INTRODUCTION TO CRYPTOGRAPHY

S
Sylvain Martinez
CYBER SECURITY INTRODUCTION TO CRYPTOGRAPHY VERSION: 1.3 DATE: 25/09/2019 AUTHOR: SYLVAIN MARTINEZ REFERENCE: ES-CSIC CLASSIFICATION: PUBLIC
2 • Presentation goal; • Definition; • History; • Main types; • Logical Operations; • Concept; • Main Algorithms; • Concept; • Type of algorithms; • ECB; • CBC; • Stream Cipher concept; • Keystream; • Main Algorithms; • Overall Concept; • Main Algorithms; CONTENTS PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT • Take Away;
PRESENTATION GOAL 3 LEARN ABOUT ITS MAIN USAGE 3 LEARN ITS MAIN ALGORITHMS 2 LEARN ABOUT CRYPTOGRAPHY CORE CONCEPTS 1 TO LEARN ABOUT CRYPTOGRAPHY CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT Icons: from The Noun Project unless stated otherwisePUBLIC
DEFINITION 4PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT CRYPTOGRAPHY is the science related to hiding information. With the aim to provide a combination or all of the following: Confidentiality, Integrity, Authentication and Non-repudiation. This can be achieved through the design of cipher algorithms.
HISTORY 5PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT KRYPTOS (Greek) meaning HIDDEN, SECRET 1900 BC NON STANDARD HIEROGLYPHS 1500 BC MESOPOTAMIA CLAY TABLETS 700 BC SCYTALE SPARTAN KAMA SUTRA 300 BC 50 BC CAESAR SHIFT CIPHER VIGENÈRE CIPHER 1553 1586 STEGANOGRAPHY QUEENS OF SCOTS 1940 WWII - ENIGMA QUANTUM COMPUTER 2000s
MAIN TYPES 6PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT HIDE DATAENCRYPTION REVEAL ORIGINAL DATADECRYPTION CREATES A UNIQUE SIGNATURE FROM DATAHASH HIDE DATA WITHIN OTHER DATASTEGANOGRAPHY
LOGICAL OPERATIONS 7PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT 1 1 OR = 1 0 0 OR = 0 1 0 OR = 1 1 1 AND = 1 0 0 AND = 0 1 0 AND = 0 1 1 XOR = 0 0 0 XOR = 0 1 0 XOR = 1 OR AND XOR NOR NAND XNORMORE LOGICAL OPERATIONS: NOT
CONCEPT 8PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT To be, or not to be: That is the question INPUT HASH FUNCTION 4565 DEFG 2C4G FG67 DIGEST COMPLETELY DIFFERENT HASH DIFFERENT HASH CANNOT REVERT HASH SAME HASH AVALANCHE EFFECT UNIQUE ONE WAY FAST DETERMINISTIC SMALL SOURCE CHANGE DIFFERENT SOURCE "CLEAR TEXT" SOURCE SAME SOURCE IDEAL HASH FUNCTION
MAIN ALGORITHMS 9PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT ALGORITHM ORIGIN SPECIFICITY MAIN USAGE MD5 RONALD RIVEST 1991 128-BIT HASH VALUE 4 ROUNDS OF 16 OPERATIONS (XOR, AND, OR, NOT) DATA INTEGRITY & CHECKSUM SSL DIGITAL CERT PASSWORDS COLLISION ATTACK NO LONGER SUITABLE STILL WIDELY IN USE SHA-1 NSA 1995 160-BIT HASH VALUE HEXADECIMAL 40 DIGITS LONG 80 ROUNDS CHECKSUM, PWD, SSL/TLS CERT (NOT NOW) U.S GOV APPROVED COLLISION ATTACK SHATTERED CHOSEN-PREFIX NO EASY/CHEAP ATTACKS SHA-2 NSA 2001 224, 256, 384, 512-BIT HASH VALUE 64 OR 80 ROUNDS CHECKSUM, PWD, BITCOIN, TLS, SSL, PGP, SSH, S/MIME, DKIM, DNSSEC, IPSEC PARTIAL COLLISION ATTACK ONLY SHA-3 NSA 2015 KECCACK FAMILY SPONGE CONSTRUCTION ABSORBED/SQUEEZED PADDING, PERMUTATION CHECKSUM, PWD, ETHEREUM, TLS, SSL, DNSSEC, IPSEC NONE KNOWN YET RISKS
OVERALL CONCEPT 10PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT PASSWORD/ KEY ENCRYPTION DECRYPTION To be, or not to be: That is the question PLAIN TEXT fDrTrg1er 65Hjt2s,R. Lks.,3!dAc dvijn4sv CIPHER TEXT
INPUT IS BROKEN INTO BLOCK OF DATA EACH BLOCK OF DATA IS ENCRYPTED/DECRYPTED INPUT IS BROKEN INTO A STREAM OF DATA EACH BITS OF DATA IS ENCRYPTED/DECRYPTED TYPE OF CIPHER ALGORITHMS 11PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT BLOCK CIPHER STREAM CIPHER
BLOCK CIPHER CONCEPT - ECB 12PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT Source: https://elysiumsecurity.com/crypto/page_crypto.html ELECTRONIC CODEBOOK MODE (ECB)
