SlideShare a Scribd company logo

Introduction to cryptography part1-final

Download as PPTX, PDF
T
Taymoor Nazmy

cryptography

Education
1 of 62
Course code: CSC445 Course title : IntroductiontoCryptographyand informationsecurity PART: 1 Prof. Taymoor Mohamed Nazmy Dept. of computer science, faculty of computer science, Ain Shams uni. Ex-vice dean of post graduate studies and research Cairo, Egypt 1
Course Description • 1-Basic concepts of cryptography and secure data: • 2- Overview of Cryptography and information security, • 3-Shannon and cryptography, Substitution Ciphers, • 4-5-Transposition, and Polyalphabetic Ciphers, , Rotor Machine • 6-7-Block Ciphers: symmetric key systems, DES, AES, Public Key Systems, stream cipher. • 8- RSA System, Key Management, , Linear Shift Registers, • 9-Digital Signatures and Authentication , • 10-11-Watermarking and Steganography, Applications. • 12- Review. • Text book • Stinson D. R., Cryptography: Theory and Practice, CRC Press • Stallings_Cryptography_and_Network_Security-book • 2
About the lecturer - Prof. of computer science since 2006, - Director of Ain Shams information network, - Vice dean of post graduate studies and research, - Vice dean of environmental and social affairs, - Member in editorial board of many Int. journals, - Member in Scientific committee of many int. conferences - Executive chair of int. conf. on information and intelligent systems, - Published more than 60 scientific papers in int. journals and conference, Supervised more than 20 master and Ph. D thesis. 3
About the course • The materials of this course were collected from many resources, include the reference book, other books, online courses, presentations, and web sites. • There are many details will be given to simplify topics in this course, however at the end of the course the most important topics will be highlighted. • The delivered materials through this presentation is your main resource, • This presentation will be delivered to your. • There will be term exams 60% • The final exam 40% • The exam will include subjective and objective questions, • Through this course try to extends your knowledge by improving your self learning capabilities. 4
• This course is to some extend a hard course, but we will try to simplify it as much as we can. So try to get in step by step.
ntaymoor19600@gmail.com 6
Course Objectives  To know the terminologies of cryptography  To understand the impact of cryptography on information security  To distinguish between symmetric and asymmetric encryption  To recognize different types of encryption algorithms  To know the roles and the differences between steganography and watermarking 7
Basics of Cryptography and Secure Data How safe is the online connectivity today? 8 8
What Is Information Security? • The U.S. Government’s National Information Assurance Glossary defines INFOSEC as: “Protection of information systems against unauthorized access to or modification of information, whether in storage, processing or transit, and against the denial of service to authorized users or the provision of service to unauthorized users, including those measures necessary to detect, document, and counter such threats.”
10 Layers of security  A successful organization should have multiple layers of security in place:  Physical security  Personal security  Operations security  Communications security  Network security  Information security 10
Where is Security needed? • Military communications- • Electronic Commerce • E-banking • Secure Storage • Internet Applications: e-mail etc • Wireless networks: GSM, Wi fi, WiMAX, Blue Tooth • All popular Web browsers use built-in encryption features 11
Security Attacks • Passive attacks – Obtain message contents – Monitoring traffic flows • Active attacks – Masquerade (reuse) of one entity as some other – Replay previous messages – Modify messages in transmit – Add, delete messages – Denial of service 12
Passive Attacks • Reading contents of messages • Also called eavesdropping • Difficult to detect passive attacks 13
14 Active Attacks • Modification or creation of messages (by attackers) • Four categories: modification of messages, replay, masquerade, denial of service • Easy to detect but difficult to prevent • Defense: detect attacks and recover from damages
15
16
17
Techniques for securing transmission of data • - Cryptography • - Steganography • - Watermark 18
Cryptography cryptos hidden graphia writing Steganography steganos graphia covered writing Cryptography vs. Steganography 19 It hide the meaning of the massage It cover the massage itself
Watermarking, Steganography & Digital signature Goal of steganography – Intruder cannot detect a message – Primarily 1:1 communication Goal of watermarking – Intruder cannot remove or replace the message – Primarily 1:many communication Goal of Digital signature – Simulate the security of a signature in digital, rather than written, form. 20
What is Cryptography  Cryptography is the study of mathematical techniques related to aspects of information security such as confidentiality, data integrity, authentication, and non-repudiation. The modern cryptography use the computer to implement encryption algorithms.  The aim is to hide the meaning of the message rather than its presence. This can be done by scrambling the letters around of the plain text and turn into ciphertext.  To decrypt that ciphertext into plaintext, you need an encryption key,( a series of bits that decode the text). 21 21
About the keys • Keys can be created or generated in many ways, but computers commonly generate them. Ideally, each key is truly random. • A random number generator (RNG) or a pseudo-random number generator (PRNG) , is frequently used for this purpose. • The difference between an RNG and a PRNG is that the RNG autonomously generates random numbers, whereas a PRNG is computer- based and creates a somewhat random number based on seed values that are readily available within the computer. 23
Terminologies • encipher (encrypt) - converting plaintext to ciphertext • decipher (decrypt) - recovering plaintext from ciphertext • cryptography - study of encryption principles/methods • cryptanalysis (codebreaking) - the study of principles/ • methods of deciphering ciphertext without knowing key • cryptology - the field of both cryptography and cryptanalysis • decryption Algorithm, It is a mathematical process, that produces a unique plaintext for any given ciphertext and decryption key. It is a cryptographic algorithm that takes a ciphertext and a decryption key as input, and outputs a plaintext. The decryption algorithm essentially reverses the encryption algorithm and is thus closely related to it. 24
• Keyspace – Total number of possible values of keys in a crypto algorithm • Stream cipher = a cipher which acts on the plaintext one symbol at a time. • Block cipher = a cipher which acts on the plaintext in blocks of symbols. • Substitution cipher = a stream cipher which acts on the plaintext by making a substitution of the characters with elements of a new alphabet. • Transposition cipher = a block cipher which acts on the plaintext by permuting the positions of the characters in the plaintext. 25
• Monoalphabetic substitution: uses only one alphabet. • Polyalphabetic substitution: more advanced; uses two or more alphabets. • Vigenère cipher: advanced cipher type that uses simple polyalphabetic code; made up of 26 distinct cipher alphabets. 26
 Cryptanalysis: the science of breaking cryptographic algorithms.  Cryptanalyst: a person who breaks cryptographic codes; also referred to as “the attacker”. • An interceptor (an attacker-intruder) is an unauthorized entity who attempts to determine the plaintext. He can see the ciphertext and may know the decryption algorithm. He, however, must never know the decryption key. • Cryptosystem – The combination of • Crypto algorithm+ key+ and key management functions used to perform cryptographic operations. 27
What Is Key Management and Why Is It Important? • Key management is another important aspect of encryption. Keys are how all of that encrypted data becomes readable, so how you handle them is just as sensitive as the data itself. • Many businesses worry about this aspect of encryption—after all, if you lose an encryption key, you lose access to your data, too. That’s why key management dictates how keys are stored (and shared) . 28
What is a cryptographic system composed of?  Plaintext: original message or data (also called cleartext)  Encryption: transforming the plaintext, under the control of the key  Ciphertext: encrypted plaintext  Decryption: transforming the ciphertext back to the original plaintext  Cryptographic key: used with an algorithm to determine the transformation from plaintext to ciphertext, and v.v.  The key is a random string of 40 to 4,000 bits (ones and zeros) . Longer keys are harder to guess and provide stronger confidentiality. For a given cipher, different keys will generate different cipher texts from the same plaintext 29 (encryption) (encryption key) C PP (decryption) Sender Receiver (decryption key) 29
Cryptography • can characterize by: – type of encryption operations used • substitution / transposition / product – number of keys used • single-key symmetric or private / asymmetric or two-key or public – way in which plaintext is processed • block / stream
• In cryptography, we start with the unencrypted data, referred to as plaintext. Plaintext is encrypted into ciphertext, which will in turn (usually) be decrypted into usable plaintext. • The encryption and decryption is based upon the type of cryptography scheme being employed and some form of key. For those who like formulas, this process is sometimes written as: • C = Ek(P) or E(P,K) P = Dk(C) or D(C,k) • where P = plaintext, C = ciphertext, E = the encryption method, D = the decryption method, and k = the key. 31
