SlideShare a Scribd company logo

Cryptography and network security Nit701

Download as PPTX, PDF
Amit Pathak
Amit Pathak

Cryptography and network security descries the security parameter with the help of public and private key. Digital signature is one of the most important area which we apply in our daily life for transferring the data.

Engineering
1 of 101
By Department of Computer Sc. & Engineering Cryptography and Network Security NIT- 701 Presented By Amit Kumar Pathak
Learning Objective • To familiarize with the security parameters in computer networks • The way of develop the algorithm in various ways. • General type of network security and their implementation • How to secure our network via different algorithms.
Discussion Goals • Cryptography – Definition. • History of Cryptography. • Basic Terminologies. • Importance of Cryptography. • Types of Cryptography. • Cryptography Algorithms. – RSA (Public Key) – DES (Symmetric) • Hash Functions • Digital Signatures • Watermarking
What is Cryptography ? “Cryptography is an art of Secret writing” Or “Cryptography -- from the Greek for “secret writing” (Kryptos means ‘HIdden’, graphein means ‘writing’) -- is the mathematical “scrambling” of data into unreadable form to preserve confidentiality. ” Or “Cryptography is the process of converting plaintext into ciphertext”
Base Cryptography Mechanism Encryption Algorithmplaintext Ciphertext plaintext Juvia Gray Decryption Algorithm Key A Key B
Cryptography Issues CIA Traid
Confidentiality: only sender, intended receiver should “understand” message contents. sender encrypts message. receiver decrypts message. End-Point Authentication: sender, receiver want to confirm identity of each other. Message Integrity: sender, receiver want to ensure message not altered (in transit, or afterwards) without detection.
History of Crytography • There are three eras in the history of Cryptography: – The Manual era – The Mechanical era – The Modern era • Manual era refers to Pen and Paper Cryptography and dates back to 2000 B.C.eg : Scytale, Atbash , Caesar, Vigenere. • Mechanical era refers to the invention of cipher machines. E.g.: Japanese Red and Purple Machines , German Enigma. • The modern era of cryptography refers to computers. • There are infinite permutations of cryptography available using computers. E.g.: Lucifer, Rijndael , RSA , ElGamal. 8
BASIC TERMINOLOGIES
Basic Terms Cipher: the algorithm that does the encryption. Ciphertext: the encrypted (scrambled) version of the message. Message altered to be unreadable by anyone except the intended recipients. Cryptanalysis: the science of breaking cryptographic algorithms. Cryptanalyst: a person who breaks cryptographic codes; also referred to as “the attacker”.
 Cryptosystem – The combination of algorithm, key, and key management functions used to perform cryptographic operations.  Decryption: the process of converting ciphertext back to the original plaintext.  Encryption: scrambling a message or data using a specialized cryptographic algorithm.  Initialization Vector – Random values used with ciphers to ensure no patterns are created during encryption. 5
Key – Sequence that controls the operation and behavior of the cryptographic algorithm. Keyspace – Total number of possible values of keys in a crypto algorithm. Plaintext – A message in its natural format readable by an attacker. 12
Cryptosystem Services or Security Goals Authentication – Ensures that whoever supplies or accesses sensitive data is an authorized party. Confidentiality – Assures that only authorized parties are able to understand the data.
Integrity – Ensures that when a message is sent over a network, the message that arrives is the same as the message that was originally sent. Nonrepudiation – Ensuring that the intended recipient actually received the message & ensuring that the sender actually sent the message.
Importance of Cryptography
Need for Cryptography • Establishing a Secure communication. • Fulfil the security goals. • Preservation of Authentic information. • Secure Transaction. • Privacy.
Attributes of Strong Encryption • Confusion – Change key values each round – Performed through substitution – Complicates plaintext/key relationship • Diffusion – Change location of plaintext in ciphertext – Done through transposition 17
Types of Cryptography
Encryption Systems • Substitution Cipher – Convert one letter to another – Cryptoquip • Transposition Cipher – Change position of letter in text – Word Jumble • Monoalphabetic Cipher – Caesar 19
Encryption Systems • Polyalphabetic Cipher –Vigenère • Modular Mathematics –Running Key Cipher • One-time Pads –Randomly generated keys 20
Categories of Cryptography Traditional • Cryptography in its early days • Ex :- Caesar Cipher, Playfair, Rain fence Symmetric • Shared Key • Ex :- DES, AES etc. Public Key • Public and Private Key. • Ex : - RSA, ElGamal etc.
Traditional Cryptography Cryptography in its early stages.
Caesar Cipher • Caesar cipher is named after the Roman military and political leader Gaius Julius Caesar (100 BC – 44 BC).1 Caesar used this relatively simple form of ciphering to encode military messages. • Every character C in the message M is replaced by (C+3) Scheme A B C D E ….. D E F G H ….. Example :- Plaintext = “DAD” Ciphertext = “GDG”
Rail Fence Cipher • Plaintext is written in successive ‘rails’ diagonally. • No. of rails is predefined, say 3. • After the message exhausts on rails the message is read row-wise and it becomes the cipher text. For example, if we have 3 "rails" and a message of 'WE ARE DISCOVERED. FLEE AT ONCE', the cipher writes out: W . . . E . . . C . . . R . . . L . . . T . . . E . E . R . D .S . O . E . E . F . E . A . O . C . . . A . . . I . . . V . . . D . . . E . . . N . . Cipher Text : WECRL TEERD SOEEF EAOCA IVDEN
Kamasutra Cipher • The Kamasutra cipher is one of the earliest known substitution methods. • The purpose was to teach women how to hide secret messages from prying eyes. Principle The key is the permutation of the alphabet. The plaintext and the ciphertext alphabet are the same. The alphabet is divided in two halves to pair the letters: F Y M Q G V O P D J R A K C I E U B X T S Z W N L H The letter “F” becomes the letter “C” and “B” is replaced by “G”. The word "EXAMPLE" would be encoded by: "MVLESAM".
Enigma • Used by the Germans during World War II – Replaced letters as they were typed – Substitutions were computed using a key and a set of switches or rotors. 26
Symmetric Key Cryptography
Symmetric Key Scheme – Same key for encryption and decryption – Key distribution problem • Cleartext with Key makes Ciphertext • Ciphertext with Key makes Cleartext 28 Winning Lotto #s: aWDHOP#@-w9 aWDHOP#@-w9 Winning Lotto #s:
..contd. • Advantages – Symmetric algorithms are fast – They are difficult to break if a large key size is used – Only one key needed 29
..contd. • Disadvantages – Symmetric keys must remain secret – Difficult to deliver keys (key distribution) – Symmetric algorithms don’t support authenticity or nonrepudiation • You can’t know for sure who sent the message, since two people have the same key 30
Symmetric Cryptography Algorithms • Types of symmetric algorithms – Stream ciphers • Operate on plaintext one bit at a time – Block ciphers • Operate on blocks of plaintext 31
Symmetric Algorithms • DES –Modes: ECB, CBC, CFB, OFB, CM • 3DES • AES • IDEA • Blowfish 32
..contd. • RC4 • RC5 • CAST • SAFER • Twofish 33
Key Distribution • Symmetric schemes require both parties to share a common secret key • issue is how to securely distribute this key • often secure system failure due to a break in the key distribution scheme
Key Distribution methods • Given parties A and B have various key distribution alternatives: 1. A can select key and physically deliver to B 2. third party can select & physically deliver key to A & B 3. if A & B have communicated previously can use previous key to encrypt a new key 4. if A & B have secure communications with a third party C, C can relay key between A & B Not suitable for large systems Initial distribution?
Scale of key distribution problem • A network with N hosts => N(N-1)/2 pairs • Node-level encryption N(N-1)/2 • Application-level encryption – 10 applications/node
Key distribution center (KDC) Key distribution center (KDC) KDC shares a unique key (master key) with each user to distribute secret key (session key) between a pair of users: scale of key distribution problem reduces to N EMK1 (Secret key) Secret key Secret key EMK2 (Secret key)
Key Distribution Scenario nonce: an identifier that differs for each request Session key Identifier for A (ex. address) Master key Ka Master key Kb (avoid replay attack) 1. Verify the original request 2. Avoid replay attack
Hierarchical key control … KDC … KDC KDC a b
Design Principles of DES To achieve high degree of diffusion and confusion. Diffusion: making each plaintext bit affect as many ciphertext bits as possible. Confusion: making the relationship between the encryption key and the ciphertext as complex as possible. 1
DES: The Data Encryption Standard • Most widely used block cipher in the world. • Adopted by NIST in 1977. • Based on the Feistel cipher structure with 16 rounds of processing. • Block = 64 bits • Key = 56 bits • What is specific to DES is the design of the F function and how round keys are derived from the main key. 41
42
Initial Permutation IP • IP: the first step of the encryption. • It reorders the input data bits. • The last step of encryption is the inverse of IP.
Round Keys Generation • Main key: 64 bits. • 56-bits are selected and permuted using Permuted Choice One (PC1); and then divided into two 28-bit halves. • In each round: – Left-rotate each half separately by either 1 or 2 bits according to a rotation schedule. – Select 24-bits from each half, and permute the combined 48 bits. – This forms a round key.
45 Permuted Choice One (PC1) 57 49 41 33 25 17 9 1 58 50 42 34 26 18 10 2 59 51 43 35 27 19 11 3 60 52 44 36 63 55 47 39 31 23 15 7 62 54 46 38 30 22 14 6 61 53 45 37 29 21 13 5 28 20 12 4
Round i + F Li-1 Ri-1 ki Li Ri 32 48 3232
TCP/IP Protocol Suite 47
48    The and each have 32 bits, and the round key 48 bits. The function, on input and , produces 32 bits: ( , ) where : ( expands 32 bits o 4 ) t The function of DES L R K F R K F R K P S E K E R F    8 bits; : shrinks it back to 32 bits; : permutes the 32 bits. S P
Public Key Cryptography
Public-Key Cryptography • probably most significant advance in the 3000 year history of cryptography • uses two keys – a public key and a private key • asymmetric since parties are not equal • uses clever application of number theory concepts to function • complements rather than replaces private key cryptography
..contd. • public-key/two-key/asymmetric cryptography involves the use of two keys: – a public-key, which may be known by anybody, and can be used to encrypt messages, and verify signatures – a private-key, known only to the recipient, used to decrypt messages, and sign (create) signatures • is asymmetric because – those who encrypt messages or verify signatures cannot decrypt messages or create signatures
..contd.
Comparison between symmetric and public-key encryption
Requirement for public-key cryptography • Diffie and Hellman (1976) proposed the system without the algorithm for E and D. They laid out the requirement: – It is computationally easy to generate a pair of keys – It is computationally easy for a sender to encrypt – It is computationally easy for a receiver to decrypt – It is computationally infeasible for an opponent, knowing the public key, to determine the private key – It is computationally infeasible for an opponent, knowing the public key and ciphtertext, to recover the plaintext Y = EKU (X)b X = DKR (Y) b
Why Public-Key Cryptography? • developed to address two key issues: – key distribution – how to have secure communications in general without having to trust a KDC with your key – digital signatures – how to verify a message comes intact from the claimed sender • public invention due to Whitfield Diffie & Martin Hellman at Stanford U. in 1976 – known earlier in classified community
Asymmetric Algorithms • Diffie-Hellman • RSA • El Gamal • Elliptic Curve Cryptography (ECC) 56
Public-Key Cryptosystems
Public-Key Applications • can classify uses into 3 categories: – encryption/decryption (provide secrecy) – digital signatures (provide authentication) – key exchange (of session keys) • some algorithms are suitable for all uses, others are specific to one
Security of Public Key Schemes • like private key schemes brute force exhaustive search attack is always theoretically possible • but keys used are too large (>512bits) • security relies on a large enough difference in difficulty between easy (en/decrypt) and hard (cryptanalyse) problems • more generally the hard problem is known, its just made too hard to do in practise • requires the use of very large numbers • hence is slow compared to private key schemes