BLOCK CIPHER CONCEPT - CBC 13PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT Source: https://elysiumsecurity.com/crypto/page_crypto.html CHAIN BLOCK CHAINING MODE (CBC)
STREAM CIPHER CONCEPT 14PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT To be, or not to be: That is the question PLAIN TEXT fDrTrg1er 65Hjt2s,R. Lks.,3!dAc dvijn4sv CIPHER TEXT …010010010101… …001011011100… …110100010110… PASSWORD/ KEY XOR KEYSTREAM GENERATOR
LINEAR FEEDBACK SHIFT REGISTER (LFSR) STREAM CIPHER CONCEPT – KEYSTREAM LFSR 15PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT
MAIN ALGORITHMS 16PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT ALGORITHM ORIGIN SPECIFICITY MAIN USAGE RC4 RONALD RIVEST 1987 40-2018 BITS 1 ROUND PERMUTATION "S" KEY-SCHEDULING IV WEP, WPA, BITTORRENT, MS REMOTE DESKTOP, KERBEROS, SKYPE, SSH MULTI SESSION ATTACK ROYAL HOLLOWAY NO LONGER IN TLS [DES] TRIPLE DES IBM [1975], 1998 KEY: 168, 112, [56] BITS BLOCK: 64 BITS [16], 48-DES ROUNDS STANDARD USED GLOBALLY (CREDIT CARD, PGP, ETC). [S-BOX RESISTANT 20 YEARS EARLY] NO LONGER SECURED TWOFISH BRUCE SCHNEIER 1998 KEY: 128, 192, 256 BITS BLOCK: 128 BITS 16 ROUNDS AES FINALIST OPENPGP DIFFERENTIAL ATTACK AES (RIJNDAEL) VINCENT RIJMEN JOAN DAEMEN 1998 KEY: 128, 192, 256 BITS BLOCK: 128 BITS 10, 12 or 14 ROUNDS NEW STANDARD DES/TDES REPLACEMENT SINCE 2002 XSL ATTACK RELATED KEY ATTACK NO PRACTICAL ATTACKS RISKS
OVERALL CONCEPT – RECEIVING DATA 17PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT PUBLIC KEY ENCRYPTION DECRYPTION To be, or not to be: That is the question PLAIN TEXT fDrTrg1er 65Hjt2s,R. Lks.,3!dAc dvijn4sv CIPHER TEXT PRIVATE KEY
OVERALL CONCEPT - AUTHENTICATION 18PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT PUBLIC KEY ENCRYPTION DECRYPTION To be, or not to be: That is the question PLAIN TEXT fDrTrg1er 65Hjt2s,R. Lks.,3!dAc dvijn4sv CIPHER TEXT PRIVATE KEY
MAIN ALGORITHMS 19PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT ALGORITHM ORIGIN SPECIFICITY MAIN USAGE RSA RIVEST SHAMIR ADLEMAN 1977 FACTORISATION KEY: 1,024 – 4,096 BITS 1 ROUND TLS, SSH, ETC. FACTORING PROBLEM NO LONGER A PROBLEM ECDSA NIST 2005 ELLIPTIC CURVE 𝑦" = 𝑥% + 𝑎𝑥 + 𝑏 SIGNATURE, KEY AGREEMENT, PRG SONY/FAILOVERFLOW JAVA FLAWS DSA NIST 1991 ELLIPTIC CURVE KEY GENERATION KEY DISTRIBUTION SIGNING SIGNATURE VERIF SECRECY AND RANDOMNESS OF K DIFFE-HELMAN WHITFIELD DIFFIE MARTIN HELLMAN 1976 MULTIPLICATIVE GROUP OF INTEGERS MODULO P KEY AGREEMENT PROTOCOL MAN IN THE MIDDLE LOGJAM ATTACK RISKS
TAKE AWAY 20PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT ONLY USE STANDARD ALGORITHMS1 BEWARE OF THE IMPLEMENTATION2 KEEP YOUR PRIVATE KEYS SAFE3 BEWARE OF EXTERNAL FACTORS4 CHECK FIPS CERTIFICATION DETAILS5
© 2015-2019 ELYSIUMSECURITY LTD ALL RIGHTS RESERVED HTTPS://WWW.ELYSIUMSECURITY.COM CONSULTING@ELYSIUMSECURITY.COM ABOUT ELYSIUMSECURITY LTD. ELYSIUMSECURITY PROVIDES PRACTICAL EXPERTISE TO IDENTIFY VULNERABILITIES, ASSESS THEIR RISKS AND IMPACT, REMEDIATE THOSE RISKS, PREPARE AND RESPOND TO INCIDENTS AS WELL AS RAISE SECURITY AWARENESS THROUGH AN ORGANIZATION. ELYSIUMSECURITY PROVIDES HIGH LEVEL EXPERTISE GATHERED THROUGH YEARS OF BEST PRACTICES EXPERIENCE IN LARGE INTERNATIONAL COMPANIES ALLOWING US TO PROVIDE ADVICE BEST SUITED TO YOUR BUSINESS OPERATIONAL MODEL AND PRIORITIES. ELYSIUMSECURITY PROVIDES A PORTFOLIO OF STRATEGIC AND TACTICAL SERVICES TO HELP COMPANIES PROTECT AND RESPOND AGAINST CYBER SECURITY THREATS. WE DIFFERENTIATE OURSELVES BY OFFERING DISCREET, TAILORED AND SPECIALIZED ENGAGEMENTS. ELYSIUMSECURITY OPERATES IN MAURITIUS AND IN EUROPE, A BOUTIQUE STYLE APPROACH MEANS WE CAN EASILY ADAPT TO YOUR BUSINESS OPERATIONAL MODEL AND REQUIREMENTS TO PROVIDE A PERSONALIZED SERVICE THAT FITS YOUR WORKING ENVIRONMENT.
1 of 21

