SlideShare a Scribd company logo

Cryptography and PKI

Download as PPTX, PDF
Rabei Hassan
Rabei Hassan

- Cryptography and Security - Methods of Encryption and Decryption - What is an Algorithm? - Symmetric Algorithm - Asymmetric Algorithm - Hybrid Encryption - Hashing Algorithm - Securing the Algorithm or the Key - Hash Value and Rainbow Table - Digital Signature - PKI

Technology
1 of 28
Introduction to Cryptography and PKI Presented By: Rabei Hassan
• Rabei Hassan • CISSP-ISSAP, CCSP, CRISC, CISM, CISA, CEH, ECSA, CHFI, Security+ • MCTS, MCSE: Security, MCDBA, MCSA: Messaging • More than 18 years working experience at various IT fields • Infrastructure and Info Security Consultation and Training • IT Management • Web and Windows Application Development • Systems and Database Administration • https://au.linkedin.com/in/rabei-hassan-564b3214
Session Objectives • Cryptography and Security • Methods of Encryption and Decryption • What is an Algorithm? • Symmetric Algorithm • Asymmetric Algorithm • Hybrid Encryption • Hashing Algorithm • Securing the Algorithm or the Key • Hash Value and Rainbow Table • Digital Signature • PKI
Cryptography and Security Confidentiality Integrity Authenticity Non-Repudiation
Methods of Encryption and Decryption • Symmetric • Use ONLY One Key for encryption and decryption • Asymmetric • Use Two Keys, • One key will be used for encryption • The other key will be used for decryption. • Hashing • One-Way encryption ..!
What is an Algorithm ? • Instructions; the steps that we need to follow to do the operation. • In general, it will has two types of instructions: • Instructions for how to do the encryption • Instruction for how to do the decryption Symmetric Algorithms Encryption Instructions using Key X Step 1 - …….. Step 2 - …….. Step 3 - …….. Step 4 - …….. Decryption Instructions using Key X Step 1 - …….. Step 2 - …….. Step 3 - …….. Step 4 - …….. Asymmetric Algorithms Encryption Instructions using Key X Step 1 - …….. Step 2 - …….. Step 3 - …….. Step 4 - …….. Decryption Instructions Using Key Y Step 1 - …….. Step 2 - …….. Step 3 - …….. Step 4 - …….. Hashing Algorithms Instructions for One-Way Encryption No-KEY Step 1 - …….. Step 2 - …….. Step 3 - …….. Step 4 - …….. Plain Text Cipher Text Plain Text Hash Value
Symmetric Algorithms (1/3) • Vigenere Cipher • Plain Text : Welcome To Cryptography • Key: RAMGuide Encryption Instructions 1. Put the plain text in a raw. 2. Put the Key in a second line raw below the plain text raw. 3. If the key-size is smaller than the plain text size, then repeat it until it become the same size as the plain text. 4. According to the table on the right section, the cipher text will be the inter section between the character in the plain text raw and the character in the key raw. Plain Text W E L C O M E T O C R Y P T O G R A P H Y Key R A M G U I D E R A M G U I D E R A M G U Cipher Text N E X I . . . . . . . . . . . . . . . . . Decryption Instructions
Binary Mathematics X AND Y X OR Y X XOR Y Both values need to be true, so the output will be true. One OR Two values need to be true so the final value will be true. One and Only One value need to be true so the final value will be true.
Symmetric Algorithms (2/3) • Vernam (One-Time Pad) Cipher • Plain Text : Welcome • Key: RAMGuid Encryption Instructions 1. The key must be the same size as the plain text. 2. Put the Key in a second line raw below the plain text raw. 3. XOR between them on the bit level. Plain Text W 0101 0111 E 0100 0101 L 0100 1100 C 0100 0011 O 0100 1111 M 0100 1101 E 0100 0101 Key R 0101 0010 A 0100 0001 M 0100 1101 G 0100 0111 U 0101 0101 I 0100 1001 D 0100 0100 Cipher Text 0000 0101 0000 0100 . . . . . W 0 1 0 1 0 1 1 1 R 0 1 0 1 0 0 1 0 0 0 0 0 0 1 0 1 E 0 1 0 0 0 1 0 1 A 0 1 0 0 0 0 0 1 0 0 0 0 0 1 0 0 Decryption Instructions
Symmetric Algorithms (3/3) • DES …………………. [Key Size is …. 56-bit] • 3DES ……………….. [Key Size could be …… 112-bit …… 168-bit] • AES …………………. [Key Size could be ……. 128-bit ..… 192-bit …. 256-bit]
Asymmetric Algorithms • Will use two keys: • Public Key ……………………. [Any one can get a copy of it] • Private Key ………………….. [Maintained by the owner] • Public/Private key is for one entity/individual only. Amr Jana 1. Amr will send his Public Key to Jana 2. Jana will encrypt the message with Amr Public Key3. Jana will send the secret message to Amr 4. Amr will decrypt the secret message with his own Private Key Amr Public Key Amr Private Key Jana Private Key Amr need to receive something securely from Jana Amr Public Key
Asymmetric Algorithms • Diffie-Hellman ………..[Key Exchange] • EL Gamal …………………[Key Exchange – Encryption – Digital Signature] • RSA ………………………….[Key Exchange – Encryption – Digital Signature] • Elliptic Curve ………….. [Key Exchange – Encryption – Digital Signature]
Symmetric vs. Asymmetric Algorithms Symmetric Asymmetric Key Distribution X  Performance Fast Slow 1000 ~ 10,000 slower than Symmetric Scalability X A B C D E F 5 Keys 4 Keys 3 Keys 2 Keys 1 Key Total number of Keys = 5 + 4 + 3 + 2 + 1 = 15 6 Entities (Individuals) Symmetric 6 Entities (Individual) – each one will has two keys (Public/Private) 6 X 2 = 12 Asymmetric