RSA • by Rivest, Shamir & Adleman of MIT in 1977 • best known & widely used public-key scheme • based on exponentiation in a finite (Galois) field over integers modulo a prime – nb. exponentiation takes O((log n)3) operations (easy) • uses large integers (eg. 1024 bits) • security due to cost of factoring large numbers – nb. factorization takes O(e log n log log n) operations (hard)
RSA Key Setup • each user generates a public/private key pair by: • selecting two large primes at random - p, q • computing their system modulus N=p.q – note ø(N)=(p-1)(q-1) • selecting at random the encryption key e • where 1<e<ø(N), gcd(e,ø(N))=1 • solve following equation to find decryption key d – e.d=1 mod ø(N) and 0≤d≤N • publish their public encryption key: KU={e,N} • keep secret private decryption key: KR={d,p,q}
RSA Use • to encrypt a message M the sender: – obtains public key of recipient KU={e,N} – computes: C=Me mod N, where 0≤M<N • to decrypt the ciphertext C the owner: – uses their private key KR={d,p,q} – computes: M=Cd mod N • note that the message M must be smaller than the modulus N (block if needed)
Why RSA Works • because of Euler's Theorem: • aø(n)mod N = 1 – where gcd(a,N)=1 • in RSA have: – N=p.q – ø(N)=(p-1)(q-1) – carefully chosen e & d to be inverses mod ø(N) – hence e.d=1+k.ø(N) for some k • hence : Cd = (Me)d = M1+k.ø(N) = M1.(Mø(N))q = M1.(1)q = M1 = M mod N
RSA Example 1. Select primes: p=17 & q=11 2. Compute n = pq =17×11=187 3. Compute ø(n)=(p–1)(q-1)=16×10=160 4. Select e : gcd(e,160)=1; choose e=7 5. Determine d: de=1 mod 160 and d < 160 Value is d=23 since 23×7=161= 10×160+1 6. Publish public key KU={7,187} 7. Keep secret private key KR={23,17,11}
RSA Example cont • sample RSA encryption/decryption is: • given message M = 88 (nb. 88<187) • encryption: C = 887 mod 187 = 11 • decryption: M = 1123 mod 187 = 88
Exponentiation • can use the Square and Multiply Algorithm • a fast, efficient algorithm for exponentiation • concept is based on repeatedly squaring base • and multiplying in the ones that are needed to compute the result • look at binary representation of exponent • only takes O(log2 n) multiples for number n – eg. 75 = 74.71 = 3.7 = 10 mod 11 – eg. 3129 = 3128.31 = 5.3 = 4 mod 11
Exponentiation
RSA Key Generation • users of RSA must: – determine two primes at random - p, q – select either e or d and compute the other • primes p,q must not be easily derived from modulus N=p.q – means must be sufficiently large – typically guess and use probabilistic test • exponents e, d are inverses, so use Inverse algorithm to compute the other
RSA Security • three approaches to attacking RSA: – brute force key search (infeasible given size of numbers) – mathematical attacks (based on difficulty of computing ø(N), by factoring modulus N) – timing attacks (on running of decryption)
Factoring Problem • mathematical approach takes 3 forms: – factor N=p.q, hence find ø(N) and then d – determine ø(N) directly and find d – find d directly • currently believe all equivalent to factoring – have seen slow improvements over the years • as of Aug-99 best is 130 decimal digits (512) bit with GNFS – biggest improvement comes from improved algorithm • cf “Quadratic Sieve” to “Generalized Number Field Sieve” – barring dramatic breakthrough 1024+ bit RSA secure • ensure p, q of similar size and matching other constraints
Hashing Algorithms • HAVAL – Computes between 128 and 256 bit hash – Between 3 and 5 rounds • RIPEMD-160 – Developed in Europe published in 1996 – Patent-free 71
Digital Signatures • Digital signatures can be permanently tied to the content of the message being signed. They cannot then be 'moved' from one document to another, for any attempt will be detectable. • RSA and DSA are two of the most popular digital signature schemes.
..contd. • In digital signature schemes, there are two algorithms: one for signing, in which a secret key is used to process the message and one for verification, in which the matching public key is used with the message to check the validity of the signature.
Watermarking • Traditionally, a watermark has been used to verify the authenticity of a document.
..contd. • Driver’s Licenses, diplomas, official letterhead were the primary applications of watermarks . • More recently, used to track or prevent redistribution of TV logos.
..contd. Purpose of using: – Ensure authenticity of digital goods. – Prevent unauthorized use/ensures copyright. – Prevent copying.  Adding the watermark to the image itself prevents removal by changing the format. E.g. GIF->JPEG.
Steganography A Smart way to hide data
Topics To Discuss 1. What is Steganography? 2. History Of Steganography 3. Technique 4. Basic Steganography Model 5. Steganography Terms 6. Types of Stegosystems 7. Types of Steganograph 8. Comparison of various Security techniques 9. Crypto-Steganography – A new approach 10. Applications 11. Comparison of various Secret Communication Techniques. 12. Steganography Tools 13. Future Scope 14. Conclusion 15. References
What is Steganography? • Steganography is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message, a form of security through obscurity. STEGONOGRA PHY EXAMPLE RANDOM TEXT Since everyone can read, encoding text in neutral sentences is doubtfully effective SOME HIDDEN PATTERN Since Everyone Can Read, Encoding Text In Neutral Sentences Is Doubtfully Effective ORIGINAL MESSAGE SECRET INSIDE
History Of Steganography • The first recorded uses of steganography can be traced back to 440 BC when Herodotus mentions two examples of steganography in his Histories. • Ancient Greeks used Wax tablets as reusable writing surfaces, sometimes used for shorthand. • Ancient Chinese wrote messages on fine silk, which was then crunched into a tiny ball and covered in wax. • Special inks were important steganographic tools even during Second World War.
Techniques PHYSICAL TECHNIQUES: • Hidden messages on paper written in secret inks under other messages or on the blank parts of other messages. • Hidden messages within wax tablets. • Messages written on envelopes in the area covered by postage stamps. DIGITAL TECHNIQUES: • Concealing data within encrypted data or within random data (an unbreakable cipher like the one-time pad generates cipher texts that look perfectly random if one does not have the private key). • Concealed messages in tampered executable files, exploiting redundancy in the targeted instruction set. • Pictures embedded in video material (optionally played at slower or faster speed).
Basic Steganography Model Secret Message Cover Medium Stego Decoder Key Cover Estimate of Message Original Cover Stego Encoder Communicationchannel
Steganography Terms • Carrier or Cover File - A Original message or a file in which hidden information will be stored inside of it . • Stego-Medium - The medium in which the information is hidden. • Embedded or Payload - The information which is to be hidden or concealed. • Steganalysis - The process of detecting hidden information inside a file.
Types Of Stegosystems and Steganography STEGOSYSTEM TYPES: • Pure stegosystems - no key is used. • Secret-key stegosystems - secret key is used. • Public-key stegosystems - public key is used. STEGANOGRAPHY TYPES: –Text Steganography. –Image Steganography. –Audio Steganography. –Video Steganography. –Protocol Steganography.
Text Steganography • Text steganography can be applied in the digital makeup format such as PDF, digital watermark or information hiding • It is more difficult to realize the information hiding based on text. The simplest method of information hiding is to select the cover first, adopt rules to add the phraseological or spelling mistakes, or replace with synonymy words. VARIOUS TEXT STEGANOGRAPHY METHODS: • Line shifting Method • Word shifting • Open spaces • Semantic methods • Character Encoding
Examples of Text Steganography • Minor changes to shapes of characters
Examples of Text Steganography
Image Steganography • Using image files as hosts for steganographic messages takes advantage of the limited capabilities of the human visual system • Some of the more common method for embedding messages in image files can be categorized into two main groups, image domain methods and transform domain methods Image And Transform Domain: • Image – also known as spatial – domain techniques embed messages in the intensity of the pixels directly, while for transform – also known as frequency – domain, images are first transformed and then the message is embedded in the image • Image domain techniques encompass bit-wise methods that apply bit insertion and noise manipulation and are sometimes characterized as “simple systems” • Steganography in the transform domain involves the manipulation of algorithms and image transforms
LSB [Least Significant bit] Method • Least significant bit (LSB) insertion is a common, simple approach to embedding information in a cover image • The least significant bit (in other words, the 8th bit) of some or all of the bytes inside an image is changed to a bit of the secret message • When using a 24-bit image, a bit of each of the red, green and blue color components can be used, since they are each represented by a byte. In other words, one can store 3 bits in each pixel. An 800 × 600 pixel image, can thus store a total amount of 1,440,000 bits or 180,000 bytes of embedded data • In its simplest form, LSB makes use of BMP images, since they use lossless compression
• A grid for 3 pixels of a 24-bit image can be as follows: (00101101 00011100 11011100) (10100110 11000100 00001100) (11010010 10101101 01100011) • When the number 200, which binary representation is 11001000, is embedded into the least significant bits of this part of the image, the resulting grid is as follows: (00101101 00011101 11011100) (10100110 11000101 00001100) (11010010 10101100 01100011)
Example Of Image Steganography
Audio Steganography • Embedding secret messages into digital sound is known as audio Steganography. • Audio Steganography methods can embed messages in WAV, AU, and even MP3 sound files. • The properties of the human auditory system (HAS) are exploited in the process of audio Steganography • To embed data secretly onto digital audio file there are few techniques introduced : – LSB Coding – Phase Coding – Parity Coding – Spread Spectrum
Flowchart Of Audio Steganography
Example of LSB Method • The message 'HEY' is encoded in a 16-bit CD quality sample using the LSB method. • Here the secret information is ‘HEY’ and the cover file is audio file. HEY is to be embedded inside the audio file. First the secret information ‘HEY’ and the audio file are converted into bit stream. • The least significant column of the audio file is replaced by the bit stream of sectet information ‘HEY’. The resulting file after embedding secret information ‘HEY’ is called Stego-file.
Comparison of Secret Communication Techniques Communica tion Technique Confidenti ality Integrity Availability Cryptograph y    Digital Signatures    Steganograp hy   
Combined Crypto- Steganography Plain Text Stego Image Cipher Text Decrypti on Cipher Text Plain Text Encryptio n Cover Image
Applications • Confidential communication and secret data storing • Steganography provides us with: • Potential capability to hide the existence of confidential data • Hardness of detecting the hidden (i.e., embedded) data • Strengthening of the secrecy of the encrypted data • Protection of data alteration • Access control system for digital content distribution • Media Database systems • Usage in modern printers • Alleged use by intelligence services
Steganography Tools • Steganos • S-Tools (GIF, JPEG) • StegHide (WAV, BMP) • Invisible Secrets (JPEG) • JPHide • Camouflage • Hiderman
Future Scope • Steganography, though is still a fairly new idea. There are constant advancements in the computer field, suggesting advancements in the field of steganography as well. • It is likely that there will soon be more efficient and more advanced techniques for Steganalysis. • What is scary is that such a small file of only one or two sentences may be all that is needed to commence a terrorist attack. In the future, it is hoped that the technique of Steganalysis will advance such that it will become much easier to detect even small messages within an image.
Learning Outcomes  Define the terms vulnerability, threat and attack.  Identify physical points of vulnerability in simple networks  Identify and classify particular examples of attacks  Concepts of Digital Signature and their applications
Conclusion • Interest in the use of steganography in our current digital age can be attributed to both the desire of individuals to hide communication through a medium rife with potential listeners, or in the case of digital watermarking, the absolute necessity of maintaining control over one’s ownership and the integrity of data as it passes through this medium. This increased interest is evidenced in the sheer number of available tools to provide easy steganographic techniques to the end user, as well as the proliferation of research and press on the topic.