INTRODUCTION TO CRYPTOGRAPHY

Download to read offline
Technology

A quick introduction on the concepts around cryptography and their main usage

S
Sylvain Martinez

Recommended

INCIDENT RESPONSE OVERVIEW by
INCIDENT RESPONSE OVERVIEWINCIDENT RESPONSE OVERVIEW
INCIDENT RESPONSE OVERVIEWSylvain Martinez
619 views15 slides
Transforming Security: Containers, Virtualization and Softwarization by
Transforming Security: Containers, Virtualization and SoftwarizationTransforming Security: Containers, Virtualization and Softwarization
Transforming Security: Containers, Virtualization and SoftwarizationPriyanka Aash
588 views50 slides
INCIDENT RESPONSE NIST IMPLEMENTATION by
INCIDENT RESPONSE NIST IMPLEMENTATIONINCIDENT RESPONSE NIST IMPLEMENTATION
INCIDENT RESPONSE NIST IMPLEMENTATIONSylvain Martinez
5.5K views27 slides
Surreptitiously weakening cryptographic systems by
Surreptitiously weakening cryptographic systemsSurreptitiously weakening cryptographic systems
Surreptitiously weakening cryptographic systemsYael Ziv
449 views26 slides
Detection and localization of multiple spoofing attacks in by
Detection and localization of multiple spoofing attacks inDetection and localization of multiple spoofing attacks in
Detection and localization of multiple spoofing attacks inFinalyear Projects
691 views12 slides
Cryptography and Encryptions,Network Security,Caesar Cipher by
Cryptography and Encryptions,Network Security,Caesar CipherCryptography and Encryptions,Network Security,Caesar Cipher
Cryptography and Encryptions,Network Security,Caesar CipherGopal Sakarkar
12.2K views120 slides