Hybrid Encryption (Symmetric + Asymmetric) HTTPS://www.Amazon.com You want to Transfer your Credit-Card information securely Amazon Public Key Amazon Private Key Amazon will send its Public Key A session Symmetric Key will be generated locally on your own machine Credit Card Information The Encrypted Credit-Card Information will be transferred to Amazon.com Symmetric Key The Session Symmetric Key will be transferred one time only during the whole session
Hash Algorithm (1/2) • One-way encryption, that will generate a fixed length value. ABC Funny Hashing Algorithm  1. Get the ASCII Code of each character 2. Multiply by the position 3. Get the Sum 1. A(65) B(66) C(67) 2. 65 X 1 66X2 67X3 3. 65 + 132 + 201 398  Securing PasswordsIntegrity [File Transfer]
Hash Algorithm (2/2) • SHA1 ………………………… [160-bit] • SHA2 ………………………… [256-bit / 512-bit] • MD5 …………………………. [128-bit]
Securing the Algorithm or the Key ? • Pros/Cos of securing the algorithm • Pros/Cos of making the algorithms publicly accessible and securing only the key • The longer the key, the harder to be compromised. Algorithm Instructions Know the exact algorithm Know the exact key   4 Digits Key [0110] 0000 0001 0010 0100 1000 . . . . 2x = 24 = 16 128-bit Key = 2128 = 3.4028236692093846346337460743177e+38  Brute-force Attack Key need to be changed from time to time
Hash Value and Rainbow Table ABC  398Hashing 1. Generate “AAA” 2. Generate the Hash-Value for …… “AAA” 3. Compare the Hash-Value of ….. “AAA” …. with the stolen one “BBB” “BBB” “BBB” Value MD5 SHA1 AAA 3c01… 6f358… BBB a2c9a… bb27f… . . . . . . . . . Demo: Generate and Crack Hash Value Rainbow Table
Digital Signature Amr Jana Jan Public Key Amr Private Key Amr Public Key Jana Private Key Amr want to send something securely to Jana Modification to be detected / To be sure it is from Amr 1. Type a message “ABC” 2. Hash the message and get the hash value 3. Encrypt the hash value using the Amr Private Key ABC Hash Value ABC Hash Value Hash Value Integrity Authenticity Non-Repudiation Amr Public Key   
Public Key Infrastructure – PKI Public/Private Public/Private Public/Private Public/Private X.509 How can we transfer the Public Key / File Format
Public Key Infrastructure – PKI Public/Private Public/Private Public/Private Public/Private Certificate Authority (CA) Who Create/Generate this Certificate Public Key X.509 How can we transfer the Public Key / File Format 1. How can you trust this certificate ... ? 2. Does this site really belong to ... ? Trust A Trust B B Trust C Trust Then A will Trust B 
Public Key Infrastructure – PKI Public/Private Public/Private Public/Private Public/Private Certificate Authority (CA) Who Create/Generate this Certificate How can we transfer the Public Key / File Format 1. How can you trust this certificate ... ? 2. Does this site really belong to ... ? Does this certificate really generated by a Trusted CA ?
Public Key Infrastructure – PKI Public/Private Certificate Authority (CA) Public Key Does this certificate really generated by a Trusted CA ? Hash Value DS Hash Value Public Key Hash Value CA Public Key  Public Trusted CA Local Trusted CA Demo: Where we can find Trusted CAs
Confidentiality Integrity Authenticity Non-Repudiation Public Key Infrastructure – PKI
Hybrid Encryption (Symmetric + Asymmetric) HTTPS://www.Amazon.com You want to Transfer your Credit-Card information securely Amazon Public Key Amazon Private Key Amazon will send its Certificate (which contain its Public Key) A session Symmetric Key will be generated locally on your own machine Credit Card Information The Encrypted Credit-Card Information will be transferred to Amazon.com Symmetric Key The Session Symmetric Key will be transferred one time only during the whole session Authenticity & Confidentiality
Digital Signature Amr Jana Jan Public Key Amr Private Key Amr Public Key Jana Private Key Amr want to send something securely to Jana Modification to be detected / To be sure it is from Amr 1. Type a message “ABC” 2. Hash the message and get the hash value 3. Encrypt the hash value using the Amr Private Key ABC Hash Value ABC Hash Value Hash Value Integrity Authenticity Non-Repudiation Amr Public Key   
Public Key Infrastructure – PKI Certificate Authority (CA) Public Trusted CA Local Trusted CA Number / Location Administration Servers/Computers Users Application/Services Network Devices Certificates & Backup Confidentiality Integrity Authenticity Non-Repudiation Issue Policy and Methods Distribution Policy and Methods
Session Objectives • Cryptography and Security • Methods of Encryption and Decryption • What is an Algorithm? • Symmetric Algorithm • Asymmetric Algorithm • Hybrid Encryption • Hashing Algorithm • Securing the Algorithm or the Key • Hash Value and Rainbow Table • Digital Signature • PKI

