JT
Uploaded byjp tj
PPTX, PDF845 views

Cryptographic Security

The document discusses cryptographic security. It outlines security goals of confidentiality, integrity, and availability. It describes common security attacks like snooping, traffic analysis, modification, masquerading, replaying, denial of service, and their classification as passive or active. It also discusses security services like authentication, data confidentiality, data integrity, and nonrepudiation. Various security mechanisms are presented like encipherment, digital signatures, access control, and traffic padding that provide the security services and defend against different attacks. Basic concepts of cryptography like plaintext, ciphertext, ciphers, keys, encryption, and decryption are also introduced.

Embed presentation

Downloaded 402 times
* Cryptographic Security
Cryptographic Security Security Goals *  Confidentiality : private or confidential information is not made available or disclosed to unauthorized individuals. In industry, hiding some information from competitors is crucial to the operation of the organization In banking, customers’ accounts need to be kept secret.  Integrity : Integrity means changes need to be done only by authorized entities and through authorized mechanisms. In a bank, when a customer deposits or withdraws money, the balance needs to be changed.  Availability : The information created and stored by an organization needs to be available to authorized entities.
Cryptographic Security OSI security Architecture  Security Attack : Any action that compromises the security of the information.  Security Mechanism : A mechanism that is designed to detect, prevent or recover from a security attack.  Security Services : A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms. *
Cryptographic Security Security Attacks * Taxonomy of attacks with relation to security goa
Cryptographic Security Attacks threatening to confidentiality  Snooping : It refers to unauthorized access to or interception of data. To prevent snooping data can be made non intelligible by using encryption techniques.  Traffic analysis : If we had encryption protection in place, an opponent might still be able to observe the pattern of these messages. The opponent could determine the location and identity of communicating hosts and could observe the frequency and length of messages being exchanged. This information might be useful in guessing the nature of the communication that was taking place.*
Cryptographic Security * Snooping Traffic Analysis
Cryptographic Security Attacks threatening to integrity  Modification : After intercepting or accessing the information, the attacker modifies the information to make it beneficial to himself. A customer sends a message to a bank to do some transaction. The attacker intercepts the message and changes the type of transaction to benefit himself.  Masquerading : Masquerading, or spoofing, happens when the attacker impersonates somebody else. For example, an attacker might steal the bank card and PIN of a bank customer and pretend that he is a customer.*
Cryptographic Security * Modification Masquerade
Cryptographic Security Attacks threatening to integrity  Replaying : The attacker obtains a copy of a message sent by a user and later tries to replay it. A person sends a request to his bank to ask for payment to the attacker, who has done a job for her. The attacker intercepts the message and sends it again to receive another payment from the bank.  Repudiation : It is performed by one of the two parties in the communication. The sender of the message might later deny that he has sent the message; the receiver of the message might later deny that he has received the message. The sender would be a bank customer asking her bank to send some money to a third party but later*
Cryptographic Security * Replaying
Cryptographic Security Attacks threatening to availability  Denial of service : The attacker might intercept and delete a server’s response to a client, making the client to believe that the server is not responding. The attacker may also intercept requests from clients, causing the clients to send requests many times and overload the system. *