More Related Content

What's hot

Network security & cryptography by
Network security & cryptographyNetwork security & cryptography
Network security & cryptographyRahulprasad Yadav
10.9K views20 slides
IRJET- A Survey on Quantum Key Distribution and Huffman Coding Compression Al... by
IRJET- A Survey on Quantum Key Distribution and Huffman Coding Compression Al...IRJET- A Survey on Quantum Key Distribution and Huffman Coding Compression Al...
IRJET- A Survey on Quantum Key Distribution and Huffman Coding Compression Al...IRJET Journal
8 views4 slides
Fighting Malware with Graph Analytics: An End-to-End Case Study by
Fighting Malware with Graph Analytics: An End-to-End Case StudyFighting Malware with Graph Analytics: An End-to-End Case Study
Fighting Malware with Graph Analytics: An End-to-End Case StudyPriyanka Aash
406 views51 slides
Cryptology - The practice and study of hiding information by
Cryptology - The practice and study of hiding informationCryptology - The practice and study of hiding information
Cryptology - The practice and study of hiding informationBitcoin Association of Australia
1.6K views52 slides
Taking the Attacker Eviction Red Pill (v2.0) by
Taking the Attacker Eviction Red Pill (v2.0)Taking the Attacker Eviction Red Pill (v2.0)
Taking the Attacker Eviction Red Pill (v2.0)Frode Hommedal
19.5K views56 slides
MITRE ATT&CKcon 2018: Detection Philosophy, Evolution & ATT&CK, Fred Stankows... by
MITRE ATT&CKcon 2018: Detection Philosophy, Evolution & ATT&CK, Fred Stankows...MITRE ATT&CKcon 2018: Detection Philosophy, Evolution & ATT&CK, Fred Stankows...
MITRE ATT&CKcon 2018: Detection Philosophy, Evolution & ATT&CK, Fred Stankows...MITRE - ATT&CKcon
1.8K views9 slides

What's hot(20)

Network security & cryptography by Rahulprasad Yadav
Network security & cryptographyNetwork security & cryptography
Network security & cryptography
Rahulprasad Yadav10.9K views
IRJET- A Survey on Quantum Key Distribution and Huffman Coding Compression Al... by IRJET Journal
IRJET- A Survey on Quantum Key Distribution and Huffman Coding Compression Al...IRJET- A Survey on Quantum Key Distribution and Huffman Coding Compression Al...
IRJET- A Survey on Quantum Key Distribution and Huffman Coding Compression Al...
IRJET Journal8 views
Fighting Malware with Graph Analytics: An End-to-End Case Study by Priyanka Aash
Fighting Malware with Graph Analytics: An End-to-End Case StudyFighting Malware with Graph Analytics: An End-to-End Case Study
Fighting Malware with Graph Analytics: An End-to-End Case Study
Priyanka Aash406 views
Cryptology - The practice and study of hiding information by Bitcoin Association of Australia
Cryptology - The practice and study of hiding informationCryptology - The practice and study of hiding information
Cryptology - The practice and study of hiding information
Bitcoin Association of Australia1.6K views
Taking the Attacker Eviction Red Pill (v2.0) by Frode Hommedal
Taking the Attacker Eviction Red Pill (v2.0)Taking the Attacker Eviction Red Pill (v2.0)
Taking the Attacker Eviction Red Pill (v2.0)
Frode Hommedal19.5K views
MITRE ATT&CKcon 2018: Detection Philosophy, Evolution & ATT&CK, Fred Stankows... by MITRE - ATT&CKcon
MITRE ATT&CKcon 2018: Detection Philosophy, Evolution & ATT&CK, Fred Stankows...MITRE ATT&CKcon 2018: Detection Philosophy, Evolution & ATT&CK, Fred Stankows...
MITRE ATT&CKcon 2018: Detection Philosophy, Evolution & ATT&CK, Fred Stankows...
MITRE - ATT&CKcon1.8K views
How to assign a CVE to yourself? by Ramin Farajpour Cami
How to assign a CVE to yourself?How to assign a CVE to yourself?
How to assign a CVE to yourself?
Ramin Farajpour Cami167 views
The Duqu 2.0: Technical Details by Kaspersky
The Duqu 2.0: Technical DetailsThe Duqu 2.0: Technical Details
The Duqu 2.0: Technical Details
Kaspersky3.2K views
us-15-Zadeh-From-False-Positives-To-Actionable-Analysis-Behavioral-Intrusion-... by jzadeh
us-15-Zadeh-From-False-Positives-To-Actionable-Analysis-Behavioral-Intrusion-...us-15-Zadeh-From-False-Positives-To-Actionable-Analysis-Behavioral-Intrusion-...
us-15-Zadeh-From-False-Positives-To-Actionable-Analysis-Behavioral-Intrusion-...
jzadeh652 views
Hacking Closed Networks by Priyanka Aash
Hacking Closed NetworksHacking Closed Networks
Hacking Closed Networks
Priyanka Aash321 views
Paper1 by SpacSec
Paper1Paper1
Paper1
SpacSec120 views
Network security unit 1,2,3 by WE-IT TUTORIALS
Network security unit 1,2,3 Network security unit 1,2,3
Network security unit 1,2,3
WE-IT TUTORIALS27.5K views
Purple seven-ntxissacsc5 walcutt by North Texas Chapter of the ISSA
Purple seven-ntxissacsc5 walcuttPurple seven-ntxissacsc5 walcutt
Purple seven-ntxissacsc5 walcutt
North Texas Chapter of the ISSA744 views
computer-security-and-cryptography-a-simple-presentation by Alex Punnen
computer-security-and-cryptography-a-simple-presentationcomputer-security-and-cryptography-a-simple-presentation
computer-security-and-cryptography-a-simple-presentation
Alex Punnen658 views
Cryptography on cloud by krprashant94
Cryptography on cloudCryptography on cloud
Cryptography on cloud
krprashant944K views
Cryptography and encryption by Ancy Mariam Babu
Cryptography and encryptionCryptography and encryption
Cryptography and encryption
Ancy Mariam Babu1.1K views
ATT&CKcon Power Hour - ATT&CK-onomics - gert-jan bruggink by Gert-Jan Bruggink
ATT&CKcon Power Hour - ATT&CK-onomics - gert-jan brugginkATT&CKcon Power Hour - ATT&CK-onomics - gert-jan bruggink
ATT&CKcon Power Hour - ATT&CK-onomics - gert-jan bruggink
Gert-Jan Bruggink424 views
Cryptology - Antônio Lacerda by Rodrigo Almeida
Cryptology - Antônio LacerdaCryptology - Antônio Lacerda
Cryptology - Antônio Lacerda
Rodrigo Almeida1.3K views
Public Key Cryptosystems and RSA by Chris Theisen
Public Key Cryptosystems and RSAPublic Key Cryptosystems and RSA
Public Key Cryptosystems and RSA
Chris Theisen206 views
전력 계통망에 있어서 보안일반 및 이슈와 기술 그리고 정책 방향-소셜 네트워크 서비스 등 차세대 기술 환경 맥락으로- by JM code group
전력 계통망에 있어서 보안일반 및 이슈와 기술 그리고 정책 방향-소셜 네트워크 서비스 등 차세대 기술 환경 맥락으로-전력 계통망에 있어서 보안일반 및 이슈와 기술 그리고 정책 방향-소셜 네트워크 서비스 등 차세대 기술 환경 맥락으로-
전력 계통망에 있어서 보안일반 및 이슈와 기술 그리고 정책 방향-소셜 네트워크 서비스 등 차세대 기술 환경 맥락으로-
JM code group1.1K views