Recommended

Cryptography
CryptographyCryptography
CryptographyKalyani Government Engineering College
 
Cryptography Fundamentals
Cryptography FundamentalsCryptography Fundamentals
Cryptography FundamentalsDuy Do Phan
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to CryptographySeema Goel
 
Cryptography
CryptographyCryptography
CryptographyJens Patel
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.pptUday Meena
 
cryptography
cryptographycryptography
cryptographyAbhijeet Singh
 
Encryption
EncryptionEncryption
EncryptionNitin Parbhakar
 
Cryptography - 101
Cryptography - 101Cryptography - 101
Cryptography - 101n|u - The Open Security Community
 

Recommended

Cryptography
CryptographyCryptography
CryptographyKalyani Government Engineering College
 
Cryptography Fundamentals
Cryptography FundamentalsCryptography Fundamentals
Cryptography FundamentalsDuy Do Phan
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to CryptographySeema Goel
 
Cryptography
CryptographyCryptography
CryptographyJens Patel
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.pptUday Meena
 
cryptography
cryptographycryptography
cryptographyAbhijeet Singh
 
Encryption
EncryptionEncryption
EncryptionNitin Parbhakar
 
Cryptography - 101
Cryptography - 101Cryptography - 101
Cryptography - 101n|u - The Open Security Community
 
