SlideShare a Scribd company logo

Secure Crypto for Data Protection

Sri Manakula Vinayagar Engineering College
Sri Manakula Vinayagar Engineering College

Security

Education
1 of 58
Download to read offline
Security UNIT- V
Cryptography • Cryptography comes from the Greek words for ''secret writing.’’ The messages to be encrypted, known as the plaintext, are transformed by a function that is parameterized by a key.
Plain text and Cipher text: • The original message, before being transformed, is called plain text. • After the message is transformed, it is called cipher text. – An encryption algorithm transforms the plaintext into ciphertext; – a decryption algorithm transforms the ciphertext back into plaintext. – The sender uses an encryption algorithm, and the receiver uses a decryption algorithm.
Encryption model • Cryptography can provide confidentiality, integrity, authentication and non-repudiation of messages. • Cryptography can also be used to authenticate the sender and receiver of the message to each other.
Data Encryption • Encryption is a security method in which information is encoded in such a way that only authorized user can read it. It uses encryption algorithm to generate ciphertext that can only be read if decrypted. • There are two types of encryptions schemes as listed below: – Symmetric Key encryption – Public Key encryption •
Symmetric Key encryption • Symmetric key encryption algorithm uses same cryptographic keys for both encryption and decryption of cipher text. Symmetric encryption is generally more efficient than asymmetric encryption and therefore preferred when large amounts of data need to be exchanged. Symmetric-key cryptography is sometimes called secret-key cryptography. The most popular symmetric-key system is the Data Encryption Standard (DES).
Symmetric Key • An encryption system in which the sender and receiver of a message share a single, common key that is used to encrypt and decrypt the message. Contrast this with public-key cryptology, which utilizes two keys - a public key to encrypt messages and a private key to decrypt them. • Symmetric-key systems are simpler and faster, but their main drawback is that the two parties must somehow exchange the key in a secure way. Public-key encryption avoids this problem because the public key can be distributed in a non-secure way, and the private key is never transmitted.
Symmetric Key Cryptography • Symmetric key cryptography (or symmetric encryption) is a type of encryption scheme in which the same key is used both to encrypt and decrypt messages. • Such a method of encoding information has been largely used in the past decades to facilitate secret communication between governments and militaries. Nowadays, symmetric key algorithms are widely applied in various types of computer systems to enhance data security. • Examples for symmetric key cryptography include AES, DES, and 3DES. Key exchange protocols used to establish a shared encryption key include Diffie-Hellman (DH), elliptic curve (EC) and RSA.
How does symmetric encryption work? • Symmetric encryption schemes rely on a single key that is shared between two or more users. The same key is used to encrypt and decrypt the so-called plaintext (which represents the message or piece of data that is being encoded). The process of encryption consists of running a plaintext (input) through an encryption algorithm called a cipher, which in turn generates a ciphertext (output). • If the encryption scheme is strong enough, the only way for a person to read or access the information contained in the ciphertext is by using the corresponding key to decrypt it. The process of decryption is basically converting the ciphertext back to plaintext.
Cont.. • The security of symmetric encryption systems is based on how difficult it randomly guess the corresponding key to brute force them. • A 128-bit key, for example, would take billions of years to guess using common computer hardware. The longer the encryption key is, the harder it becomes to crack it. • Keys that are 256-bits length are generally regarded as highly secure and theoretically resistant to quantum computer brute force attacks.
Cont.. The most common symmetric encryption schemes used today are based on block and stream ciphers. • Block ciphers group data into blocks of predetermined size and each block is encrypted using the corresponding key and encryption algorithm (e.g., 128-bit plaintext is encrypted into 128-bit ciphertext). • On the other hand, stream ciphers do not encrypt plaintext data by blocks, but rather by 1-bit increments (1-bit plaintext is encrypted into 1-bit ciphertext at a time).
Symmetric vs. Asymmetric encryption • Symmetric encryption is one of the two major methods of encrypting data in modern computer systems. The other is asymmetric encryption, which is the major application of public key cryptography. The main difference between these methods is the fact that asymmetric systems use two keys rather than the one employed by the symmetric schemes. One of the keys can be publicly shared (public key), while the other must be kept in private (private key). • The use of two keys instead of one also produces a variety of functional differences between symmetric and asymmetric encryption. Asymmetric algorithms are more complex and slower than the symmetric ones. Because the public and private keys employed in asymmetric encryption are to some degree mathematically related, the keys themselves must also be considerably longer to provide a similar level of security offered by shorter symmetric keys.
Advantages and disadvantages • Symmetric algorithms provide a fairly high level of security while at the same time allowing for messages to be encrypted and decrypted quickly. The relative simplicity of symmetric systems is also a logistical advantage, as they require less computing power than the asymmetric ones. In addition, the security provided by symmetric encryption can be scaled up simply by increasing key lengths. For every single bit added to the length of a symmetric key, the difficulty of cracking the encryption through a brute force attack increases exponentially.
Advantages and disadvantages • While symmetric encryption offers a wide range of benefits, there is one major disadvantage associated with it: the inherent problem of transmitting the keys used to encrypt and decrypt data. When these keys are shared over an unsecured connection, they are vulnerable to being intercepted by malicious third parties. If an unauthorized user gains access to a particular symmetric key, the security of any data encrypted using that key is compromised. To solve this problem, many web protocols use a combination of symmetric and asymmetric encryption to establish secure connections. Among the most prominent examples of such a hybrid system is the Transport Layer Security (TLS) cryptographic protocol used to secure large portions of the modern internet. • It should also be noted that all types of computer encryption are subject to vulnerabilities due to improper implementation. While a sufficiently long key can make a brute force attack mathematically impossible, errors in implementation made by programmers often create weaknesses that open up the way for cyber-attacks.
Public Key encryption • Public key encryption algorithm uses pair of keys, one of which is a secret key and one of which is public. These two keys are mathematically linked with each other.
Hashing • Hashing is a technique used to encrypt data and generate unpredictable hash values. It is the hash function that generates the hash code, which helps to protect the security of transmission from unauthorized users. • Hashing algorithm provides a way to verify that the message received is the same as the message sent. It can take a plain text message as input and then computes a value based on that message.
Function of Hash algorithms • Key Points • The length of computed value is much shorter than the original message. It is possible that different plain text messages could generate the same value. • Here we will discuss a sample hashing algorithm in which we will multiply the number of a’s, e’s and h’s in the message and will then add the number of o’s to this value. • For example, the message is “ the combination to the safe is two, seven, thirty-five”. The hash of this message, using our simple hashing algorithm is as follows: 2 x 6 x 3 ) + 4 = 40