Similar to INTRODUCTION TO CRYPTOGRAPHY

Classical cryptographic techniques, Feistel cipher structure by
Classical cryptographic techniques, Feistel cipher structureClassical cryptographic techniques, Feistel cipher structure
Classical cryptographic techniques, Feistel cipher structureAdri Jovin
245 views26 slides
Chapter 9 cryptography- symetric encryption by
Chapter 9 cryptography- symetric encryptionChapter 9 cryptography- symetric encryption
Chapter 9 cryptography- symetric encryptionSyaiful Ahdan
619 views43 slides
Cryptography - A Brief History by
Cryptography - A Brief HistoryCryptography - A Brief History
Cryptography - A Brief Historyprasenjeetd
6.2K views39 slides
Cryptography by
CryptographyCryptography
CryptographySuhepi Saputri
2.4K views31 slides
Crypto 101: Encryption, Codebreaking, SSL and Bitcoin by
Crypto 101: Encryption, Codebreaking, SSL and BitcoinCrypto 101: Encryption, Codebreaking, SSL and Bitcoin
Crypto 101: Encryption, Codebreaking, SSL and BitcoinPriyanka Aash
2.7K views29 slides
Detailed cryptographic analysis of contact tracing protocols by
Detailed cryptographic analysis of contact tracing protocolsDetailed cryptographic analysis of contact tracing protocols
Detailed cryptographic analysis of contact tracing protocolsChristian Spolaore
111 views63 slides

Similar to INTRODUCTION TO CRYPTOGRAPHY(20)

Classical cryptographic techniques, Feistel cipher structure by Adri Jovin
Classical cryptographic techniques, Feistel cipher structureClassical cryptographic techniques, Feistel cipher structure
Classical cryptographic techniques, Feistel cipher structure
Adri Jovin245 views
Chapter 9 cryptography- symetric encryption by Syaiful Ahdan
Chapter 9 cryptography- symetric encryptionChapter 9 cryptography- symetric encryption
Chapter 9 cryptography- symetric encryption
Syaiful Ahdan619 views
Cryptography - A Brief History by prasenjeetd
Cryptography - A Brief HistoryCryptography - A Brief History
Cryptography - A Brief History
prasenjeetd6.2K views
Cryptography by Suhepi Saputri
CryptographyCryptography
Cryptography
Suhepi Saputri2.4K views
Crypto 101: Encryption, Codebreaking, SSL and Bitcoin by Priyanka Aash
Crypto 101: Encryption, Codebreaking, SSL and BitcoinCrypto 101: Encryption, Codebreaking, SSL and Bitcoin
Crypto 101: Encryption, Codebreaking, SSL and Bitcoin
Priyanka Aash2.7K views
Detailed cryptographic analysis of contact tracing protocols by Christian Spolaore
Detailed cryptographic analysis of contact tracing protocolsDetailed cryptographic analysis of contact tracing protocols
Detailed cryptographic analysis of contact tracing protocols
Christian Spolaore111 views
A Note On The And Cryptography Essay by Jessica Howard
A Note On The And Cryptography EssayA Note On The And Cryptography Essay
A Note On The And Cryptography Essay
Jessica Howard2 views
CH2 Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [54-... by ams1ams11
CH2 Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [54-...CH2 Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [54-...
CH2 Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [54-...
ams1ams116 views
ANALYSIS OF SIDE CHANNEL ATTACKS ON VARIOUS CRYPTOGRAPHIC ALGORITHMS by Journal For Research
ANALYSIS OF SIDE CHANNEL ATTACKS ON VARIOUS CRYPTOGRAPHIC ALGORITHMSANALYSIS OF SIDE CHANNEL ATTACKS ON VARIOUS CRYPTOGRAPHIC ALGORITHMS
ANALYSIS OF SIDE CHANNEL ATTACKS ON VARIOUS CRYPTOGRAPHIC ALGORITHMS
Journal For Research128 views
Data Encryption and Decryption using Hill Cipher by Aashirwad Kashyap
Data Encryption and Decryption using Hill CipherData Encryption and Decryption using Hill Cipher
Data Encryption and Decryption using Hill Cipher
Aashirwad Kashyap8.5K views
Data Encryption and Decryption using Hill Cipher by Aashirwad Kashyap
Data Encryption and Decryption using Hill CipherData Encryption and Decryption using Hill Cipher
Data Encryption and Decryption using Hill Cipher
Aashirwad Kashyap860 views
Cryptography and network security by Nagendra Um
Cryptography and network securityCryptography and network security
Cryptography and network security
Nagendra Um14.7K views
A Survey on Generation and Evolution of Various Cryptographic Techniques by IRJET Journal
A Survey on Generation and Evolution of Various Cryptographic TechniquesA Survey on Generation and Evolution of Various Cryptographic Techniques
A Survey on Generation and Evolution of Various Cryptographic Techniques
IRJET Journal35 views
The CDO Agenda - Data Security and Encryption by DATAVERSITY
The CDO Agenda - Data Security and EncryptionThe CDO Agenda - Data Security and Encryption
The CDO Agenda - Data Security and Encryption
DATAVERSITY1.3K views
Network security jeni corrected 1 by NIVEDHINIMANIVANNAN
Network security jeni corrected 1Network security jeni corrected 1
Network security jeni corrected 1
NIVEDHINIMANIVANNAN50 views
Cryptography Overview by ColinShaw
Cryptography OverviewCryptography Overview
Cryptography Overview
ColinShaw390 views
IS Unit 3_Public Key Cryptography by Sarthak Patel
IS Unit 3_Public Key CryptographyIS Unit 3_Public Key Cryptography
IS Unit 3_Public Key Cryptography
Sarthak Patel1.2K views
Ch03 block-cipher-and-data-encryption-standard by tarekiceiuk
Ch03 block-cipher-and-data-encryption-standardCh03 block-cipher-and-data-encryption-standard
Ch03 block-cipher-and-data-encryption-standard
tarekiceiuk4.8K views
Iss lecture 2 by Ali Habeeb
Iss lecture 2Iss lecture 2
Iss lecture 2
Ali Habeeb594 views
DOCS ON NETWORK SECURITY by Tuhin_Das
DOCS ON NETWORK SECURITYDOCS ON NETWORK SECURITY
DOCS ON NETWORK SECURITY
Tuhin_Das1.8K views

