Department of Mechanical Engineering
UIET, Panjab University Chandigarh
The action of disguising information so that it can be recovered
easily by the persons who have the key, but is highly resistant to
recovery by persons who do not have the key.
encryption is the process of transforming information (referred to
as plaintext) using an algorithm (called cipher) to make it
unreadable to anyone except those possessing special knowledge,
usually referred to as a key
The encryption key may be changed from time to time
to make an intruder’s task more difficult.
Restoration of a ciphertext to cleartext is achieved by the
action of decryption using a decryption key.
A message is cleartext (plaintext) is encrypted
(disguised) through the use of an encryption key to
create a Ciphertext.
In symmetric (Single key):
The encryption and decryption keys are the same.
In asymmetric (two keys):
The encryption and decryption keys are different.
Comparison of Symmetrical and
Encryption is accomplished by scrambling the bits,
characters, words, or phrases in the original message.
Scrambling involves two activities:
In which the order of the bits patterns, characters, words
or phrases is rearranged.
The word “hello” can be written backwards as “OLLEH”.
In which new bit patterns, characters, words, or phrases
are substituted for the originals without changing their
Data Encryption Standard (DES):
Most widely used algorithm
Pioneered by IBM
It is symmetric cryptosystem
Developed to protect sensitive, unclassified, US
government, Computer data.
Used to provide authentication of electronic funds
Protect data even in the event of a security breach
Safeguard patient information
HIPAA compliance, and
Financial loss (large fines, lost patients & revenue)
Legal ramifications (regulatory or civil prosecution)
Damage to professional image (negative publicity & media
The algorithm accepts plaintext, P, and performs an
initial permutation, IP, on P producing P0, The block is
then broken into left and right halves, the Left (L0)
being the first 32 bits of P0 and the right (R0) being the
last 32 bits of P0.
With L0 and R0, 16 rounds are performed until L16 and
R16 are generated.
The inverse permutation, IP-1, is applied to L16R16 to
produce ciphertext C.
Public Key Cryptosystem
It is an asymmetric cryptosystem.
First announced in 1976.
Offer a radically different approach to encryption.
The idea depends on the use of a pair of keys that differ
in a complementary way.
Several algorithms are proposed
RSA algorithm is considered to be highly secure.
Public key encryption can achieved:
A digital signature is an electronic signature that can be
used to authenticate the identity of the sender of a message
or the signer of a document, and possibly to ensure that the
original content of the message or document that has been
sent is unchanged.
Digital signatures are easily transportable, cannot be
imitated by someone else, and can be automatically time-
stamped. The ability to ensure that the original signed
message arrived means that the sender cannot easily
repudiate it later.
A digital signature can be used with any kind of
message, whether it is encrypted or not, simply so
that the receiver can be sure of the sender's identity
and that the message arrived intact. A digital
certificate contains the digital signature of the
certificate-issuing authority so that anyone can verify
that the certificate is real.
HOW IT WORKS Original
Creating a Digital Signature
This is a really long
message about Bill’s…
Message or File Digital Signature
128 bits Message Digest
Calculate a short
message digest from even
a long input using a one-
way message digest
Verifying a Digital Signature
access to trusted
public key of the
This is a
Same hash function
(e.g. MD5, SHA…)
? == ?
Are They Same?
body of data placed in a message to serve as
Proof of the sender’s authenticity.
consists of encrypted information that associates
a public key with the true identity of an individual
Includes the identification and electronic signature of
Certificate Authority (CA).
Includes serial number and period of time when the
certificate is Valid
Certificate Authority :
trusted organization that issues certificates for
both servers and clients.
create digital certificates that
securely bind the names of users to
their public keys.
Two types of CA:
* Commercial CA
* Self-certified private CA
Typ es of cer t ificat es