Cryptographic Security Passive Vs Active Attacks  Passive attacks : The attacker’s goal is just to obtain information. He does not modify data or harm the system.  Active Attacks : An active attack may change the data or harm the system. * Attacks Passive/Active Threatening Snooping Traffic analysis Passive Confidentiality Modification Masquerading Replaying Repudiation Active Integrity Denial of Service Active Availability
Cryptographic Security Security Services  ITU-T(X.800)[International Telecommunication Union-Telecommunication Standardization Sector] has defined five services related to the security goals and attacks.  Authentication: This service provides the authentication of the party at the other end of the line. Peer entity authentication: In connection oriented communication, it provides authentication of the sender or receiver during the connection establishment. Data origin authentication: In connectionless communication, it authenticates the source of the data. *
Cryptographic Security Security Services  Data confidentiality : Data confidentiality is designed to protect data from disclosure attack. It is designed to prevent snooping and traffic analysis attack.  Data integrity : It is designed to protect data from modification, insertion, deletion and replaying by an adversary.  Nonrepudiation : Provides protection against denial by one of the entities involved in a communication of having participated in all or part of the communication. *
Cryptographic Security Security Mechanisms  Encipherment : The use of mathematical algorithms to transform data into a form that is not readily intelligible.  Digital Signature : It is a means by which the sender can electronically sign the data and the receiver can electronically verify the signature.  Access control : Access control uses methods to prove that a user has access right to the data or resources owned by a system. Examples of proofs are passwords and PIN.  Authentication exchange : In authentication exchange, two entities exchange some message to prove their identity to each other. *
Cryptographic Security Security Mechanisms  Data integrity : The data integrity mechanism appends to the data a short check value that has been created by a specific process from he data itself. The receiver receives the data and the check value. He creates a new check value from the received data and compares the newly created check value with the one received. If the two check values are the same, the integrity of data has been preserved.  Traffic Padding : Traffic padding means insertion of bits into gaps in a data stream to frustrate traffic analysis attempts.*
Cryptographic Security Security Mechanisms  Routing Control : Routing control means selecting and continuously changing different available routes between the sender and the receiver.  Notarization : The use of a trusted third party to assure certain properties of a data exchange. The receiver can involve a trusted party to store the sender request in order to prevent the sender from later denying that he has made such a request. *
Cryptographic SecurityRelation between Security Services and Security Mechanism *
Cryptographic Security Cryptography – Basic Concepts  Cryptography is the study of Secret (crypto-) writing (-graphy)  Cryptography The art or science encompassing the principles and methods of transforming an intelligible message into one that is unintelligible, and then retransforming that message back to its original form.  Plaintext " The original intelligible message”  Ciphertext " The transformed message” *
Cryptographic Security Basic Concepts  Cipher An algorithm for transforming an intelligible message into unintelligible by transposition and/or substitution.  Key Some critical information used by the cipher, known only to the sender & receiver.  Encipher (encode) The process of converting plaintext to ciphertext  Decipher (decode) The process of converting ciphertext back into plaintext *
Cryptographic Security Basic Concepts  Cryptanalysis The study of principles and methods of transforming an unintelligible message back into an intelligible message without knowledge of the key. Also called codebreaking.  Cryptology Both cryptography and cryptanalysis *
Cryptographic Security Cryptography * plaintext (data file or messages) encryption ciphertext (stored or transmitted safely) decryption plaintext (original data or messages)

