Cryptography
2
⚫Definition
⚫ It is an ancientartand scienceof writing in secret message.
⚫ Cryptographycomes from Greek word “crypto “ means hiding
and “Graphy” meanswriting
⚫ It is theartof achieving security byencoding messages to
make them non readable.
Cryptography
3
⚫Purposeof Cryptography
⚫Authentication
⚫Privacy/confidentiality
⚫Integrity
⚫Non-repudiation
Cryptography
⚫Stepsof cryptography
4
Cryptography
5
⚫Terminologies
⚫ Encryption
⚫ It is the process of transforming information so it is unintelligible to
anyone but the intended recipient.
⚫ Decryption
⚫ It is the process of transforming encrypted information so that it is
intelligible again.
⚫ Plaintext
⚫ the message to be transmitted orstored.
⚫ Ciphertext
⚫ the disguised message orencrypted message
⚫ Algorithm
⚫ The mathematical formula used forencryption and decryption
⚫ Cipher
⚫ Algorithm used forencryption and decryption
⚫ Key
⚫ Value used by algorithm toencryptand decrypt
Cryptography
6
⚫Applicationof Cryptography
⚫Securecommunication:
⚫ Topreventeavesdropping-wartimecommunication and business
transactions.
⚫Identification & Authentication:
⚫ Checking the integrity
⚫Secretsharing / data hiding:
⚫ Hide something that has been written.
⚫E-commerce / E-payment:
⚫Certification:
⚫ Certification is a scheme by which trusted agents such as
certifying authoritiesguarantee forunknownagents , such as
users.
Cryptography
7
⚫Applicationof Cryptography
⚫Keyrecovery:
⚫ It is a technology thatallows a key to be revealed undercertain
circumstanceswithout theownerof the key revealing it.
⚫Remoteaccess:
⚫ Passwords givesa level of security forsecureaccess.
⚫Cell phone:
⚫ Preventpeople from stealing cell phone nos. , accesscodeor
eavesdropping.
⚫Access control:
⚫ Regulateaccess to satelliteand cableTV
Cryptography
8
⚫ Terminologies
⚫ Cryptanalysis
⚫ Cryptanalysis (from the Greek kryptós, "hidden", and analýein,
"to loosen“ ) is the study of analyzing information system in
orderto study the hiddenaspects of thesystems.
⚫ breaking “secretcodes”
⚫ Cryptology
⚫ Cryptology (from Greek kryptós, "hidden, secret“, and logia,
"study“) is thestudyof cryptography and cryptanalysis
⚫ Theartand scienceof making and breaking “secretcodes”
Cryptography
9
⚫Characteristics of Cryptographic System:
⚫The typeof operations used fortransforming plaintext
tociphertext.
⚫The numberof keys used
⚫Theway in which the plaintext is processed.
Cryptography
10
⚫Typesof Cryptography
⚫ Secret –key Cryptography(Symmetric keycryptography)
⚫ Single key is used for both encryption and decryption.
⚫ Public key Cryptography(Asymmetric keycryptography)
⚫ Uses one key forencryption and anther fordecryption.
⚫ Hash function
⚫ It uses a mathematical transformation to irreversibly “encrypt”
information.
Cryptography
11
⚫Classical encryption(symmetric key cryptography)
techniques
⚫Substitution
⚫ Replacing an elementof plain text bycipher text
⚫Transposition
⚫ Rearranging theorderof appearanceof theelementsof the
plaintext.
STEGANOGRAPHY
12
⚫Steganography is the science of hiding information by
embedding the hidden(secret) message within a cover
media.
⚫It works by replacing bits of useless or unused data in
regular computer files with bits of different, invisible
information.
⚫Itused sometimewhen encryption is not permitted.
⚫Steganographic process
Stego medium = cover media + hidden data + stego key
STEGANOGRAPHY
13
⚫Different techniquesof Steganography:
⚫ Character marking
⚫Invisible ink
⚫Pin punctures
⚫Typewritercorrection ribbon
STEGANOGRAPHY
14
⚫Advantagesof Steganography:
⚫ used to transfersensitive data
⚫We can hide secrete messagewith graphic images.
⚫Provides highsecurity
CRYPTOGRAPHY
15
⚫Symmetric cipher /secrete keycryptography
⚫Senderand recipient share a same key forencryption
and decryption
⚫Theencryption algorithm is divided into two types
⚫ Block Cipher
⚫ Stream Cipher
CRYPTOGRAPHY
16
⚫ Advantagesof Symmetric cipher /secrete key
cryptography
⚫It is faster
⚫While transmission thechances of data being decrypted
is null
⚫Uses password authentication to prove the receivers
identity
CRYPTOGRAPHY
17
⚫ Disadvantagesof Symmetric cipher /secrete key
cryptography
⚫Issueof key transportation
⚫Itcannot providedigital signature thatcannot be
repudiated.