Page 32 Private Key Algorithms (one key) Encryption Decryption Key1 Key1 Cyphertext Ek(M) = C Dk(C) = M Original Plaintext Plaintext
Cryptographic techniques allow a sender to hide data so that an intruder can gain no information from the intercepted data. The receiver, of course must be able to recover the original data from the disguised data. However, there is always a chance for an intruder to discover the transmitted data base on the method used for encryption. Intruder in crypto system 33
Types of encryption • 1- Secret-key algorithms: Also known as symmetric algorithms, or private-key, this algorithm uses the same key for encryption and decryption. This is a touch more vulnerable because anyone who gets a hold of that one key can read anything you encrypt. Also, passing that secret key over internet or network connections makes it more vulnerable to theft. • 2- Public-key algorithms: These are also known as asymmetric algorithms. With public-key encryption, there are two different, related encryption keys—one for encryption, and one for decryption. The public key is how the information is sent to you, and the private key decodes it. The benefit here is the key isn’t subject to being sent over insecure networks, but it does require more computer processing power so it’s a bit slower. • 3- Hash function: A mathematical transformation that takes a message of arbitrary length and computes it a fixed-length (short) number. 34
Types of Cryptographic functions 35
• 4- Block ciphers: Like the Data Encryption Standard (DES), or Triple Data Encryption Standard 3DES, these encrypt data a block at a time. Triple DES uses three keys and is a pretty great encryption option for financial institutions that need to protect sensitive information. • 5- Stream ciphers: A symmetric algorithm, it uses a keystream, a series of randomized numbers, to encrypt plaintext one character at a time. Rabbit, W7, and RC4 are popular stream ciphers. 36
• 6- Elliptic curve cryptography: A new form of public-key encryption, it can be practically unbreakable for normal computers, or “hard.” • 7- Blockchain cryptography: Blockchain technology is essentially a type of distributed database, best known as the basis for Bitcoin, that uses cryptography to safely store data about financial transactions. • There are 2.9 to 5.8 million unique users using a cryptocurrency wallet, most of them using bitcoin. 37
Some popular Encryption algorithms • 1- Advanced Encryption Standard (AES): A block cipher, that offers 128-, 192-, and 256-bit encryption, the last two reserved for instances that require extra-strength protection. • 2- RSA: This asymmetric algorithm uses paired keys and is pretty standard for encrypting information sent over the internet. • 3- IDEA (International Data Encryption Algorithm): This block cipher with a 128-bit key has a great track record for not being broken. • 4- Signal Protocol: This open-source encryption protocol is used for asynchronous messaging, like email. 38
• 5- Blowfish and Twofish: Both of these block ciphers are popular among e-commerce platforms for protecting payment information. Twofish is the successor and offers longer encryption keys. • 6- Ring Learning With Errors or Ring- LWE: This protocol adding in a new type of encryption that might be unbreakable by quantum computers. 39
History of Cryptography 41
“Human ingenuity cannot invent a cipher which human ingenuity cannot resolve.” Edgar Allan Poe, 1841 History of Crypto: 3000BC-2XXX 42
Encryption before and after computer • Before using computer in encryption the massages were encrypted based on changing in the characters sequence, or order, and the keys were a character, a set of characters, or number. • After using the computers the massages were encrypted base on changing on the bits that represent the characters, and the keys were a set of bits of specific length.
44
Rosetta Stone the Rosetta Stone helped scholars at long last crack the code of hieroglyphics, the ancient Egyptian writing system 45
• There are three eras in the history of Cryptography: – The Manual era – The Mechanical era – The Modern era • Manual era refers to Pen and Paper Cryptography and dates back to 2000 B.C.eg . • first known use of a modern cipher was by Julius Caesar (100 BC- 44 BC) • Mechanical era refers to the invention of cipher machines. E.g.: Japanese Red and Purple Machines , German Enigma. • The modern era of cryptography refers to computers. • There are infinite permutations of cryptography available using computers. E.g.: Lucifer, Rijndael , RSA , ElGamal. 46
Or the eras • Pre-WWII – Cryptography as a craft – Widely used, but few provable techniques • 1940s-1970 – Secret key encryption introduced – Information theory used to characterize security • 1970-present – Public key systems introduced 47
Cryptographic Attacks 48
Cryptographic Attacks • The basic intention of an attacker is to break a cryptosystem and to find the plaintext from the ciphertext. To obtain the plaintext, the attacker only needs to find out the secret decryption key, as the algorithm is already in public domain. • Hence, he applies maximum effort towards finding out the secret key used in the cryptosystem. Once the attacker is able to determine the key, the attacked system is considered as broken or compromised. • Based on the methodology used, attacks on cryptosystems are categorized as follows − 49
• Ciphertext Only Attacks (COA) − In this method, the attacker has access to a set of ciphertext(s). He does not have access to corresponding plaintext. COA is said to be successful when the corresponding plaintext can be determined from a given set of ciphertext. Occasionally, the encryption key can be determined from this attack. Modern cryptosystems are guarded against ciphertext- only attacks. • Known Plaintext Attack (KPA) − In this method, the attacker knows the plaintext for some parts of the ciphertext. The task is to decrypt the rest of the ciphertext using this information. This may be done by determining the key or via some other method. • Chosen Plaintext Attack (CPA) − In this method, the attacker has the text of his choice encrypted. So he has the ciphertext-plaintext pair of his choice. This simplifies his task of determining the encryption key. 50
• Dictionary Attack − This attack has many variants, all of which involve compiling a ‘dictionary’. In simplest method of this attack, attacker builds a dictionary of ciphertexts and corresponding plaintexts that he has learnt over a period of time. • In future, when an attacker gets the ciphertext, he refers the dictionary to find the corresponding plaintext. • Brute Force Attack (BFA) − In this method, the attacker tries to determine the key by attempting all possible keys. If the key is 8 bits long, then the number of possible keys is 28 = 256. The attacker knows the ciphertext and the algorithm, now he attempts all the 256 keys one by one for decryption. • The time to complete the attack would be very high if the key is long. 51
Brute-Force Attack • Try every key to decipher the ciphertext. • On average, need to try half of all possible keys • Time needed proportional to size of key space 52
• Man in Middle Attack (MIM) − The targets of this attack are mostly public key cryptosystems where key exchange is involved before communication takes place. • Host A wants to communicate to host B, hence requests public key of B. • An attacker intercepts this request and sends his public key instead. Thus, whatever host A sends to host B, the attacker is able to read. • In order to maintain communication, the attacker re- encrypts the data after reading with his public key and sends to B. • The attacker sends his public key as A’s public key so that B takes it as if it is taking it from A. 53
The General Goals of Cryptography • Confidentiality; assuring that only authorized parties are able to understand the data. • Integrity; ensuring that when a message is sent over a network, the message that arrives is the same as the message that was originally sent. 55
Goals (cont.) • Authentication; ensuring that whoever supplies or accesses sensitive data is an authorized party. • Nonrepudiation; ensuring that the intended recipient actually received the message & ensuring that the sender actually sent the message. 56
More on Confidentiality • Confidentiality means that only authorized parties are able to understand the data (authorized from the perspective of the party that encrypted the data). • It is okay if unauthorized parties know that there is data. It is even okay if they copy the data, so long as they cannot understand it. 57
Authentication • How can we know that a party that provides us with sensitive data is an authorized party? • How can we know that the party that is accessing sensitive data is an authorized party? • This is a difficult problem on the Internet. • Two solutions are: – Passwords – Digital signatures 58
Integrity • This involves ensuring that when a message (or any kind of data, including documents and programs) is sent over a network, the data that arrives is the same as the data that was originally sent. It is important that the data has not been tampered with. • Technical solutions include: – Encryption – Hashing algorithms 59
Nonrepudiation • Ensuring that the intended recipient actually got the message. • Ensuring that the alleged sender actually sent the message. • This is a difficult problem. How do we prove that a person's cryptographic credentials have not been compromised? 60
Symmetric-key ciphers: Block ciphers Stream ciphers Public-key ciphers Cryptographic Goals Cryptographic goals Confidentiality Data integrity Authentication Non-repudiation Message authentication Entity authenticationArbitrary length hash functions Message Authentication codes (MACs) Digital signatures Authentication primitives Digital signatures MACs Digital signatures 61
End of part -1