Digital signatures Authentication • Digital signatures help to authenticate the sources of messages. For example, if a bank’s, branch office sends a message to central office, requesting for change in balance of an account. If the central office could not authenticate that message is sent from an authorized source, acting of such request could be a serious mistake. Integrity • Once the message is signed, any change in the message would invalidate the signature. Non-repudiation • By this property, any entity that has signed some information cannot at a later time deny having signed it.
Digital signatures
Public Key Cryptography • Unlike symmetric key cryptography, we do not find historical use of public-key cryptography. It is a relatively new concept. • Symmetric cryptography was well suited for organizations such as governments, military, and big financial corporations were involved in the classified communication. • With the spread of more unsecure computer networks in last few decades, a genuine need was felt to use cryptography at larger scale. The symmetric key was found to be non-practical due to challenges it faced for key management. This gave rise to the public key cryptosystems.
The process of encryption and decryption is depicted in the following illustration
Public key encryption scheme • Different keys are used for encryption and decryption. This is a property which set this scheme different than symmetric encryption scheme. • Each receiver possesses a unique decryption key, generally referred to as his private key. • Receiver needs to publish an encryption key, referred to as his public key. • Some assurance of the authenticity of a public key is needed in this scheme to avoid spoofing by adversary as the receiver. Generally, this type of cryptosystem involves trusted third party which certifies that a particular public key belongs to a specific person or entity only.
Cont.. • Encryption algorithm is complex enough to prohibit attacker from deducing the plaintext from the ciphertext and the encryption (public) key. • Though private and public keys are related mathematically, it is not be feasible to calculate the private key from the public key. In fact, intelligent part of any public-key cryptosystem is in designing a relationship between two keys.
DES
AES Origins • clear a replacement for DES was needed – have theoretical attacks that can break it – have demonstrated exhaustive key search attacks • can use Triple-DES – but slow, has small blocks • US NIST issued call for ciphers in 1997 • 15 candidates accepted in Jun 98 • 5 were shortlisted in Aug-99 • Rijndael was selected as the AES in Oct-2000 • issued as FIPS PUB 197 standard in Nov-2001
The AES Cipher - Rijndael  designed by Rijmen-Daemen in Belgium  has 128/192/256 bit keys, 128 bit data  an iterative rather than Feistel cipher  processes data as block of 4 columns of 4 bytes  operates on entire data block in every round  designed to have:  resistance against known attacks  speed and code compactness on many CPUs  design simplicity
AES Encryption Process
AES Structure  data block of 4 columns of 4 bytes is state  key is expanded to array of words  has 9/11/13 rounds in which state undergoes:  byte substitution (1 S-box used on every byte)  shift rows (permute bytes between groups/columns)  mix columns (subs using matrix multiply of groups)  add round key (XOR state with key material)  view as alternating XOR key & scramble data bytes  initial XOR key material & incomplete last round  with fast XOR & table lookup implementation
AES Structure
Some Comments on AES 1. an iterative rather than Feistel cipher 2. key expanded into array of 32-bit words 1. four words form round key in each round 3. 4 different stages are used as shown 4. has a simple structure 5. only Add Round Key uses key 6. Add Round Key a form of Vernam cipher 7. each stage is easily reversible 8. decryption uses keys in reverse order 9. decryption does recover plaintext 10.final round has only 3 stages
Substitute Bytes  a simple substitution of each byte  uses one table of 16x16 bytes containing a permutation of all 256 8-bit values  each byte of state is replaced by byte indexed by row (left 4-bits) & column (right 4-bits)  eg. byte {95} is replaced by byte in row 9 column 5  which has value {2A}  S-box constructed using defined transformation of values in GF(28)  designed to be resistant to all known attacks
Substitute Bytes
Substitute Bytes Example
Shift Rows  a circular byte shift in each  1st row is unchanged  2nd row does 1 byte circular shift to left  3rd row does 2 byte circular shift to left  4th row does 3 byte circular shift to left  decrypt inverts using shifts to right  since state is processed by columns, this step permutes bytes between the columns
Shift Rows
Mix Columns  each column is processed separately  each byte is replaced by a value dependent on all 4 bytes in the column  effectively a matrix multiplication in GF(28) using prime poly m(x) =x8+x4+x3+x+1
Mix Columns
Mix Columns Example
AES Arithmetic  uses arithmetic in the finite field GF(28)  with irreducible polynomial m(x) = x8 + x4 + x3 + x + 1 which is (100011011) or {11b}  e.g. {02} • {87} mod {11b} = (1 0000 1110) mod {11b} = (1 0000 1110) xor (1 0001 1011) = (0001 0101)
Mix Columns  can express each col as 4 equations  to derive each new byte in col  decryption requires use of inverse matrix  with larger coefficients, hence a little harder  have an alternate characterization  each column a 4-term polynomial  with coefficients in GF(28)  and polynomials multiplied modulo (x4+1)  coefficients based on linear code with maximal distance between code words
Add Round Key  XOR state with 128-bits of the round key  again processed by column (though effectively a series of byte operations)  inverse for decryption identical  since XOR own inverse, with reversed keys  designed to be as simple as possible  a form of Vernam cipher on expanded key  requires other stages for complexity / security
Add Round Key
AES Round
AES Key Expansion  takes 128-bit (16-byte) key and expands into array of 44/52/60 32-bit words  start by copying key into first 4 words  then loop creating words that depend on values in previous & 4 places back  in 3 of 4 cases just XOR these together  1st word in 4 has rotate + S-box + XOR round constant on previous, before XOR 4th back
AES Key Expansion
Key Expansion Rationale  designed to resist known attacks  design criteria included  knowing part key insufficient to find many more  invertible transformation  fast on wide range of CPU’s  use round constants to break symmetry  diffuse key bits into round keys  enough non-linearity to hinder analysis  simplicity of description
AES Example Key Expansion
AES Example Encryption
AES Decryption  AES decryption is not identical to encryption since steps done in reverse  but can define an equivalent inverse cipher with steps as for encryption  but using inverses of each step  with a different key schedule  works since result is unchanged when  swap byte substitution & shift rows  swap mix columns & add (tweaked) round key
AES Decryption
Implementation Aspects  can efficiently implement on 32-bit CPU  redefine steps to use 32-bit words  can precompute 4 tables of 256-words  then each column in each round can be computed using 4 table lookups + 4 XORs  at a cost of 4Kb to store tables  designers believe this very efficient implementation was a key factor in its selection as the AES cipher
Summary  have considered:  the AES selection process  the details of Rijndael – the AES cipher  looked at the steps in each round  the key expansion  implementation aspects
Firewall • Firewall is a barrier between Local Area Network (LAN) and the Internet. It allows keeping private resources confidential and minimizes the security risks. It controls network traffic, in both directions. • The following diagram depicts a sample firewall between LAN and the internet. The connection between the two is the point of vulnerability. Both hardware and the software can be used at this point to filter network traffic.
There are two types of Firewall system: One works by using filters at the network layer and the other works by using proxy servers at the user, application, or network layer.
• Key Points • Firewall management must be addressed by both system managers and the network managers. • The amount of filtering a firewall varies. For the same firewall, the amount of filtering may be different in different directions.
Reference • https://doubleoctopus.com/security-wiki/encryption-and- cryptography/symmetric-key-cryptography/ • https://www.binance.vision/security/what-is-symmetric-key- cryptography • https://www.webopedia.com/TERM/S/symmetric_key_cryptogr aphy.html • https://www.cs.bham.ac.uk/~mdr/teaching/modules/security/le ctures/symmetric-key.html

