Uploaded byImXaib
PPTX, PDF61 views

aacyberessential3cryptography-131067585699078884.pptx

This document provides an introduction to symmetric and asymmetric cryptography. Symmetric cryptography uses the same key for encryption and decryption, while asymmetric cryptography uses public and private key pairs. Symmetric cryptography is faster but requires secure key exchange, while asymmetric cryptography allows secure communication between parties who have not previously shared a key. Examples of symmetric algorithms discussed include AES and DES, while asymmetric or public key cryptography is illustrated using Diffie-Hellman key exchange. Both types are still widely used with increasingly large key sizes providing greater security.

Education◩

Embed presentation

Download to read offline
Introduction to Symmetric and Asymmetric Cryptography
Objectives ïź Motivate the needs for cryptography ïź Explain the role of cryptography in everyday use ïź Symmetric Cryptography: ïź Describe the main concept ïź Analyse some examples ïź Discuss strength and limitations ïź Asymmetric Cryptography ïź Describe the main concept ïź Analyse some examples ïź Discuss strength and limitations ïź Questions.
Why Use Cryptography?  To communicate secret information when other people (eavesdroppers) are listening.  When attacker has access to the raw bits representing the information  Mitigation: Data encryption Cryptographic techniques
The Cast of Characters  Alice and Bob are “honest” players.  Eve and Malory are adversaries (intruders)  Eve ”eavesdropper”, is a passive intruder. Sniffs messages at will  Malory is an active “intruder”. Aims to view, alter, delete and inject messages into the network
 Problem: Alice and Bob would like to exchange messages over a public network (such as Internet) in such a way that information contents are not revealed to anyone but the intended recipient.  Solution: Data Encryption + clever Cryptography Confidentiality 6 Confidentiality Alice Bob Malory Eve
Confidentiality 7 How does it work?  Two functions are needed:
Example  encoder function is next letter in the alphabet  decoder function is 
 “attack at midnight” Confidentiality 7 “buubdl bu njeojhiu” “buubdl bu njeojhiu” “attack at midnight”
Encryption and Decryption  Encoding the contents of the message (the plaintext) in such a way that hides its contents from outsiders is called encryption.  The process of retrieving the plaintext from the cipher-text is called decryption.  Encryption and decryption usually make use of a key, and the coding method is such that decryption can be performed only by knowing the proper key. “attack at midnight” “buubdl bu njeojhiu” - plaintext Confidentiality 8 - ciphertext
The Encryption Process Aim: to hide a message content by making it Confidentiality 9 unreadable Plaintext Scrambling data Ciphertext: unreadable version Key
11 Encryption and Decryption  The encryption and decryption functions take a key as an additional input. Confidentiality
12 Shared Keys  In a symmetric cryptosystem the encryption key and the decryption key are identical.  A longer key implies stronger encryption. Confidentiality
Symmetric Cryptosystems Use the same key (the secret key) to encrypt and decrypt a message
Symmetric Encryption Encryption Algorithm Shared Key Decryption Algorithm Alice Bob Sender and recipient Must both know the key. This is a weakness! Confidentiality 13
Symmetric XOR Cipher  P encrypts to C with key K and C decrypts P to with same key K. P 0 1 1 0 1 0 0 1 0 K 1 0 0 1 1 0 0 1 0 ✚ = C 1 1 1 1 0 0 0 0 0 = ✚ P 0 1 1 0 1 0 0 1 0 K 1 0 0 1 1 0 0 1 0 Plain Key Cipher Confidentiality 14
One Time Pad Confidentiality 15  The perfect encryption  Pad: perfectly random list of letters Use each letter exactly once to encrypt one letter of message and to decrypt the one letter of message Discard each letter once used (hence, pad) Method: Add the message letter and the key letter Mod 26. This is reversible like XOR.  The message can never, ever, be found (unless you have the pad).