Recommended

5 Cryptography Part1
5 Cryptography Part15 Cryptography Part1
5 Cryptography Part1Alfred Ouyang
 
Cryptography
Cryptography Cryptography
Cryptography أحلام انصارى
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Network Security Topic 4 cryptography2
Network Security Topic 4 cryptography2Network Security Topic 4 cryptography2
Network Security Topic 4 cryptography2Khawar Nehal khawar.nehal@atrc.net.pk
 
Cryptography
CryptographyCryptography
CryptographyJohnsonDaniel JohnsonDaniel
 
RSA Algoritmn
RSA AlgoritmnRSA Algoritmn
RSA AlgoritmnDr. Kapil Gupta
 
Network security & cryptography full notes
Network security & cryptography full notesNetwork security & cryptography full notes
Network security & cryptography full notesgangadhar9989166446
 
Types of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic AttackTypes of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic AttackMona Rajput
 

Recommended

5 Cryptography Part1
5 Cryptography Part15 Cryptography Part1
5 Cryptography Part1Alfred Ouyang
 
Cryptography
Cryptography Cryptography
Cryptography أحلام انصارى
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Network Security Topic 4 cryptography2
Network Security Topic 4 cryptography2Network Security Topic 4 cryptography2
Network Security Topic 4 cryptography2Khawar Nehal khawar.nehal@atrc.net.pk
 
Cryptography
CryptographyCryptography
CryptographyJohnsonDaniel JohnsonDaniel
 
RSA Algoritmn
RSA AlgoritmnRSA Algoritmn
RSA AlgoritmnDr. Kapil Gupta
 
Network security & cryptography full notes
Network security & cryptography full notesNetwork security & cryptography full notes
Network security & cryptography full notesgangadhar9989166446
 
Types of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic AttackTypes of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic AttackMona Rajput
 
Network security
Network securityNetwork security
Network securityABHISHEK KUMAR
 
Cryptography-Known plain text attack
Cryptography-Known plain text attack Cryptography-Known plain text attack
Cryptography-Known plain text attack amiteshg
 
Cryptographic tools
Cryptographic toolsCryptographic tools
Cryptographic toolsCAS
 
Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Saif Kassim
 
Cryptography
CryptographyCryptography
CryptographyAbhi Prithi
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network securityshraddha mane
 
Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture NotesFellowBuddy.com
 
Basic cryptography
Basic cryptographyBasic cryptography
Basic cryptographyPerfect Training Center
 
Cryptography for Everyone
Cryptography for EveryoneCryptography for Everyone
Cryptography for EveryoneSerkan Yıldırım
 
Cryptography
CryptographyCryptography
CryptographySidharth Mohapatra
 
Cryptography full report
Cryptography full reportCryptography full report
Cryptography full reportharpoo123143
 
Cryptography in Python
Cryptography in PythonCryptography in Python
Cryptography in PythonAmirali Sanatinia
 
Cryptography, a science of secure writing
Cryptography, a science of secure writingCryptography, a science of secure writing
Cryptography, a science of secure writingtahirilyas92
 
Cryptanalysis 101
Cryptanalysis 101Cryptanalysis 101
Cryptanalysis 101rahat ali
 
CISSP Week 20
CISSP Week 20CISSP Week 20
CISSP Week 20jemtallon
 
cryptography
cryptographycryptography
cryptographyJai Nathwani
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and CryptographyAdam Reagan
 
Encryption algorithms
Encryption algorithmsEncryption algorithms
Encryption algorithmstrilokchandra prakash
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.pptkusum sharma
 
Cryptography
CryptographyCryptography
CryptographyDarshini Parikh
 
Cryptography and Network Security-ch1-4.pptx
Cryptography and Network Security-ch1-4.pptxCryptography and Network Security-ch1-4.pptx
Cryptography and Network Security-ch1-4.pptxSamiDan3
 
chapter 1-4.pdf
chapter 1-4.pdfchapter 1-4.pdf
chapter 1-4.pdfzerihunnana
 

More Related Content

What's hot

Cryptography-Known plain text attack
Cryptography-Known plain text attack Cryptography-Known plain text attack
Cryptography-Known plain text attack amiteshg
 
Cryptographic tools
Cryptographic toolsCryptographic tools
Cryptographic toolsCAS
 
Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Saif Kassim
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network securityshraddha mane
 
Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture NotesFellowBuddy.com
 
Cryptography full report
Cryptography full reportCryptography full report
Cryptography full reportharpoo123143
 
Cryptography, a science of secure writing
Cryptography, a science of secure writingCryptography, a science of secure writing
Cryptography, a science of secure writingtahirilyas92
 
Cryptanalysis 101
Cryptanalysis 101Cryptanalysis 101
Cryptanalysis 101rahat ali
 
CISSP Week 20
CISSP Week 20CISSP Week 20
CISSP Week 20jemtallon
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and CryptographyAdam Reagan
 

What's hot (20)

Network security
Network securityNetwork security
Network security
 
Cryptography-Known plain text attack
Cryptography-Known plain text attack Cryptography-Known plain text attack
Cryptography-Known plain text attack
 
Cryptographic tools
Cryptographic toolsCryptographic tools
Cryptographic tools
 
Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network security
 
Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture Notes
 
Basic cryptography
Basic cryptographyBasic cryptography
Basic cryptography
 
Cryptography for Everyone
Cryptography for EveryoneCryptography for Everyone
Cryptography for Everyone
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography full report
Cryptography full reportCryptography full report
Cryptography full report
 
Cryptography in Python
Cryptography in PythonCryptography in Python
Cryptography in Python
 
Cryptography, a science of secure writing
Cryptography, a science of secure writingCryptography, a science of secure writing
Cryptography, a science of secure writing
 
Cryptanalysis 101
Cryptanalysis 101Cryptanalysis 101
Cryptanalysis 101
 
CISSP Week 20
CISSP Week 20CISSP Week 20
CISSP Week 20
 
cryptography
cryptographycryptography
cryptography
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and Cryptography
 
Encryption algorithms
Encryption algorithmsEncryption algorithms
Encryption algorithms
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
 
Cryptography
CryptographyCryptography
Cryptography
 

Similar to Introduction to cryptography part1-final

Cryptography and Network Security-ch1-4.pptx
Cryptography and Network Security-ch1-4.pptxCryptography and Network Security-ch1-4.pptx
Cryptography and Network Security-ch1-4.pptxSamiDan3
 
information technology cryptography Msc chapter 1-4.pdf
information technology cryptography Msc chapter 1-4.pdfinformation technology cryptography Msc chapter 1-4.pdf
information technology cryptography Msc chapter 1-4.pdfwondimagegndesta
 
Symmetric ciphermodel
Symmetric ciphermodelSymmetric ciphermodel
Symmetric ciphermodelpriyapavi96
 
symmetric cipher model.pptx
symmetric cipher model.pptxsymmetric cipher model.pptx
symmetric cipher model.pptxAjaykumar967485
 
Encryption techniques
Encryption techniquesEncryption techniques
Encryption techniquesMohitManna
 
Information and network security 11 cryptography and cryptanalysis
Information and network security 11 cryptography and cryptanalysisInformation and network security 11 cryptography and cryptanalysis
Information and network security 11 cryptography and cryptanalysisVaibhav Khanna
 
Cryptography : The Art of Secured Messaging
Cryptography : The Art of Secured MessagingCryptography : The Art of Secured Messaging
Cryptography : The Art of Secured MessagingSumit Satam
 
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptxUNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptxssuserd5e356
 
Cryptography 1
Cryptography 1Cryptography 1
Cryptography 1bhanu7161
 
Basic Cryptography.pdf
Basic Cryptography.pdfBasic Cryptography.pdf
Basic Cryptography.pdfSetiya Nugroho
 
Chapter 1- Fundamentals of Cryptography.pdf
Chapter 1- Fundamentals of Cryptography.pdfChapter 1- Fundamentals of Cryptography.pdf
Chapter 1- Fundamentals of Cryptography.pdfkiyya3
 
Lecture 5 - Cryptography.pptx
Lecture 5 - Cryptography.pptxLecture 5 - Cryptography.pptx
Lecture 5 - Cryptography.pptxmustafaenayat
 

Similar to Introduction to cryptography part1-final (20)