Recommended

Network security & cryptography full notes
Network security & cryptography full notesNetwork security & cryptography full notes
Network security & cryptography full notesgangadhar9989166446
 
Cryptography
CryptographyCryptography
CryptographyAbhi Prithi
 
Evolution of Cryptography and Cryptographic techniques
Evolution of Cryptography and Cryptographic techniquesEvolution of Cryptography and Cryptographic techniques
Evolution of Cryptography and Cryptographic techniquesMona Rajput
 
Chapter 15 - Security
Chapter 15 - SecurityChapter 15 - Security
Chapter 15 - SecurityWayne Jones Jnr
 
Types of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic AttackTypes of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic AttackMona Rajput
 
Cryptographic tools
Cryptographic toolsCryptographic tools
Cryptographic toolsCAS
 
Cryptography on cloud
Cryptography on cloudCryptography on cloud
Cryptography on cloudkrprashant94
 
Cryptography
CryptographyCryptography
CryptographySourabh Badve
 

Recommended

Network security & cryptography full notes
Network security & cryptography full notesNetwork security & cryptography full notes
Network security & cryptography full notesgangadhar9989166446
 
Cryptography
CryptographyCryptography
CryptographyAbhi Prithi
 
Evolution of Cryptography and Cryptographic techniques
Evolution of Cryptography and Cryptographic techniquesEvolution of Cryptography and Cryptographic techniques
Evolution of Cryptography and Cryptographic techniquesMona Rajput
 
Chapter 15 - Security
Chapter 15 - SecurityChapter 15 - Security
Chapter 15 - SecurityWayne Jones Jnr
 
Types of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic AttackTypes of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic AttackMona Rajput
 
Cryptographic tools
Cryptographic toolsCryptographic tools
Cryptographic toolsCAS
 
Cryptography on cloud
Cryptography on cloudCryptography on cloud
Cryptography on cloudkrprashant94
 
Cryptography
CryptographyCryptography
CryptographySourabh Badve
 
Analysis of Cryptography Techniques
Analysis of Cryptography TechniquesAnalysis of Cryptography Techniques
Analysis of Cryptography Techniqueseditor1knowledgecuddle
 
Performance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish AlgorithmsPerformance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish Algorithmsijtsrd
 
Cryptography and Encryptions,Network Security,Caesar Cipher
Cryptography and Encryptions,Network Security,Caesar CipherCryptography and Encryptions,Network Security,Caesar Cipher
Cryptography and Encryptions,Network Security,Caesar CipherGopal Sakarkar
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
Overview on Symmetric Key Encryption Algorithms
Overview on Symmetric Key Encryption AlgorithmsOverview on Symmetric Key Encryption Algorithms
Overview on Symmetric Key Encryption AlgorithmsIJERA Editor
 
Symmetric & Asymmetric Cryptography
Symmetric & Asymmetric CryptographySymmetric & Asymmetric Cryptography
Symmetric & Asymmetric Cryptographychauhankapil
 
Encryption
EncryptionEncryption
EncryptionSyed Taimoor Hussain Shah
 
Symmetric and Asymmetric Encryption
Symmetric and Asymmetric EncryptionSymmetric and Asymmetric Encryption
Symmetric and Asymmetric EncryptionRapidSSLOnline.com
 
Encryption ppt
Encryption pptEncryption ppt
Encryption pptAnil Neupane
 
Unit 1 Introducation
Unit 1 IntroducationUnit 1 Introducation
Unit 1 IntroducationTushar Rajput
 
Security services and mechanisms
Security services and mechanismsSecurity services and mechanisms
Security services and mechanismsRajapriya82
 
Data Encryption : A Powerful and an Approachable Technology!
Data Encryption : A Powerful and an Approachable Technology! Data Encryption : A Powerful and an Approachable Technology!
Data Encryption : A Powerful and an Approachable Technology! Sai Natkar
 
A Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering TechniqueA Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering Techniqueijsrd.com
 
Unit 7 : Network Security
Unit 7 : Network SecurityUnit 7 : Network Security
Unit 7 : Network SecurityChandan Gupta Bhagat
 
Encryption.ppt
Encryption.pptEncryption.ppt
Encryption.pptreshmy12
 
Encryption technology
Encryption technologyEncryption technology
Encryption technologyNeha Bhambu
 
Network security unit 1,2,3
Network security unit 1,2,3 Network security unit 1,2,3
Network security unit 1,2,3 WE-IT TUTORIALS
 
Cryptanalysis 101
Cryptanalysis 101Cryptanalysis 101
Cryptanalysis 101rahat ali
 
Ch01
Ch01Ch01
Ch01n C
 
Criptography
CriptographyCriptography
CriptographySajan Sahu
 
Cryptography
CryptographyCryptography
CryptographyMuhammad Shoaib Saleem
 
Lec # 7 Symmetric and asymmetric cryptography.pptx
Lec # 7 Symmetric and asymmetric cryptography.pptxLec # 7 Symmetric and asymmetric cryptography.pptx
Lec # 7 Symmetric and asymmetric cryptography.pptxskknowledge
 

More Related Content

What's hot

Performance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish AlgorithmsPerformance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish Algorithmsijtsrd
 
Cryptography and Encryptions,Network Security,Caesar Cipher
Cryptography and Encryptions,Network Security,Caesar CipherCryptography and Encryptions,Network Security,Caesar Cipher
Cryptography and Encryptions,Network Security,Caesar CipherGopal Sakarkar
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
Overview on Symmetric Key Encryption Algorithms
Overview on Symmetric Key Encryption AlgorithmsOverview on Symmetric Key Encryption Algorithms
Overview on Symmetric Key Encryption AlgorithmsIJERA Editor
 
Symmetric & Asymmetric Cryptography
Symmetric & Asymmetric CryptographySymmetric & Asymmetric Cryptography
Symmetric & Asymmetric Cryptographychauhankapil
 
Symmetric and Asymmetric Encryption
Symmetric and Asymmetric EncryptionSymmetric and Asymmetric Encryption
Symmetric and Asymmetric EncryptionRapidSSLOnline.com
 
Unit 1 Introducation
Unit 1 IntroducationUnit 1 Introducation
Unit 1 IntroducationTushar Rajput
 
Security services and mechanisms
Security services and mechanismsSecurity services and mechanisms
Security services and mechanismsRajapriya82
 
Data Encryption : A Powerful and an Approachable Technology!
Data Encryption : A Powerful and an Approachable Technology! Data Encryption : A Powerful and an Approachable Technology!
Data Encryption : A Powerful and an Approachable Technology! Sai Natkar
 
A Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering TechniqueA Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering Techniqueijsrd.com
 
Encryption.ppt
Encryption.pptEncryption.ppt
Encryption.pptreshmy12
 
Encryption technology
Encryption technologyEncryption technology
Encryption technologyNeha Bhambu
 
Network security unit 1,2,3
Network security unit 1,2,3 Network security unit 1,2,3
Network security unit 1,2,3 WE-IT TUTORIALS
 
Cryptanalysis 101
Cryptanalysis 101Cryptanalysis 101
Cryptanalysis 101rahat ali
 
Ch01
Ch01Ch01
Ch01n C
 

What's hot (20)

Analysis of Cryptography Techniques
Analysis of Cryptography TechniquesAnalysis of Cryptography Techniques
Analysis of Cryptography Techniques
 
Performance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish AlgorithmsPerformance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish Algorithms
 
Cryptography and Encryptions,Network Security,Caesar Cipher
Cryptography and Encryptions,Network Security,Caesar CipherCryptography and Encryptions,Network Security,Caesar Cipher
Cryptography and Encryptions,Network Security,Caesar Cipher
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
 
Overview on Symmetric Key Encryption Algorithms
Overview on Symmetric Key Encryption AlgorithmsOverview on Symmetric Key Encryption Algorithms
Overview on Symmetric Key Encryption Algorithms
 
Symmetric & Asymmetric Cryptography
Symmetric & Asymmetric CryptographySymmetric & Asymmetric Cryptography
Symmetric & Asymmetric Cryptography
 
Encryption
EncryptionEncryption
Encryption
 
Symmetric and Asymmetric Encryption
Symmetric and Asymmetric EncryptionSymmetric and Asymmetric Encryption
Symmetric and Asymmetric Encryption
 
Encryption ppt
Encryption pptEncryption ppt
Encryption ppt
 
Unit 1 Introducation
Unit 1 IntroducationUnit 1 Introducation
Unit 1 Introducation
 
Security services and mechanisms
Security services and mechanismsSecurity services and mechanisms
Security services and mechanisms
 
Data Encryption : A Powerful and an Approachable Technology!
Data Encryption : A Powerful and an Approachable Technology! Data Encryption : A Powerful and an Approachable Technology!
Data Encryption : A Powerful and an Approachable Technology!
 
A Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering TechniqueA Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering Technique
 
Unit 7 : Network Security
Unit 7 : Network SecurityUnit 7 : Network Security
Unit 7 : Network Security
 
Encryption.ppt
Encryption.pptEncryption.ppt
Encryption.ppt
 
Encryption technology
Encryption technologyEncryption technology
Encryption technology
 
Network security unit 1,2,3
Network security unit 1,2,3 Network security unit 1,2,3
Network security unit 1,2,3
 
Cryptanalysis 101
Cryptanalysis 101Cryptanalysis 101
Cryptanalysis 101
 
Ch01
Ch01Ch01
Ch01
 
Criptography
CriptographyCriptography
Criptography
 

Similar to Secure Crypto for Data Protection

Lec # 7 Symmetric and asymmetric cryptography.pptx
Lec # 7 Symmetric and asymmetric cryptography.pptxLec # 7 Symmetric and asymmetric cryptography.pptx
Lec # 7 Symmetric and asymmetric cryptography.pptxskknowledge
 
Cryptography : The Art of Secured Messaging
Cryptography : The Art of Secured MessagingCryptography : The Art of Secured Messaging
Cryptography : The Art of Secured MessagingSumit Satam
 
Cryptography and Network Security-ch1-4.pptx
Cryptography and Network Security-ch1-4.pptxCryptography and Network Security-ch1-4.pptx
Cryptography and Network Security-ch1-4.pptxSamiDan3
 
information technology cryptography Msc chapter 1-4.pdf
information technology cryptography Msc chapter 1-4.pdfinformation technology cryptography Msc chapter 1-4.pdf
information technology cryptography Msc chapter 1-4.pdfwondimagegndesta
 
Information-Security-Lecture-8.pptx
Information-Security-Lecture-8.pptxInformation-Security-Lecture-8.pptx
Information-Security-Lecture-8.pptxanbersattar
 
Basic Cryptography.pdf
Basic Cryptography.pdfBasic Cryptography.pdf
Basic Cryptography.pdfSetiya Nugroho
 
Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Saif Kassim
 
Information and network security 31 public key cryptography
Information and network security 31 public key cryptographyInformation and network security 31 public key cryptography
Information and network security 31 public key cryptographyVaibhav Khanna
 

Similar to Secure Crypto for Data Protection (20)

Cryptography
CryptographyCryptography
Cryptography
 
Lec # 7 Symmetric and asymmetric cryptography.pptx
Lec # 7 Symmetric and asymmetric cryptography.pptxLec # 7 Symmetric and asymmetric cryptography.pptx
Lec # 7 Symmetric and asymmetric cryptography.pptx
 
Cryptography : The Art of Secured Messaging
Cryptography : The Art of Secured MessagingCryptography : The Art of Secured Messaging
Cryptography : The Art of Secured Messaging
 
Encrytion ppt
Encrytion pptEncrytion ppt
Encrytion ppt
 
Cryptography and Network Security-ch1-4.pptx
Cryptography and Network Security-ch1-4.pptxCryptography and Network Security-ch1-4.pptx
Cryptography and Network Security-ch1-4.pptx
 
chapter 1-4.pdf
chapter 1-4.pdfchapter 1-4.pdf
chapter 1-4.pdf
 
information technology cryptography Msc chapter 1-4.pdf
information technology cryptography Msc chapter 1-4.pdfinformation technology cryptography Msc chapter 1-4.pdf
information technology cryptography Msc chapter 1-4.pdf
 
groupWork.pptx
groupWork.pptxgroupWork.pptx
groupWork.pptx
 
CISSP - Chapter 3 - Cryptography
CISSP - Chapter 3 - CryptographyCISSP - Chapter 3 - Cryptography
CISSP - Chapter 3 - Cryptography
 
Network security
Network securityNetwork security
Network security
 
cryptography
cryptographycryptography
cryptography
 
Sw2
Sw2Sw2
Sw2
 
Cryptointro
CryptointroCryptointro
Cryptointro
 
Information-Security-Lecture-8.pptx
Information-Security-Lecture-8.pptxInformation-Security-Lecture-8.pptx
Information-Security-Lecture-8.pptx
 
Cryptography.pptx
Cryptography.pptxCryptography.pptx
Cryptography.pptx
 
Basic Cryptography.pdf
Basic Cryptography.pdfBasic Cryptography.pdf
Basic Cryptography.pdf
 
Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01
 
Information and network security 31 public key cryptography
Information and network security 31 public key cryptographyInformation and network security 31 public key cryptography
Information and network security 31 public key cryptography
 
Info security & crypto
Info security & cryptoInfo security & crypto
Info security & crypto
 
lecture 7.pptx
lecture 7.pptxlecture 7.pptx
lecture 7.pptx
 

More from Sri Manakula Vinayagar Engineering College

Performance Analysis of MIMO–OFDM for PCHBF , RELAY Technique with MMSE For T...
Performance Analysis of MIMO–OFDM for PCHBF , RELAY Technique with MMSE For T...Performance Analysis of MIMO–OFDM for PCHBF , RELAY Technique with MMSE For T...
Performance Analysis of MIMO–OFDM for PCHBF , RELAY Technique with MMSE For T...Sri Manakula Vinayagar Engineering College
 

More from Sri Manakula Vinayagar Engineering College (20)

IoT Methodology.pptx
IoT Methodology.pptxIoT Methodology.pptx
IoT Methodology.pptx
 
ACNS UNIT-5.pdf
ACNS UNIT-5.pdfACNS UNIT-5.pdf
ACNS UNIT-5.pdf
 
2. ACNS UNIT-1.pptx
2. ACNS UNIT-1.pptx2. ACNS UNIT-1.pptx
2. ACNS UNIT-1.pptx
 
1. ACNS UNIT-1.pptx
1. ACNS UNIT-1.pptx1. ACNS UNIT-1.pptx
1. ACNS UNIT-1.pptx
 
7. Multi-operator D2D communication.pptx
7. Multi-operator D2D communication.pptx7. Multi-operator D2D communication.pptx
7. Multi-operator D2D communication.pptx
 
11. New challenges in the 5G modelling.pptx
11. New challenges in the 5G modelling.pptx11. New challenges in the 5G modelling.pptx
11. New challenges in the 5G modelling.pptx
 
8. Simulation methodology.pptx
8. Simulation methodology.pptx8. Simulation methodology.pptx
8. Simulation methodology.pptx
 
10. Calibration.pptx
10. Calibration.pptx10. Calibration.pptx
10. Calibration.pptx
 
9. Evaluation methodology.pptx
9. Evaluation methodology.pptx9. Evaluation methodology.pptx
9. Evaluation methodology.pptx
 
4. Ultra Reliable and Low Latency Communications.pptx
4. Ultra Reliable and Low Latency Communications.pptx4. Ultra Reliable and Low Latency Communications.pptx
4. Ultra Reliable and Low Latency Communications.pptx
 