Recommended

Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI Technology
Sylvain Maret
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
Popescu Petre
 
Cryptography
CryptographyCryptography
Cryptography
Jens Patel
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.pptUday Meena
 
A Brief History of Cryptography
A Brief History of CryptographyA Brief History of Cryptography
A Brief History of Cryptography
guest9006ab
 
Computer Security Lecture 3: Classical Encryption Techniques 2
Computer Security Lecture 3: Classical Encryption Techniques 2Computer Security Lecture 3: Classical Encryption Techniques 2
Computer Security Lecture 3: Classical Encryption Techniques 2
Mohamed Loey
 
Cryptography - 101
Cryptography - 101Cryptography - 101
Cryptography - 101
n|u - The Open Security Community
 
Cryptography and network security
Cryptography and network security Cryptography and network security
Cryptography and network security
Mahipesh Satija
 

Recommended

Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI Technology
Sylvain Maret
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
Popescu Petre
 
Cryptography
CryptographyCryptography
Cryptography
Jens Patel
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.pptUday Meena
 
A Brief History of Cryptography
A Brief History of CryptographyA Brief History of Cryptography
A Brief History of Cryptography
guest9006ab
 
Computer Security Lecture 3: Classical Encryption Techniques 2
Computer Security Lecture 3: Classical Encryption Techniques 2Computer Security Lecture 3: Classical Encryption Techniques 2
Computer Security Lecture 3: Classical Encryption Techniques 2
Mohamed Loey
 
Cryptography - 101
Cryptography - 101Cryptography - 101
Cryptography - 101
n|u - The Open Security Community
 
Cryptography and network security
Cryptography and network security Cryptography and network security
Cryptography and network security
Mahipesh Satija
 
Cryptography - A Brief History
Cryptography - A Brief HistoryCryptography - A Brief History
Cryptography - A Brief History
prasenjeetd
 
WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & Defence
Prakashchand Suthar
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network Security
Ramki M
 
5 Cryptography Part1
5 Cryptography Part15 Cryptography Part1
5 Cryptography Part1
Alfred Ouyang
 
Cryptographie
CryptographieCryptographie
CryptographieSeifallah Jardak
 
Encryption
EncryptionEncryption
Encryption
IGZ Software house
 
Cryptography
CryptographyCryptography
Cryptography
Darshini Parikh
 
Cryptography
CryptographyCryptography
Cryptography
Birmingham City University
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
saurav5884
 
Fundamentals of cryptography
Fundamentals of cryptographyFundamentals of cryptography
Fundamentals of cryptography
Hossain Md Shakhawat
 
Cryptography
CryptographyCryptography
Cryptography
amiable_indian
 
Tecnicas avanzadas de ocultamiento de malware
Tecnicas avanzadas de ocultamiento de malwareTecnicas avanzadas de ocultamiento de malware
Tecnicas avanzadas de ocultamiento de malware
Secpro - Security Professionals
 
basic encryption and decryption
basic encryption and decryption basic encryption and decryption
basic encryption and decryption
Rashmi Burugupalli
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to CryptographyBharat Kumar Katur
 
Cryptography
CryptographyCryptography
Cryptography
gueste4c97e
 
Information Security & Cryptography
Information Security & CryptographyInformation Security & Cryptography
Information Security & Cryptography
Arun ACE
 
Network Security
Network SecurityNetwork Security
Network Security
MAJU
 
public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructure
vimal kumar
 
Cryptography
CryptographyCryptography
Cryptography
EmaSushan
 
Block Ciphers and the Data Encryption Standard
Block Ciphers and the Data Encryption StandardBlock Ciphers and the Data Encryption Standard
Block Ciphers and the Data Encryption Standard
Dr.Florence Dayana
 
Enhancing System Security Using PKI
Enhancing System Security Using PKIEnhancing System Security Using PKI
Enhancing System Security Using PKI
Chin Wan Lim
 
Pki and OpenSSL
Pki and OpenSSLPki and OpenSSL
Pki and OpenSSLTony Fabeen
 

More Related Content

What's hot

Cryptography - A Brief History
Cryptography - A Brief HistoryCryptography - A Brief History
Cryptography - A Brief History
prasenjeetd
 
WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & Defence
Prakashchand Suthar
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network Security
Ramki M
 
5 Cryptography Part1
5 Cryptography Part15 Cryptography Part1
5 Cryptography Part1
Alfred Ouyang
 
Encryption
EncryptionEncryption
Encryption
IGZ Software house
 
Cryptography
CryptographyCryptography
Cryptography
Darshini Parikh
 
Cryptography
CryptographyCryptography
Cryptography
Birmingham City University
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
saurav5884
 