Cryptography and Network Security-ch1-4.pptx
Cryptography and Network Security-ch1-4.pptxCryptography and Network Security-ch1-4.pptx
Cryptography and Network Security-ch1-4.pptx
 
chapter 1-4.pdf
chapter 1-4.pdfchapter 1-4.pdf
chapter 1-4.pdf
 
information technology cryptography Msc chapter 1-4.pdf
information technology cryptography Msc chapter 1-4.pdfinformation technology cryptography Msc chapter 1-4.pdf
information technology cryptography Msc chapter 1-4.pdf
 
CRYPTOGRAPHY
CRYPTOGRAPHYCRYPTOGRAPHY
CRYPTOGRAPHY
 
groupWork.pptx
groupWork.pptxgroupWork.pptx
groupWork.pptx
 
Symmetric ciphermodel
Symmetric ciphermodelSymmetric ciphermodel
Symmetric ciphermodel
 
symmetric cipher model.pptx
symmetric cipher model.pptxsymmetric cipher model.pptx
symmetric cipher model.pptx
 
Encryption techniques
Encryption techniquesEncryption techniques
Encryption techniques
 
Information and network security 11 cryptography and cryptanalysis
Information and network security 11 cryptography and cryptanalysisInformation and network security 11 cryptography and cryptanalysis
Information and network security 11 cryptography and cryptanalysis
 
Cryptography : The Art of Secured Messaging
Cryptography : The Art of Secured MessagingCryptography : The Art of Secured Messaging
Cryptography : The Art of Secured Messaging
 
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptxUNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
 
Cryptography cse,ru
Cryptography cse,ruCryptography cse,ru
Cryptography cse,ru
 
Network security
Network securityNetwork security
Network security
 
Cryptography 1
Cryptography 1Cryptography 1
Cryptography 1
 
Lesson 1
Lesson 1Lesson 1
Lesson 1
 
Basic Cryptography.pdf
Basic Cryptography.pdfBasic Cryptography.pdf
Basic Cryptography.pdf
 
Fundamentals of cryptography
Fundamentals of cryptographyFundamentals of cryptography
Fundamentals of cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Chapter 1- Fundamentals of Cryptography.pdf
Chapter 1- Fundamentals of Cryptography.pdfChapter 1- Fundamentals of Cryptography.pdf
Chapter 1- Fundamentals of Cryptography.pdf
 
Lecture 5 - Cryptography.pptx
Lecture 5 - Cryptography.pptxLecture 5 - Cryptography.pptx
Lecture 5 - Cryptography.pptx
 

More from Taymoor Nazmy

Artificial intelligent Lec 5-logic
Artificial intelligent Lec 5-logicArtificial intelligent Lec 5-logic
Artificial intelligent Lec 5-logicTaymoor Nazmy
 
Artificial intelligent Lec 3-ai chapter3-search
Artificial intelligent Lec 3-ai chapter3-searchArtificial intelligent Lec 3-ai chapter3-search
Artificial intelligent Lec 3-ai chapter3-searchTaymoor Nazmy
 
Artificial intelligent Lec 1-ai-introduction-
Artificial intelligent Lec 1-ai-introduction-Artificial intelligent Lec 1-ai-introduction-
Artificial intelligent Lec 1-ai-introduction-Taymoor Nazmy
 
Image processing 1-lectures
Image processing 1-lecturesImage processing 1-lectures
Image processing 1-lecturesTaymoor Nazmy
 
Software Engineering Lec 10 -software testing--
Software Engineering Lec 10 -software testing--Software Engineering Lec 10 -software testing--
Software Engineering Lec 10 -software testing--Taymoor Nazmy
 
Software Engineering Lec 8-design-
Software Engineering Lec 8-design-Software Engineering Lec 8-design-
Software Engineering Lec 8-design-Taymoor Nazmy
 
Software Engineering Lec 7-uml-
Software Engineering Lec 7-uml-Software Engineering Lec 7-uml-
Software Engineering Lec 7-uml-Taymoor Nazmy
 
Software Engineering Lec5 oop-uml-i
Software Engineering Lec5 oop-uml-iSoftware Engineering Lec5 oop-uml-i
Software Engineering Lec5 oop-uml-iTaymoor Nazmy
 
Software Engineering Lec 4-requirments
Software Engineering Lec 4-requirmentsSoftware Engineering Lec 4-requirments
Software Engineering Lec 4-requirmentsTaymoor Nazmy
 
Software Engineering Lec 3-project managment
Software Engineering Lec 3-project managmentSoftware Engineering Lec 3-project managment
Software Engineering Lec 3-project managmentTaymoor Nazmy
 
Software Engineering Lec 2
Software Engineering Lec 2Software Engineering Lec 2
Software Engineering Lec 2Taymoor Nazmy
 
Software Engineering Lec 1-introduction
Software Engineering Lec 1-introductionSoftware Engineering Lec 1-introduction
Software Engineering Lec 1-introductionTaymoor Nazmy
 

More from Taymoor Nazmy (20)

Cognitive systems
Cognitive systemsCognitive systems
Cognitive systems
 
Cognitive systems
Cognitive systemsCognitive systems
Cognitive systems
 
Artificial intelligent Lec 5-logic
Artificial intelligent Lec 5-logicArtificial intelligent Lec 5-logic
Artificial intelligent Lec 5-logic
 
Artificial intelligent Lec 3-ai chapter3-search
Artificial intelligent Lec 3-ai chapter3-searchArtificial intelligent Lec 3-ai chapter3-search
Artificial intelligent Lec 3-ai chapter3-search
 
Lec 2-agents
Lec 2-agentsLec 2-agents
Lec 2-agents
 
Artificial intelligent Lec 1-ai-introduction-
Artificial intelligent Lec 1-ai-introduction-Artificial intelligent Lec 1-ai-introduction-
Artificial intelligent Lec 1-ai-introduction-
 
Image processing 2
Image processing 2Image processing 2
Image processing 2
 
Image processing 1-lectures
Image processing 1-lecturesImage processing 1-lectures
Image processing 1-lectures
 
Software Engineering Lec 10 -software testing--
Software Engineering Lec 10 -software testing--Software Engineering Lec 10 -software testing--
Software Engineering Lec 10 -software testing--
 
Software Engineering Lec 8-design-
Software Engineering Lec 8-design-Software Engineering Lec 8-design-
Software Engineering Lec 8-design-
 
Software Engineering Lec 7-uml-
Software Engineering Lec 7-uml-Software Engineering Lec 7-uml-
Software Engineering Lec 7-uml-
 
