### Computer Cryptography and Encryption [by: Magoiga].pptx

1. Encrypti on Presentati on P r o f e s s i o n a l p r a c t i c e s i n C S ( B C S 3 0 6 ) PRESENTER: MAGOIGA MTATIRO (ceo@magotech.net) www.magotech.net A n i n t r o d u c t i o n t o e n c r y p t i o n 0 3 M A Y 2 0 2 3 1
2. Overvi ew This presentation provides a comprehensive introduction to encryption, covering various techniques, algorithms, and best practices used to secure data and communications. Students will gain a solid understanding of the principles and applications of cryptography, enabling them to implement robust security solutions in real-world scenarios. Presenter: MagoigaMtatiro welcome 2
3. Encryption Table of Overview of cryptography and its history. conte nt o 1 Classical Cryptography and Encryption. o 2 Modern Symmetric Encryption Algorithms. 0 3 Asymmetric Encryption Algorithms and Key Exchange. 0 4 Cryptographic Hash Functions and Digital Signatures. 0 5 Encryption Applications and Best Practices. 0 6 3 www.magotech.net
4. Introduction to encryption. 0 1 4 www.magotech.net
5. And its history Overview of cryptograph y - Cryptography is the study of techniques for secure communication in the presence of adversaries. - It has been used throughout history, from ancient civilizations to modern digital systems. - Examples of early cryptography include hieroglyphs, Caesar cipher, and the Enigma machine. 5 www.magotech.net
6. Concepts Basic - Plaintext: The original message or data that needs to be encrypted. - Ciphertext: The scrambled message or data produced after encryption. - Keys: Secret values used in cryptographic algorithms for encrypting and decrypting - Encryption: The process of converting plaintext into ciphertext using a and a key. - Decryption: The process of converting ciphertext back into plaintext using a algorithm and a key. 6 www.magotech.net
7. encryption Symmetric - Symmetric encryption: Uses the same key for encryption and faster but requires exchange. Examples: Data Standard (DES), Advanced Encryption Standard (AES) 7 www.magotech.net
8. encryption Asymmetric - Asymmetric encryption: Uses Uses different keys for encryption and decryption (public and private keys). It is slower but does not require secure key exchange. Examples: RSA, Elliptic Curve Cryptography (ECC) 8 www.magotech.net
9. encryption Goals of - Confidentiality: Ensuring that only authorized parties can access the - Integrity: Ensuring that the information is not altered during or storage. - Authentication: Verifying the identity of the sender or receiver information. - Non-repudiation: Ensuring that the sender cannot deny sending and the receiver cannot deny 9 www.magotech.net
10. cryptography Application of - Cryptography is used in various fields, including finance, military, healthcare, and communication, to protect sensitive information from unauthorized access and tampering. - Some common applications include secure email communication, full-disk encryption, secure file transfer, and digital signatures. 10 www.magotech.net
11. Chapte r summ ary cryptography and encryption are essential tools for securing data and communications in the digital age. By understanding the basic concepts and techniques, one can better protect sensitive information and ensure the privacy and security of digital communications. 11 www.magotech.net
12. Classical Encryption Techniques 0 2 12 www.magotech.net
13. What is Classical encryption Classical encryption techniques are historical methods of encrypting messages, such as substitution, transposition, and polyalphabetic ciphers. Substitution ciphers replace each letter with a different letter, while transposition ciphers rearrange the letters in a specific pattern. Polyalphabetic ciphers use multiple alphabets or substitution rules. However, these techniques are no longer secure against modern cryptographic attacks. 13 www.magotech.net
14. Classical encryption Technique s - Substitution ciphers involve replacing each character in the plaintext with a different character, according to a predetermined method. - Caesar cipher: Shifts each character in the plaintext by a plaintext by a fixed number of positions in the alphabet. - Monoalphabetic substitution: Replaces each character in character in the plaintext with a unique character from a randomly mixed alphabet. - Polyalphabetic substitution: Uses multiple substitution substitution alphabets to encrypt the plaintext, typically by changing the substitution alphabet for each character position. Example: Vigenère cipher Substitution ciphers 14 www.magotech.net
15. Classical encrypti Techniques - Transposition ciphers involve rearranging the characters in the plaintext according to a predetermined pattern or algorithm. - Rail fence cipher: Writes plaintext characters in a zigzag pattern across a set number of rows, and then reads the ciphertext along the rows. - Columnar transposition: Writes plaintext characters in a rectangular grid, with each column representing a character in the ciphertext. The ciphertext is obtained by reading the columns in a predetermined order. - Permutation ciphers: Rearranges the characters in the plaintext according to a specific permutation, which can be represented by a numeric key. Transposition ciphers 15 www.magotech.net
16. Classical encryption Technique s - Steganography is the practice of hiding a message within another message or medium, such as an image or audio file, so that the existence of the hidden message is concealed. - Unlike encryption, steganography does not render the hidden message unreadable; it merely hides its existence. - Techniques include least significant bit (LSB) insertion, frequency domain transformations, and masking and filtering. Steganography 16 www.magotech.net