More Related Content

PPTX
OSI and TCPIP Model
byTapan Khilar
 
PPSX
ARP
byselvakumar_b1985
 
PDF
Privacy Enhanced Mail (PEM)
byPalash Mehar
 
PDF
Chapter-6.pdf
byssuser01a3d0
 
PDF
cyber security legal perspective
byShoeb Ahmed
 
PDF
Network programming
byKrasimir Berov (Красимир Беров)
 
PPT
Presentation: the domain name system
bywebhostingguy
 
PDF
IoT and WoT (Internet of Things and Web of Things)
byJonathan Jeon
 
OSI and TCPIP Model
byTapan Khilar
 
ARP
byselvakumar_b1985
 
Privacy Enhanced Mail (PEM)
byPalash Mehar
 
Chapter-6.pdf
byssuser01a3d0
 
cyber security legal perspective
byShoeb Ahmed
 
Network programming
byKrasimir Berov (Красимир Беров)
 
Presentation: the domain name system
bywebhostingguy
 
IoT and WoT (Internet of Things and Web of Things)
byJonathan Jeon
 

What's hot

PPT
Groupware
byVJ Aiswaryadevi
 
PDF
College Website Design Document
byAnkit Dutt
 
PPTX
Network tunneling techniques
byinbroker
 
PDF
Network security - OSI Security Architecture
byBharathiKrishna6
 
PPT
Chap 12 tcp
bySparsh Samir
 
PPTX
4 pillers of iot
byShilpaKrishna6
 
PPTX
Introduction for internet connectivity (IoT)
byFabMinds
 
PPTX
IOT Platform Design Methodology
bypoonam kumawat
 
DOCX
Finaldocumentation
byasuadma
 
PDF
Contact management system
bySHARDA SHARAN
 
PDF
Voice Assistant (1).pdf
byThakurpushpendersing
 
PPT
Distributed computing
byAlokeparna Choudhury
 
DOCX
Web Vulnerability Scanner project Report
byVikas Kumar
 
PPTX
Web casting
byFatima Akhtar
 
PPT
JAVA Servlets
bydeepak kumar
 
PPTX
M2M systems layers and designs standardizations
byFabMinds
 
PPTX
Data Network Security
byAtif Rehmat
 
PDF
CS6601 DISTRIBUTED SYSTEMS
byKathirvel Ayyaswamy
 
PPTX
OSI Layer
byMathi Vanan
 
PDF
Operating System fo IoT
byPradeep Kumar TS
 
Groupware
byVJ Aiswaryadevi
 
College Website Design Document
byAnkit Dutt
 
Network tunneling techniques
byinbroker
 
Network security - OSI Security Architecture
byBharathiKrishna6
 
Chap 12 tcp
bySparsh Samir
 
4 pillers of iot
byShilpaKrishna6
 
Introduction for internet connectivity (IoT)
byFabMinds
 
IOT Platform Design Methodology
bypoonam kumawat
 
Finaldocumentation
byasuadma
 
Contact management system
bySHARDA SHARAN
 
Voice Assistant (1).pdf
byThakurpushpendersing
 
Distributed computing
byAlokeparna Choudhury
 
Web Vulnerability Scanner project Report
byVikas Kumar
 
Web casting
byFatima Akhtar
 
JAVA Servlets
bydeepak kumar
 
M2M systems layers and designs standardizations
byFabMinds
 
Data Network Security
byAtif Rehmat
 
CS6601 DISTRIBUTED SYSTEMS
byKathirvel Ayyaswamy
 
OSI Layer
byMathi Vanan
 
Operating System fo IoT
byPradeep Kumar TS
 

Viewers also liked

DOCX
CV update 19 Des 2015
byiwan setiawan
 
DOCX
Trabajo practico n 5 informatica
byFacundoReyes
 
PPTX
EnergyPlus
byIsrael Marcus
 
PDF
Nate jackman bar serve
byNathan Jackman
 
PDF
Claudeolivier
byUniversidad Técnica Particular de Loja
 
DOCX
Cntesfebrer
byBiblioteca Falset
 
PPTX
Test
bytanvirmh
 
PPSX
RESIDENTIAL MODULAR KITCHENS
byRohit Gupta
 
PDF
Profile of the one jsc
byThe One JSC
 
PPTX
One Health Initiative from Unisveristy to Stakeholder Noor ISMAIL
byGlobal Risk Forum GRFDavos
 
PPT
Rebranding Antibiotic Resistance as a Disaster Risk Problem - A Necessary Ste...
byGlobal Risk Forum GRFDavos
 
PPT
Наука как блокбастер
byШкольная лига РОСНАНО
 
PPTX
Hdlc
byTejaswi Sammeta
 
PPTX
Что происходит с космонавтикой?
byШкольная лига РОСНАНО
 
PPTX
Smart Emission Control System
bypayal_dodeja
 
PPTX
Final PPT Imdb (1)
bypayal_dodeja
 
PDF
Polaris Product Fact Sheet
byBooz Allen Hamilton
 
PPTX
Sales and Marketing Alignment: Bridging the Great Divide through ABM
byDemandbase
 
PPT
26 Remote Logging_Electronic_Mail_and_File_Transfer
byAhmar Hashmi
 
CV update 19 Des 2015
byiwan setiawan
 
Trabajo practico n 5 informatica
byFacundoReyes
 
EnergyPlus
byIsrael Marcus
 
Nate jackman bar serve
byNathan Jackman
 
Claudeolivier
byUniversidad Técnica Particular de Loja
 
Cntesfebrer
byBiblioteca Falset
 
Test
bytanvirmh
 
RESIDENTIAL MODULAR KITCHENS
byRohit Gupta
 
Profile of the one jsc
byThe One JSC
 
One Health Initiative from Unisveristy to Stakeholder Noor ISMAIL
byGlobal Risk Forum GRFDavos
 
Rebranding Antibiotic Resistance as a Disaster Risk Problem - A Necessary Ste...
byGlobal Risk Forum GRFDavos
 
Наука как блокбастер
byШкольная лига РОСНАНО
 
Hdlc
byTejaswi Sammeta
 
Что происходит с космонавтикой?
byШкольная лига РОСНАНО
 
Smart Emission Control System
bypayal_dodeja
 
Final PPT Imdb (1)
bypayal_dodeja
 
Polaris Product Fact Sheet
byBooz Allen Hamilton
 
Sales and Marketing Alignment: Bridging the Great Divide through ABM
byDemandbase
 