Software Engineering Lec5 oop-uml-i
Software Engineering Lec5 oop-uml-iSoftware Engineering Lec5 oop-uml-i
Software Engineering Lec5 oop-uml-i
 
Software Engineering Lec 4-requirments
Software Engineering Lec 4-requirmentsSoftware Engineering Lec 4-requirments
Software Engineering Lec 4-requirments
 
Software Engineering Lec 3-project managment
Software Engineering Lec 3-project managmentSoftware Engineering Lec 3-project managment
Software Engineering Lec 3-project managment
 
Software Engineering Lec 2
Software Engineering Lec 2Software Engineering Lec 2
Software Engineering Lec 2
 
Software Engineering Lec 1-introduction
Software Engineering Lec 1-introductionSoftware Engineering Lec 1-introduction
Software Engineering Lec 1-introduction
 
Lec 6-
Lec 6-Lec 6-
Lec 6-
 
presentation skill
presentation skillpresentation skill
presentation skill
 
Lec 4
Lec 4Lec 4
Lec 4
 
Lec 3
Lec 3Lec 3
Lec 3
 

Recently uploaded

Biting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfBiting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfadityarao40181
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaVirag Sontakke
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
Science lesson Moon for 4th quarter lesson
Science lesson Moon for 4th quarter lessonScience lesson Moon for 4th quarter lesson
Science lesson Moon for 4th quarter lessonJericReyAuditor
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 

Recently uploaded (20)

Biting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfBiting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdf
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of India
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
Science lesson Moon for 4th quarter lesson
Science lesson Moon for 4th quarter lessonScience lesson Moon for 4th quarter lesson
Science lesson Moon for 4th quarter lesson
 