17. Chapte r summ ary classical encryption techniques are the foundations of modern cryptography. Although they are not considered secure by today's standards, understanding these methods provides valuable insight into the evolution of encryption and the principles that underlie modern cryptographic algorithms. 17 www.magotech.net
18. Modern Symmetric encryption algorithms 0 3 18 www.magotech.net
19. Modern symmetric encryption algorithms use a secret key to scramble data and keep it secure. They are commonly used to protect sensitive information during transmission over the internet or when stored on a device. Examples of these algorithms include AES, Blowfish, and Twofish, and they work by using mathematical functions to scramble the plaintext into ciphertext. The same secret key is used to encrypt and decrypt the data. understand ing Modern symmetric encryption 19 www.magotech.net
20. - Block ciphers encrypt fixed-size blocks of plaintext (e.g., 64 or 128 bits) using a secret key. - Data Encryption Standard (DES): An early block cipher that uses a 56-bit key and a 64-bit block size. It is now considered insecure due to its small key size and susceptibility to attacks. - Triple DES (3DES): An improved version of DES that applies the DES algorithm three times with different keys, effectively increasing the key size. It has a 168-bit key and a 64-bit block size. - Advanced Encryption Standard (AES): A widely- used modern block cipher with key sizes of 128, 192, or 256 bits and a block size of 128 bits. It is considered secure and efficient for various applications. 1. Block Ciphers MSE Algorithms 20 www.magotech.net
21. - Stream ciphers encrypt plaintext one bit or byte at a time, generating a keystream based on a secret key and an initialization vector (IV). - RC4: A widely-used stream cipher with variable key sizes, typically between 40 and 2048 bits. Its simplicity and speed made it popular, but security vulnerabilities have been discovered, and its use is now discouraged. - Salsa20: A modern stream cipher with a 256- bit key and a 64-bit nonce (number used once). It is considered secure and efficient, providing a good alternative to RC4. 2. Stream Ciphers MSE Algorithms 21 www.magotech.net
22. - Modes of operation define how block ciphers and stream ciphers are applied to encrypt larger amounts of data. - Electronic Codebook (ECB): Encrypts each block of plaintext independently, which can reveal patterns in the ciphertext. This mode is not recommended for most applications. - Cipher Block Chaining (CBC): Encrypts each block of plaintext after XORing it with the previous ciphertext block, providing better security. 3. Modes of Operation MSE Algorithms 22 www.magotech.net
23. - Cipher Feedback (CFB): Converts a block cipher into a stream cipher by encrypting the previous ciphertext block and XORing the output with the plaintext. - Output Feedback (OFB): Similar to CFB but uses the encrypted output of the previous block, avoiding error propagation. - Counter (CTR): Generates a keystream by encrypting a counter value, which is then XORed with the plaintext. It allows for parallel encryption and decryption. 3. Modes of Operation MSE Algorithms 23 www.magotech.net
24. Chapte r summ ary modern symmetric encryption algorithms are essential for securing data and communication efficiently. Block ciphers, such as AES, and stream ciphers, such as Salsa20, provide strong security when used with appropriate key sizes and modes of operation. Understanding these algorithms is crucial for implementing secure systems and applications. 24 www.magotech.net
25. But I must explain to you how all this mistaken idea of denouncing pleasure and praising pain was born and I will give you. Section four Designs corporate 2018 0 4 Annual report 2018 Designs corporate 2018 portofolio Asymmetric Encryption Algorithms 0 4 25 www.magotech.net
26. Introduction to public key cryptography - Asymmetric encryption, also known as public key cryptography, uses different keys for encryption and decryption (public and private keys). - The public key is used to encrypt data, and the private key is used to decrypt it. Public keys can be shared openly, while private keys must be kept secret. - Public key cryptography provides secure key exchange without requiring a secure communication channel, which is a significant advantage over symmetric encryption. 26 www.magotech.net
27. Rivest-Shamir-Adleman algorithm - RSA is a widely-used asymmetric encryption algorithm based on the mathematical properties of large prime numbers. - Key generation: Two large prime numbers are chosen and multiplied to form a modulus (n). The public key (e) and private key (d) are then derived from the modulus and the totient of the prime numbers. 27 www.magotech.net
28. Rivest-Shamir-Adleman algorithm - Encryption: The plaintext message is raised to the power of the public key (e) modulo n, resulting in the ciphertext. - Decryption: The ciphertext is raised to the power of the private key (d) modulo n, recovering the original plaintext. 28 www.magotech.net
29. Diffie-Hellman key exchange - The Diffie-Hellman algorithm is a key exchange protocol that allows two parties to establish a shared secret key over an insecure communication channel. - It is based on the mathematical properties of modular exponentiation and discrete logarithms. - The shared secret key can then be used for symmetric encryption to secure further communication. 29 www.magotech.net
30. Elliptic curve cryptography (ECC) - ECC is an asymmetric encryption algorithm based on the algebraic structure of elliptic curves over finite fields. - It provides similar levels of security as RSA but with significantly smaller key sizes, resulting in faster computations and reduced storage and bandwidth requirements. - ECC can be used for encryption, digital signatures, and key exchange. 30 www.magotech.net