Example –one time pad  P encrypts to C with key K and C decrypts P to with same key K. P a t t a c k a t K a l i a b d a l ✚ = C b f c a d m d b f = ✚ P a t t a c k a t K a l i a b d a l Plain Key Cipher Confidentiality 16
Confidentiality 18 Symmetric Encryption 1. Agree on a Shared Key Alice would like to send a confidential file to Bob PASSWORD IS GREEN! 2. Encrypt using Shared Key CJG5%jARGONS8* %K23##hsgdfey9 826. CJG5%jARGONS8* %K23##hsgdfey9 826. 3. Email file 4. Decrypt using Shared Key PASSWORD IS GREEN!
Emailing an encrypted message Alice wants to send a confidential message to Bob CREDIT CARD CODE IS 5206
Confidentiality 20 Symmetric Encryption 1. Agree on a Shared Key CREDIT CARD CODE IS 5206 2. Encrypt using Shared Key CJG5%jARGONS8* %K23##hsgdfey9 826. CJG5%jARGONS8* %K23##hsgdfey9 826. 3. Email file 4. Decrypt using Shared Key CREDIT CARD CODE IS 5206
1.Data Encryption Standard (DES)  Developed in the 1970s; made a standard by the US government, was adopted by several other governments worldwide and was widely used in the financial industry until 2004.  Block cipher with 64-bit block size.  Uses 56-bit keys: Strong enough to keep most random hackers and individuals out, but it is easily breakable with special hardware.  A variant of DES, Triple-DES or 3DES is based on using DES three times (normally in an encrypt-decrypt-encrypt sequence with three different, unrelated keys). Many people consider Triple-DES to be much safer than plain DES. Confidentiality 20 Symmetric Cryptosystems
 Current standard.  DES was perceived as breakable in mid 2000.  AES was a stronger replacement to DES. Confidentiality 21 Advanced Encryption Standard (AES)
2. RC2, RC4 and RC5 (RSA Data Security, Inc.)  Variable-length keys as long as 2048 bits  Algorithms using 40-bits or less are used in browsers to satisfy export constraints  The algorithm is very fast. Its security is unknown, but breaking it seems challenging. Because of its speed, it may have uses in certain applications. 3. IDEA (International Data Encryption Algorithm)  Developed at ETH Zurich in Switzerland.  Uses a 128 bit key, and it is generally considered to be very secure.  Patented in the United States and in most of the European countries. The patent is held by Ascom-Tech. Non-commercial use of IDEA is free. Commercial licenses can be obtained by contacting idea@ascom.ch.  Used in email encryption software such as PGP and RSA Confidentiality 22 Symmetric Cryptosystems (2)
4. Blowfish  Developed by Bruce Schneider.  Block cipher with 64-bit block size and variable length keys (up to 448 bits). It has gained a fair amount of acceptance in a number of applications. No attacks are known against it.  Blowfish is used in a number of popular software packages, including Nautilus and PGPfone. 5. SAFER  Developed by J. L. Massey (one of the developers of IDEA). It is claimed to provide secure encryption with fast software implementation even on 8-bit processors.  Two variants are available, one for 64 bit keys and the other for 128 bit keys. An implementation is in ftp:// ftp.funet.fi/pub/crypt/cryptography/symmetric/safer. Confidentiality 23 Symmetric Cryptosystems (3)
Limitations Confidentiality 24  Parties that have not previously met cannot communicate securely  Many people need to communicate with a server (many-to-one communications)  cannot keep server key secret for long  Once the secret key is compromised, the security of all subsequent messages is suspect and a new key has to be generated  Authentication service must know private key  privacy implications---someone else knows your key  two possible points of attack  changing authentication service requires a new key  Digital signatures are difficult  Crossrealm authentication  accessing services outside the domain or realm of your authentication server is problematic  requires agreement and trust between authentication services  introduces another potential point of attack