DES
DESDES
DESNaga Srimanyu Timmaraju
 
Cryptography
CryptographyCryptography
Cryptographyprasham95
 
6. cryptography
6. cryptography6. cryptography
6. cryptography7wounders
 
Trible data encryption standard (3DES)
Trible data encryption standard (3DES)Trible data encryption standard (3DES)
Trible data encryption standard (3DES)Ahmed Mohamed Mahmoud
 
Encryption
EncryptionEncryption
Encryptionkeith dias
 
Cryptography
CryptographyCryptography
CryptographyAnandKaGe
 
Symmetric and asymmetric key
Symmetric and asymmetric keySymmetric and asymmetric key
Symmetric and asymmetric keyTriad Square InfoSec
 
overview of cryptographic techniques
overview of cryptographic techniquesoverview of cryptographic techniques
overview of cryptographic techniquesShubham Jain
 
Information Security Cryptography ( L02- Types Cryptography)
Information Security Cryptography ( L02- Types Cryptography)Information Security Cryptography ( L02- Types Cryptography)
Information Security Cryptography ( L02- Types Cryptography)Anas Rock
 
Cryptography ppt
Cryptography pptCryptography ppt
Cryptography pptOECLIB Odisha Electronics Control Library
 
Cryptography
CryptographyCryptography
Cryptographyresearch30
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithmsRashmi Burugupalli
 
Intro to modern cryptography
Intro to modern cryptographyIntro to modern cryptography
Intro to modern cryptographyzahid-mian
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.pptkusum sharma
 
Encryption
EncryptionEncryption
EncryptionMahmoud Abdeen
 
Cryptography
CryptographyCryptography
CryptographySagar Janagonda
 
Cryptography & Steganography
Cryptography & SteganographyCryptography & Steganography
Cryptography & SteganographyAnimesh Shaw
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniquesJanani S
 
Cryptology
CryptologyCryptology
CryptologyRupesh Mishra
 
Cryptography
CryptographyCryptography
Cryptographyamiable_indian
 
Cryptography and steganography lesson and discription.pptx
Cryptography and steganography lesson and discription.pptxCryptography and steganography lesson and discription.pptx
Cryptography and steganography lesson and discription.pptxRobertCarreonBula
 
Cryptography
CryptographyCryptography
CryptographySandip kumar
 

More Related Content

What's hot

Cryptography
CryptographyCryptography
Cryptographyprasham95
 
6. cryptography
6. cryptography6. cryptography
6. cryptography7wounders
 
Trible data encryption standard (3DES)
Trible data encryption standard (3DES)Trible data encryption standard (3DES)
Trible data encryption standard (3DES)Ahmed Mohamed Mahmoud
 
Cryptography
CryptographyCryptography
CryptographyAnandKaGe
 
overview of cryptographic techniques
overview of cryptographic techniquesoverview of cryptographic techniques
overview of cryptographic techniquesShubham Jain
 
Information Security Cryptography ( L02- Types Cryptography)
Information Security Cryptography ( L02- Types Cryptography)Information Security Cryptography ( L02- Types Cryptography)
Information Security Cryptography ( L02- Types Cryptography)Anas Rock
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithmsRashmi Burugupalli
 
Intro to modern cryptography
Intro to modern cryptographyIntro to modern cryptography
Intro to modern cryptographyzahid-mian
 
Cryptography & Steganography
Cryptography & SteganographyCryptography & Steganography
Cryptography & SteganographyAnimesh Shaw
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniquesJanani S
 

What's hot (20)

DES
DESDES
DES
 
Cryptography
CryptographyCryptography
Cryptography
 
6. cryptography
6. cryptography6. cryptography
6. cryptography
 
Trible data encryption standard (3DES)
Trible data encryption standard (3DES)Trible data encryption standard (3DES)
Trible data encryption standard (3DES)
 
Encryption
EncryptionEncryption
Encryption
 
Cryptography
CryptographyCryptography
Cryptography
 
Symmetric and asymmetric key
Symmetric and asymmetric keySymmetric and asymmetric key
Symmetric and asymmetric key
 
overview of cryptographic techniques
overview of cryptographic techniquesoverview of cryptographic techniques
overview of cryptographic techniques
 
Information Security Cryptography ( L02- Types Cryptography)
Information Security Cryptography ( L02- Types Cryptography)Information Security Cryptography ( L02- Types Cryptography)
Information Security Cryptography ( L02- Types Cryptography)
 
Cryptography ppt
Cryptography pptCryptography ppt
Cryptography ppt
 
Cryptography
CryptographyCryptography
Cryptography
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithms
 
Intro to modern cryptography
Intro to modern cryptographyIntro to modern cryptography
Intro to modern cryptography
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
 
Encryption
EncryptionEncryption
Encryption
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography & Steganography
Cryptography & SteganographyCryptography & Steganography
Cryptography & Steganography
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniques
 
Cryptology
CryptologyCryptology
Cryptology
 
Cryptography
CryptographyCryptography
Cryptography
 

Similar to Cryptography and network security Nit701

Cryptography and steganography lesson and discription.pptx
Cryptography and steganography lesson and discription.pptxCryptography and steganography lesson and discription.pptx
Cryptography and steganography lesson and discription.pptxRobertCarreonBula
 
Cns 13f-lec03- Classical Encryption Techniques
Cns 13f-lec03- Classical Encryption TechniquesCns 13f-lec03- Classical Encryption Techniques
Cns 13f-lec03- Classical Encryption Techniquesbabak danyal
 
Classical Encryption Techniques in Network Security
Classical Encryption Techniques in Network SecurityClassical Encryption Techniques in Network Security
Classical Encryption Techniques in Network Securitybabak danyal
 
Cryptography and applications
Cryptography and applicationsCryptography and applications
Cryptography and applicationsthai
 
Cryptography & Network Security.ppt-1.pdf
Cryptography & Network Security.ppt-1.pdfCryptography & Network Security.ppt-1.pdf
Cryptography & Network Security.ppt-1.pdfNirajKumar620142
 
Cryptography & network security
Cryptography & network securityCryptography & network security
Cryptography & network securitysathu30
 
Cryptography Introduction
Cryptography IntroductionCryptography Introduction
Cryptography Introductionindupps
 
Introduction to cryptography part2-final
Introduction to cryptography part2-finalIntroduction to cryptography part2-final
Introduction to cryptography part2-finalTaymoor Nazmy
 
Symmetric Encryption Techniques
Symmetric Encryption Techniques Symmetric Encryption Techniques
Symmetric Encryption Techniques Dr. Kapil Gupta
 

Similar to Cryptography and network security Nit701 (20)

Cryptography and steganography lesson and discription.pptx
Cryptography and steganography lesson and discription.pptxCryptography and steganography lesson and discription.pptx
Cryptography and steganography lesson and discription.pptx
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography-101
Cryptography-101Cryptography-101
Cryptography-101
 
Cns 13f-lec03- Classical Encryption Techniques
Cns 13f-lec03- Classical Encryption TechniquesCns 13f-lec03- Classical Encryption Techniques
Cns 13f-lec03- Classical Encryption Techniques
 
Classical Encryption Techniques in Network Security
Classical Encryption Techniques in Network SecurityClassical Encryption Techniques in Network Security
Classical Encryption Techniques in Network Security
 
Symmetric
SymmetricSymmetric
Symmetric
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography cse,ru
Cryptography cse,ruCryptography cse,ru
Cryptography cse,ru
 
Class 17
Class 17Class 17
Class 17
 
Cryptography and applications
Cryptography and applicationsCryptography and applications
Cryptography and applications
 
Cryptography & Network Security.ppt-1.pdf
Cryptography & Network Security.ppt-1.pdfCryptography & Network Security.ppt-1.pdf
Cryptography & Network Security.ppt-1.pdf
 
Cryptography & network security
Cryptography & network securityCryptography & network security
Cryptography & network security
 
Cryptography Introduction
Cryptography IntroductionCryptography Introduction
Cryptography Introduction
 
Cryptography
CryptographyCryptography
Cryptography
 
Introduction to cryptography part2-final
Introduction to cryptography part2-finalIntroduction to cryptography part2-final
Introduction to cryptography part2-final
 
cryptography.ppt
cryptography.pptcryptography.ppt
cryptography.ppt
 
Security - ch3.pptx
Security - ch3.pptxSecurity - ch3.pptx
Security - ch3.pptx
 
Symmetric Encryption Techniques
Symmetric Encryption Techniques Symmetric Encryption Techniques
Symmetric Encryption Techniques
 