CRYPTOGRAPHY
18
⚫Asymmetriccipher /secrete key cryptography
⚫A pairof key is used to encrypt and decrypt.
⚫With asymmetric cryptography, the sender encrypts data
with one key, and the recipient uses a different key to
decrypt cipher text.
⚫Encrypt data using public keyand decrypt data using
private key.
CRYPTOGRAPHY
19
⚫AdvantagesAsymmetriccipher/secrete key
cryptography
⚫ Eliminating the keydistribution problem
⚫ Increased security
⚫ Itcan providedigital signatures thatcan be repudiated.
⚫Advantages Asymmetriccipher/secrete key
cryptography
⚫ Faster methodsareavailable.
Symmetric Encryption
Common Symmetric Encryption Algorithms are widely used in
securing data and communications.
Examples of these algorithms include Advanced Encryption Standard
(AES), Data Encryption Standard (DES), Triple Data Encryption
Standard (3DES), and Blowfish.
Public Key Cryptography -
Asymmetric
 One of the keys allocated to each person is called the "public
key", and is published in an open directory somewhere where
anyone can easily look it up, for example by email address.
 Each entity has 2 keys:
 Private Key (a secret)
 Public key (well known).
Using Keys
 Private keys are used for decrypting.
 Public keys are used for encrypting.
Process
Hash functions
 Is a type of one-way function this are fundamental for much of
cryptography.
 A one way function - is a function that is easy to calculate but
hard to invert.
 It is difficult to calculate the input to the function given its
output.
 The precise meanings of "easy" and "hard" can be specified
mathematically. With rare exceptions, almost the entire field of
public key cryptography rests on the existence of one-way
functions.
DIGITAL SIGNATURE
25
⚫A digital signature is an electronicsignature thatcan be
used to authenticate the identity of the sender of a
message.
⚫It is a mathematical scheme fordemonstrating the
authenticityof adigital messageordocument.
⚫Each signatory has theirown paired publicand private key
DIGITAL SIGNATURE
26
⚫Itconsists threealgorithms:
⚫A digital signaturegeneration algorithm:
⚫ Itconsistsof a (mathematical) digital signaturegeneration
algorithm
⚫ Randomly producesa keypair( public and private)
⚫ A signing algorithm:
⚫ Produces a signature
⚫A digital signatureverification algorithm
⚫ Itconsistsof averification algorithm, along with a method for
recovering data from the message.
DIGITAL SIGNATURE
Message
27
Messagedigest
Hash function
Digital Signature
Sendersprivate key
Conceptof digital signature
DIGITAL SIGNATURE
⚫Working of digital signature
28
DIGITAL SIGNATURE
29
⚫Advantagesof Digital Signature
⚫Imposter prevention
⚫Message integrity
⚫Legal requirement
⚫Disadvantagesof Digital Signature:
⚫Digital signature involves the primaryavenue forany
business is money
Encrypting File System
• Protects sensitive data on computers and laptops from
physical theft.
• Encryption at a lower level that all applications can use.
• EFS introduced from Windows 2000
• Tied to the NTFS file system
• Encrypt individual files or folders
Encrypting File System
• Data encrypted with
symmetric file encryption
key (FEK)
• DESX, 3DES, AES
• Cipher block chaining
• FEK encrypted with user’s
public key (RSA)
• Recovery Agent in case user
private key lost
Header
Version
Checksum
Data
Decryption
Field
DDF Key Entry 1
…
DDF Key Entry n
Data
Recovery
Field
DRF Key Entry 1
…
DRF Key Entry n
User SID
Container Name
Provider Name
EFS Certificate Hash
Encrypted FEK
Key Entry:
Full Volume Encryption
• Encryption at the block driver level underneath
file system.
• Everything in the volume is encrypted.
• BitLocker in windows
• BitLocker takes advantage of Trusted Platform
Module (TPM)
• Top level root key sealed in TPM
• Root key encrypts disk encryption key, which encrypts sector
data
BitLocker
• Secure Startup
• Ensures boot integrity of the Windows volume before unsealing root key.
• Verifies none of the boot code or critical system files have been tampered
with offline.
• Taking measurements of critical information at each step of the boot
process.
• Compare hash of measurements to hash of known secure system.
• Recovery mechanism – removable storage or password
• BitLocker and EFS not mutually exclusive
• BitLocker can protect system volume and root keys.
• EFS can provide file granularity and multiple user control.

cryptography-Final.pptx

  • 2.