26 Remote Logging_Electronic_Mail_and_File_Transfer
byAhmar Hashmi
 

Similar to Cryptographic Security

PPT
Cryptography introduction
byVasuki Ramasamy
 
PPT
Module-1.ppt cryptography and network security
byAparnaSunil24
 
PDF
Cryptography-PART-1.pdf,taught in nitw 2025
bykc22csb0a13
 
PDF
Cryptography Network Security Introduction
byAlwyn Rajiv
 
PDF
The Road Network security
byKhaled Omar
 
PPTX
Unit-1_Syllabus.pptx. Ghhhgbbbbbbbbbbb
byStarLiner
 
PPTX
Introduction to Cryptography
byUmangThakkar26
 
PPTX
Information and Network Security Introduction
bysmitgandhi0703
 
PPT
ch1-1.ppt
byNayyabMirTahir
 
PDF
Chapter 1 Introduction of Cryptography and Network security
byDr. Kapil Gupta
 
PDF
ch01.pdf
bySamtech6
 
PPTX
Cryptography and Network Security-ch1-4.pptx
bySamiDan3
 
PPTX
CHAPTER 1.pptx yujhhhhhhhhhhnnnnnnnhbbbhb
byStarLiner
 
PPTX
Unit 1
byKRAMANJANEYULU1
 
PPTX
CS8792 - Cryptography and Network Security
byvishnukp34
 
PPTX
Introduction of network security
bysneha padhiar
 
PDF
E content,S.Abirami,II-M.sc(computer Science),Bon Secours college for women
byAbiramis19
 
PPT
Network and Information Security unit 1.ppt
byVivekananda Gn
 
PPTX
information security unit 1 notes ppt contents
byKrishna681298
 
PDF
Network security & cryptography full notes
bygangadhar9989166446
 
Cryptography introduction
byVasuki Ramasamy
 
Module-1.ppt cryptography and network security
byAparnaSunil24
 
Cryptography-PART-1.pdf,taught in nitw 2025
bykc22csb0a13
 
Cryptography Network Security Introduction
byAlwyn Rajiv
 
The Road Network security
byKhaled Omar
 
Unit-1_Syllabus.pptx. Ghhhgbbbbbbbbbbb
byStarLiner
 
Introduction to Cryptography
byUmangThakkar26
 
Information and Network Security Introduction
bysmitgandhi0703
 
ch1-1.ppt
byNayyabMirTahir
 
Chapter 1 Introduction of Cryptography and Network security
byDr. Kapil Gupta
 
ch01.pdf
bySamtech6
 
Cryptography and Network Security-ch1-4.pptx
bySamiDan3
 
CHAPTER 1.pptx yujhhhhhhhhhhnnnnnnnhbbbhb
byStarLiner
 
Unit 1
byKRAMANJANEYULU1
 
CS8792 - Cryptography and Network Security
byvishnukp34
 
Introduction of network security
bysneha padhiar
 
E content,S.Abirami,II-M.sc(computer Science),Bon Secours college for women
byAbiramis19
 
Network and Information Security unit 1.ppt
byVivekananda Gn
 
information security unit 1 notes ppt contents
byKrishna681298
 
Network security & cryptography full notes
bygangadhar9989166446
 

Recently uploaded

PPTX
INTEGRATED COMMUNICATION AND SENSING Presentation.pptx
byNanaAgyeman13
 
PDF
Unit Weight in Term of Volumetric Water Content.pdf
byMahmoodKhalid11
 
PPTX
Optimum mesh size for various fishing gears by B2B.pptx
byB. BHASKAR
 
PDF
MoD_2.pptx solid rockets of the rocket.pdf
byrajaashish82988
 
PDF
Microeconomics Theory and Market Structure.pdf
byMahmoodKhalid11
 
PDF
engineering management chapter 5 ppt presentation
byericaangelatoledo06
 
PDF
Basics of Electronics Task by Vivaan Jo Varghese.pdf
byVivaan Jo Varghese
 
PPTX
unit v awp IN ANTENNA AND WAVE PROP IN JNTUH
byTCEKPEDDAPALLI
 
PDF
(en/zhTW) Heterogeneous System Architecture: Design & Performance
byDanny Jiang
 
PDF
Rajesh Prasad- Brief Profile with educational, professional highlights
byRajesh Prasad
 
PDF
Applications of AI in Civil Engineering - Dr. Rohan Dasgupta
byRohan Dasgupta
 
PDF
Weak Incentives (WINK): The Agent Definition Layer
byAndrei Savu
 
PPTX
Presentation-WPS Office.pptx afgouvhyhgfccf
byEndaleTimerga
 
PDF
PROBLEM SLOVING AND PYTHON PROGRAMMING UNIT 3.pdf
byA R SIVANESH M.E., QIP-PG (Cyber Security)., (Ph.D)
 