 Private or symmetric key systems rely on symmetric encryption algorithms where information encrypted with a key K can only be decrypted with K.  Secret key is exchanged via some other secure means (hand-delivery, over secured lines, pre-established convention).  Time to crack known symmetric encryption algorithms Confidentiality 25 L KEY H ENGT SPEND $$THOUSANDS SPEND $$MILLIONS SPEND $100 MILLION 40 bits seconds < 1 second < .01 second 56 bits hours minutes 1 second 64 bits days hours minutes 80 bits years months days 128 bits > million years > million years > centuries Analysis
Symmetric Cryptosystems Problems Confidentiality 26  How to transport the secret key from the sender to the recipient securely and in a tamperproof fashion?  If you could send the secret key securely, then, in theory, you wouldn't need the symmetric cryptosystem in the first place -- because you would simply use that secure channel to send your message.  Frequently, trusted couriers are used as a solution to this problem.
Asymmetric Cryptosystems In asymmetric-key cryptography, users do not need to know a symmetric shared key; everyone ‱ shields a private key and ‱ advertises a public key
29  Alice and Bob don’t already share a key and can’t meet to do so. How can they make their future communications confidential?  The main protocol we study is the celebrated Diffie-Hellmann Key Exchange (DHKE) protocol. Key Agreement
Diffie-Hellman Key Exchange Idea Alice Bob 1/3 key is public Two keys are the same: it doesn’t matter if x if filled first or y. Bob fills up another 1/3 of key using his part (y) and sends the mix to Alice g g g g g g Alice fills up another 1/3 of key using her part (x) and sends the mix to Bob x y y x y x Alice completes the key by adding her secret part (x) Bob completes the key by adding his secret part (y)
An alternative interpretation  Alice & Bob each think of a secret color (known only to them)  They mix their color with yellow (agreed upon openly ahead of time) and exchange.  They mix their color with what they’ve received.  Both have the same color but observer cannot duplicate. Alice Bob
A 32 Asymmetric Encryption Encryption Algorithm Decryption Algorithm Alice Sender knows public key Recipient knows private key. B B B Bob B
Bob 33 Signing and verification Signing Algorithm Verification Algorithm Alice Sender knows private key Recipient knows public key. A A A A
Properties Confidentiality 33  These algorithms are based on computationally intensive problems such as finding the prime factors of large numbers. Longer the length of the key pair, the more time it takes to crack the private key Keys used in today’s internet will take millions of years to crack using today’s technologies
Slow 
 Confidentiality 34  Public key cryptosystems are slow, really slow! three orders of magnitude (1000 times) slower than AES mainly used as key exchange tool  Scientists are supposed to be real “smart” and love to solve difficult problems but even they hope to never solve factoring if you can find a quick solution, fame, dollars and danger lurk!
Problems Confidentiality 35  Keys are usually very long and encryption is expensive  RSA encryption is a 1000 times slower than typical symmetric algorithms  hard to remember secret key - where do you store it?  typically only used for authentication, then a random key and a symmetric encryption algorithm is used for subsequent communication  Multicast is problematic  Better to authenticate using public key algorithm, then use random key with symmetric algorithm  How do you know you have the right public key for a principal?  Public key is usually distributed as a document ``signed'' by a well known and trusted certification authority (e.g. Verisign). This is called a certificate. How do you determine if signature is upto date? What if the key has been compromised?
Analysis Confidentiality 36  Private (Symmetric) key: + encryption is fast  identity is not easily portable across authentication services  secret key must be held by server + good for structured, organizational security  Public (Asymmetric) key:  encryption is slow + identity is inherently portable + secret key need not ever be revealed + provides digital signatures + good for individuals in loosely structured networks