5967073.ppt
5967073.ppt5967073.ppt
5967073.ppt
 
Cryptography
CryptographyCryptography
Cryptography
 

Recently uploaded

Digital Signal Processing Lecture notes n.pdf
Digital Signal Processing Lecture notes n.pdfDigital Signal Processing Lecture notes n.pdf
Digital Signal Processing Lecture notes n.pdfAbrahamGadissa
 
WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234AafreenAbuthahir2
 
RS Khurmi Machine Design Clutch and Brake Exercise Numerical Solutions
RS Khurmi Machine Design Clutch and Brake Exercise Numerical SolutionsRS Khurmi Machine Design Clutch and Brake Exercise Numerical Solutions
RS Khurmi Machine Design Clutch and Brake Exercise Numerical SolutionsAtif Razi
 
Quality defects in TMT Bars, Possible causes and Potential Solutions.
Quality defects in TMT Bars, Possible causes and Potential Solutions.Quality defects in TMT Bars, Possible causes and Potential Solutions.
Quality defects in TMT Bars, Possible causes and Potential Solutions.PrashantGoswami42
 
ASME IX(9) 2007 Full Version .pdf
ASME IX(9) 2007 Full Version .pdfASME IX(9) 2007 Full Version .pdf
ASME IX(9) 2007 Full Version .pdfAhmedHussein950959
 
Democratizing Fuzzing at Scale by Abhishek Arya
Democratizing Fuzzing at Scale by Abhishek AryaDemocratizing Fuzzing at Scale by Abhishek Arya
Democratizing Fuzzing at Scale by Abhishek Aryaabh.arya
 
İTÜ CAD and Reverse Engineering Workshop
İTÜ CAD and Reverse Engineering WorkshopİTÜ CAD and Reverse Engineering Workshop
İTÜ CAD and Reverse Engineering WorkshopEmre Günaydın
 
Furniture showroom management system project.pdf
Furniture showroom management system project.pdfFurniture showroom management system project.pdf
Furniture showroom management system project.pdfKamal Acharya
 
BRAKING SYSTEM IN INDIAN RAILWAY AutoCAD DRAWING
BRAKING SYSTEM IN INDIAN RAILWAY AutoCAD DRAWINGBRAKING SYSTEM IN INDIAN RAILWAY AutoCAD DRAWING
BRAKING SYSTEM IN INDIAN RAILWAY AutoCAD DRAWINGKOUSTAV SARKAR
 
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptx
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptxCFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptx
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptxR&R Consult
 
Introduction to Machine Learning Unit-5 Notes for II-II Mechanical Engineering
Introduction to Machine Learning Unit-5 Notes for II-II Mechanical EngineeringIntroduction to Machine Learning Unit-5 Notes for II-II Mechanical Engineering
Introduction to Machine Learning Unit-5 Notes for II-II Mechanical EngineeringC Sai Kiran
 
Online resume builder management system project report.pdf
Online resume builder management system project report.pdfOnline resume builder management system project report.pdf
Online resume builder management system project report.pdfKamal Acharya
 
A CASE STUDY ON ONLINE TICKET BOOKING SYSTEM PROJECT.pdf
A CASE STUDY ON ONLINE TICKET BOOKING SYSTEM PROJECT.pdfA CASE STUDY ON ONLINE TICKET BOOKING SYSTEM PROJECT.pdf
A CASE STUDY ON ONLINE TICKET BOOKING SYSTEM PROJECT.pdfKamal Acharya
 
Natalia Rutkowska - BIM School Course in Kraków
Natalia Rutkowska - BIM School Course in KrakówNatalia Rutkowska - BIM School Course in Kraków
Natalia Rutkowska - BIM School Course in Krakówbim.edu.pl
 
Hall booking system project report .pdf
Hall booking system project report .pdfHall booking system project report .pdf
Hall booking system project report .pdfKamal Acharya
 
2024 DevOps Pro Europe - Growing at the edge
2024 DevOps Pro Europe - Growing at the edge2024 DevOps Pro Europe - Growing at the edge
2024 DevOps Pro Europe - Growing at the edgePaco Orozco
 
Pharmacy management system project report..pdf
Pharmacy management system project report..pdfPharmacy management system project report..pdf
Pharmacy management system project report..pdfKamal Acharya
 
Introduction to Machine Learning Unit-4 Notes for II-II Mechanical Engineering
Introduction to Machine Learning Unit-4 Notes for II-II Mechanical EngineeringIntroduction to Machine Learning Unit-4 Notes for II-II Mechanical Engineering
Introduction to Machine Learning Unit-4 Notes for II-II Mechanical EngineeringC Sai Kiran
 
ONLINE VEHICLE RENTAL SYSTEM PROJECT REPORT.pdf
ONLINE VEHICLE RENTAL SYSTEM PROJECT REPORT.pdfONLINE VEHICLE RENTAL SYSTEM PROJECT REPORT.pdf
ONLINE VEHICLE RENTAL SYSTEM PROJECT REPORT.pdfKamal Acharya
 

Recently uploaded (20)

Digital Signal Processing Lecture notes n.pdf
Digital Signal Processing Lecture notes n.pdfDigital Signal Processing Lecture notes n.pdf
Digital Signal Processing Lecture notes n.pdf
 
WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234
 
RS Khurmi Machine Design Clutch and Brake Exercise Numerical Solutions
RS Khurmi Machine Design Clutch and Brake Exercise Numerical SolutionsRS Khurmi Machine Design Clutch and Brake Exercise Numerical Solutions
RS Khurmi Machine Design Clutch and Brake Exercise Numerical Solutions
 
Quality defects in TMT Bars, Possible causes and Potential Solutions.
Quality defects in TMT Bars, Possible causes and Potential Solutions.Quality defects in TMT Bars, Possible causes and Potential Solutions.
Quality defects in TMT Bars, Possible causes and Potential Solutions.
 
ASME IX(9) 2007 Full Version .pdf
ASME IX(9) 2007 Full Version .pdfASME IX(9) 2007 Full Version .pdf
ASME IX(9) 2007 Full Version .pdf
 
Democratizing Fuzzing at Scale by Abhishek Arya
Democratizing Fuzzing at Scale by Abhishek AryaDemocratizing Fuzzing at Scale by Abhishek Arya
Democratizing Fuzzing at Scale by Abhishek Arya
 
İTÜ CAD and Reverse Engineering Workshop
İTÜ CAD and Reverse Engineering WorkshopİTÜ CAD and Reverse Engineering Workshop
İTÜ CAD and Reverse Engineering Workshop
 
Furniture showroom management system project.pdf
Furniture showroom management system project.pdfFurniture showroom management system project.pdf
Furniture showroom management system project.pdf
 
BRAKING SYSTEM IN INDIAN RAILWAY AutoCAD DRAWING
BRAKING SYSTEM IN INDIAN RAILWAY AutoCAD DRAWINGBRAKING SYSTEM IN INDIAN RAILWAY AutoCAD DRAWING
BRAKING SYSTEM IN INDIAN RAILWAY AutoCAD DRAWING
 
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptx
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptxCFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptx
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptx
 
Introduction to Machine Learning Unit-5 Notes for II-II Mechanical Engineering
Introduction to Machine Learning Unit-5 Notes for II-II Mechanical EngineeringIntroduction to Machine Learning Unit-5 Notes for II-II Mechanical Engineering
Introduction to Machine Learning Unit-5 Notes for II-II Mechanical Engineering
 
Online resume builder management system project report.pdf
Online resume builder management system project report.pdfOnline resume builder management system project report.pdf
Online resume builder management system project report.pdf
 
A CASE STUDY ON ONLINE TICKET BOOKING SYSTEM PROJECT.pdf
A CASE STUDY ON ONLINE TICKET BOOKING SYSTEM PROJECT.pdfA CASE STUDY ON ONLINE TICKET BOOKING SYSTEM PROJECT.pdf
A CASE STUDY ON ONLINE TICKET BOOKING SYSTEM PROJECT.pdf
 
Standard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - NeometrixStandard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - Neometrix
 
Natalia Rutkowska - BIM School Course in Kraków
Natalia Rutkowska - BIM School Course in KrakówNatalia Rutkowska - BIM School Course in Kraków
Natalia Rutkowska - BIM School Course in Kraków
 