More from Sylvain Martinez

PROGRAMMING AND CYBER SECURITY by
PROGRAMMING AND CYBER SECURITYPROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITYSylvain Martinez
234 views23 slides
DATA LOSS PREVENTION OVERVIEW by
DATA LOSS PREVENTION OVERVIEWDATA LOSS PREVENTION OVERVIEW
DATA LOSS PREVENTION OVERVIEWSylvain Martinez
599 views21 slides
2019 CYBER SECURITY TRENDS REPORT REVIEW by
2019 CYBER SECURITY TRENDS REPORT REVIEW2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEWSylvain Martinez
1.8K views18 slides
INCIDENT RESPONSE CONCEPTS by
INCIDENT RESPONSE CONCEPTSINCIDENT RESPONSE CONCEPTS
INCIDENT RESPONSE CONCEPTSSylvain Martinez
1.3K views39 slides
PHISHING PROTECTION by
PHISHING PROTECTIONPHISHING PROTECTION
PHISHING PROTECTIONSylvain Martinez
2.3K views30 slides
VIRTUAL CISO AND OTHER KEY CYBER ROLES by
VIRTUAL CISO AND OTHER KEY CYBER ROLESVIRTUAL CISO AND OTHER KEY CYBER ROLES
VIRTUAL CISO AND OTHER KEY CYBER ROLESSylvain Martinez
418 views10 slides

More from Sylvain Martinez(20)

PROGRAMMING AND CYBER SECURITY by Sylvain Martinez
PROGRAMMING AND CYBER SECURITYPROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITY
Sylvain Martinez234 views
DATA LOSS PREVENTION OVERVIEW by Sylvain Martinez
DATA LOSS PREVENTION OVERVIEWDATA LOSS PREVENTION OVERVIEW
DATA LOSS PREVENTION OVERVIEW
Sylvain Martinez599 views
2019 CYBER SECURITY TRENDS REPORT REVIEW by Sylvain Martinez
2019 CYBER SECURITY TRENDS REPORT REVIEW2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEW
Sylvain Martinez1.8K views
INCIDENT RESPONSE CONCEPTS by Sylvain Martinez
INCIDENT RESPONSE CONCEPTSINCIDENT RESPONSE CONCEPTS
INCIDENT RESPONSE CONCEPTS
Sylvain Martinez1.3K views
PHISHING PROTECTION by Sylvain Martinez
PHISHING PROTECTIONPHISHING PROTECTION
PHISHING PROTECTION
Sylvain Martinez2.3K views
VIRTUAL CISO AND OTHER KEY CYBER ROLES by Sylvain Martinez
VIRTUAL CISO AND OTHER KEY CYBER ROLESVIRTUAL CISO AND OTHER KEY CYBER ROLES
VIRTUAL CISO AND OTHER KEY CYBER ROLES
Sylvain Martinez418 views
OFFENSIVE IDS by Sylvain Martinez
OFFENSIVE IDSOFFENSIVE IDS
OFFENSIVE IDS
Sylvain Martinez286 views
IOT Security by Sylvain Martinez
IOT SecurityIOT Security
IOT Security
Sylvain Martinez893 views
ARE YOU RED TEAM READY? by Sylvain Martinez
ARE YOU RED TEAM READY?ARE YOU RED TEAM READY?
ARE YOU RED TEAM READY?
Sylvain Martinez255 views
GDPR SECURITY ISSUES by Sylvain Martinez
GDPR SECURITY ISSUESGDPR SECURITY ISSUES
GDPR SECURITY ISSUES
Sylvain Martinez180 views
Mobile Security Assessment by Sylvain Martinez
Mobile Security AssessmentMobile Security Assessment
Mobile Security Assessment
Sylvain Martinez206 views
The Art of CTF by Sylvain Martinez
The Art of CTFThe Art of CTF
The Art of CTF
Sylvain Martinez223 views
OFFICE 365 SECURITY by Sylvain Martinez
OFFICE 365 SECURITYOFFICE 365 SECURITY
OFFICE 365 SECURITY
Sylvain Martinez457 views
Risk on Crypto Currencies by Sylvain Martinez
Risk on Crypto CurrenciesRisk on Crypto Currencies
Risk on Crypto Currencies
Sylvain Martinez660 views
INTRODUCTION TO CYBER FORENSICS by Sylvain Martinez
INTRODUCTION TO CYBER FORENSICSINTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICS
Sylvain Martinez1.1K views
Talk1 esc7 muscl-gdpr_debate_v1_2 by Sylvain Martinez
Talk1 esc7 muscl-gdpr_debate_v1_2Talk1 esc7 muscl-gdpr_debate_v1_2
Talk1 esc7 muscl-gdpr_debate_v1_2
Sylvain Martinez195 views
Talk1 esc7 muscl-dataprotection_v1_2 by Sylvain Martinez
Talk1 esc7 muscl-dataprotection_v1_2Talk1 esc7 muscl-dataprotection_v1_2
Talk1 esc7 muscl-dataprotection_v1_2
Sylvain Martinez183 views
Ethical Hacking by Sylvain Martinez
Ethical HackingEthical Hacking
Ethical Hacking
Sylvain Martinez249 views
INCIDENT HANDLING IN ORGANISATIONS by Sylvain Martinez
INCIDENT HANDLING IN ORGANISATIONSINCIDENT HANDLING IN ORGANISATIONS
INCIDENT HANDLING IN ORGANISATIONS
Sylvain Martinez158 views
SOCIAL MEDIA AS A CYBER WEAPON by Sylvain Martinez
SOCIAL MEDIA AS A CYBER WEAPONSOCIAL MEDIA AS A CYBER WEAPON
SOCIAL MEDIA AS A CYBER WEAPON
Sylvain Martinez278 views