More Related Content

PDF
Fundamentals of Cryptography: Securing Data in the Digital Age
byavengersimran16
 
PPT
Stallings Kurose and Ross
byInformation Security Awareness Group
 
PPTX
Cryptography
byMrinalini Sharma
 
PPT
cryptography.pptcryptography.pptcryptography.ppt
byssuserc7a853
 
PPT
cryptography.ppt by karthika kumar hirehegaalla
byhhjhona939
 
PPT
Introduction to cryptography and Network Security
byDhanapalM8
 
PPTX
IEDA 3302 e-commerce_secure-communications.pptx
byssuser6d0da2
 
PPTX
Cryptography
byPratiksha Patil
 
Fundamentals of Cryptography: Securing Data in the Digital Age
byavengersimran16
 
Stallings Kurose and Ross
byInformation Security Awareness Group
 
Cryptography
byMrinalini Sharma
 
cryptography.pptcryptography.pptcryptography.ppt
byssuserc7a853
 
cryptography.ppt by karthika kumar hirehegaalla
byhhjhona939
 
Introduction to cryptography and Network Security
byDhanapalM8
 
IEDA 3302 e-commerce_secure-communications.pptx
byssuser6d0da2
 
Cryptography
byPratiksha Patil
 

Similar to aacyberessential3cryptography-131067585699078884.pptx

PPTX
Cryptography and Network Security
byPa Van Tanku
 
PPT
Computer systems security 7-cryptography.ppt
bystephen972973
 
PPTX
Data encryption
byBalvant Biradar
 
PPT
CISSP EXAM PREPARATION FOR A PASSED SCORE
byrinelaam
 
PPTX
Symmetric and asymmetric key cryptography
byMONIRUL ISLAM
 
PPTX
Security - ch3.pptx
byGebrehanaAlemaw
 
PPT
Crypt
byMir Majid
 
PPTX
IANSunit 1_cryptography_2.pptxv xvxvxvxv
byzmulani8
 
PPT
Cryptography
byIGZ Software house
 
PDF
CyberSecurity_Cryptography and its fundamentals
byPriyank974941
 
PPTX
Cryptography
byJens Patel
 
PPTX
Network security
byABHISHEK KUMAR
 
PPTX
Cryptography
byDeepak Kumar
 
PPTX
Security - ch3.pptx
byHabtamuHaileMichael2
 
PDF
CH2 Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [54-...
byams1ams11
 
PPTX
CISSP - Chapter 3 - Cryptography
byKarthikeyan Dhayalan
 
PPTX
Cryptography & Steganography
byAnimesh Shaw
 
PPT
Computer and Network Security
byMuhammad Yousuf Abdul Qadir
 
PPTX
Cns 1
byBhumikaPal1
 
PPTX
groupWork.pptx
byKennedyKiplangat1
 
Cryptography and Network Security
byPa Van Tanku
 
Computer systems security 7-cryptography.ppt
bystephen972973
 
Data encryption
byBalvant Biradar
 
CISSP EXAM PREPARATION FOR A PASSED SCORE
byrinelaam
 
Symmetric and asymmetric key cryptography
byMONIRUL ISLAM
 
Security - ch3.pptx
byGebrehanaAlemaw
 
Crypt
byMir Majid
 
IANSunit 1_cryptography_2.pptxv xvxvxvxv
byzmulani8
 
Cryptography
byIGZ Software house
 
CyberSecurity_Cryptography and its fundamentals
byPriyank974941
 
Cryptography
byJens Patel
 
Network security
byABHISHEK KUMAR
 
Cryptography
byDeepak Kumar
 
Security - ch3.pptx
byHabtamuHaileMichael2
 
CH2 Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [54-...
byams1ams11
 
CISSP - Chapter 3 - Cryptography
byKarthikeyan Dhayalan
 
Cryptography & Steganography
byAnimesh Shaw
 
Computer and Network Security
byMuhammad Yousuf Abdul Qadir
 
Cns 1
byBhumikaPal1
 
groupWork.pptx
byKennedyKiplangat1
 

More from ImXaib

PPTX
cellular-communication-system presentation.pptx
byImXaib
 
PPTX
informationandnetworksecurity16transpositionciphers-210723152730.pptx
byImXaib
 