1. Massive Machine-Type Communication.pptx
1. Massive Machine-Type Communication.pptx1. Massive Machine-Type Communication.pptx
1. Massive Machine-Type Communication.pptx
 
1. Coordinated Multi-Point Transmission in 5G.pptx
1. Coordinated Multi-Point Transmission in 5G.pptx1. Coordinated Multi-Point Transmission in 5G.pptx
1. Coordinated Multi-Point Transmission in 5G.pptx
 
Real time operating systems
Real time operating systemsReal time operating systems
Real time operating systems
 
Reliability and clock synchronization
Reliability and clock synchronizationReliability and clock synchronization
Reliability and clock synchronization
 
Low power embedded system design
Low power embedded system designLow power embedded system design
Low power embedded system design
 
Performance Analysis of MIMO–OFDM for PCHBF , RELAY Technique with MMSE For T...
Performance Analysis of MIMO–OFDM for PCHBF , RELAY Technique with MMSE For T...Performance Analysis of MIMO–OFDM for PCHBF , RELAY Technique with MMSE For T...
Performance Analysis of MIMO–OFDM for PCHBF , RELAY Technique with MMSE For T...
 
Telecommunication systems
Telecommunication systemsTelecommunication systems
Telecommunication systems
 
Home appliances
Home appliancesHome appliances
Home appliances
 
loudspeakers and microphones
loudspeakers and microphonesloudspeakers and microphones
loudspeakers and microphones
 
Television standards and systems
Television standards and systemsTelevision standards and systems
Television standards and systems
 

Recently uploaded

Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Celine George
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersSabitha Banu
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Celine George
 
ROOT CAUSE ANALYSIS PowerPoint Presentation
ROOT CAUSE ANALYSIS PowerPoint PresentationROOT CAUSE ANALYSIS PowerPoint Presentation
ROOT CAUSE ANALYSIS PowerPoint PresentationAadityaSharma884161
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
ACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfSpandanaRallapalli
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxEyham Joco
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
Romantic Opera MUSIC FOR GRADE NINE pptx
Romantic Opera MUSIC FOR GRADE NINE pptxRomantic Opera MUSIC FOR GRADE NINE pptx
Romantic Opera MUSIC FOR GRADE NINE pptxsqpmdrvczh
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceSamikshaHamane
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfphamnguyenenglishnb
 
Quarter 4 Peace-education.pptx Catch Up Friday
Quarter 4 Peace-education.pptx Catch Up FridayQuarter 4 Peace-education.pptx Catch Up Friday
Quarter 4 Peace-education.pptx Catch Up FridayMakMakNepo
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxAnupkumar Sharma
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomnelietumpap1
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designMIPLM
 

Recently uploaded (20)

Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for Beginners
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17
 
ROOT CAUSE ANALYSIS PowerPoint Presentation
ROOT CAUSE ANALYSIS PowerPoint PresentationROOT CAUSE ANALYSIS PowerPoint Presentation
ROOT CAUSE ANALYSIS PowerPoint Presentation
 
OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...
 
9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
ACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdf
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptx
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
Romantic Opera MUSIC FOR GRADE NINE pptx
Romantic Opera MUSIC FOR GRADE NINE pptxRomantic Opera MUSIC FOR GRADE NINE pptx
Romantic Opera MUSIC FOR GRADE NINE pptx
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in Pharmacovigilance
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
 
Quarter 4 Peace-education.pptx Catch Up Friday
Quarter 4 Peace-education.pptx Catch Up FridayQuarter 4 Peace-education.pptx Catch Up Friday
Quarter 4 Peace-education.pptx Catch Up Friday
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choom
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-design
 