Fundamentals of cryptography
Fundamentals of cryptographyFundamentals of cryptography
Fundamentals of cryptography
Hossain Md Shakhawat
 
Cryptography
CryptographyCryptography
Cryptography
amiable_indian
 
Tecnicas avanzadas de ocultamiento de malware
Tecnicas avanzadas de ocultamiento de malwareTecnicas avanzadas de ocultamiento de malware
Tecnicas avanzadas de ocultamiento de malware
Secpro - Security Professionals
 
basic encryption and decryption
basic encryption and decryption basic encryption and decryption
basic encryption and decryption
Rashmi Burugupalli
 
Cryptography
CryptographyCryptography
Cryptography
gueste4c97e
 
Information Security & Cryptography
Information Security & CryptographyInformation Security & Cryptography
Information Security & Cryptography
Arun ACE
 
Network Security
Network SecurityNetwork Security
Network Security
MAJU
 
public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructure
vimal kumar
 
Cryptography
CryptographyCryptography
Cryptography
EmaSushan
 
Block Ciphers and the Data Encryption Standard
Block Ciphers and the Data Encryption StandardBlock Ciphers and the Data Encryption Standard
Block Ciphers and the Data Encryption Standard
Dr.Florence Dayana
 

What's hot (20)

Cryptography - A Brief History
Cryptography - A Brief HistoryCryptography - A Brief History
Cryptography - A Brief History
 
WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & Defence
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network Security
 
5 Cryptography Part1
5 Cryptography Part15 Cryptography Part1
5 Cryptography Part1
 
Cryptographie
CryptographieCryptographie
Cryptographie
 
Encryption
EncryptionEncryption
Encryption
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
 
Fundamentals of cryptography
Fundamentals of cryptographyFundamentals of cryptography
Fundamentals of cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Tecnicas avanzadas de ocultamiento de malware
Tecnicas avanzadas de ocultamiento de malwareTecnicas avanzadas de ocultamiento de malware
Tecnicas avanzadas de ocultamiento de malware
 
basic encryption and decryption
basic encryption and decryption basic encryption and decryption
basic encryption and decryption
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Information Security & Cryptography
Information Security & CryptographyInformation Security & Cryptography
Information Security & Cryptography
 
Network Security
Network SecurityNetwork Security
Network Security
 
public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructure
 
Cryptography
CryptographyCryptography
Cryptography
 
Block Ciphers and the Data Encryption Standard
Block Ciphers and the Data Encryption StandardBlock Ciphers and the Data Encryption Standard
Block Ciphers and the Data Encryption Standard
 

Viewers also liked

Enhancing System Security Using PKI
Enhancing System Security Using PKIEnhancing System Security Using PKI
Enhancing System Security Using PKI
Chin Wan Lim
 
Information Security Lesson 9 - Keys - Eric Vanderburg
Information Security Lesson 9 - Keys - Eric VanderburgInformation Security Lesson 9 - Keys - Eric Vanderburg
Information Security Lesson 9 - Keys - Eric Vanderburg
Eric Vanderburg
 
PKI in Korea
PKI in KoreaPKI in Korea
PKI in Korea
The World Bank
 
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish JainCIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
CloudIDSummit
 
AssureBridge - SSO to Many B2B Service Providers - Marketing presentation
AssureBridge - SSO to Many B2B Service Providers - Marketing presentationAssureBridge - SSO to Many B2B Service Providers - Marketing presentation
AssureBridge - SSO to Many B2B Service Providers - Marketing presentation
AssureBridge
 
Tutorial membuat Public Key Infrastructure
Tutorial membuat Public Key InfrastructureTutorial membuat Public Key Infrastructure
Tutorial membuat Public Key Infrastructure
Suci Rahmawati
 
Engineering Cryptographic Applications: Symmetric Encryption
Engineering Cryptographic Applications: Symmetric EncryptionEngineering Cryptographic Applications: Symmetric Encryption
Engineering Cryptographic Applications: Symmetric Encryption
David Evans
 
A CONTEMPLATION OF OPENIG DEEP THOUGHTS
A CONTEMPLATION OF OPENIG DEEP THOUGHTSA CONTEMPLATION OF OPENIG DEEP THOUGHTS
A CONTEMPLATION OF OPENIG DEEP THOUGHTS
ForgeRock
 
OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...
OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...
OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...
ForgeRock
 
OpenSSL Basic Function Call Flow
OpenSSL Basic Function Call FlowOpenSSL Basic Function Call Flow
OpenSSL Basic Function Call Flow
William Lee
 
Securing Access Through a Multi-Purpose Credential and Digital ID
Securing Access Through a Multi-Purpose Credential and Digital IDSecuring Access Through a Multi-Purpose Credential and Digital ID
Securing Access Through a Multi-Purpose Credential and Digital ID
ForgeRock
 
Webinar: OpenAM 12.0 - New Featurs
Webinar: OpenAM 12.0 - New FeatursWebinar: OpenAM 12.0 - New Featurs
Webinar: OpenAM 12.0 - New Featurs
ForgeRock
 
OpenIDM: An Introduction
OpenIDM: An IntroductionOpenIDM: An Introduction
OpenIDM: An IntroductionForgeRock
 