PPTX
ALI HAMZAH PRESENTATION ON INFO SECURITY.pptx
byImXaib
 
PPTX
Advance Machine Learning presentation.pptx
byImXaib
 
PPTX
NEW METHODOLOGIES FOR IDENTIFYING CUSTOMER NEEDS FROM USER-GENERATED CONTENTS...
byImXaib
 
PPTX
ERD introduction in databases model.pptx
byImXaib
 
PPTX
SDA presentation the basics of computer science .pptx
byImXaib
 
PPTX
terminal a clear presentation on the topic.pptx
byImXaib
 
PPTX
What is Machine Learning_updated documents.pptx
byImXaib
 
PPTX
Grid Computing and it's applications.PPTX
byImXaib
 
PDF
Firewall.pdf
byImXaib
 
PPT
4966709.ppt
byImXaib
 
PPT
lecture2.ppt
byImXaib
 
PPTX
Tools.pptx
byImXaib
 
PPT
lec3_10.ppt
byImXaib
 
PPT
ch12.ppt
byImXaib
 
PPT
Fullandparavirtualization.ppt
byImXaib
 
PPT
mis9_ch08_ppt.ppt
byImXaib
 
PPT
rooster-ipsecindepth.ppt
byImXaib
 
PPT
Policy formation and enforcement.ppt
byImXaib
 
cellular-communication-system presentation.pptx
byImXaib
 
informationandnetworksecurity16transpositionciphers-210723152730.pptx
byImXaib
 
ALI HAMZAH PRESENTATION ON INFO SECURITY.pptx
byImXaib
 
Advance Machine Learning presentation.pptx
byImXaib
 
NEW METHODOLOGIES FOR IDENTIFYING CUSTOMER NEEDS FROM USER-GENERATED CONTENTS...
byImXaib
 
ERD introduction in databases model.pptx
byImXaib
 
SDA presentation the basics of computer science .pptx
byImXaib
 
terminal a clear presentation on the topic.pptx
byImXaib
 
What is Machine Learning_updated documents.pptx
byImXaib
 
Grid Computing and it's applications.PPTX
byImXaib
 
Firewall.pdf
byImXaib
 
4966709.ppt
byImXaib
 
lecture2.ppt
byImXaib
 
Tools.pptx
byImXaib
 
lec3_10.ppt
byImXaib
 
ch12.ppt
byImXaib
 
Fullandparavirtualization.ppt
byImXaib
 
mis9_ch08_ppt.ppt
byImXaib
 
rooster-ipsecindepth.ppt
byImXaib
 
Policy formation and enforcement.ppt
byImXaib
 

Recently uploaded

PPTX
How to Manage Reservation Method in Odoo 18 Inventory
byCeline George
 
PDF
Artificial Intelligence in Research and Academic Writing, Workshop on Researc...
byProf. Vinod Kumar Kanvaria
 
PDF
RAJAT ARORA SIR PHYSICAL EDUCATION NOTES ALL CHAPTERS .pdf
bysumitkannoujiya74
 
PPTX
ECP Demo ppt.pptx Visualizing and Identifying solid figures using concrete an...
byireneodechavez1
 
PPTX
Problem and Solution (PowerPoint Game Template)
byacpaulite
 
PDF
PPT Daftar Bahan Kelas Bedah Kitab Matius Khotbah di Bukit
bySABDA
 
PPTX
How to Configure Dispatch Management System in Odoo 18 Inventory
byCeline George
 
PPTX
How to Track Employee Skill Growth with Skills Evolution Report in Odoo 18
byCeline George
 
PDF
Chapter 05 Drugs Acting on the Central Nervous System: Anti-Depressant Drugs
bySandeshSul
 
PPTX
How to Change Shipping Label Size in Odoo 18 Inventory
byCeline George
 
PDF
Workshop 29 Crystal Review All Students by YogiGoddess
by©LDMMIA, ©Reiki Yoga
 
PDF
Pharmaceutical Quality Assurance Unit 1 (BP606T)
byChetan Mali
 
PPTX
GRADE 8 - QUARTER 4 TYPES AND PARTS OF LETTER.pptx
byvillariasjazminercai
 
PPTX
Biological source, chemical constituents, and therapeutic efficacy of the fol...
bySai Meer College of Pharmacy
 
PDF
AI Is a Tool, Not a Voice: Radio, Trust, and the Human Factor
byN.A. Shah Ansari
 
PPTX
Chapter 1: Introduction to Strategic Management.pptx
byFJ M
 
PDF
Pratishta Educational Society., Courses & Opportunities
byGanapathiVankudoth
 
PPTX
Plant fibres used as surgical dressings & Sutures – Surgical Catgut and Ligat...
bySai Meer College of Pharmacy
 
PPTX
Math 8 Quarter 4 Week 4-SECONDARY DATA.pptx
byshahanieabbat3
 
PDF
Unit Plan and Unit Test-pdf-Dr. Rajashekhar Shirvalkar, Principal, SMRS B.Ed ...
byRajashekhar Shirvalkar
 
How to Manage Reservation Method in Odoo 18 Inventory
byCeline George
 
Artificial Intelligence in Research and Academic Writing, Workshop on Researc...
byProf. Vinod Kumar Kanvaria
 
RAJAT ARORA SIR PHYSICAL EDUCATION NOTES ALL CHAPTERS .pdf
bysumitkannoujiya74
 
ECP Demo ppt.pptx Visualizing and Identifying solid figures using concrete an...
byireneodechavez1
 
Problem and Solution (PowerPoint Game Template)
byacpaulite
 
PPT Daftar Bahan Kelas Bedah Kitab Matius Khotbah di Bukit
bySABDA
 
How to Configure Dispatch Management System in Odoo 18 Inventory
byCeline George
 
How to Track Employee Skill Growth with Skills Evolution Report in Odoo 18
byCeline George
 