PDF
Creating a Multi-Agent Flow: Orchestrate multiple specialized agents into a p...
byJhonatan Salazar
 
PDF
Shear Strength of Soil (Direct shear test).pdf
byMahmoodKhalid11
 
PPTX
How Does LNG Regasification Work | INOXCVA
byINOXCVA
 
PDF
Role of Training and Development in Enhancing Safety Performance in Opencast ...
byRathin Biswas
 
PPTX
Optimizing the ELBO Objective: A Comparative Study of RNN, LSTM, and GRU Arch...
byKayalvizhi A
 
PPTX
A professional presentation on Cosmos Bank Heist
byssuser7f0075
 
INTEGRATED COMMUNICATION AND SENSING Presentation.pptx
byNanaAgyeman13
 
Unit Weight in Term of Volumetric Water Content.pdf
byMahmoodKhalid11
 
Optimum mesh size for various fishing gears by B2B.pptx
byB. BHASKAR
 
MoD_2.pptx solid rockets of the rocket.pdf
byrajaashish82988
 
Microeconomics Theory and Market Structure.pdf
byMahmoodKhalid11
 
engineering management chapter 5 ppt presentation
byericaangelatoledo06
 
Basics of Electronics Task by Vivaan Jo Varghese.pdf
byVivaan Jo Varghese
 
unit v awp IN ANTENNA AND WAVE PROP IN JNTUH
byTCEKPEDDAPALLI
 
(en/zhTW) Heterogeneous System Architecture: Design & Performance
byDanny Jiang
 
Rajesh Prasad- Brief Profile with educational, professional highlights
byRajesh Prasad
 
Applications of AI in Civil Engineering - Dr. Rohan Dasgupta
byRohan Dasgupta
 
Weak Incentives (WINK): The Agent Definition Layer
byAndrei Savu
 
Presentation-WPS Office.pptx afgouvhyhgfccf
byEndaleTimerga
 
PROBLEM SLOVING AND PYTHON PROGRAMMING UNIT 3.pdf
byA R SIVANESH M.E., QIP-PG (Cyber Security)., (Ph.D)
 
Creating a Multi-Agent Flow: Orchestrate multiple specialized agents into a p...
byJhonatan Salazar
 
Shear Strength of Soil (Direct shear test).pdf
byMahmoodKhalid11
 
How Does LNG Regasification Work | INOXCVA
byINOXCVA
 
Role of Training and Development in Enhancing Safety Performance in Opencast ...
byRathin Biswas
 
Optimizing the ELBO Objective: A Comparative Study of RNN, LSTM, and GRU Arch...
byKayalvizhi A
 
