ln p ln ln p))). </li></ul><ul><li>Number Field Sieve – O(exp(1.9(ln n)^{1/3}(ln ln n)^{2/3})). </li></ul><ul><li>Multiple Polynomial Quadratic Sieve – O(exp(sqrt(ln n ln ln n))). </li></ul>
  12. 12. <ul><li>Security concern? </li></ul><ul><li>The Discrete Log Problem </li></ul><ul><li>The Log problem is to find the exponent x in the formula y = g^x mod p or </li></ul><ul><li>to find the power that g must be raised in order to obtain y, modulo the prime number p. </li></ul><ul><li>It has been the basis of several Public Key Cryposystems such as ElGamal System and DSS. </li></ul><ul><li>The security of these systems rests on the assumption that discrete logs are difficult to compute. </li></ul><ul><li>The best discrete log problems have expected running times similar to that of the best factoring algorithms. </li></ul><ul><li>Which is easier to solve – Factoring Problem or Discrete Log Problem? </li></ul><ul><li>One paper suggests that the Discrete Log Problem is a little harder. </li></ul>
  13. 13. <ul><li>PGP </li></ul><ul><li>PGP (short for Pretty Good Privacy) is a public key encryption program originally written by Phil Zimmermann in 1991. Over the past few years, PGP has become a de-facto standard for encryption of email on the Internet. </li></ul><ul><li>PGP first compresses the plaintext. </li></ul><ul><li>PGP then creates a session key, which is a one-time-only secret key. </li></ul><ul><li>This session key is used to encrypt the plaintext; the result is ciphertext. </li></ul><ul><li>Once the data is encrypted, the session key is encrypted to the recipient's public key. </li></ul><ul><li>This public key-encrypted session key is transmitted along with the ciphertext to the recipient. </li></ul>
  14. 14. <ul><li>PGP </li></ul><ul><li>Decryption works in the reverse. </li></ul><ul><li>The recipient's copy of PGP uses his or her private key to recover the temporary session key. </li></ul><ul><li>PGP then uses this to decrypt the conventionally-encrypted ciphertext . </li></ul>
  15. 15. <ul><li>Hash functions </li></ul><ul><li>A typical one way hash function takes a variable length message and produces a fixed length hash. Given the hash, it is computationally impossible to find a message with that hash. </li></ul><ul><li>MD2, MD4, and MD5 are the different message-digest algorithms developed by Rivest. </li></ul><ul><li>They are meant for digital signature applications where a large message has to be ``compressed'' in a secure manner before being signed with the private key. </li></ul>
  16. 16. <ul><li>MD2 was optimized for 8-bit machines whereas MD4 and MD5 were aimed at 32-bit machines. </li></ul><ul><li>MD2 </li></ul><ul><li>MD2 was developed by Rivest in 1989. </li></ul><ul><li>The message is first padded so its length in bytes is divisible by 16. </li></ul><ul><li>A 16-byte checksum is then appended to the message, and the hash value is computed on the resulting message. </li></ul><ul><li>MD4 </li></ul><ul><li>MD4 was developed by Rivest in 1990. </li></ul><ul><li>The message is padded to ensure that its length in bits plus 64 is divisible by 512. </li></ul><ul><li>A 64-bit binary representation of the original length of the message is then concatenated to the message. The message is processed in 512-bit blocks and each block is processed in three distinct rounds. </li></ul><ul><li>MD5 </li></ul><ul><li>MD5 was developed by Rivest in 1991. </li></ul><ul><li>It is MD4 with ”safety-belts” and while it is slightly slower than MD4, it is more secure. </li></ul><ul><li>The algorithm consists of four distinct rounds, which has a slightly different design from that of MD4. Message-digest size, as well as padding requirements, remain the same. </li></ul>