Identity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM ArchitectureIdentity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM Architecture
Aidy Tificate
 
Crypto With OpenSSL
Crypto With OpenSSLCrypto With OpenSSL
Crypto With OpenSSLZhi Guan
 
Information Security Management Systems(ISMS) By Dr Wafula
Information Security Management Systems(ISMS) By Dr WafulaInformation Security Management Systems(ISMS) By Dr Wafula
Information Security Management Systems(ISMS) By Dr WafulaDiscover JKUAT
 
CIS 2015 Mobile SSO
CIS 2015 Mobile SSOCIS 2015 Mobile SSO
CIS 2015 Mobile SSO
Ashish Jain
 
Enabling Data Protection through PKI encryption in IoT m-Health Devices
Enabling Data Protection through PKI encryption in IoT m-Health DevicesEnabling Data Protection through PKI encryption in IoT m-Health Devices
Enabling Data Protection through PKI encryption in IoT m-Health Devices
Charalampos Doukas
 
OpenDJ - An Introduction
OpenDJ - An IntroductionOpenDJ - An Introduction
OpenDJ - An Introduction
ForgeRock
 

Viewers also liked (20)

Enhancing System Security Using PKI
Enhancing System Security Using PKIEnhancing System Security Using PKI
Enhancing System Security Using PKI
 
Pki and OpenSSL
Pki and OpenSSLPki and OpenSSL
Pki and OpenSSL
 
Information Security Lesson 9 - Keys - Eric Vanderburg
Information Security Lesson 9 - Keys - Eric VanderburgInformation Security Lesson 9 - Keys - Eric Vanderburg
Information Security Lesson 9 - Keys - Eric Vanderburg
 
PKI in Korea
PKI in KoreaPKI in Korea
PKI in Korea
 
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish JainCIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
 
AssureBridge - SSO to Many B2B Service Providers - Marketing presentation
AssureBridge - SSO to Many B2B Service Providers - Marketing presentationAssureBridge - SSO to Many B2B Service Providers - Marketing presentation
AssureBridge - SSO to Many B2B Service Providers - Marketing presentation
 
Tutorial membuat Public Key Infrastructure
Tutorial membuat Public Key InfrastructureTutorial membuat Public Key Infrastructure
Tutorial membuat Public Key Infrastructure
 
Engineering Cryptographic Applications: Symmetric Encryption
Engineering Cryptographic Applications: Symmetric EncryptionEngineering Cryptographic Applications: Symmetric Encryption
Engineering Cryptographic Applications: Symmetric Encryption
 
A CONTEMPLATION OF OPENIG DEEP THOUGHTS
A CONTEMPLATION OF OPENIG DEEP THOUGHTSA CONTEMPLATION OF OPENIG DEEP THOUGHTS
A CONTEMPLATION OF OPENIG DEEP THOUGHTS
 
OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...
OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...
OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...
 
OpenSSL Basic Function Call Flow
OpenSSL Basic Function Call FlowOpenSSL Basic Function Call Flow
OpenSSL Basic Function Call Flow
 
Securing Access Through a Multi-Purpose Credential and Digital ID
Securing Access Through a Multi-Purpose Credential and Digital IDSecuring Access Through a Multi-Purpose Credential and Digital ID
Securing Access Through a Multi-Purpose Credential and Digital ID
 
Webinar: OpenAM 12.0 - New Featurs
Webinar: OpenAM 12.0 - New FeatursWebinar: OpenAM 12.0 - New Featurs
Webinar: OpenAM 12.0 - New Featurs
 
OpenIDM: An Introduction
OpenIDM: An IntroductionOpenIDM: An Introduction
OpenIDM: An Introduction
 
Identity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM ArchitectureIdentity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM Architecture
 
Crypto With OpenSSL
Crypto With OpenSSLCrypto With OpenSSL
Crypto With OpenSSL
 
Information Security Management Systems(ISMS) By Dr Wafula
Information Security Management Systems(ISMS) By Dr WafulaInformation Security Management Systems(ISMS) By Dr Wafula
Information Security Management Systems(ISMS) By Dr Wafula
 
CIS 2015 Mobile SSO
CIS 2015 Mobile SSOCIS 2015 Mobile SSO
CIS 2015 Mobile SSO
 
Enabling Data Protection through PKI encryption in IoT m-Health Devices
Enabling Data Protection through PKI encryption in IoT m-Health DevicesEnabling Data Protection through PKI encryption in IoT m-Health Devices
Enabling Data Protection through PKI encryption in IoT m-Health Devices
 
OpenDJ - An Introduction
OpenDJ - An IntroductionOpenDJ - An Introduction
OpenDJ - An Introduction
 

Similar to Cryptography and PKI

Network Security: Standards and Cryptography
Network Security: Standards and CryptographyNetwork Security: Standards and Cryptography
Network Security: Standards and Cryptography
Jack Davis
 
Digital signatures
Digital signaturesDigital signatures
Digital signatures
Kannan Ravindran
 
Cryptography Key Management.pptx
Cryptography Key Management.pptxCryptography Key Management.pptx
Cryptography Key Management.pptx
SurendraBasnet6
 