Hall booking system project report .pdf
Hall booking system project report .pdfHall booking system project report .pdf
Hall booking system project report .pdf
 
2024 DevOps Pro Europe - Growing at the edge
2024 DevOps Pro Europe - Growing at the edge2024 DevOps Pro Europe - Growing at the edge
2024 DevOps Pro Europe - Growing at the edge
 
Pharmacy management system project report..pdf
Pharmacy management system project report..pdfPharmacy management system project report..pdf
Pharmacy management system project report..pdf
 
Introduction to Machine Learning Unit-4 Notes for II-II Mechanical Engineering
Introduction to Machine Learning Unit-4 Notes for II-II Mechanical EngineeringIntroduction to Machine Learning Unit-4 Notes for II-II Mechanical Engineering
Introduction to Machine Learning Unit-4 Notes for II-II Mechanical Engineering
 
ONLINE VEHICLE RENTAL SYSTEM PROJECT REPORT.pdf
ONLINE VEHICLE RENTAL SYSTEM PROJECT REPORT.pdfONLINE VEHICLE RENTAL SYSTEM PROJECT REPORT.pdf
ONLINE VEHICLE RENTAL SYSTEM PROJECT REPORT.pdf
 

Cryptography and network security Nit701

  • 1. By Department of Computer Sc. & Engineering Cryptography and Network Security NIT- 701 Presented By Amit Kumar Pathak
  • 2. Learning Objective • To familiarize with the security parameters in computer networks • The way of develop the algorithm in various ways. • General type of network security and their implementation • How to secure our network via different algorithms.
  • 3. Discussion Goals • Cryptography – Definition. • History of Cryptography. • Basic Terminologies. • Importance of Cryptography. • Types of Cryptography. • Cryptography Algorithms. – RSA (Public Key) – DES (Symmetric) • Hash Functions • Digital Signatures • Watermarking
  • 4. What is Cryptography ? “Cryptography is an art of Secret writing” Or “Cryptography -- from the Greek for “secret writing” (Kryptos means ‘HIdden’, graphein means ‘writing’) -- is the mathematical “scrambling” of data into unreadable form to preserve confidentiality. ” Or “Cryptography is the process of converting plaintext into ciphertext”
  • 7. Confidentiality: only sender, intended receiver should “understand” message contents. sender encrypts message. receiver decrypts message. End-Point Authentication: sender, receiver want to confirm identity of each other. Message Integrity: sender, receiver want to ensure message not altered (in transit, or afterwards) without detection.
  • 8. History of Crytography • There are three eras in the history of Cryptography: – The Manual era – The Mechanical era – The Modern era • Manual era refers to Pen and Paper Cryptography and dates back to 2000 B.C.eg : Scytale, Atbash , Caesar, Vigenere. • Mechanical era refers to the invention of cipher machines. E.g.: Japanese Red and Purple Machines , German Enigma. • The modern era of cryptography refers to computers. • There are infinite permutations of cryptography available using computers. E.g.: Lucifer, Rijndael , RSA , ElGamal. 8
  • 10. Basic Terms Cipher: the algorithm that does the encryption. Ciphertext: the encrypted (scrambled) version of the message. Message altered to be unreadable by anyone except the intended recipients. Cryptanalysis: the science of breaking cryptographic algorithms. Cryptanalyst: a person who breaks cryptographic codes; also referred to as “the attacker”.
  • 11.  Cryptosystem – The combination of algorithm, key, and key management functions used to perform cryptographic operations.  Decryption: the process of converting ciphertext back to the original plaintext.  Encryption: scrambling a message or data using a specialized cryptographic algorithm.  Initialization Vector – Random values used with ciphers to ensure no patterns are created during encryption. 5
  • 12. Key – Sequence that controls the operation and behavior of the cryptographic algorithm. Keyspace – Total number of possible values of keys in a crypto algorithm. Plaintext – A message in its natural format readable by an attacker. 12
  • 13. Cryptosystem Services or Security Goals Authentication – Ensures that whoever supplies or accesses sensitive data is an authorized party. Confidentiality – Assures that only authorized parties are able to understand the data.
  • 14. Integrity – Ensures that when a message is sent over a network, the message that arrives is the same as the message that was originally sent. Nonrepudiation – Ensuring that the intended recipient actually received the message & ensuring that the sender actually sent the message.
  • 16. Need for Cryptography • Establishing a Secure communication. • Fulfil the security goals. • Preservation of Authentic information. • Secure Transaction. • Privacy.
  • 17. Attributes of Strong Encryption • Confusion – Change key values each round – Performed through substitution – Complicates plaintext/key relationship • Diffusion – Change location of plaintext in ciphertext – Done through transposition 17
  • 19. Encryption Systems • Substitution Cipher – Convert one letter to another – Cryptoquip • Transposition Cipher – Change position of letter in text – Word Jumble • Monoalphabetic Cipher – Caesar 19
  • 20. Encryption Systems • Polyalphabetic Cipher –Vigenère • Modular Mathematics –Running Key Cipher • One-time Pads –Randomly generated keys 20
  • 21. Categories of Cryptography Traditional • Cryptography in its early days • Ex :- Caesar Cipher, Playfair, Rain fence Symmetric • Shared Key • Ex :- DES, AES etc. Public Key • Public and Private Key. • Ex : - RSA, ElGamal etc.
  • 23. Caesar Cipher • Caesar cipher is named after the Roman military and political leader Gaius Julius Caesar (100 BC – 44 BC).1 Caesar used this relatively simple form of ciphering to encode military messages. • Every character C in the message M is replaced by (C+3) Scheme A B C D E ….. D E F G H ….. Example :- Plaintext = “DAD” Ciphertext = “GDG”
  • 24. Rail Fence Cipher • Plaintext is written in successive ‘rails’ diagonally. • No. of rails is predefined, say 3. • After the message exhausts on rails the message is read row-wise and it becomes the cipher text. For example, if we have 3 "rails" and a message of 'WE ARE DISCOVERED. FLEE AT ONCE', the cipher writes out: W . . . E . . . C . . . R . . . L . . . T . . . E . E . R . D .S . O . E . E . F . E . A . O . C . . . A . . . I . . . V . . . D . . . E . . . N . . Cipher Text : WECRL TEERD SOEEF EAOCA IVDEN
  • 25. Kamasutra Cipher • The Kamasutra cipher is one of the earliest known substitution methods. • The purpose was to teach women how to hide secret messages from prying eyes. Principle The key is the permutation of the alphabet. The plaintext and the ciphertext alphabet are the same. The alphabet is divided in two halves to pair the letters: F Y M Q G V O P D J R A K C I E U B X T S Z W N L H The letter “F” becomes the letter “C” and “B” is replaced by “G”. The word "EXAMPLE" would be encoded by: "MVLESAM".
  • 26. Enigma • Used by the Germans during World War II – Replaced letters as they were typed – Substitutions were computed using a key and a set of switches or rotors. 26
  • 28. Symmetric Key Scheme – Same key for encryption and decryption – Key distribution problem • Cleartext with Key makes Ciphertext • Ciphertext with Key makes Cleartext 28 Winning Lotto #s: aWDHOP#@-w9 aWDHOP#@-w9 Winning Lotto #s:
  • 29. ..contd. • Advantages – Symmetric algorithms are fast – They are difficult to break if a large key size is used – Only one key needed 29
  • 30. ..contd. • Disadvantages – Symmetric keys must remain secret – Difficult to deliver keys (key distribution) – Symmetric algorithms don’t support authenticity or nonrepudiation • You can’t know for sure who sent the message, since two people have the same key 30
  • 31. Symmetric Cryptography Algorithms • Types of symmetric algorithms – Stream ciphers • Operate on plaintext one bit at a time – Block ciphers • Operate on blocks of plaintext 31
  • 32. Symmetric Algorithms • DES –Modes: ECB, CBC, CFB, OFB, CM • 3DES • AES • IDEA • Blowfish 32
  • 33. ..contd. • RC4 • RC5 • CAST • SAFER • Twofish 33
  • 34. Key Distribution • Symmetric schemes require both parties to share a common secret key • issue is how to securely distribute this key • often secure system failure due to a break in the key distribution scheme
  • 35. Key Distribution methods • Given parties A and B have various key distribution alternatives: 1. A can select key and physically deliver to B 2. third party can select & physically deliver key to A & B 3. if A & B have communicated previously can use previous key to encrypt a new key 4. if A & B have secure communications with a third party C, C can relay key between A & B Not suitable for large systems Initial distribution?
  • 36. Scale of key distribution problem • A network with N hosts => N(N-1)/2 pairs • Node-level encryption N(N-1)/2 • Application-level encryption – 10 applications/node
