This document provides an overview of cryptography concepts including symmetric and asymmetric key algorithms, cryptographic hashes, and tools for cryptanalysis. It defines common terminology like plaintext, ciphertext, encryption, and decryption. Symmetric algorithms discussed include the Vernam cipher, A5/1, DES, AES, and RC4. Asymmetric algorithms covered are RSA and Diffie-Hellman key exchange. Cryptographic hashes like MD5 and SHA-1 are also summarized along with resources for cryptanalysis.
Project consists of individual modules of encryption and decryption units. Standard T-DES algorithm is implemented. Presently working on to integrate DES with AES to develop stronger crypto algorithm and test the same against Side Channel Attacks and compare different algorithms.
Project consists of individual modules of encryption and decryption units. Standard T-DES algorithm is implemented. Presently working on to integrate DES with AES to develop stronger crypto algorithm and test the same against Side Channel Attacks and compare different algorithms.
Information and network security 18 modern techniques block ciphersVaibhav Khanna
The block cipher processes fixed-size blocks simultaneously, as opposed to a stream cipher, which encrypts data one bit at a time. Most modern block ciphers are designed to encrypt data in fixed-size blocks of either 64 or 128 bits
In cryptography, a block cipher is a deterministic algorithm operating on ... Systems as a means to effectively improve security by combining simple operations such as .... Finally, the cipher should be easily cryptanalyzable, such that it can be ...
Advanced Encryption Standard (AES) with Dynamic Substitution BoxHardik Manocha
AES algorithm has been stated as secure against any attack but increasing fast computing is making hackers to develop the cracks for AES as well. Therefore to further increase the security of AES, i tried to replace Standard static and fixed Substitution Box with a dynamic S Box. Dynamicity is brought with the help of Input key. Static S box is altered using the input key and the new generated s box is used for encryption. Reverse steps goes for Decryption. Presently, working on to test this design against Side Channel attacks and would publish the results here.
A brief overview of historical cryptography, moving into modern methods and a few How-To examples for PHP.
Talk given to @phpbelfast PHP User Group - Feb 2014 by @faffyman
This PPT explains about the term "Cryptography - Encryption & Decryption".
This PPT is for beginners and for intermediate developers who want to learn about Cryptography.
I have also explained some famous ciphers like AES, DES and RSA.
Do not forget to like.
Information and network security 18 modern techniques block ciphersVaibhav Khanna
The block cipher processes fixed-size blocks simultaneously, as opposed to a stream cipher, which encrypts data one bit at a time. Most modern block ciphers are designed to encrypt data in fixed-size blocks of either 64 or 128 bits
In cryptography, a block cipher is a deterministic algorithm operating on ... Systems as a means to effectively improve security by combining simple operations such as .... Finally, the cipher should be easily cryptanalyzable, such that it can be ...
Advanced Encryption Standard (AES) with Dynamic Substitution BoxHardik Manocha
AES algorithm has been stated as secure against any attack but increasing fast computing is making hackers to develop the cracks for AES as well. Therefore to further increase the security of AES, i tried to replace Standard static and fixed Substitution Box with a dynamic S Box. Dynamicity is brought with the help of Input key. Static S box is altered using the input key and the new generated s box is used for encryption. Reverse steps goes for Decryption. Presently, working on to test this design against Side Channel attacks and would publish the results here.
A brief overview of historical cryptography, moving into modern methods and a few How-To examples for PHP.
Talk given to @phpbelfast PHP User Group - Feb 2014 by @faffyman
This PPT explains about the term "Cryptography - Encryption & Decryption".
This PPT is for beginners and for intermediate developers who want to learn about Cryptography.
I have also explained some famous ciphers like AES, DES and RSA.
Do not forget to like.
Cryptography and network security Nit701Amit Pathak
Cryptography and network security descries the security parameter with the help of public and private key. Digital signature is one of the most important area which we apply in our daily life for transferring the data.
Overview on Cryptography and Network SecurityDr. Rupa Ch
These slides give some overview on the the concepts which were in Crytography and network security. I have prepared these slides by the experiece after refer the text bbok as well as resources from the net. Added figures directly from the references. I would like to acknowledge all the authors by originally.
For a college course -- CNIT 141: Cryptography for Computer Networks, at City College San Francisco
Based on "Serious Cryptography: A Practical Introduction to Modern Encryption", by Jean-Philippe Aumasson, No Starch Press (November 6, 2017), ISBN-10: 1593278268 ISBN-13: 978-1593278267
Instructor: Sam Bowne
More info: https://samsclass.info/141/141_S19.shtml
For a college course -- CNIT 141: Cryptography for Computer Networks, at City College San Francisco
Based on "Serious Cryptography: A Practical Introduction to Modern Encryption", by Jean-Philippe Aumasson, No Starch Press (November 6, 2017), ISBN-10: 1593278268 ISBN-13: 978-1593278267
Instructor: Sam Bowne
More info: https://samsclass.info/141/141_S19.shtml
Slides from the presentation "Modern Cryptography" delivered at Deovxx UK 2013. See Parleys.com for the full video https://www.parleys.com/speaker/5148920c0364bc17fc5697a5
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Enhancing Performance with Globus and the Science DMZGlobus
ESnet has led the way in helping national facilities—and many other institutions in the research community—configure Science DMZs and troubleshoot network issues to maximize data transfer performance. In this talk we will present a summary of approaches and tips for getting the most out of your network infrastructure using Globus Connect Server.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
3. TERMINOLOGY
• Cryptology-Art and science of making
“secret codes”.