Recently uploaded

20231123_Camunda Meetup Vienna.pdf by
20231123_Camunda Meetup Vienna.pdf20231123_Camunda Meetup Vienna.pdf
20231123_Camunda Meetup Vienna.pdfPhactum Softwareentwicklung GmbH
41 views73 slides
STKI Israeli Market Study 2023 corrected forecast 2023_24 v3.pdf by
STKI Israeli Market Study 2023 corrected forecast 2023_24 v3.pdfSTKI Israeli Market Study 2023 corrected forecast 2023_24 v3.pdf
STKI Israeli Market Study 2023 corrected forecast 2023_24 v3.pdfDr. Jimmy Schwarzkopf
20 views29 slides
Kyo - Functional Scala 2023.pdf by
Kyo - Functional Scala 2023.pdfKyo - Functional Scala 2023.pdf
Kyo - Functional Scala 2023.pdfFlavio W. Brasil
400 views92 slides
SUPPLIER SOURCING.pptx by
SUPPLIER SOURCING.pptxSUPPLIER SOURCING.pptx
SUPPLIER SOURCING.pptxangelicacueva6
16 views1 slide
Scaling Knowledge Graph Architectures with AI by
Scaling Knowledge Graph Architectures with AIScaling Knowledge Graph Architectures with AI
Scaling Knowledge Graph Architectures with AIEnterprise Knowledge
38 views15 slides
【USB韌體設計課程】精選講義節錄-USB的列舉過程_艾鍗學院 by
【USB韌體設計課程】精選講義節錄-USB的列舉過程_艾鍗學院【USB韌體設計課程】精選講義節錄-USB的列舉過程_艾鍗學院
【USB韌體設計課程】精選講義節錄-USB的列舉過程_艾鍗學院IttrainingIttraining
58 views8 slides

Recently uploaded(20)

20231123_Camunda Meetup Vienna.pdf by Phactum Softwareentwicklung GmbH
20231123_Camunda Meetup Vienna.pdf20231123_Camunda Meetup Vienna.pdf
20231123_Camunda Meetup Vienna.pdf
Phactum Softwareentwicklung GmbH41 views
STKI Israeli Market Study 2023 corrected forecast 2023_24 v3.pdf by Dr. Jimmy Schwarzkopf
STKI Israeli Market Study 2023 corrected forecast 2023_24 v3.pdfSTKI Israeli Market Study 2023 corrected forecast 2023_24 v3.pdf
STKI Israeli Market Study 2023 corrected forecast 2023_24 v3.pdf
Dr. Jimmy Schwarzkopf20 views
Kyo - Functional Scala 2023.pdf by Flavio W. Brasil
Kyo - Functional Scala 2023.pdfKyo - Functional Scala 2023.pdf
Kyo - Functional Scala 2023.pdf
Flavio W. Brasil400 views
SUPPLIER SOURCING.pptx by angelicacueva6
SUPPLIER SOURCING.pptxSUPPLIER SOURCING.pptx
SUPPLIER SOURCING.pptx
angelicacueva616 views
Scaling Knowledge Graph Architectures with AI by Enterprise Knowledge
Scaling Knowledge Graph Architectures with AIScaling Knowledge Graph Architectures with AI
Scaling Knowledge Graph Architectures with AI
Enterprise Knowledge38 views
【USB韌體設計課程】精選講義節錄-USB的列舉過程_艾鍗學院 by IttrainingIttraining
【USB韌體設計課程】精選講義節錄-USB的列舉過程_艾鍗學院【USB韌體設計課程】精選講義節錄-USB的列舉過程_艾鍗學院
【USB韌體設計課程】精選講義節錄-USB的列舉過程_艾鍗學院
IttrainingIttraining58 views
TouchLog: Finger Micro Gesture Recognition Using Photo-Reflective Sensors by sugiuralab
TouchLog: Finger Micro Gesture Recognition Using Photo-Reflective SensorsTouchLog: Finger Micro Gesture Recognition Using Photo-Reflective Sensors
TouchLog: Finger Micro Gesture Recognition Using Photo-Reflective Sensors
sugiuralab21 views
Mini-Track: Challenges to Network Automation Adoption by Network Automation Forum
Mini-Track: Challenges to Network Automation AdoptionMini-Track: Challenges to Network Automation Adoption
Mini-Track: Challenges to Network Automation Adoption
Network Automation Forum13 views
"Node.js Development in 2024: trends and tools", Nikita Galkin by Fwdays
"Node.js Development in 2024: trends and tools", Nikita Galkin "Node.js Development in 2024: trends and tools", Nikita Galkin
"Node.js Development in 2024: trends and tools", Nikita Galkin
Fwdays11 views
Network Source of Truth and Infrastructure as Code revisited by Network Automation Forum
Network Source of Truth and Infrastructure as Code revisitedNetwork Source of Truth and Infrastructure as Code revisited
Network Source of Truth and Infrastructure as Code revisited
Network Automation Forum27 views
Business Analyst Series 2023 - Week 3 Session 5 by DianaGray10
Business Analyst Series 2023 - Week 3 Session 5Business Analyst Series 2023 - Week 3 Session 5
Business Analyst Series 2023 - Week 3 Session 5
DianaGray10300 views
virtual reality.pptx by G036GaikwadSnehal
virtual reality.pptxvirtual reality.pptx
virtual reality.pptx
G036GaikwadSnehal14 views
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f... by TrustArc
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc11 views
2024: A Travel Odyssey The Role of Generative AI in the Tourism Universe by Simone Puorto
2024: A Travel Odyssey The Role of Generative AI in the Tourism Universe2024: A Travel Odyssey The Role of Generative AI in the Tourism Universe
2024: A Travel Odyssey The Role of Generative AI in the Tourism Universe
Simone Puorto12 views
Info Session November 2023.pdf by AleksandraKoprivica4
Info Session November 2023.pdfInfo Session November 2023.pdf
Info Session November 2023.pdf
AleksandraKoprivica413 views
The Forbidden VPN Secrets.pdf by Mariam Shaba
The Forbidden VPN Secrets.pdfThe Forbidden VPN Secrets.pdf
The Forbidden VPN Secrets.pdf
Mariam Shaba20 views
Webinar : Desperately Seeking Transformation - Part 2: Insights from leading... by The Digital Insurer
Webinar : Desperately Seeking Transformation - Part 2: Insights from leading...Webinar : Desperately Seeking Transformation - Part 2: Insights from leading...
Webinar : Desperately Seeking Transformation - Part 2: Insights from leading...
The Digital Insurer18 views
ESPC 2023 - Protect and Govern your Sensitive Data with Microsoft Purview in ... by Jasper Oosterveld
ESPC 2023 - Protect and Govern your Sensitive Data with Microsoft Purview in ...ESPC 2023 - Protect and Govern your Sensitive Data with Microsoft Purview in ...
ESPC 2023 - Protect and Govern your Sensitive Data with Microsoft Purview in ...
Jasper Oosterveld19 views
Melek BEN MAHMOUD.pdf by MelekBenMahmoud
Melek BEN MAHMOUD.pdfMelek BEN MAHMOUD.pdf
Melek BEN MAHMOUD.pdf
MelekBenMahmoud14 views
Microsoft Power Platform.pptx by Uni Systems S.M.S.A.
Microsoft Power Platform.pptxMicrosoft Power Platform.pptx
Microsoft Power Platform.pptx
Uni Systems S.M.S.A.53 views