Digital signatures
Digital signaturesDigital signatures
Digital signatures
n|u - The Open Security Community
 
Cryptography
CryptographyCryptography
Cryptography
PPT4U
 
Introduction to encryption
Introduction to encryptionIntroduction to encryption
Introduction to encryption
faffyman
 
[CONFidence 2016] Marco Ortisi - Recover a RSA private key from a TLS session...
[CONFidence 2016] Marco Ortisi - Recover a RSA private key from a TLS session...[CONFidence 2016] Marco Ortisi - Recover a RSA private key from a TLS session...
[CONFidence 2016] Marco Ortisi - Recover a RSA private key from a TLS session...
PROIDEA
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
Harry Potter
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
James Wong
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
Young Alista
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
David Hoen
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
Tony Nguyen
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
Luis Goldster
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
Fraboni Ec
 
Data Security Essentials - JavaOne 2013
Data Security Essentials - JavaOne 2013Data Security Essentials - JavaOne 2013
Data Security Essentials - JavaOne 2013
javagroup2006
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
Seema Goel
 
Cryptography & Steganography
Cryptography & SteganographyCryptography & Steganography
Cryptography & Steganography
Animesh Shaw
 
6. cryptography
6. cryptography6. cryptography
6. cryptography7wounders
 

Similar to Cryptography and PKI (20)

Network Security: Standards and Cryptography
Network Security: Standards and CryptographyNetwork Security: Standards and Cryptography
Network Security: Standards and Cryptography
 
Digital signatures
Digital signaturesDigital signatures
Digital signatures
 
Cryptography Key Management.pptx
Cryptography Key Management.pptxCryptography Key Management.pptx
Cryptography Key Management.pptx
 
Digital signatures
Digital signaturesDigital signatures
Digital signatures
 
Cryptography
CryptographyCryptography
Cryptography
 
Introduction to encryption
Introduction to encryptionIntroduction to encryption
Introduction to encryption
 
[CONFidence 2016] Marco Ortisi - Recover a RSA private key from a TLS session...
[CONFidence 2016] Marco Ortisi - Recover a RSA private key from a TLS session...[CONFidence 2016] Marco Ortisi - Recover a RSA private key from a TLS session...
[CONFidence 2016] Marco Ortisi - Recover a RSA private key from a TLS session...
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
 
Data Security Essentials - JavaOne 2013
Data Security Essentials - JavaOne 2013Data Security Essentials - JavaOne 2013
Data Security Essentials - JavaOne 2013
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
 
Cryptography & Steganography
Cryptography & SteganographyCryptography & Steganography
Cryptography & Steganography
 
6. cryptography
6. cryptography6. cryptography
6. cryptography
 
Encryption
EncryptionEncryption
Encryption
 
Cryptography
CryptographyCryptography
Cryptography
 

Recently uploaded

Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
Frank van Harmelen
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 

Recently uploaded (20)

Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 

Cryptography and PKI

  • 1. Introduction to Cryptography and PKI Presented By: Rabei Hassan
  • 2. • Rabei Hassan • CISSP-ISSAP, CCSP, CRISC, CISM, CISA, CEH, ECSA, CHFI, Security+ • MCTS, MCSE: Security, MCDBA, MCSA: Messaging • More than 18 years working experience at various IT fields • Infrastructure and Info Security Consultation and Training • IT Management • Web and Windows Application Development • Systems and Database Administration • https://au.linkedin.com/in/rabei-hassan-564b3214
  • 3. Session Objectives • Cryptography and Security • Methods of Encryption and Decryption • What is an Algorithm? • Symmetric Algorithm • Asymmetric Algorithm • Hybrid Encryption • Hashing Algorithm • Securing the Algorithm or the Key • Hash Value and Rainbow Table • Digital Signature • PKI
  • 5. Methods of Encryption and Decryption • Symmetric • Use ONLY One Key for encryption and decryption • Asymmetric • Use Two Keys, • One key will be used for encryption • The other key will be used for decryption. • Hashing • One-Way encryption ..!
  • 6. What is an Algorithm ? • Instructions; the steps that we need to follow to do the operation. • In general, it will has two types of instructions: • Instructions for how to do the encryption • Instruction for how to do the decryption Symmetric Algorithms Encryption Instructions using Key X Step 1 - …….. Step 2 - …….. Step 3 - …….. Step 4 - …….. Decryption Instructions using Key X Step 1 - …….. Step 2 - …….. Step 3 - …….. Step 4 - …….. Asymmetric Algorithms Encryption Instructions using Key X Step 1 - …….. Step 2 - …….. Step 3 - …….. Step 4 - …….. Decryption Instructions Using Key Y Step 1 - …….. Step 2 - …….. Step 3 - …….. Step 4 - …….. Hashing Algorithms Instructions for One-Way Encryption No-KEY Step 1 - …….. Step 2 - …….. Step 3 - …….. Step 4 - …….. Plain Text Cipher Text Plain Text Hash Value
  • 7. Symmetric Algorithms (1/3) • Vigenere Cipher • Plain Text : Welcome To Cryptography • Key: RAMGuide Encryption Instructions 1. Put the plain text in a raw. 2. Put the Key in a second line raw below the plain text raw. 3. If the key-size is smaller than the plain text size, then repeat it until it become the same size as the plain text. 4. According to the table on the right section, the cipher text will be the inter section between the character in the plain text raw and the character in the key raw. Plain Text W E L C O M E T O C R Y P T O G R A P H Y Key R A M G U I D E R A M G U I D E R A M G U Cipher Text N E X I . . . . . . . . . . . . . . . . . Decryption Instructions
  • 8. Binary Mathematics X AND Y X OR Y X XOR Y Both values need to be true, so the output will be true. One OR Two values need to be true so the final value will be true. One and Only One value need to be true so the final value will be true.
  • 9. Symmetric Algorithms (2/3) • Vernam (One-Time Pad) Cipher • Plain Text : Welcome • Key: RAMGuid Encryption Instructions 1. The key must be the same size as the plain text. 2. Put the Key in a second line raw below the plain text raw. 3. XOR between them on the bit level. Plain Text W 0101 0111 E 0100 0101 L 0100 1100 C 0100 0011 O 0100 1111 M 0100 1101 E 0100 0101 Key R 0101 0010 A 0100 0001 M 0100 1101 G 0100 0111 U 0101 0101 I 0100 1001 D 0100 0100 Cipher Text 0000 0101 0000 0100 . . . . . W 0 1 0 1 0 1 1 1 R 0 1 0 1 0 0 1 0 0 0 0 0 0 1 0 1 E 0 1 0 0 0 1 0 1 A 0 1 0 0 0 0 0 1 0 0 0 0 0 1 0 0 Decryption Instructions
  • 10. Symmetric Algorithms (3/3) • DES …………………. [Key Size is …. 56-bit] • 3DES ……………….. [Key Size could be …… 112-bit …… 168-bit] • AES …………………. [Key Size could be ……. 128-bit ..… 192-bit …. 256-bit]
  • 11. Asymmetric Algorithms • Will use two keys: • Public Key ……………………. [Any one can get a copy of it] • Private Key ………………….. [Maintained by the owner] • Public/Private key is for one entity/individual only. Amr Jana 1. Amr will send his Public Key to Jana 2. Jana will encrypt the message with Amr Public Key3. Jana will send the secret message to Amr 4. Amr will decrypt the secret message with his own Private Key Amr Public Key Amr Private Key Jana Private Key Amr need to receive something securely from Jana Amr Public Key
  • 12. Asymmetric Algorithms • Diffie-Hellman ………..[Key Exchange] • EL Gamal …………………[Key Exchange – Encryption – Digital Signature] • RSA ………………………….[Key Exchange – Encryption – Digital Signature] • Elliptic Curve ………….. [Key Exchange – Encryption – Digital Signature]
  • 13. Symmetric vs. Asymmetric Algorithms Symmetric Asymmetric Key Distribution X  Performance Fast Slow 1000 ~ 10,000 slower than Symmetric Scalability X A B C D E F 5 Keys 4 Keys 3 Keys 2 Keys 1 Key Total number of Keys = 5 + 4 + 3 + 2 + 1 = 15 6 Entities (Individuals) Symmetric 6 Entities (Individual) – each one will has two keys (Public/Private) 6 X 2 = 12 Asymmetric
  • 14. Hybrid Encryption (Symmetric + Asymmetric) HTTPS://www.Amazon.com You want to Transfer your Credit-Card information securely Amazon Public Key Amazon Private Key Amazon will send its Public Key A session Symmetric Key will be generated locally on your own machine Credit Card Information The Encrypted Credit-Card Information will be transferred to Amazon.com Symmetric Key The Session Symmetric Key will be transferred one time only during the whole session
  • 15. Hash Algorithm (1/2) • One-way encryption, that will generate a fixed length value. ABC Funny Hashing Algorithm  1. Get the ASCII Code of each character 2. Multiply by the position 3. Get the Sum 1. A(65) B(66) C(67) 2. 65 X 1 66X2 67X3 3. 65 + 132 + 201 398  Securing PasswordsIntegrity [File Transfer]
  • 16. Hash Algorithm (2/2) • SHA1 ………………………… [160-bit] • SHA2 ………………………… [256-bit / 512-bit] • MD5 …………………………. [128-bit]
  • 17. Securing the Algorithm or the Key ? • Pros/Cos of securing the algorithm • Pros/Cos of making the algorithms publicly accessible and securing only the key • The longer the key, the harder to be compromised. Algorithm Instructions Know the exact algorithm Know the exact key   4 Digits Key [0110] 0000 0001 0010 0100 1000 . . . . 2x = 24 = 16 128-bit Key = 2128 = 3.4028236692093846346337460743177e+38  Brute-force Attack Key need to be changed from time to time
  • 18. Hash Value and Rainbow Table ABC  398Hashing 1. Generate “AAA” 2. Generate the Hash-Value for …… “AAA” 3. Compare the Hash-Value of ….. “AAA” …. with the stolen one “BBB” “BBB” “BBB” Value MD5 SHA1 AAA 3c01… 6f358… BBB a2c9a… bb27f… . . . . . . . . . Demo: Generate and Crack Hash Value Rainbow Table
  • 19. Digital Signature Amr Jana Jan Public Key Amr Private Key Amr Public Key Jana Private Key Amr want to send something securely to Jana Modification to be detected / To be sure it is from Amr 1. Type a message “ABC” 2. Hash the message and get the hash value 3. Encrypt the hash value using the Amr Private Key ABC Hash Value ABC Hash Value Hash Value Integrity Authenticity Non-Repudiation Amr Public Key   
  • 20. Public Key Infrastructure – PKI Public/Private Public/Private Public/Private Public/Private X.509 How can we transfer the Public Key / File Format
  • 21. Public Key Infrastructure – PKI Public/Private Public/Private Public/Private Public/Private Certificate Authority (CA) Who Create/Generate this Certificate Public Key X.509 How can we transfer the Public Key / File Format 1. How can you trust this certificate ... ? 2. Does this site really belong to ... ? Trust A Trust B B Trust C Trust Then A will Trust B 
  • 22. Public Key Infrastructure – PKI Public/Private Public/Private Public/Private Public/Private Certificate Authority (CA) Who Create/Generate this Certificate How can we transfer the Public Key / File Format 1. How can you trust this certificate ... ? 2. Does this site really belong to ... ? Does this certificate really generated by a Trusted CA ?
  • 23. Public Key Infrastructure – PKI Public/Private Certificate Authority (CA) Public Key Does this certificate really generated by a Trusted CA ? Hash Value DS Hash Value Public Key Hash Value CA Public Key  Public Trusted CA Local Trusted CA Demo: Where we can find Trusted CAs
  • 25. Hybrid Encryption (Symmetric + Asymmetric) HTTPS://www.Amazon.com You want to Transfer your Credit-Card information securely Amazon Public Key Amazon Private Key Amazon will send its Certificate (which contain its Public Key) A session Symmetric Key will be generated locally on your own machine Credit Card Information The Encrypted Credit-Card Information will be transferred to Amazon.com Symmetric Key The Session Symmetric Key will be transferred one time only during the whole session Authenticity & Confidentiality
  • 26. Digital Signature Amr Jana Jan Public Key Amr Private Key Amr Public Key Jana Private Key Amr want to send something securely to Jana Modification to be detected / To be sure it is from Amr 1. Type a message “ABC” 2. Hash the message and get the hash value 3. Encrypt the hash value using the Amr Private Key ABC Hash Value ABC Hash Value Hash Value Integrity Authenticity Non-Repudiation Amr Public Key   
  • 27. Public Key Infrastructure – PKI Certificate Authority (CA) Public Trusted CA Local Trusted CA Number / Location Administration Servers/Computers Users Application/Services Network Devices Certificates & Backup Confidentiality Integrity Authenticity Non-Repudiation Issue Policy and Methods Distribution Policy and Methods
  • 28. Session Objectives • Cryptography and Security • Methods of Encryption and Decryption • What is an Algorithm? • Symmetric Algorithm • Asymmetric Algorithm • Hybrid Encryption • Hashing Algorithm • Securing the Algorithm or the Key • Hash Value and Rainbow Table • Digital Signature • PKI