• Cryptography- The practice and study
of hiding information.
• Cryptanalysis-Art of finding some
weakness and insecurity in a
cryptographic scheme.
4. CRYPTOGRAPHIC TERMINOLOGY
• Plain text-The format of the data before being
encrypted.
• Cipher Text-The “scrambled” format of data after
being encrypted.
• Key-A secret value used during the encryption
and decryption process
• Encryption-Method of transforming plain text into
an unreadable format
• Decryption-Method of obtaining the encrypted
message back to its original form.
8. TYPES OF SYMMETRIC CIPHERS
• Stream ciphers
– Encrypts one bit/character at a time
• Block ciphers
– Break plaintext message in equal-size
blocks
– Encrypts each block as a unit
9. SUBSTITUTION CIPHER
• Substituting by a character “key” places ahead of the current
character
a)Monoalphabetic cipher (Stream cipher)
• Eg. PlainText : THIS IS AN EASY TASK
• Key : 3
• Encryption : WKLV LV DQ HDVB WDVN
b) Polyalphabetic cipher (Block cipher)
• Eg : THIS IS AN EASY TASK.
• Make group of 3 characters and a set of keys used could be 135.
THI SIS ANE…
Encryption : UKN TLX…
10. TRANSPOSITION CIPHER
• Transposition ciphers use the letters of the plaintext
message, but they permute the order of the letters.
Encrypt : hello my dear friend
Key: 2143
1. Remove spaces
2. Divide the text into blocks of 4 characters.
3. Add bogus character(s) at the end(if reqiured).
hello myde arfr iend
Ciphertext: ehol ymed rarf eidn
After decryption : hello myde arfr iend
11. VERNAM CIPHER
• Each character from the plaintext is encrypted by a modular addition
which a number from the secret random key pad which is of the
same length as the plain text.
Step 1: Convert the letters to their numeric equivalents
V E R N A M C I P H E R
21 4 17 13 0 12 2 8 15 7 4 17
Assume the random 2 digit no. series (key)
76 48 16 82 44 03 58 11 60 05 10 88
Step 2: Add the numeric equivalent and the corresponding
random no.
Random no + numeric equivalent =sum
Sum 97 52 33 95 44 15 60 19 75 12 14 105
12. VERNAM CIPHER
Step 3 : Perform sum mod 26
19 0 7 17 18 15 8 19 23 12 14 1
Ciphertext ----
t a h r s p i t x m o b
Decryption
Step 1
a = (numeric equivalent of ciphertext - key)
Step 2
a mod 26
(if a negative then keep adding 26 till you get a positive no.)
Step 3
Convert numeric equivalent back to alphabet
13. A5/1 STREAM CIPHER
• GSM uses A5/1 as a cryptographic
algorithm.
• Phone communication in GSM is done
as a sequence of 228 bit frames.
• A5/1 creates a bit stream of 228 bits in
a 228 bit buffer which is EX-Ored with
228 bits of plain text to generate the
ciphertext.
15. A5/1 STREAM CIPHER
• It was initially kept secret, but became
public knowledge through leaks
and reverse engineering.
• COPACOBANA was the first
commercially available solution to
break the cipher.
16. RC4 STREAM CIPHER
• Most widely used stream cipher used in
popular protocols such as Secure
Sockets Layer (SSL) (to protect Internet
traffic) and WEP (to secure wireless
networks).
• Designed by Ron Rivest in 1984.
• Hence the name RC4( Rivest cipher 4).
• Fluhrer, Mantin and Shamir attack AND
Klein's Attack are a few attempts.
17. RC4 STREAM CIPHER
• Consists of 2 parts: Key Scheduling
Algorithm (KSA) & Pseudo-Random
Generation Algorithm
• 8 bits of the plain text is Exored with a
byte of the key to produce a byte of
ciphertext.
• Key stream is a a sequence of bytes(
can contain 1-256 bytes).
18. DATA ENCRYPTION
STANDARD (DES)
• Modern symmetric key block cipher.
• Developed by IBM and then published
by National Institute of standards and
technology(NIST).
• Vulnerable only because of its small
key length.
• Often used in VPN servers.