INTRODUCTION TO CRYPTOGRAPHY

  • 1. CYBER SECURITY INTRODUCTION TO CRYPTOGRAPHY VERSION: 1.3 DATE: 25/09/2019 AUTHOR: SYLVAIN MARTINEZ REFERENCE: ES-CSIC CLASSIFICATION: PUBLIC
  • 2. 2 • Presentation goal; • Definition; • History; • Main types; • Logical Operations; • Concept; • Main Algorithms; • Concept; • Type of algorithms; • ECB; • CBC; • Stream Cipher concept; • Keystream; • Main Algorithms; • Overall Concept; • Main Algorithms; CONTENTS PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT • Take Away;
  • 3. PRESENTATION GOAL 3 LEARN ABOUT ITS MAIN USAGE 3 LEARN ITS MAIN ALGORITHMS 2 LEARN ABOUT CRYPTOGRAPHY CORE CONCEPTS 1 TO LEARN ABOUT CRYPTOGRAPHY CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT Icons: from The Noun Project unless stated otherwisePUBLIC
  • 4. DEFINITION 4PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT CRYPTOGRAPHY is the science related to hiding information. With the aim to provide a combination or all of the following: Confidentiality, Integrity, Authentication and Non-repudiation. This can be achieved through the design of cipher algorithms.
  • 5. HISTORY 5PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT KRYPTOS (Greek) meaning HIDDEN, SECRET 1900 BC NON STANDARD HIEROGLYPHS 1500 BC MESOPOTAMIA CLAY TABLETS 700 BC SCYTALE SPARTAN KAMA SUTRA 300 BC 50 BC CAESAR SHIFT CIPHER VIGENÈRE CIPHER 1553 1586 STEGANOGRAPHY QUEENS OF SCOTS 1940 WWII - ENIGMA QUANTUM COMPUTER 2000s
  • 6. MAIN TYPES 6PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT HIDE DATAENCRYPTION REVEAL ORIGINAL DATADECRYPTION CREATES A UNIQUE SIGNATURE FROM DATAHASH HIDE DATA WITHIN OTHER DATASTEGANOGRAPHY
  • 8. CONCEPT 8PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT To be, or not to be: That is the question INPUT HASH FUNCTION 4565 DEFG 2C4G FG67 DIGEST COMPLETELY DIFFERENT HASH DIFFERENT HASH CANNOT REVERT HASH SAME HASH AVALANCHE EFFECT UNIQUE ONE WAY FAST DETERMINISTIC SMALL SOURCE CHANGE DIFFERENT SOURCE "CLEAR TEXT" SOURCE SAME SOURCE IDEAL HASH FUNCTION
  • 9. MAIN ALGORITHMS 9PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT ALGORITHM ORIGIN SPECIFICITY MAIN USAGE MD5 RONALD RIVEST 1991 128-BIT HASH VALUE 4 ROUNDS OF 16 OPERATIONS (XOR, AND, OR, NOT) DATA INTEGRITY & CHECKSUM SSL DIGITAL CERT PASSWORDS COLLISION ATTACK NO LONGER SUITABLE STILL WIDELY IN USE SHA-1 NSA 1995 160-BIT HASH VALUE HEXADECIMAL 40 DIGITS LONG 80 ROUNDS CHECKSUM, PWD, SSL/TLS CERT (NOT NOW) U.S GOV APPROVED COLLISION ATTACK SHATTERED CHOSEN-PREFIX NO EASY/CHEAP ATTACKS SHA-2 NSA 2001 224, 256, 384, 512-BIT HASH VALUE 64 OR 80 ROUNDS CHECKSUM, PWD, BITCOIN, TLS, SSL, PGP, SSH, S/MIME, DKIM, DNSSEC, IPSEC PARTIAL COLLISION ATTACK ONLY SHA-3 NSA 2015 KECCACK FAMILY SPONGE CONSTRUCTION ABSORBED/SQUEEZED PADDING, PERMUTATION CHECKSUM, PWD, ETHEREUM, TLS, SSL, DNSSEC, IPSEC NONE KNOWN YET RISKS
  • 10. OVERALL CONCEPT 10PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT PASSWORD/ KEY ENCRYPTION DECRYPTION To be, or not to be: That is the question PLAIN TEXT fDrTrg1er 65Hjt2s,R. Lks.,3!dAc dvijn4sv CIPHER TEXT
  • 11. INPUT IS BROKEN INTO BLOCK OF DATA EACH BLOCK OF DATA IS ENCRYPTED/DECRYPTED INPUT IS BROKEN INTO A STREAM OF DATA EACH BITS OF DATA IS ENCRYPTED/DECRYPTED TYPE OF CIPHER ALGORITHMS 11PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT BLOCK CIPHER STREAM CIPHER
  • 12. BLOCK CIPHER CONCEPT - ECB 12PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT Source: https://elysiumsecurity.com/crypto/page_crypto.html ELECTRONIC CODEBOOK MODE (ECB)
  • 13. BLOCK CIPHER CONCEPT - CBC 13PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT Source: https://elysiumsecurity.com/crypto/page_crypto.html CHAIN BLOCK CHAINING MODE (CBC)
  • 14. STREAM CIPHER CONCEPT 14PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT To be, or not to be: That is the question PLAIN TEXT fDrTrg1er 65Hjt2s,R. Lks.,3!dAc dvijn4sv CIPHER TEXT …010010010101… …001011011100… …110100010110… PASSWORD/ KEY XOR KEYSTREAM GENERATOR
  • 15. LINEAR FEEDBACK SHIFT REGISTER (LFSR) STREAM CIPHER CONCEPT – KEYSTREAM LFSR 15PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT
  • 16. MAIN ALGORITHMS 16PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT ALGORITHM ORIGIN SPECIFICITY MAIN USAGE RC4 RONALD RIVEST 1987 40-2018 BITS 1 ROUND PERMUTATION "S" KEY-SCHEDULING IV WEP, WPA, BITTORRENT, MS REMOTE DESKTOP, KERBEROS, SKYPE, SSH MULTI SESSION ATTACK ROYAL HOLLOWAY NO LONGER IN TLS [DES] TRIPLE DES IBM [1975], 1998 KEY: 168, 112, [56] BITS BLOCK: 64 BITS [16], 48-DES ROUNDS STANDARD USED GLOBALLY (CREDIT CARD, PGP, ETC). [S-BOX RESISTANT 20 YEARS EARLY] NO LONGER SECURED TWOFISH BRUCE SCHNEIER 1998 KEY: 128, 192, 256 BITS BLOCK: 128 BITS 16 ROUNDS AES FINALIST OPENPGP DIFFERENTIAL ATTACK AES (RIJNDAEL) VINCENT RIJMEN JOAN DAEMEN 1998 KEY: 128, 192, 256 BITS BLOCK: 128 BITS 10, 12 or 14 ROUNDS NEW STANDARD DES/TDES REPLACEMENT SINCE 2002 XSL ATTACK RELATED KEY ATTACK NO PRACTICAL ATTACKS RISKS
  • 17. OVERALL CONCEPT – RECEIVING DATA 17PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT PUBLIC KEY ENCRYPTION DECRYPTION To be, or not to be: That is the question PLAIN TEXT fDrTrg1er 65Hjt2s,R. Lks.,3!dAc dvijn4sv CIPHER TEXT PRIVATE KEY
  • 18. OVERALL CONCEPT - AUTHENTICATION 18PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT PUBLIC KEY ENCRYPTION DECRYPTION To be, or not to be: That is the question PLAIN TEXT fDrTrg1er 65Hjt2s,R. Lks.,3!dAc dvijn4sv CIPHER TEXT PRIVATE KEY
  • 19. MAIN ALGORITHMS 19PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT ALGORITHM ORIGIN SPECIFICITY MAIN USAGE RSA RIVEST SHAMIR ADLEMAN 1977 FACTORISATION KEY: 1,024 – 4,096 BITS 1 ROUND TLS, SSH, ETC. FACTORING PROBLEM NO LONGER A PROBLEM ECDSA NIST 2005 ELLIPTIC CURVE 𝑦" = 𝑥% + 𝑎𝑥 + 𝑏 SIGNATURE, KEY AGREEMENT, PRG SONY/FAILOVERFLOW JAVA FLAWS DSA NIST 1991 ELLIPTIC CURVE KEY GENERATION KEY DISTRIBUTION SIGNING SIGNATURE VERIF SECRECY AND RANDOMNESS OF K DIFFE-HELMAN WHITFIELD DIFFIE MARTIN HELLMAN 1976 MULTIPLICATIVE GROUP OF INTEGERS MODULO P KEY AGREEMENT PROTOCOL MAN IN THE MIDDLE LOGJAM ATTACK RISKS
  • 20. TAKE AWAY 20PUBLIC CONCLUSIONASYMMETRICSYMMETRICHASHESCONTEXT ONLY USE STANDARD ALGORITHMS1 BEWARE OF THE IMPLEMENTATION2 KEEP YOUR PRIVATE KEYS SAFE3 BEWARE OF EXTERNAL FACTORS4 CHECK FIPS CERTIFICATION DETAILS5
  • 21. © 2015-2019 ELYSIUMSECURITY LTD ALL RIGHTS RESERVED HTTPS://WWW.ELYSIUMSECURITY.COM CONSULTING@ELYSIUMSECURITY.COM ABOUT ELYSIUMSECURITY LTD. ELYSIUMSECURITY PROVIDES PRACTICAL EXPERTISE TO IDENTIFY VULNERABILITIES, ASSESS THEIR RISKS AND IMPACT, REMEDIATE THOSE RISKS, PREPARE AND RESPOND TO INCIDENTS AS WELL AS RAISE SECURITY AWARENESS THROUGH AN ORGANIZATION. ELYSIUMSECURITY PROVIDES HIGH LEVEL EXPERTISE GATHERED THROUGH YEARS OF BEST PRACTICES EXPERIENCE IN LARGE INTERNATIONAL COMPANIES ALLOWING US TO PROVIDE ADVICE BEST SUITED TO YOUR BUSINESS OPERATIONAL MODEL AND PRIORITIES. ELYSIUMSECURITY PROVIDES A PORTFOLIO OF STRATEGIC AND TACTICAL SERVICES TO HELP COMPANIES PROTECT AND RESPOND AGAINST CYBER SECURITY THREATS. WE DIFFERENTIATE OURSELVES BY OFFERING DISCREET, TAILORED AND SPECIALIZED ENGAGEMENTS. ELYSIUMSECURITY OPERATES IN MAURITIUS AND IN EUROPE, A BOUTIQUE STYLE APPROACH MEANS WE CAN EASILY ADAPT TO YOUR BUSINESS OPERATIONAL MODEL AND REQUIREMENTS TO PROVIDE A PERSONALIZED SERVICE THAT FITS YOUR WORKING ENVIRONMENT.