Chapter 05 Drugs Acting on the Central Nervous System: Anti-Depressant Drugs
bySandeshSul
 
How to Change Shipping Label Size in Odoo 18 Inventory
byCeline George
 
Workshop 29 Crystal Review All Students by YogiGoddess
by©LDMMIA, ©Reiki Yoga
 
Pharmaceutical Quality Assurance Unit 1 (BP606T)
byChetan Mali
 
GRADE 8 - QUARTER 4 TYPES AND PARTS OF LETTER.pptx
byvillariasjazminercai
 
Biological source, chemical constituents, and therapeutic efficacy of the fol...
bySai Meer College of Pharmacy
 
AI Is a Tool, Not a Voice: Radio, Trust, and the Human Factor
byN.A. Shah Ansari
 
Chapter 1: Introduction to Strategic Management.pptx
byFJ M
 
Pratishta Educational Society., Courses & Opportunities
byGanapathiVankudoth
 
Plant fibres used as surgical dressings & Sutures – Surgical Catgut and Ligat...
bySai Meer College of Pharmacy
 
Math 8 Quarter 4 Week 4-SECONDARY DATA.pptx
byshahanieabbat3
 
Unit Plan and Unit Test-pdf-Dr. Rajashekhar Shirvalkar, Principal, SMRS B.Ed ...
byRajashekhar Shirvalkar
 