    Cryptography 2 ⚫Definition ⚫ It isan ancientartand scienceof writing in secret message. ⚫ Cryptographycomes from Greek word “crypto “ means hiding and “Graphy” meanswriting ⚫ It is theartof achieving security byencoding messages to make them non readable.
  • 3.
  • 4.
  • 5.
    Cryptography 5 ⚫Terminologies ⚫ Encryption ⚫ Itis the process of transforming information so it is unintelligible to anyone but the intended recipient. ⚫ Decryption ⚫ It is the process of transforming encrypted information so that it is intelligible again. ⚫ Plaintext ⚫ the message to be transmitted orstored. ⚫ Ciphertext ⚫ the disguised message orencrypted message ⚫ Algorithm ⚫ The mathematical formula used forencryption and decryption ⚫ Cipher ⚫ Algorithm used forencryption and decryption ⚫ Key ⚫ Value used by algorithm toencryptand decrypt
  • 6.
    Cryptography 6 ⚫Applicationof Cryptography ⚫Securecommunication: ⚫ Topreventeavesdropping-wartimecommunicationand business transactions. ⚫Identification & Authentication: ⚫ Checking the integrity ⚫Secretsharing / data hiding: ⚫ Hide something that has been written. ⚫E-commerce / E-payment: ⚫Certification: ⚫ Certification is a scheme by which trusted agents such as certifying authoritiesguarantee forunknownagents , such as users.
  • 7.
    Cryptography 7 ⚫Applicationof Cryptography ⚫Keyrecovery: ⚫ Itis a technology thatallows a key to be revealed undercertain circumstanceswithout theownerof the key revealing it. ⚫Remoteaccess: ⚫ Passwords givesa level of security forsecureaccess. ⚫Cell phone: ⚫ Preventpeople from stealing cell phone nos. , accesscodeor eavesdropping. ⚫Access control: ⚫ Regulateaccess to satelliteand cableTV
  • 8.
    Cryptography 8 ⚫ Terminologies ⚫ Cryptanalysis ⚫Cryptanalysis (from the Greek kryptós, "hidden", and analýein, "to loosen“ ) is the study of analyzing information system in orderto study the hiddenaspects of thesystems. ⚫ breaking “secretcodes” ⚫ Cryptology ⚫ Cryptology (from Greek kryptós, "hidden, secret“, and logia, "study“) is thestudyof cryptography and cryptanalysis ⚫ Theartand scienceof making and breaking “secretcodes”
  • 9.
    Cryptography 9 ⚫Characteristics of CryptographicSystem: ⚫The typeof operations used fortransforming plaintext tociphertext. ⚫The numberof keys used ⚫Theway in which the plaintext is processed.
  • 10.
    Cryptography 10 ⚫Typesof Cryptography ⚫ Secret–key Cryptography(Symmetric keycryptography) ⚫ Single key is used for both encryption and decryption. ⚫ Public key Cryptography(Asymmetric keycryptography) ⚫ Uses one key forencryption and anther fordecryption. ⚫ Hash function ⚫ It uses a mathematical transformation to irreversibly “encrypt” information.
  • 11.
    Cryptography 11 ⚫Classical encryption(symmetric keycryptography) techniques ⚫Substitution ⚫ Replacing an elementof plain text bycipher text ⚫Transposition ⚫ Rearranging theorderof appearanceof theelementsof the plaintext.
  • 12.
    STEGANOGRAPHY 12 ⚫Steganography is thescience of hiding information by embedding the hidden(secret) message within a cover media. ⚫It works by replacing bits of useless or unused data in regular computer files with bits of different, invisible information. ⚫Itused sometimewhen encryption is not permitted. ⚫Steganographic process Stego medium = cover media + hidden data + stego key
  • 13.
    STEGANOGRAPHY 13 ⚫Different techniquesof Steganography: ⚫Character marking ⚫Invisible ink ⚫Pin punctures ⚫Typewritercorrection ribbon
  • 14.
    STEGANOGRAPHY 14 ⚫Advantagesof Steganography: ⚫ usedto transfersensitive data ⚫We can hide secrete messagewith graphic images. ⚫Provides highsecurity
  • 15.
    CRYPTOGRAPHY 15 ⚫Symmetric cipher /secretekeycryptography ⚫Senderand recipient share a same key forencryption and decryption ⚫Theencryption algorithm is divided into two types ⚫ Block Cipher ⚫ Stream Cipher
  • 16.
    CRYPTOGRAPHY 16 ⚫ Advantagesof Symmetriccipher /secrete key cryptography ⚫It is faster ⚫While transmission thechances of data being decrypted is null ⚫Uses password authentication to prove the receivers identity
  • 17.