9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 

Introduction to cryptography part1-final

  • 1. Course code: CSC445 Course title : IntroductiontoCryptographyand informationsecurity PART: 1 Prof. Taymoor Mohamed Nazmy Dept. of computer science, faculty of computer science, Ain Shams uni. Ex-vice dean of post graduate studies and research Cairo, Egypt 1
  • 2. Course Description • 1-Basic concepts of cryptography and secure data: • 2- Overview of Cryptography and information security, • 3-Shannon and cryptography, Substitution Ciphers, • 4-5-Transposition, and Polyalphabetic Ciphers, , Rotor Machine • 6-7-Block Ciphers: symmetric key systems, DES, AES, Public Key Systems, stream cipher. • 8- RSA System, Key Management, , Linear Shift Registers, • 9-Digital Signatures and Authentication , • 10-11-Watermarking and Steganography, Applications. • 12- Review. • Text book • Stinson D. R., Cryptography: Theory and Practice, CRC Press • Stallings_Cryptography_and_Network_Security-book • 2
  • 3. About the lecturer - Prof. of computer science since 2006, - Director of Ain Shams information network, - Vice dean of post graduate studies and research, - Vice dean of environmental and social affairs, - Member in editorial board of many Int. journals, - Member in Scientific committee of many int. conferences - Executive chair of int. conf. on information and intelligent systems, - Published more than 60 scientific papers in int. journals and conference, Supervised more than 20 master and Ph. D thesis. 3
  • 4. About the course • The materials of this course were collected from many resources, include the reference book, other books, online courses, presentations, and web sites. • There are many details will be given to simplify topics in this course, however at the end of the course the most important topics will be highlighted. • The delivered materials through this presentation is your main resource, • This presentation will be delivered to your. • There will be term exams 60% • The final exam 40% • The exam will include subjective and objective questions, • Through this course try to extends your knowledge by improving your self learning capabilities. 4
  • 5. • This course is to some extend a hard course, but we will try to simplify it as much as we can. So try to get in step by step.
  • 7. Course Objectives  To know the terminologies of cryptography  To understand the impact of cryptography on information security  To distinguish between symmetric and asymmetric encryption  To recognize different types of encryption algorithms  To know the roles and the differences between steganography and watermarking 7
  • 8. Basics of Cryptography and Secure Data How safe is the online connectivity today? 8 8
  • 9. What Is Information Security? • The U.S. Government’s National Information Assurance Glossary defines INFOSEC as: “Protection of information systems against unauthorized access to or modification of information, whether in storage, processing or transit, and against the denial of service to authorized users or the provision of service to unauthorized users, including those measures necessary to detect, document, and counter such threats.”
  • 10. 10 Layers of security  A successful organization should have multiple layers of security in place:  Physical security  Personal security  Operations security  Communications security  Network security  Information security 10
  • 11. Where is Security needed? • Military communications- • Electronic Commerce • E-banking • Secure Storage • Internet Applications: e-mail etc • Wireless networks: GSM, Wi fi, WiMAX, Blue Tooth • All popular Web browsers use built-in encryption features 11
  • 12. Security Attacks • Passive attacks – Obtain message contents – Monitoring traffic flows • Active attacks – Masquerade (reuse) of one entity as some other – Replay previous messages – Modify messages in transmit – Add, delete messages – Denial of service 12
  • 13. Passive Attacks • Reading contents of messages • Also called eavesdropping • Difficult to detect passive attacks 13
  • 14. 14 Active Attacks • Modification or creation of messages (by attackers) • Four categories: modification of messages, replay, masquerade, denial of service • Easy to detect but difficult to prevent • Defense: detect attacks and recover from damages
  • 15. 15
  • 16. 16
  • 17. 17
  • 18. Techniques for securing transmission of data • - Cryptography • - Steganography • - Watermark 18
  • 19. Cryptography cryptos hidden graphia writing Steganography steganos graphia covered writing Cryptography vs. Steganography 19 It hide the meaning of the massage It cover the massage itself
  • 20. Watermarking, Steganography & Digital signature Goal of steganography – Intruder cannot detect a message – Primarily 1:1 communication Goal of watermarking – Intruder cannot remove or replace the message – Primarily 1:many communication Goal of Digital signature – Simulate the security of a signature in digital, rather than written, form. 20
  • 21. What is Cryptography  Cryptography is the study of mathematical techniques related to aspects of information security such as confidentiality, data integrity, authentication, and non-repudiation. The modern cryptography use the computer to implement encryption algorithms.  The aim is to hide the meaning of the message rather than its presence. This can be done by scrambling the letters around of the plain text and turn into ciphertext.  To decrypt that ciphertext into plaintext, you need an encryption key,( a series of bits that decode the text). 21 21
  • 22.
  • 23. About the keys • Keys can be created or generated in many ways, but computers commonly generate them. Ideally, each key is truly random. • A random number generator (RNG) or a pseudo-random number generator (PRNG) , is frequently used for this purpose. • The difference between an RNG and a PRNG is that the RNG autonomously generates random numbers, whereas a PRNG is computer- based and creates a somewhat random number based on seed values that are readily available within the computer. 23
  • 24. Terminologies • encipher (encrypt) - converting plaintext to ciphertext • decipher (decrypt) - recovering plaintext from ciphertext • cryptography - study of encryption principles/methods • cryptanalysis (codebreaking) - the study of principles/ • methods of deciphering ciphertext without knowing key • cryptology - the field of both cryptography and cryptanalysis • decryption Algorithm, It is a mathematical process, that produces a unique plaintext for any given ciphertext and decryption key. It is a cryptographic algorithm that takes a ciphertext and a decryption key as input, and outputs a plaintext. The decryption algorithm essentially reverses the encryption algorithm and is thus closely related to it. 24
  • 25. • Keyspace – Total number of possible values of keys in a crypto algorithm • Stream cipher = a cipher which acts on the plaintext one symbol at a time. • Block cipher = a cipher which acts on the plaintext in blocks of symbols. • Substitution cipher = a stream cipher which acts on the plaintext by making a substitution of the characters with elements of a new alphabet. • Transposition cipher = a block cipher which acts on the plaintext by permuting the positions of the characters in the plaintext. 25
  • 26. • Monoalphabetic substitution: uses only one alphabet. • Polyalphabetic substitution: more advanced; uses two or more alphabets. • Vigenère cipher: advanced cipher type that uses simple polyalphabetic code; made up of 26 distinct cipher alphabets. 26
  • 27.  Cryptanalysis: the science of breaking cryptographic algorithms.  Cryptanalyst: a person who breaks cryptographic codes; also referred to as “the attacker”. • An interceptor (an attacker-intruder) is an unauthorized entity who attempts to determine the plaintext. He can see the ciphertext and may know the decryption algorithm. He, however, must never know the decryption key. • Cryptosystem – The combination of • Crypto algorithm+ key+ and key management functions used to perform cryptographic operations. 27
  • 28. What Is Key Management and Why Is It Important? • Key management is another important aspect of encryption. Keys are how all of that encrypted data becomes readable, so how you handle them is just as sensitive as the data itself. • Many businesses worry about this aspect of encryption—after all, if you lose an encryption key, you lose access to your data, too. That’s why key management dictates how keys are stored (and shared) . 28
  • 29. What is a cryptographic system composed of?  Plaintext: original message or data (also called cleartext)  Encryption: transforming the plaintext, under the control of the key  Ciphertext: encrypted plaintext  Decryption: transforming the ciphertext back to the original plaintext  Cryptographic key: used with an algorithm to determine the transformation from plaintext to ciphertext, and v.v.  The key is a random string of 40 to 4,000 bits (ones and zeros) . Longer keys are harder to guess and provide stronger confidentiality. For a given cipher, different keys will generate different cipher texts from the same plaintext 29 (encryption) (encryption key) C PP (decryption) Sender Receiver (decryption key) 29
  • 30. Cryptography • can characterize by: – type of encryption operations used • substitution / transposition / product – number of keys used • single-key symmetric or private / asymmetric or two-key or public – way in which plaintext is processed • block / stream
  • 31. • In cryptography, we start with the unencrypted data, referred to as plaintext. Plaintext is encrypted into ciphertext, which will in turn (usually) be decrypted into usable plaintext. • The encryption and decryption is based upon the type of cryptography scheme being employed and some form of key. For those who like formulas, this process is sometimes written as: • C = Ek(P) or E(P,K) P = Dk(C) or D(C,k) • where P = plaintext, C = ciphertext, E = the encryption method, D = the decryption method, and k = the key. 31