A professional presentation on Cosmos Bank Heist
byssuser7f0075
 

Cryptographic Security

  • 1.
  • 2.
    Cryptographic Security Security Goals * Confidentiality : private or confidential information is not made available or disclosed to unauthorized individuals. In industry, hiding some information from competitors is crucial to the operation of the organization In banking, customers’ accounts need to be kept secret.  Integrity : Integrity means changes need to be done only by authorized entities and through authorized mechanisms. In a bank, when a customer deposits or withdraws money, the balance needs to be changed.  Availability : The information created and stored by an organization needs to be available to authorized entities.
  • 3.
    Cryptographic Security OSI securityArchitecture  Security Attack : Any action that compromises the security of the information.  Security Mechanism : A mechanism that is designed to detect, prevent or recover from a security attack.  Security Services : A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms. *
  • 4.
    Cryptographic Security Security Attacks * Taxonomyof attacks with relation to security goa
  • 5.
    Cryptographic Security Attacks threateningto confidentiality  Snooping : It refers to unauthorized access to or interception of data. To prevent snooping data can be made non intelligible by using encryption techniques.  Traffic analysis : If we had encryption protection in place, an opponent might still be able to observe the pattern of these messages. The opponent could determine the location and identity of communicating hosts and could observe the frequency and length of messages being exchanged. This information might be useful in guessing the nature of the communication that was taking place.*
  • 6.
  • 7.
    Cryptographic Security Attacks threateningto integrity  Modification : After intercepting or accessing the information, the attacker modifies the information to make it beneficial to himself. A customer sends a message to a bank to do some transaction. The attacker intercepts the message and changes the type of transaction to benefit himself.  Masquerading : Masquerading, or spoofing, happens when the attacker impersonates somebody else. For example, an attacker might steal the bank card and PIN of a bank customer and pretend that he is a customer.*
  • 8.
  • 9.
    Cryptographic Security Attacks threateningto integrity  Replaying : The attacker obtains a copy of a message sent by a user and later tries to replay it. A person sends a request to his bank to ask for payment to the attacker, who has done a job for her. The attacker intercepts the message and sends it again to receive another payment from the bank.  Repudiation : It is performed by one of the two parties in the communication. The sender of the message might later deny that he has sent the message; the receiver of the message might later deny that he has received the message. The sender would be a bank customer asking her bank to send some money to a third party but later*
  • 10.
  • 11.
    Cryptographic Security Attacks threateningto availability  Denial of service : The attacker might intercept and delete a server’s response to a client, making the client to believe that the server is not responding. The attacker may also intercept requests from clients, causing the clients to send requests many times and overload the system. *
  • 12.
    Cryptographic Security Passive VsActive Attacks  Passive attacks : The attacker’s goal is just to obtain information. He does not modify data or harm the system.  Active Attacks : An active attack may change the data or harm the system. * Attacks Passive/Active Threatening Snooping Traffic analysis Passive Confidentiality Modification Masquerading Replaying Repudiation Active Integrity Denial of Service Active Availability
  • 13.
    Cryptographic Security Security Services ITU-T(X.800)[International Telecommunication Union-Telecommunication Standardization Sector] has defined five services related to the security goals and attacks.  Authentication: This service provides the authentication of the party at the other end of the line. Peer entity authentication: In connection oriented communication, it provides authentication of the sender or receiver during the connection establishment. Data origin authentication: In connectionless communication, it authenticates the source of the data. *
  • 14.
    Cryptographic Security Security Services Data confidentiality : Data confidentiality is designed to protect data from disclosure attack. It is designed to prevent snooping and traffic analysis attack.  Data integrity : It is designed to protect data from modification, insertion, deletion and replaying by an adversary.  Nonrepudiation : Provides protection against denial by one of the entities involved in a communication of having participated in all or part of the communication. *
  • 15.
    Cryptographic Security Security Mechanisms Encipherment : The use of mathematical algorithms to transform data into a form that is not readily intelligible.  Digital Signature : It is a means by which the sender can electronically sign the data and the receiver can electronically verify the signature.  Access control : Access control uses methods to prove that a user has access right to the data or resources owned by a system. Examples of proofs are passwords and PIN.  Authentication exchange : In authentication exchange, two entities exchange some message to prove their identity to each other. *
  • 16.
    Cryptographic Security Security Mechanisms Data integrity : The data integrity mechanism appends to the data a short check value that has been created by a specific process from he data itself. The receiver receives the data and the check value. He creates a new check value from the received data and compares the newly created check value with the one received. If the two check values are the same, the integrity of data has been preserved.  Traffic Padding : Traffic padding means insertion of bits into gaps in a data stream to frustrate traffic analysis attempts.*
  • 17.
    Cryptographic Security Security Mechanisms Routing Control : Routing control means selecting and continuously changing different available routes between the sender and the receiver.  Notarization : The use of a trusted third party to assure certain properties of a data exchange. The receiver can involve a trusted party to store the sender request in order to prevent the sender from later denying that he has made such a request. *
  • 18.
    Cryptographic SecurityRelation betweenSecurity Services and Security Mechanism *
  • 19.
    Cryptographic Security Cryptography –Basic Concepts  Cryptography is the study of Secret (crypto-) writing (-graphy)  Cryptography The art or science encompassing the principles and methods of transforming an intelligible message into one that is unintelligible, and then retransforming that message back to its original form.  Plaintext " The original intelligible message”  Ciphertext " The transformed message” *
  • 20.
    Cryptographic Security Basic Concepts Cipher An algorithm for transforming an intelligible message into unintelligible by transposition and/or substitution.  Key Some critical information used by the cipher, known only to the sender & receiver.  Encipher (encode) The process of converting plaintext to ciphertext  Decipher (decode) The process of converting ciphertext back into plaintext *
  • 21.
    Cryptographic Security Basic Concepts Cryptanalysis The study of principles and methods of transforming an unintelligible message back into an intelligible message without knowledge of the key. Also called codebreaking.  Cryptology Both cryptography and cryptanalysis *
  • 22.
    Cryptographic Security Cryptography * plaintext (datafile or messages) encryption ciphertext (stored or transmitted safely) decryption plaintext (original data or messages)