  • 37. Key distribution center (KDC) Key distribution center (KDC) KDC shares a unique key (master key) with each user to distribute secret key (session key) between a pair of users: scale of key distribution problem reduces to N EMK1 (Secret key) Secret key Secret key EMK2 (Secret key)
  • 38. Key Distribution Scenario nonce: an identifier that differs for each request Session key Identifier for A (ex. address) Master key Ka Master key Kb (avoid replay attack) 1. Verify the original request 2. Avoid replay attack
  • 40. Design Principles of DES To achieve high degree of diffusion and confusion. Diffusion: making each plaintext bit affect as many ciphertext bits as possible. Confusion: making the relationship between the encryption key and the ciphertext as complex as possible. 1
  • 41. DES: The Data Encryption Standard • Most widely used block cipher in the world. • Adopted by NIST in 1977. • Based on the Feistel cipher structure with 16 rounds of processing. • Block = 64 bits • Key = 56 bits • What is specific to DES is the design of the F function and how round keys are derived from the main key. 41
  • 42. 42
  • 43. Initial Permutation IP • IP: the first step of the encryption. • It reorders the input data bits. • The last step of encryption is the inverse of IP.
  • 44. Round Keys Generation • Main key: 64 bits. • 56-bits are selected and permuted using Permuted Choice One (PC1); and then divided into two 28-bit halves. • In each round: – Left-rotate each half separately by either 1 or 2 bits according to a rotation schedule. – Select 24-bits from each half, and permute the combined 48 bits. – This forms a round key.
  • 45. 45 Permuted Choice One (PC1) 57 49 41 33 25 17 9 1 58 50 42 34 26 18 10 2 59 51 43 35 27 19 11 3 60 52 44 36 63 55 47 39 31 23 15 7 62 54 46 38 30 22 14 6 61 53 45 37 29 21 13 5 28 20 12 4
  • 48. 48    The and each have 32 bits, and the round key 48 bits. The function, on input and , produces 32 bits: ( , ) where : ( expands 32 bits o 4 ) t The function of DES L R K F R K F R K P S E K E R F    8 bits; : shrinks it back to 32 bits; : permutes the 32 bits. S P
  • 50. Public-Key Cryptography • probably most significant advance in the 3000 year history of cryptography • uses two keys – a public key and a private key • asymmetric since parties are not equal • uses clever application of number theory concepts to function • complements rather than replaces private key cryptography
  • 51. ..contd. • public-key/two-key/asymmetric cryptography involves the use of two keys: – a public-key, which may be known by anybody, and can be used to encrypt messages, and verify signatures – a private-key, known only to the recipient, used to decrypt messages, and sign (create) signatures • is asymmetric because – those who encrypt messages or verify signatures cannot decrypt messages or create signatures
  • 53. Comparison between symmetric and public-key encryption
  • 54. Requirement for public-key cryptography • Diffie and Hellman (1976) proposed the system without the algorithm for E and D. They laid out the requirement: – It is computationally easy to generate a pair of keys – It is computationally easy for a sender to encrypt – It is computationally easy for a receiver to decrypt – It is computationally infeasible for an opponent, knowing the public key, to determine the private key – It is computationally infeasible for an opponent, knowing the public key and ciphtertext, to recover the plaintext Y = EKU (X)b X = DKR (Y) b
  • 55. Why Public-Key Cryptography? • developed to address two key issues: – key distribution – how to have secure communications in general without having to trust a KDC with your key – digital signatures – how to verify a message comes intact from the claimed sender • public invention due to Whitfield Diffie & Martin Hellman at Stanford U. in 1976 – known earlier in classified community
  • 56. Asymmetric Algorithms • Diffie-Hellman • RSA • El Gamal • Elliptic Curve Cryptography (ECC) 56
  • 58. Public-Key Applications • can classify uses into 3 categories: – encryption/decryption (provide secrecy) – digital signatures (provide authentication) – key exchange (of session keys) • some algorithms are suitable for all uses, others are specific to one
  • 59. Security of Public Key Schemes • like private key schemes brute force exhaustive search attack is always theoretically possible • but keys used are too large (>512bits) • security relies on a large enough difference in difficulty between easy (en/decrypt) and hard (cryptanalyse) problems • more generally the hard problem is known, its just made too hard to do in practise • requires the use of very large numbers • hence is slow compared to private key schemes
  • 60. RSA • by Rivest, Shamir & Adleman of MIT in 1977 • best known & widely used public-key scheme • based on exponentiation in a finite (Galois) field over integers modulo a prime – nb. exponentiation takes O((log n)3) operations (easy) • uses large integers (eg. 1024 bits) • security due to cost of factoring large numbers – nb. factorization takes O(e log n log log n) operations (hard)
  • 61. RSA Key Setup • each user generates a public/private key pair by: • selecting two large primes at random - p, q • computing their system modulus N=p.q – note ø(N)=(p-1)(q-1) • selecting at random the encryption key e • where 1<e<ø(N), gcd(e,ø(N))=1 • solve following equation to find decryption key d – e.d=1 mod ø(N) and 0≤d≤N • publish their public encryption key: KU={e,N} • keep secret private decryption key: KR={d,p,q}
  • 62. RSA Use • to encrypt a message M the sender: – obtains public key of recipient KU={e,N} – computes: C=Me mod N, where 0≤M<N • to decrypt the ciphertext C the owner: – uses their private key KR={d,p,q} – computes: M=Cd mod N • note that the message M must be smaller than the modulus N (block if needed)
  • 63. Why RSA Works • because of Euler's Theorem: • aø(n)mod N = 1 – where gcd(a,N)=1 • in RSA have: – N=p.q – ø(N)=(p-1)(q-1) – carefully chosen e & d to be inverses mod ø(N) – hence e.d=1+k.ø(N) for some k • hence : Cd = (Me)d = M1+k.ø(N) = M1.(Mø(N))q = M1.(1)q = M1 = M mod N
  • 64. RSA Example 1. Select primes: p=17 & q=11 2. Compute n = pq =17×11=187 3. Compute ø(n)=(p–1)(q-1)=16×10=160 4. Select e : gcd(e,160)=1; choose e=7 5. Determine d: de=1 mod 160 and d < 160 Value is d=23 since 23×7=161= 10×160+1 6. Publish public key KU={7,187} 7. Keep secret private key KR={23,17,11}
  • 65. RSA Example cont • sample RSA encryption/decryption is: • given message M = 88 (nb. 88<187) • encryption: C = 887 mod 187 = 11 • decryption: M = 1123 mod 187 = 88
  • 66. Exponentiation • can use the Square and Multiply Algorithm • a fast, efficient algorithm for exponentiation • concept is based on repeatedly squaring base • and multiplying in the ones that are needed to compute the result • look at binary representation of exponent • only takes O(log2 n) multiples for number n – eg. 75 = 74.71 = 3.7 = 10 mod 11 – eg. 3129 = 3128.31 = 5.3 = 4 mod 11
  • 68. RSA Key Generation • users of RSA must: – determine two primes at random - p, q – select either e or d and compute the other • primes p,q must not be easily derived from modulus N=p.q – means must be sufficiently large – typically guess and use probabilistic test • exponents e, d are inverses, so use Inverse algorithm to compute the other
  • 69. RSA Security • three approaches to attacking RSA: – brute force key search (infeasible given size of numbers) – mathematical attacks (based on difficulty of computing ø(N), by factoring modulus N) – timing attacks (on running of decryption)
  • 70. Factoring Problem • mathematical approach takes 3 forms: – factor N=p.q, hence find ø(N) and then d – determine ø(N) directly and find d – find d directly • currently believe all equivalent to factoring – have seen slow improvements over the years • as of Aug-99 best is 130 decimal digits (512) bit with GNFS – biggest improvement comes from improved algorithm • cf “Quadratic Sieve” to “Generalized Number Field Sieve” – barring dramatic breakthrough 1024+ bit RSA secure • ensure p, q of similar size and matching other constraints
  • 71. Hashing Algorithms • HAVAL – Computes between 128 and 256 bit hash – Between 3 and 5 rounds • RIPEMD-160 – Developed in Europe published in 1996 – Patent-free 71
  • 72. Digital Signatures • Digital signatures can be permanently tied to the content of the message being signed. They cannot then be 'moved' from one document to another, for any attempt will be detectable. • RSA and DSA are two of the most popular digital signature schemes.
  • 73. ..contd. • In digital signature schemes, there are two algorithms: one for signing, in which a secret key is used to process the message and one for verification, in which the matching public key is used with the message to check the validity of the signature.
  • 74. Watermarking • Traditionally, a watermark has been used to verify the authenticity of a document.
  • 75. ..contd. • Driver’s Licenses, diplomas, official letterhead were the primary applications of watermarks . • More recently, used to track or prevent redistribution of TV logos.