31. Chapte r summ ary Asymmetric encryption algorithms like RSA and ECC offer secure key exchange and improved security compared to symmetric encryption. These algorithms are widely used in modern cryptography and play a crucial role in securing digital communication and data. Understanding the principles and applications of asymmetric encryption is essential for implementing robust security solutions. 31 www.magotech.net
32. But I must explain to you how all this mistaken idea of denouncing pleasure and praising pain was born and I will give you. Section four Designs corporate 2018 0 4 Annual report 2018 Designs corporate 2018 portofolio Cryptographic Hash Functions and Digital Signatures 0 5 32 www.magotech.net
33. - A cryptographic hash function takes an input (message or data) and produces a fixed-size output, called a hash or digest, which is a unique representation of the input data. - Hash functions have the following properties: Deterministic: The same input always produces the same output. Preimage resistance: Given a hash, it is computationally infeasible to find the original input. Collision resistance: It is computationally infeasible to find two different inputs that produce the same hash. Avalanche effect: A small change in the input results in a significant change in the output hash. Cryptographic hash functions 33 www.magotech.net
34. Examples of cryptographic hash functions: - MD5: Produces a 128-bit hash but is considered insecure due to vulnerabilities that allow for collisions. - SHA-1: Produces a 160-bit hash and is more secure than MD5 but has been deprecated due to potential vulnerabilities. - SHA-256: Part of the SHA-2 family, produces a 256- bit hash and is widely used for its security and performance. Cryptographic hash functions 34 www.magotech.net
35. - Digital signatures use public key cryptography to provide authentication, integrity, and non-repudiation for messages or documents. - The sender signs the message using their private key, and the receiver verifies the signature using the sender's public key. - The signature is usually computed by hashing the message and then encrypting the hash with the sender's private key. - Applications of digital signatures include secure email, document signing, and software distribution. Digital signature s 35 www.magotech.net
36. - HMAC is a cryptographic method for message authentication that combines a hash function with a secret key. - The sender computes the HMAC using the secret key and the message, and the receiver verifies the HMAC using the same secret key and the received message. - HMAC ensures the integrity and authenticity of the message, preventing tampering and impersonation attacks. - It is commonly used in secure communication protocols, such as SSL/TLS and IPsec. Keyed-hash message authenticatio n code (HMAC) 36 www.magotech.net
37. Chapte r summ ary Cryptographic hash functions and digital signatures are essential tools in ensuring the integrity, authenticity, and non-repudiation of digital communication and data. Understanding these concepts and their applications is crucial for implementing secure systems and protecting sensitive information. 37 www.magotech.net
38. But I must explain to you how all this mistaken idea of denouncing pleasure and praising pain was born and I will give you. Section four Designs corporate 2018 0 4 Annual report 2018 Designs corporate 2018 portofolio Encryption Applications and Best Practices 0 6 38 www.magotech.net
39. IntroDuction Encryption Applications and Best Practices refer to the various use cases and recommended guidelines for implementing encryption in order to secure data and communications effectively. These practices are aimed at ensuring the confidentiality, integrity, and authenticity of digital information while minimizing the risk of unauthorized access or data breaches. 39 www.magotech.net
40. Encryption APPLICATI ON Email encryption: Techniques such as PGP and S/MIME are used to protect email content and attachments, ensuring the privacy and security of email communications. Full-disk encryption and file-level encryption: These methods protect data stored on computer hard drives or individual files, respectively, preventing unauthorized access to sensitive information. Secure messaging and end-to-end encryption: Secure messaging apps like Signal, WhatsApp, and Telegram use end-to-end encryption to protect the confidentiality and integrity of messages sent between users. 40 www.magotech.net
41. Best practices for encryption - Key management: Implement a robust system for generating, distributing, storing, and rotating encryption keys. Use hardware security modules (HSMs) or key management services (KMS) to protect keys. - Key rotation: Regularly update encryption keys to reduce the risk of unauthorized access due to key compromise. - Key backup: Store backup copies of encryption keys securely to prevent data loss in case of key loss or corruption. - Key revocation: Establish a procedure for revoking and replacing compromised or outdated keys. - Key storage: Store encryption keys securely, separate from the data they protect. Use secure storage solutions like HSMs, KMS, or secure key stores. 41 www.magotech.net
42. Q&A 42 www.magotech.net
43. E s t h e r D y s o n , A m e r i c a n - S w i s s j o u r n a l i s t a n d c o m m e n t a t o r o n e m e r g i n g d i g i t a l t e c h n o l o g y . "Encryption...is a powerful defensive weapon for free people. It offers a technical guarantee of privacy, regardless of who is running the government... It's hard to think of a more powerful, less dangerous tool for liberty." - q u o t e 43 www.magotech.net