Secure Crypto for Data Protection

  • 2. Cryptography • Cryptography comes from the Greek words for ''secret writing.’’ The messages to be encrypted, known as the plaintext, are transformed by a function that is parameterized by a key.
  • 3. Plain text and Cipher text: • The original message, before being transformed, is called plain text. • After the message is transformed, it is called cipher text. – An encryption algorithm transforms the plaintext into ciphertext; – a decryption algorithm transforms the ciphertext back into plaintext. – The sender uses an encryption algorithm, and the receiver uses a decryption algorithm.
  • 4. Encryption model • Cryptography can provide confidentiality, integrity, authentication and non-repudiation of messages. • Cryptography can also be used to authenticate the sender and receiver of the message to each other.
  • 5. Data Encryption • Encryption is a security method in which information is encoded in such a way that only authorized user can read it. It uses encryption algorithm to generate ciphertext that can only be read if decrypted. • There are two types of encryptions schemes as listed below: – Symmetric Key encryption – Public Key encryption •
  • 6. Symmetric Key encryption • Symmetric key encryption algorithm uses same cryptographic keys for both encryption and decryption of cipher text. Symmetric encryption is generally more efficient than asymmetric encryption and therefore preferred when large amounts of data need to be exchanged. Symmetric-key cryptography is sometimes called secret-key cryptography. The most popular symmetric-key system is the Data Encryption Standard (DES).
  • 7. Symmetric Key • An encryption system in which the sender and receiver of a message share a single, common key that is used to encrypt and decrypt the message. Contrast this with public-key cryptology, which utilizes two keys - a public key to encrypt messages and a private key to decrypt them. • Symmetric-key systems are simpler and faster, but their main drawback is that the two parties must somehow exchange the key in a secure way. Public-key encryption avoids this problem because the public key can be distributed in a non-secure way, and the private key is never transmitted.
  • 8. Symmetric Key Cryptography • Symmetric key cryptography (or symmetric encryption) is a type of encryption scheme in which the same key is used both to encrypt and decrypt messages. • Such a method of encoding information has been largely used in the past decades to facilitate secret communication between governments and militaries. Nowadays, symmetric key algorithms are widely applied in various types of computer systems to enhance data security. • Examples for symmetric key cryptography include AES, DES, and 3DES. Key exchange protocols used to establish a shared encryption key include Diffie-Hellman (DH), elliptic curve (EC) and RSA.
  • 9. How does symmetric encryption work? • Symmetric encryption schemes rely on a single key that is shared between two or more users. The same key is used to encrypt and decrypt the so-called plaintext (which represents the message or piece of data that is being encoded). The process of encryption consists of running a plaintext (input) through an encryption algorithm called a cipher, which in turn generates a ciphertext (output). • If the encryption scheme is strong enough, the only way for a person to read or access the information contained in the ciphertext is by using the corresponding key to decrypt it. The process of decryption is basically converting the ciphertext back to plaintext.
  • 10. Cont.. • The security of symmetric encryption systems is based on how difficult it randomly guess the corresponding key to brute force them. • A 128-bit key, for example, would take billions of years to guess using common computer hardware. The longer the encryption key is, the harder it becomes to crack it. • Keys that are 256-bits length are generally regarded as highly secure and theoretically resistant to quantum computer brute force attacks.
  • 11. Cont.. The most common symmetric encryption schemes used today are based on block and stream ciphers. • Block ciphers group data into blocks of predetermined size and each block is encrypted using the corresponding key and encryption algorithm (e.g., 128-bit plaintext is encrypted into 128-bit ciphertext). • On the other hand, stream ciphers do not encrypt plaintext data by blocks, but rather by 1-bit increments (1-bit plaintext is encrypted into 1-bit ciphertext at a time).
  • 12. Symmetric vs. Asymmetric encryption • Symmetric encryption is one of the two major methods of encrypting data in modern computer systems. The other is asymmetric encryption, which is the major application of public key cryptography. The main difference between these methods is the fact that asymmetric systems use two keys rather than the one employed by the symmetric schemes. One of the keys can be publicly shared (public key), while the other must be kept in private (private key). • The use of two keys instead of one also produces a variety of functional differences between symmetric and asymmetric encryption. Asymmetric algorithms are more complex and slower than the symmetric ones. Because the public and private keys employed in asymmetric encryption are to some degree mathematically related, the keys themselves must also be considerably longer to provide a similar level of security offered by shorter symmetric keys.
  • 13. Advantages and disadvantages • Symmetric algorithms provide a fairly high level of security while at the same time allowing for messages to be encrypted and decrypted quickly. The relative simplicity of symmetric systems is also a logistical advantage, as they require less computing power than the asymmetric ones. In addition, the security provided by symmetric encryption can be scaled up simply by increasing key lengths. For every single bit added to the length of a symmetric key, the difficulty of cracking the encryption through a brute force attack increases exponentially.
  • 14. Advantages and disadvantages • While symmetric encryption offers a wide range of benefits, there is one major disadvantage associated with it: the inherent problem of transmitting the keys used to encrypt and decrypt data. When these keys are shared over an unsecured connection, they are vulnerable to being intercepted by malicious third parties. If an unauthorized user gains access to a particular symmetric key, the security of any data encrypted using that key is compromised. To solve this problem, many web protocols use a combination of symmetric and asymmetric encryption to establish secure connections. Among the most prominent examples of such a hybrid system is the Transport Layer Security (TLS) cryptographic protocol used to secure large portions of the modern internet. • It should also be noted that all types of computer encryption are subject to vulnerabilities due to improper implementation. While a sufficiently long key can make a brute force attack mathematically impossible, errors in implementation made by programmers often create weaknesses that open up the way for cyber-attacks.
  • 15. Public Key encryption • Public key encryption algorithm uses pair of keys, one of which is a secret key and one of which is public. These two keys are mathematically linked with each other.
  • 16. Hashing • Hashing is a technique used to encrypt data and generate unpredictable hash values. It is the hash function that generates the hash code, which helps to protect the security of transmission from unauthorized users. • Hashing algorithm provides a way to verify that the message received is the same as the message sent. It can take a plain text message as input and then computes a value based on that message.
  • 17. Function of Hash algorithms • Key Points • The length of computed value is much shorter than the original message. It is possible that different plain text messages could generate the same value. • Here we will discuss a sample hashing algorithm in which we will multiply the number of a’s, e’s and h’s in the message and will then add the number of o’s to this value. • For example, the message is “ the combination to the safe is two, seven, thirty-five”. The hash of this message, using our simple hashing algorithm is as follows: 2 x 6 x 3 ) + 4 = 40