aacyberessential3cryptography-131067585699078884.pptx

  • 1.
    Introduction to Symmetric andAsymmetric Cryptography
  • 2.
    Objectives ïź Motivate theneeds for cryptography ïź Explain the role of cryptography in everyday use ïź Symmetric Cryptography: ïź Describe the main concept ïź Analyse some examples ïź Discuss strength and limitations ïź Asymmetric Cryptography ïź Describe the main concept ïź Analyse some examples ïź Discuss strength and limitations ïź Questions.
  • 3.
    Why Use Cryptography? To communicate secret information when other people (eavesdroppers) are listening.  When attacker has access to the raw bits representing the information  Mitigation: Data encryption Cryptographic techniques
  • 4.
    The Cast ofCharacters  Alice and Bob are “honest” players.  Eve and Malory are adversaries (intruders)  Eve ”eavesdropper”, is a passive intruder. Sniffs messages at will  Malory is an active “intruder”. Aims to view, alter, delete and inject messages into the network
  • 5.
     Problem: Aliceand Bob would like to exchange messages over a public network (such as Internet) in such a way that information contents are not revealed to anyone but the intended recipient.  Solution: Data Encryption + clever Cryptography Confidentiality 6 Confidentiality Alice Bob Malory Eve
  • 6.
    Confidentiality 7 How does itwork?  Two functions are needed:
  • 7.
    Example  encoder functionis next letter in the alphabet  decoder function is 
 “attack at midnight” Confidentiality 7 “buubdl bu njeojhiu” “buubdl bu njeojhiu” “attack at midnight”
  • 8.
    Encryption and Decryption Encoding the contents of the message (the plaintext) in such a way that hides its contents from outsiders is called encryption.  The process of retrieving the plaintext from the cipher-text is called decryption.  Encryption and decryption usually make use of a key, and the coding method is such that decryption can be performed only by knowing the proper key. “attack at midnight” “buubdl bu njeojhiu” - plaintext Confidentiality 8 - ciphertext
  • 9.
    The Encryption Process Aim:to hide a message content by making it Confidentiality 9 unreadable Plaintext Scrambling data Ciphertext: unreadable version Key
  • 10.
    11 Encryption and Decryption The encryption and decryption functions take a key as an additional input. Confidentiality
  • 11.
    12 Shared Keys  Ina symmetric cryptosystem the encryption key and the decryption key are identical.  A longer key implies stronger encryption. Confidentiality
  • 12.
    Symmetric Cryptosystems Use thesame key (the secret key) to encrypt and decrypt a message
  • 13.
    Symmetric Encryption Encryption Algorithm Shared Key Decryption Algorithm AliceBob Sender and recipient Must both know the key. This is a weakness! Confidentiality 13
  • 14.
    Symmetric XOR Cipher P encrypts to C with key K and C decrypts P to with same key K. P 0 1 1 0 1 0 0 1 0 K 1 0 0 1 1 0 0 1 0 ✚ = C 1 1 1 1 0 0 0 0 0 = ✚ P 0 1 1 0 1 0 0 1 0 K 1 0 0 1 1 0 0 1 0 Plain Key Cipher Confidentiality 14
  • 15.
    One Time Pad Confidentiality15  The perfect encryption  Pad: perfectly random list of letters Use each letter exactly once to encrypt one letter of message and to decrypt the one letter of message Discard each letter once used (hence, pad) Method: Add the message letter and the key letter Mod 26. This is reversible like XOR.  The message can never, ever, be found (unless you have the pad).
  • 16.
    Example –one timepad  P encrypts to C with key K and C decrypts P to with same key K. P a t t a c k a t K a l i a b d a l ✚ = C b f c a d m d b f = ✚ P a t t a c k a t K a l i a b d a l Plain Key Cipher Confidentiality 16
  • 17.
    Confidentiality 18 Symmetric Encryption 1.Agree on a Shared Key Alice would like to send a confidential file to Bob PASSWORD IS GREEN! 2. Encrypt using Shared Key CJG5%jARGONS8* %K23##hsgdfey9 826. CJG5%jARGONS8* %K23##hsgdfey9 826. 3. Email file 4. Decrypt using Shared Key PASSWORD IS GREEN!
  • 18.
    Emailing an encryptedmessage Alice wants to send a confidential message to Bob CREDIT CARD CODE IS 5206
  • 19.
    Confidentiality 20 Symmetric Encryption 1.Agree on a Shared Key CREDIT CARD CODE IS 5206 2. Encrypt using Shared Key CJG5%jARGONS8* %K23##hsgdfey9 826. CJG5%jARGONS8* %K23##hsgdfey9 826. 3. Email file 4. Decrypt using Shared Key CREDIT CARD CODE IS 5206
  • 20.
    1.Data Encryption Standard(DES)  Developed in the 1970s; made a standard by the US government, was adopted by several other governments worldwide and was widely used in the financial industry until 2004.  Block cipher with 64-bit block size.  Uses 56-bit keys: Strong enough to keep most random hackers and individuals out, but it is easily breakable with special hardware.  A variant of DES, Triple-DES or 3DES is based on using DES three times (normally in an encrypt-decrypt-encrypt sequence with three different, unrelated keys). Many people consider Triple-DES to be much safer than plain DES. Confidentiality 20 Symmetric Cryptosystems
  • 21.
     Current standard. DES was perceived as breakable in mid 2000.  AES was a stronger replacement to DES. Confidentiality 21 Advanced Encryption Standard (AES)
  • 22.
    2. RC2, RC4and RC5 (RSA Data Security, Inc.)  Variable-length keys as long as 2048 bits  Algorithms using 40-bits or less are used in browsers to satisfy export constraints  The algorithm is very fast. Its security is unknown, but breaking it seems challenging. Because of its speed, it may have uses in certain applications. 3. IDEA (International Data Encryption Algorithm)  Developed at ETH Zurich in Switzerland.  Uses a 128 bit key, and it is generally considered to be very secure.  Patented in the United States and in most of the European countries. The patent is held by Ascom-Tech. Non-commercial use of IDEA is free. Commercial licenses can be obtained by contacting idea@ascom.ch.  Used in email encryption software such as PGP and RSA Confidentiality 22 Symmetric Cryptosystems (2)
