Download to read offline
More Related Content
Similar to Cryptographic Tools Week#11 Lecture #01,02.pptx
Cryptographic Tools Week#11 Lecture #01,02.pptx
- 1.
- 2. Cryptographic Tools • Cryptographictools are software or hardware utilities designed to secure data through encryption and other cryptographic methods. • They help in transforming readable data (plaintext) into an unreadable format (ciphertext) to protect it from unauthorized access. These tools include: – Encryption algorithms (e.g., AES, RSA) – Hash functions (e.g., SHA-256, MD5) – Cryptographic protocols (e.g., SSL/TLS, PGP)
- 3. Encryption Algorithms Symmetric Encryption: •Uses a single key for both encryption and decryption. It is fast and suitable for encrypting large amounts of data. • Common algorithms include: – AES (Advanced Encryption Standard): Widely used, secure, and efficient. It supports key sizes of 128, 192, and 256 bits. – DES (Data Encryption Standard): Older algorithms, are now largely considered insecure due to advances in computational power.
- 4. Encryption Algorithms • AsymmetricEncryption: Uses a pair of keys—a public key for encryption and a private key for decryption. It is computationally more intensive but allows secure key exchange. • Common algorithms include: – RSA (Rivest-Shamir-Adleman): One of the first public-key cryptosystems, used widely for secure data transmission. – ECC (Elliptic Curve Cryptography): Provides similar security to RSA but with smaller key sizes, making it more efficient.
- 5. Hash Functions • SHA(Secure Hash Algorithm) family (e.g., SHA-1, SHA-256, SHA-3): Produces a fixed-size hash value from input data, ensuring data integrity. • MD5 (Message Digest Algorithm 5): Now considered outdated due to vulnerabilities, but still used in some legacy systems.
- 6. Public-Key Infrastructure (PKI) •Public-key infrastructure (PKI) is a framework used to manage digital keys and certificates. • PKI is fundamental for enabling secure communications and transactions on the internet, ensuring data integrity, authentication, and non- repudiation.
- 7. Public-Key Infrastructure (PKI) Itenables secure data exchange over networks by providing: –Public and private keys: Key pairs used for encryption and decryption. –Digital certificates: Issued by a trusted Certificate Authority (CA), these certificates verify the ownership of a public key. –Certificate Authorities (CAs): Trusted entities that issue and cancel digital certificates. –Registration Authorities (RAs): Entities that authenticate the identity of users before certificates are issued.
- 8. Digital Certificates • Digitalcertificates are electronic documents used to associate a public key with the identity of its owner. Components Each certificate typically contains: – Subject: The entity that owns the public key (e.g., a person, or organization). – Public Key: The public key of the subject. – Issuer: The CA that issued the certificate. – Serial Number: A unique identifier for the certificate. – Validity Period: The time frame during which the certificate is valid. – Signature: The digital signature of the CA, verifying the certificate’s authenticity.
- 9. Digital Signatures • Digitalsignatures are cryptographic methods used to verify the authenticity and integrity of digital messages or documents. They involve: – Creation process: The sender creates a hash of the message and encrypts it with their private key to create a signature. – Verification process: The recipient decrypts the signature with the sender’s public key and compares it to
- 10. Digital Signatures Digital signaturesprovide: • Authentication: Confirming the sender's identity. • Integrity: Ensuring the message has not been altered. • Non-repudiation: Preventing the sender from denying they sent the message.
- 11. Steganography • Steganography involveshiding information within other non-secret data to conceal the existence of the message. • Techniques include: Image Steganography • LSB (Least Significant Bit): Alters the least significant bits of image pixels to embed data, making changes invisible to the human eye.
- 12. Steganography Audio Steganography • EchoHiding: Embeds data by altering echo signals in audio files. • Phase Coding: Modifies the phase of audio signals to encode information. Network Steganography Protocol Manipulation: Embeds data in unused or optional fields within network protocol headers.
- 13. Steganography Text Steganography • Format-BasedMethods: Uses changes in text formatting (e.g., font, spacing) to hide data. • Character-Based Methods: Introduces invisible characters (e.g., zero-width spaces) into text to embed information.
- 14. Protocols for SecureCommunications • Protocols for secure communications ensure data is transmitted securely over networks, protecting against eavesdropping, tampering, and other cyber threats. Securing Internet Communication with S-HTTP and SSL • The Internet was initially designed without security in mind, leading to the later addition of security measures as threats grew.
- 15. S-HTTP (Secure HypertextTransfer Protocol): • Purpose: Encrypts individual messages between client and server. • Mechanism: Each message requires a new session; the client sends its public key, and the server generates and encrypts a session key with it. Both then use this session key to encrypt messages. • Features: Provides confidentiality, authentication, and data integrity; designed for easy integration with existing HTTP applications.
- 16. Securing E-mail withS/MIME, PEM, and PGP • Adaptations to email protocols like SMTP have incorporated security measures to counter its inherent insecurity. S/MIME (Secure/Multipurpose Internet Mail Extensions): –Purpose: Enhances MIME to secure email using digital signatures and encryption. –Mechanism: Uses public key cryptosystems for digital signatures and encryption. Supports algorithms like SHA-1, RSA, and 3DES. –Features: Standardizes message content type, and supports signing, encrypting, and decrypting messages.