  • 18. Digital signatures Authentication • Digital signatures help to authenticate the sources of messages. For example, if a bank’s, branch office sends a message to central office, requesting for change in balance of an account. If the central office could not authenticate that message is sent from an authorized source, acting of such request could be a serious mistake. Integrity • Once the message is signed, any change in the message would invalidate the signature. Non-repudiation • By this property, any entity that has signed some information cannot at a later time deny having signed it.
  • 20. Public Key Cryptography • Unlike symmetric key cryptography, we do not find historical use of public-key cryptography. It is a relatively new concept. • Symmetric cryptography was well suited for organizations such as governments, military, and big financial corporations were involved in the classified communication. • With the spread of more unsecure computer networks in last few decades, a genuine need was felt to use cryptography at larger scale. The symmetric key was found to be non-practical due to challenges it faced for key management. This gave rise to the public key cryptosystems.
  • 21. The process of encryption and decryption is depicted in the following illustration
  • 22. Public key encryption scheme • Different keys are used for encryption and decryption. This is a property which set this scheme different than symmetric encryption scheme. • Each receiver possesses a unique decryption key, generally referred to as his private key. • Receiver needs to publish an encryption key, referred to as his public key. • Some assurance of the authenticity of a public key is needed in this scheme to avoid spoofing by adversary as the receiver. Generally, this type of cryptosystem involves trusted third party which certifies that a particular public key belongs to a specific person or entity only.
  • 23. Cont.. • Encryption algorithm is complex enough to prohibit attacker from deducing the plaintext from the ciphertext and the encryption (public) key. • Though private and public keys are related mathematically, it is not be feasible to calculate the private key from the public key. In fact, intelligent part of any public-key cryptosystem is in designing a relationship between two keys.
  • 24. DES
  • 25. AES Origins • clear a replacement for DES was needed – have theoretical attacks that can break it – have demonstrated exhaustive key search attacks • can use Triple-DES – but slow, has small blocks • US NIST issued call for ciphers in 1997 • 15 candidates accepted in Jun 98 • 5 were shortlisted in Aug-99 • Rijndael was selected as the AES in Oct-2000 • issued as FIPS PUB 197 standard in Nov-2001
  • 26. The AES Cipher - Rijndael  designed by Rijmen-Daemen in Belgium  has 128/192/256 bit keys, 128 bit data  an iterative rather than Feistel cipher  processes data as block of 4 columns of 4 bytes  operates on entire data block in every round  designed to have:  resistance against known attacks  speed and code compactness on many CPUs  design simplicity
  • 28. AES Structure  data block of 4 columns of 4 bytes is state  key is expanded to array of words  has 9/11/13 rounds in which state undergoes:  byte substitution (1 S-box used on every byte)  shift rows (permute bytes between groups/columns)  mix columns (subs using matrix multiply of groups)  add round key (XOR state with key material)  view as alternating XOR key & scramble data bytes  initial XOR key material & incomplete last round  with fast XOR & table lookup implementation
  • 30. Some Comments on AES 1. an iterative rather than Feistel cipher 2. key expanded into array of 32-bit words 1. four words form round key in each round 3. 4 different stages are used as shown 4. has a simple structure 5. only Add Round Key uses key 6. Add Round Key a form of Vernam cipher 7. each stage is easily reversible 8. decryption uses keys in reverse order 9. decryption does recover plaintext 10.final round has only 3 stages
  • 31. Substitute Bytes  a simple substitution of each byte  uses one table of 16x16 bytes containing a permutation of all 256 8-bit values  each byte of state is replaced by byte indexed by row (left 4-bits) & column (right 4-bits)  eg. byte {95} is replaced by byte in row 9 column 5  which has value {2A}  S-box constructed using defined transformation of values in GF(28)  designed to be resistant to all known attacks
  • 34. Shift Rows  a circular byte shift in each  1st row is unchanged  2nd row does 1 byte circular shift to left  3rd row does 2 byte circular shift to left  4th row does 3 byte circular shift to left  decrypt inverts using shifts to right  since state is processed by columns, this step permutes bytes between the columns
  • 36. Mix Columns  each column is processed separately  each byte is replaced by a value dependent on all 4 bytes in the column  effectively a matrix multiplication in GF(28) using prime poly m(x) =x8+x4+x3+x+1
  • 39. AES Arithmetic  uses arithmetic in the finite field GF(28)  with irreducible polynomial m(x) = x8 + x4 + x3 + x + 1 which is (100011011) or {11b}  e.g. {02} • {87} mod {11b} = (1 0000 1110) mod {11b} = (1 0000 1110) xor (1 0001 1011) = (0001 0101)
  • 40. Mix Columns  can express each col as 4 equations  to derive each new byte in col  decryption requires use of inverse matrix  with larger coefficients, hence a little harder  have an alternate characterization  each column a 4-term polynomial  with coefficients in GF(28)  and polynomials multiplied modulo (x4+1)  coefficients based on linear code with maximal distance between code words
  • 41. Add Round Key  XOR state with 128-bits of the round key  again processed by column (though effectively a series of byte operations)  inverse for decryption identical  since XOR own inverse, with reversed keys  designed to be as simple as possible  a form of Vernam cipher on expanded key  requires other stages for complexity / security
  • 44. AES Key Expansion  takes 128-bit (16-byte) key and expands into array of 44/52/60 32-bit words  start by copying key into first 4 words  then loop creating words that depend on values in previous & 4 places back  in 3 of 4 cases just XOR these together  1st word in 4 has rotate + S-box + XOR round constant on previous, before XOR 4th back
  • 46. Key Expansion Rationale  designed to resist known attacks  design criteria included  knowing part key insufficient to find many more  invertible transformation  fast on wide range of CPU’s  use round constants to break symmetry  diffuse key bits into round keys  enough non-linearity to hinder analysis  simplicity of description
  • 49. AES Decryption  AES decryption is not identical to encryption since steps done in reverse  but can define an equivalent inverse cipher with steps as for encryption  but using inverses of each step  with a different key schedule  works since result is unchanged when  swap byte substitution & shift rows  swap mix columns & add (tweaked) round key
  • 51. Implementation Aspects  can efficiently implement on 32-bit CPU  redefine steps to use 32-bit words  can precompute 4 tables of 256-words  then each column in each round can be computed using 4 table lookups + 4 XORs  at a cost of 4Kb to store tables  designers believe this very efficient implementation was a key factor in its selection as the AES cipher
  • 52. Summary  have considered:  the AES selection process  the details of Rijndael – the AES cipher  looked at the steps in each round  the key expansion  implementation aspects
  • 53.
  • 54. Firewall • Firewall is a barrier between Local Area Network (LAN) and the Internet. It allows keeping private resources confidential and minimizes the security risks. It controls network traffic, in both directions. • The following diagram depicts a sample firewall between LAN and the internet. The connection between the two is the point of vulnerability. Both hardware and the software can be used at this point to filter network traffic.
  • 55. There are two types of Firewall system: One works by using filters at the network layer and the other works by using proxy servers at the user, application, or network layer.
  • 56. • Key Points • Firewall management must be addressed by both system managers and the network managers. • The amount of filtering a firewall varies. For the same firewall, the amount of filtering may be different in different directions.
  • 57.
  • 58. Reference • https://doubleoctopus.com/security-wiki/encryption-and- cryptography/symmetric-key-cryptography/ • https://www.binance.vision/security/what-is-symmetric-key- cryptography • https://www.webopedia.com/TERM/S/symmetric_key_cryptogr aphy.html • https://www.cs.bham.ac.uk/~mdr/teaching/modules/security/le ctures/symmetric-key.html