Editor's Notes

  1. I need to cover Internet Footprint and Offline Footprint
  2. https://crackstation.net/ http://www.fileformat.info/tool/hash.htm
  3. http://pubs.vmware.com/view-52/index.jsp?topic=%2Fcom.vmware.view.certificates.doc%2FGUID-3A8CFE07-0A1A-4AB1-B2B6-41DA8E592EFB.html Tell them first that we need to get a public/private key for each person, computer, device, service/application Now we need to transfer this public key to the recipient, what will the format of the file that will hold the public key. Move the certificate from the CA to the webserver and then to the client How the client can trust that this certificate really came from a CA
  4. http://pubs.vmware.com/view-52/index.jsp?topic=%2Fcom.vmware.view.certificates.doc%2FGUID-3A8CFE07-0A1A-4AB1-B2B6-41DA8E592EFB.html Tell them first that we need to get a public/private key for each person, computer, device, service/application Now we need to transfer this public key to the recipient, what will the format of the file that will hold the public key. Move the certificate from the CA to the webserver and then to the client How the client can trust that this certificate really came from a CA
  5. http://pubs.vmware.com/view-52/index.jsp?topic=%2Fcom.vmware.view.certificates.doc%2FGUID-3A8CFE07-0A1A-4AB1-B2B6-41DA8E592EFB.html Tell them first that we need to get a public/private key for each person, computer, device, service/application Now we need to transfer this public key to the recipient, what will the format of the file that will hold the public key. Move the certificate from the CA to the webserver and then to the client How the client can trust that this certificate really came from a CA
  6. Certmgr.msc
  7. http://pubs.vmware.com/view-52/index.jsp?topic=%2Fcom.vmware.view.certificates.doc%2FGUID-3A8CFE07-0A1A-4AB1-B2B6-41DA8E592EFB.html Tell them first that we need to get a public/private key for each person, computer, device, service/application Now we need to transfer this public key to the recipient, what will the format of the file that will hold the public key. Move the certificate from the CA to the webserver and then to the client How the client can trust that this certificate really came from a CA