19. DES ALGORITHM
• DES is a Feistel cipher
– 64 bit block length
– 56 bit key length
– 16 rounds
– 48 bits of key used each
round (subkey)
• Each round is simple
(for a block cipher)
• Security depends
primarily on “S-boxes”
– Each S-boxes maps 6 bits
to 4 bits
20. L R key
32 28 28
expand shift shift One
48 28 28
Round
32 Ki
48
of
48 compress
S-boxes
28 28 DES
32
P box
32
32
32
key
L R
21. DES ATTACKS
• Brute force attack
• Differential cryptanalysis
• Linear cryptanalysis
• Improved Davies' attack
• distributed.net and the Electronic Frontier
Foundation collaborated to publicly
break a DES key in 22 hours and 15
minutes
• Now replaced by AES
22. ADVANCED ENCRYPTION STANDARD
(AES)
• Replacement for DES
• AES competition (late 90’s)
– NSA openly involved
– Transparent process
– Many strong algorithms proposed
– Rijndael Algorithm ultimately selected
• Iterated block cipher (like DES)
• Not a Feistel cipher (unlike DES)
• 3 versions are : AES - 128
AES - 192
AES – 256
• Used in Open SSL and WPA2
23. AES OVERVIEW
• Block size: 128, 192 or 256 bits
• Key length: 128, 192 or 256
bits (independent of block
size)
• 10 to 14 rounds (depends on
key length)
• Each round uses 4 functions
(in 3 “layers”)
– ByteSub (nonlinear layer)
– ShiftRow (linear mixing
layer)
– MixColumn (nonlinear
layer)
– AddRoundKey (key
addition layer)
26. RSA
• The most common public-key algorithm is the RSA
cryptosystem, named for its inventors (Rivest, Shamir, and
Adleman).
• Applications
1. To protect web traffic, in the SSL protocol (Security
Socket Layer),
2. To guarantee email privacy and authenticity in PGP
(Pretty Good Privacy)
3. To guarantee remote connection in SSH (Secure Shell)
4. Furthermore it plays an important role in the modern
payment systems through SET protocol (Secure
Electronic Transaction).
27. ALGORITHM
• Let p and q be two large prime numbers
• Let N = pq be the modulus
• Find ф(n)=(p-1).(q-1)
• Choose e such that it is relatively prime to ф(n).
• Choose d such that : e x d mod ф(n)=1
• Public key is (N,e)
• Private key is d
• To encrypt message M compute
– C = Me mod N
• To decrypt C compute
– M = Cd mod N
28. RSA ATTACKS
• Factoring the Public Key
To make RSA secure recommended
size of p and q is 512 bits(154 decimal
digits).
This makes n 1024 bits.
• Guessing d
• Cycle Attack
• Common Modulus
29. Diffie Hellman
• Invented by Williamson (GCHQ)
and, independently, by D and H (Stanford)
• A “key exchange” algorithm
– Used to establish a shared symmetric key
- Not for encrypting or signing but for
exchanging keys.
30. 1. P is very large prime no and g is its primitive root.
2. Alice chooses a large random no. x such that 0<= x <= p-1 and calculates
R1= gx mod p.
3. Bob chooses another large random no. y such that 0<= y <= p-1 and
calculates R2=gy mod p.
4. Alice sends R1 to Bob. Alice does not send x; she only sends R1.
5. Bob sends R2 to Alice. Bob does not send y; he only sends R2.
6. Alice calculates K= (R2)x mod p.
7. Bob calculates K= (R1)y mod p.
31. ATTACKS
1. Discrete logarithm attack
Intruder can intercept R1 and R2. If
he can find x from R1=gx mod p and
y from R2=gy mod p then he can
calculate k=gxy mod p
2. Man in the middle attack.
32. SOME CRYPTOGRAPHIC HASHES
a) MD5(Message Digest 5)
• Developed by Ron Rivest of MIT.
• Was the mostly used secure hash algorithm till
it was cracked.
• Takes an input msg of arbitrary length and
produces as output a 128-bit message digest.
• The input is processed in 512-bit block.
• Attacks possible on MD5 are Bruteforce and
Fast collision attacks.
33. SOME CRYPTOGRAPHIC HASHES
b) SHA-1(Secure hash algorithm)
• Developed by NIST(National Institute of
standards and technology).
SHA-1 Logic :
• The algorithm takes as input a message with a
maximum length of less than 264 bits and
produces a 160-bit message digest.
• The input is processed in 512-bit blocks.
34. TOOLS FOR CRYPTANALYSTS
• Ganzúa-A cryptanalysis tool for
classical ciphers
• EverCrack - Open Source
Cryptanalysis Engine
• Lepton's Crack
• Online crackers
35. SOME RESOURCES
• CRYPTOGRAPHY CLASS BY STANFORD
http://www.crypto-class.org/
• Awesome videos
http://www.intypedia.com/
• CRYPTOGRAPHY AND NETWORK SECURITY
-BEHEROUZ A FOROUZAN