  • 23.
    4. Blowfish  Developedby Bruce Schneider.  Block cipher with 64-bit block size and variable length keys (up to 448 bits). It has gained a fair amount of acceptance in a number of applications. No attacks are known against it.  Blowfish is used in a number of popular software packages, including Nautilus and PGPfone. 5. SAFER  Developed by J. L. Massey (one of the developers of IDEA). It is claimed to provide secure encryption with fast software implementation even on 8-bit processors.  Two variants are available, one for 64 bit keys and the other for 128 bit keys. An implementation is in ftp:// ftp.funet.fi/pub/crypt/cryptography/symmetric/safer. Confidentiality 23 Symmetric Cryptosystems (3)
  • 24.
    Limitations Confidentiality 24  Partiesthat have not previously met cannot communicate securely  Many people need to communicate with a server (many-to-one communications)  cannot keep server key secret for long  Once the secret key is compromised, the security of all subsequent messages is suspect and a new key has to be generated  Authentication service must know private key  privacy implications---someone else knows your key  two possible points of attack  changing authentication service requires a new key  Digital signatures are difficult  Crossrealm authentication  accessing services outside the domain or realm of your authentication server is problematic  requires agreement and trust between authentication services  introduces another potential point of attack
  • 25.
     Private orsymmetric key systems rely on symmetric encryption algorithms where information encrypted with a key K can only be decrypted with K.  Secret key is exchanged via some other secure means (hand-delivery, over secured lines, pre-established convention).  Time to crack known symmetric encryption algorithms Confidentiality 25 L KEY H ENGT SPEND $$THOUSANDS SPEND $$MILLIONS SPEND $100 MILLION 40 bits seconds < 1 second < .01 second 56 bits hours minutes 1 second 64 bits days hours minutes 80 bits years months days 128 bits > million years > million years > centuries Analysis
  • 26.
    Symmetric Cryptosystems Problems Confidentiality26  How to transport the secret key from the sender to the recipient securely and in a tamperproof fashion?  If you could send the secret key securely, then, in theory, you wouldn't need the symmetric cryptosystem in the first place -- because you would simply use that secure channel to send your message.  Frequently, trusted couriers are used as a solution to this problem.
  • 27.
    Asymmetric Cryptosystems In asymmetric-keycryptography, users do not need to know a symmetric shared key; everyone ‱ shields a private key and ‱ advertises a public key
  • 28.
    29  Alice andBob don’t already share a key and can’t meet to do so. How can they make their future communications confidential?  The main protocol we study is the celebrated Diffie-Hellmann Key Exchange (DHKE) protocol. Key Agreement
  • 29.
    Diffie-Hellman Key ExchangeIdea Alice Bob 1/3 key is public Two keys are the same: it doesn’t matter if x if filled first or y. Bob fills up another 1/3 of key using his part (y) and sends the mix to Alice g g g g g g Alice fills up another 1/3 of key using her part (x) and sends the mix to Bob x y y x y x Alice completes the key by adding her secret part (x) Bob completes the key by adding his secret part (y)
  • 30.
    An alternative interpretation Alice & Bob each think of a secret color (known only to them)  They mix their color with yellow (agreed upon openly ahead of time) and exchange.  They mix their color with what they’ve received.  Both have the same color but observer cannot duplicate. Alice Bob
  • 31.
    A 32 Asymmetric Encryption Encryption Algorithm Decryption Algorithm Alice Senderknows public key Recipient knows private key. B B B Bob B
  • 32.
  • 33.
    Properties Confidentiality 33  Thesealgorithms are based on computationally intensive problems such as finding the prime factors of large numbers. Longer the length of the key pair, the more time it takes to crack the private key Keys used in today’s internet will take millions of years to crack using today’s technologies
  • 34.
    Slow 
 Confidentiality 34 Public key cryptosystems are slow, really slow! three orders of magnitude (1000 times) slower than AES mainly used as key exchange tool  Scientists are supposed to be real “smart” and love to solve difficult problems but even they hope to never solve factoring if you can find a quick solution, fame, dollars and danger lurk!
  • 35.
    Problems Confidentiality 35  Keysare usually very long and encryption is expensive  RSA encryption is a 1000 times slower than typical symmetric algorithms  hard to remember secret key - where do you store it?  typically only used for authentication, then a random key and a symmetric encryption algorithm is used for subsequent communication  Multicast is problematic  Better to authenticate using public key algorithm, then use random key with symmetric algorithm  How do you know you have the right public key for a principal?  Public key is usually distributed as a document ``signed'' by a well known and trusted certification authority (e.g. Verisign). This is called a certificate. How do you determine if signature is upto date? What if the key has been compromised?
  • 36.
    Analysis Confidentiality 36  Private(Symmetric) key: + encryption is fast  identity is not easily portable across authentication services  secret key must be held by server + good for structured, organizational security  Public (Asymmetric) key:  encryption is slow + identity is inherently portable + secret key need not ever be revealed + provides digital signatures + good for individuals in loosely structured networks