    CRYPTOGRAPHY 17 ⚫ Disadvantagesof Symmetriccipher /secrete key cryptography ⚫Issueof key transportation ⚫Itcannot providedigital signature thatcannot be repudiated.
  • 18.
    CRYPTOGRAPHY 18 ⚫Asymmetriccipher /secrete keycryptography ⚫A pairof key is used to encrypt and decrypt. ⚫With asymmetric cryptography, the sender encrypts data with one key, and the recipient uses a different key to decrypt cipher text. ⚫Encrypt data using public keyand decrypt data using private key.
  • 19.
    CRYPTOGRAPHY 19 ⚫AdvantagesAsymmetriccipher/secrete key cryptography ⚫ Eliminatingthe keydistribution problem ⚫ Increased security ⚫ Itcan providedigital signatures thatcan be repudiated. ⚫Advantages Asymmetriccipher/secrete key cryptography ⚫ Faster methodsareavailable.
  • 20.
    Symmetric Encryption Common SymmetricEncryption Algorithms are widely used in securing data and communications. Examples of these algorithms include Advanced Encryption Standard (AES), Data Encryption Standard (DES), Triple Data Encryption Standard (3DES), and Blowfish.
  • 21.
    Public Key Cryptography- Asymmetric  One of the keys allocated to each person is called the "public key", and is published in an open directory somewhere where anyone can easily look it up, for example by email address.  Each entity has 2 keys:  Private Key (a secret)  Public key (well known).
  • 22.
    Using Keys  Privatekeys are used for decrypting.  Public keys are used for encrypting.
  • 23.
  • 24.
    Hash functions  Isa type of one-way function this are fundamental for much of cryptography.  A one way function - is a function that is easy to calculate but hard to invert.  It is difficult to calculate the input to the function given its output.  The precise meanings of "easy" and "hard" can be specified mathematically. With rare exceptions, almost the entire field of public key cryptography rests on the existence of one-way functions.
  • 25.
    DIGITAL SIGNATURE 25 ⚫A digitalsignature is an electronicsignature thatcan be used to authenticate the identity of the sender of a message. ⚫It is a mathematical scheme fordemonstrating the authenticityof adigital messageordocument. ⚫Each signatory has theirown paired publicand private key
  • 26.
    DIGITAL SIGNATURE 26 ⚫Itconsists threealgorithms: ⚫Adigital signaturegeneration algorithm: ⚫ Itconsistsof a (mathematical) digital signaturegeneration algorithm ⚫ Randomly producesa keypair( public and private) ⚫ A signing algorithm: ⚫ Produces a signature ⚫A digital signatureverification algorithm ⚫ Itconsistsof averification algorithm, along with a method for recovering data from the message.
  • 27.
    DIGITAL SIGNATURE Message 27 Messagedigest Hash function DigitalSignature Sendersprivate key Conceptof digital signature
  • 28.
    DIGITAL SIGNATURE ⚫Working ofdigital signature 28
  • 29.
    DIGITAL SIGNATURE 29 ⚫Advantagesof DigitalSignature ⚫Imposter prevention ⚫Message integrity ⚫Legal requirement ⚫Disadvantagesof Digital Signature: ⚫Digital signature involves the primaryavenue forany business is money
  • 30.
    Encrypting File System •Protects sensitive data on computers and laptops from physical theft. • Encryption at a lower level that all applications can use. • EFS introduced from Windows 2000 • Tied to the NTFS file system • Encrypt individual files or folders
  • 31.
    Encrypting File System •Data encrypted with symmetric file encryption key (FEK) • DESX, 3DES, AES • Cipher block chaining • FEK encrypted with user’s public key (RSA) • Recovery Agent in case user private key lost Header Version Checksum Data Decryption Field DDF Key Entry 1 … DDF Key Entry n Data Recovery Field DRF Key Entry 1 … DRF Key Entry n User SID Container Name Provider Name EFS Certificate Hash Encrypted FEK Key Entry:
  • 32.
    Full Volume Encryption •Encryption at the block driver level underneath file system. • Everything in the volume is encrypted. • BitLocker in windows • BitLocker takes advantage of Trusted Platform Module (TPM) • Top level root key sealed in TPM • Root key encrypts disk encryption key, which encrypts sector data
  • 33.
    BitLocker • Secure Startup •Ensures boot integrity of the Windows volume before unsealing root key. • Verifies none of the boot code or critical system files have been tampered with offline. • Taking measurements of critical information at each step of the boot process. • Compare hash of measurements to hash of known secure system. • Recovery mechanism – removable storage or password • BitLocker and EFS not mutually exclusive • BitLocker can protect system volume and root keys. • EFS can provide file granularity and multiple user control.