  • 76. ..contd. Purpose of using: – Ensure authenticity of digital goods. – Prevent unauthorized use/ensures copyright. – Prevent copying.  Adding the watermark to the image itself prevents removal by changing the format. E.g. GIF->JPEG.
  • 78. Topics To Discuss 1. What is Steganography? 2. History Of Steganography 3. Technique 4. Basic Steganography Model 5. Steganography Terms 6. Types of Stegosystems 7. Types of Steganograph 8. Comparison of various Security techniques 9. Crypto-Steganography – A new approach 10. Applications 11. Comparison of various Secret Communication Techniques. 12. Steganography Tools 13. Future Scope 14. Conclusion 15. References
  • 79. What is Steganography? • Steganography is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message, a form of security through obscurity. STEGONOGRA PHY EXAMPLE RANDOM TEXT Since everyone can read, encoding text in neutral sentences is doubtfully effective SOME HIDDEN PATTERN Since Everyone Can Read, Encoding Text In Neutral Sentences Is Doubtfully Effective ORIGINAL MESSAGE SECRET INSIDE
  • 80. History Of Steganography • The first recorded uses of steganography can be traced back to 440 BC when Herodotus mentions two examples of steganography in his Histories. • Ancient Greeks used Wax tablets as reusable writing surfaces, sometimes used for shorthand. • Ancient Chinese wrote messages on fine silk, which was then crunched into a tiny ball and covered in wax. • Special inks were important steganographic tools even during Second World War.
  • 81. Techniques PHYSICAL TECHNIQUES: • Hidden messages on paper written in secret inks under other messages or on the blank parts of other messages. • Hidden messages within wax tablets. • Messages written on envelopes in the area covered by postage stamps. DIGITAL TECHNIQUES: • Concealing data within encrypted data or within random data (an unbreakable cipher like the one-time pad generates cipher texts that look perfectly random if one does not have the private key). • Concealed messages in tampered executable files, exploiting redundancy in the targeted instruction set. • Pictures embedded in video material (optionally played at slower or faster speed).
  • 82. Basic Steganography Model Secret Message Cover Medium Stego Decoder Key Cover Estimate of Message Original Cover Stego Encoder Communicationchannel
  • 83. Steganography Terms • Carrier or Cover File - A Original message or a file in which hidden information will be stored inside of it . • Stego-Medium - The medium in which the information is hidden. • Embedded or Payload - The information which is to be hidden or concealed. • Steganalysis - The process of detecting hidden information inside a file.
  • 84. Types Of Stegosystems and Steganography STEGOSYSTEM TYPES: • Pure stegosystems - no key is used. • Secret-key stegosystems - secret key is used. • Public-key stegosystems - public key is used. STEGANOGRAPHY TYPES: –Text Steganography. –Image Steganography. –Audio Steganography. –Video Steganography. –Protocol Steganography.
  • 85. Text Steganography • Text steganography can be applied in the digital makeup format such as PDF, digital watermark or information hiding • It is more difficult to realize the information hiding based on text. The simplest method of information hiding is to select the cover first, adopt rules to add the phraseological or spelling mistakes, or replace with synonymy words. VARIOUS TEXT STEGANOGRAPHY METHODS: • Line shifting Method • Word shifting • Open spaces • Semantic methods • Character Encoding
  • 86. Examples of Text Steganography • Minor changes to shapes of characters
  • 87. Examples of Text Steganography
  • 88. Image Steganography • Using image files as hosts for steganographic messages takes advantage of the limited capabilities of the human visual system • Some of the more common method for embedding messages in image files can be categorized into two main groups, image domain methods and transform domain methods Image And Transform Domain: • Image – also known as spatial – domain techniques embed messages in the intensity of the pixels directly, while for transform – also known as frequency – domain, images are first transformed and then the message is embedded in the image • Image domain techniques encompass bit-wise methods that apply bit insertion and noise manipulation and are sometimes characterized as “simple systems” • Steganography in the transform domain involves the manipulation of algorithms and image transforms
  • 89. LSB [Least Significant bit] Method • Least significant bit (LSB) insertion is a common, simple approach to embedding information in a cover image • The least significant bit (in other words, the 8th bit) of some or all of the bytes inside an image is changed to a bit of the secret message • When using a 24-bit image, a bit of each of the red, green and blue color components can be used, since they are each represented by a byte. In other words, one can store 3 bits in each pixel. An 800 × 600 pixel image, can thus store a total amount of 1,440,000 bits or 180,000 bytes of embedded data • In its simplest form, LSB makes use of BMP images, since they use lossless compression
  • 90. • A grid for 3 pixels of a 24-bit image can be as follows: (00101101 00011100 11011100) (10100110 11000100 00001100) (11010010 10101101 01100011) • When the number 200, which binary representation is 11001000, is embedded into the least significant bits of this part of the image, the resulting grid is as follows: (00101101 00011101 11011100) (10100110 11000101 00001100) (11010010 10101100 01100011)
  • 91. Example Of Image Steganography
  • 92. Audio Steganography • Embedding secret messages into digital sound is known as audio Steganography. • Audio Steganography methods can embed messages in WAV, AU, and even MP3 sound files. • The properties of the human auditory system (HAS) are exploited in the process of audio Steganography • To embed data secretly onto digital audio file there are few techniques introduced : – LSB Coding – Phase Coding – Parity Coding – Spread Spectrum
  • 94. Example of LSB Method • The message 'HEY' is encoded in a 16-bit CD quality sample using the LSB method. • Here the secret information is ‘HEY’ and the cover file is audio file. HEY is to be embedded inside the audio file. First the secret information ‘HEY’ and the audio file are converted into bit stream. • The least significant column of the audio file is replaced by the bit stream of sectet information ‘HEY’. The resulting file after embedding secret information ‘HEY’ is called Stego-file.
  • 95. Comparison of Secret Communication Techniques Communica tion Technique Confidenti ality Integrity Availability Cryptograph y    Digital Signatures    Steganograp hy   
  • 96. Combined Crypto- Steganography Plain Text Stego Image Cipher Text Decrypti on Cipher Text Plain Text Encryptio n Cover Image
  • 97. Applications • Confidential communication and secret data storing • Steganography provides us with: • Potential capability to hide the existence of confidential data • Hardness of detecting the hidden (i.e., embedded) data • Strengthening of the secrecy of the encrypted data • Protection of data alteration • Access control system for digital content distribution • Media Database systems • Usage in modern printers • Alleged use by intelligence services
  • 98. Steganography Tools • Steganos • S-Tools (GIF, JPEG) • StegHide (WAV, BMP) • Invisible Secrets (JPEG) • JPHide • Camouflage • Hiderman
  • 99. Future Scope • Steganography, though is still a fairly new idea. There are constant advancements in the computer field, suggesting advancements in the field of steganography as well. • It is likely that there will soon be more efficient and more advanced techniques for Steganalysis. • What is scary is that such a small file of only one or two sentences may be all that is needed to commence a terrorist attack. In the future, it is hoped that the technique of Steganalysis will advance such that it will become much easier to detect even small messages within an image.
  • 100. Learning Outcomes  Define the terms vulnerability, threat and attack.  Identify physical points of vulnerability in simple networks  Identify and classify particular examples of attacks  Concepts of Digital Signature and their applications
  • 101. Conclusion • Interest in the use of steganography in our current digital age can be attributed to both the desire of individuals to hide communication through a medium rife with potential listeners, or in the case of digital watermarking, the absolute necessity of maintaining control over one’s ownership and the integrity of data as it passes through this medium. This increased interest is evidenced in the sheer number of available tools to provide easy steganographic techniques to the end user, as well as the proliferation of research and press on the topic.