  • 32. Page 32 Private Key Algorithms (one key) Encryption Decryption Key1 Key1 Cyphertext Ek(M) = C Dk(C) = M Original Plaintext Plaintext
  • 33. Cryptographic techniques allow a sender to hide data so that an intruder can gain no information from the intercepted data. The receiver, of course must be able to recover the original data from the disguised data. However, there is always a chance for an intruder to discover the transmitted data base on the method used for encryption. Intruder in crypto system 33
  • 34. Types of encryption • 1- Secret-key algorithms: Also known as symmetric algorithms, or private-key, this algorithm uses the same key for encryption and decryption. This is a touch more vulnerable because anyone who gets a hold of that one key can read anything you encrypt. Also, passing that secret key over internet or network connections makes it more vulnerable to theft. • 2- Public-key algorithms: These are also known as asymmetric algorithms. With public-key encryption, there are two different, related encryption keys—one for encryption, and one for decryption. The public key is how the information is sent to you, and the private key decodes it. The benefit here is the key isn’t subject to being sent over insecure networks, but it does require more computer processing power so it’s a bit slower. • 3- Hash function: A mathematical transformation that takes a message of arbitrary length and computes it a fixed-length (short) number. 34
  • 35. Types of Cryptographic functions 35
  • 36. • 4- Block ciphers: Like the Data Encryption Standard (DES), or Triple Data Encryption Standard 3DES, these encrypt data a block at a time. Triple DES uses three keys and is a pretty great encryption option for financial institutions that need to protect sensitive information. • 5- Stream ciphers: A symmetric algorithm, it uses a keystream, a series of randomized numbers, to encrypt plaintext one character at a time. Rabbit, W7, and RC4 are popular stream ciphers. 36
  • 37. • 6- Elliptic curve cryptography: A new form of public-key encryption, it can be practically unbreakable for normal computers, or “hard.” • 7- Blockchain cryptography: Blockchain technology is essentially a type of distributed database, best known as the basis for Bitcoin, that uses cryptography to safely store data about financial transactions. • There are 2.9 to 5.8 million unique users using a cryptocurrency wallet, most of them using bitcoin. 37
  • 38. Some popular Encryption algorithms • 1- Advanced Encryption Standard (AES): A block cipher, that offers 128-, 192-, and 256-bit encryption, the last two reserved for instances that require extra-strength protection. • 2- RSA: This asymmetric algorithm uses paired keys and is pretty standard for encrypting information sent over the internet. • 3- IDEA (International Data Encryption Algorithm): This block cipher with a 128-bit key has a great track record for not being broken. • 4- Signal Protocol: This open-source encryption protocol is used for asynchronous messaging, like email. 38
  • 39. • 5- Blowfish and Twofish: Both of these block ciphers are popular among e-commerce platforms for protecting payment information. Twofish is the successor and offers longer encryption keys. • 6- Ring Learning With Errors or Ring- LWE: This protocol adding in a new type of encryption that might be unbreakable by quantum computers. 39
  • 40.
  • 42. “Human ingenuity cannot invent a cipher which human ingenuity cannot resolve.” Edgar Allan Poe, 1841 History of Crypto: 3000BC-2XXX 42
  • 43. Encryption before and after computer • Before using computer in encryption the massages were encrypted based on changing in the characters sequence, or order, and the keys were a character, a set of characters, or number. • After using the computers the massages were encrypted base on changing on the bits that represent the characters, and the keys were a set of bits of specific length.
  • 44. 44
  • 45. Rosetta Stone the Rosetta Stone helped scholars at long last crack the code of hieroglyphics, the ancient Egyptian writing system 45
  • 46. • There are three eras in the history of Cryptography: – The Manual era – The Mechanical era – The Modern era • Manual era refers to Pen and Paper Cryptography and dates back to 2000 B.C.eg . • first known use of a modern cipher was by Julius Caesar (100 BC- 44 BC) • Mechanical era refers to the invention of cipher machines. E.g.: Japanese Red and Purple Machines , German Enigma. • The modern era of cryptography refers to computers. • There are infinite permutations of cryptography available using computers. E.g.: Lucifer, Rijndael , RSA , ElGamal. 46
  • 47. Or the eras • Pre-WWII – Cryptography as a craft – Widely used, but few provable techniques • 1940s-1970 – Secret key encryption introduced – Information theory used to characterize security • 1970-present – Public key systems introduced 47
  • 49. Cryptographic Attacks • The basic intention of an attacker is to break a cryptosystem and to find the plaintext from the ciphertext. To obtain the plaintext, the attacker only needs to find out the secret decryption key, as the algorithm is already in public domain. • Hence, he applies maximum effort towards finding out the secret key used in the cryptosystem. Once the attacker is able to determine the key, the attacked system is considered as broken or compromised. • Based on the methodology used, attacks on cryptosystems are categorized as follows − 49
  • 50. • Ciphertext Only Attacks (COA) − In this method, the attacker has access to a set of ciphertext(s). He does not have access to corresponding plaintext. COA is said to be successful when the corresponding plaintext can be determined from a given set of ciphertext. Occasionally, the encryption key can be determined from this attack. Modern cryptosystems are guarded against ciphertext- only attacks. • Known Plaintext Attack (KPA) − In this method, the attacker knows the plaintext for some parts of the ciphertext. The task is to decrypt the rest of the ciphertext using this information. This may be done by determining the key or via some other method. • Chosen Plaintext Attack (CPA) − In this method, the attacker has the text of his choice encrypted. So he has the ciphertext-plaintext pair of his choice. This simplifies his task of determining the encryption key. 50
  • 51. • Dictionary Attack − This attack has many variants, all of which involve compiling a ‘dictionary’. In simplest method of this attack, attacker builds a dictionary of ciphertexts and corresponding plaintexts that he has learnt over a period of time. • In future, when an attacker gets the ciphertext, he refers the dictionary to find the corresponding plaintext. • Brute Force Attack (BFA) − In this method, the attacker tries to determine the key by attempting all possible keys. If the key is 8 bits long, then the number of possible keys is 28 = 256. The attacker knows the ciphertext and the algorithm, now he attempts all the 256 keys one by one for decryption. • The time to complete the attack would be very high if the key is long. 51
  • 52. Brute-Force Attack • Try every key to decipher the ciphertext. • On average, need to try half of all possible keys • Time needed proportional to size of key space 52
  • 53. • Man in Middle Attack (MIM) − The targets of this attack are mostly public key cryptosystems where key exchange is involved before communication takes place. • Host A wants to communicate to host B, hence requests public key of B. • An attacker intercepts this request and sends his public key instead. Thus, whatever host A sends to host B, the attacker is able to read. • In order to maintain communication, the attacker re- encrypts the data after reading with his public key and sends to B. • The attacker sends his public key as A’s public key so that B takes it as if it is taking it from A. 53
  • 54.
  • 55. The General Goals of Cryptography • Confidentiality; assuring that only authorized parties are able to understand the data. • Integrity; ensuring that when a message is sent over a network, the message that arrives is the same as the message that was originally sent. 55
  • 56. Goals (cont.) • Authentication; ensuring that whoever supplies or accesses sensitive data is an authorized party. • Nonrepudiation; ensuring that the intended recipient actually received the message & ensuring that the sender actually sent the message. 56
  • 57. More on Confidentiality • Confidentiality means that only authorized parties are able to understand the data (authorized from the perspective of the party that encrypted the data). • It is okay if unauthorized parties know that there is data. It is even okay if they copy the data, so long as they cannot understand it. 57
  • 58. Authentication • How can we know that a party that provides us with sensitive data is an authorized party? • How can we know that the party that is accessing sensitive data is an authorized party? • This is a difficult problem on the Internet. • Two solutions are: – Passwords – Digital signatures 58
  • 59. Integrity • This involves ensuring that when a message (or any kind of data, including documents and programs) is sent over a network, the data that arrives is the same as the data that was originally sent. It is important that the data has not been tampered with. • Technical solutions include: – Encryption – Hashing algorithms 59
  • 60. Nonrepudiation • Ensuring that the intended recipient actually got the message. • Ensuring that the alleged sender actually sent the message. • This is a difficult problem. How do we prove that a person's cryptographic credentials have not been compromised? 60
  • 61. Symmetric-key ciphers: Block ciphers Stream ciphers Public-key ciphers Cryptographic Goals Cryptographic goals Confidentiality Data integrity Authentication Non-repudiation Message authentication Entity authenticationArbitrary length hash functions Message Authentication codes (MACs) Digital signatures Authentication primitives Digital signatures MACs Digital signatures 61