SlideShare a Scribd company logo

Cryptography.ppt

Download as PPT, PDF
Z
Zaheer720515

Cryptography is the science of secret writing and involves encrypting plaintext messages into ciphertext. There are two main techniques for encryption: symmetric encryption where the sender and receiver share the same key, and public key encryption where different keys are used. Common terms in cryptography include plaintext, ciphertext, encryption/decryption algorithms, and keys. The secrecy of keys is more important than the algorithms themselves for security. Longer keys provide stronger encryption but are more computationally expensive. Cryptanalysis involves attempts to break encryption by discovering keys or plaintext.

Technology
1 of 42
Cryptography PU Gujranwala Campus
Cryptography  Cryptography is the science of writing or reading coded messages.  Cryptography comes from the Greek words for “secret writing”  Historically, four groups of people have contributed to the art of cryptography  The military  The diplomatic corps  The diarists  Of these, the military has had the most important role in this field PU Gujranwala Campus
Encryption and Decryption  Encryption  The process for producing ciphertext from plaintext.  Decryption  The reverse Encryption is called Decryption. Plaintext Plaintext Ciphertext Encryption Decryption PU Gujranwala Campus
Common Cryptography Terms  Plain Text  Original message  The message to be encrypted  Cipher  Secret method of writing (i.e. algorithm)  Key  Plain text is transformed by a function that is parameterized by a key  Some critical information used by the cipher, known only to sender and/or receiver  Ciphertext  Transformed message  The output of the encryption process PU Gujranwala Campus
Common Cryptography Terms  Intruder  An enemy who hears and accurately copies down the complete ciphertext, can be active or passive  Cryptanalysis  Attempting to discover plaintext or key or both  The art of breaking ciphers  Cryptography  Science of secret writing  The art of devising ciphers  Cryptology  Collection of Cryptanalysis and Cryptography  Study of both cryptography and cryptanalysis PU Gujranwala Campus
Cryptography The encryption model PU Gujranwala Campus
Symbolic Notations for Encryption  C = EK(P)  It means that the encryption of the plaintext P using key K gives ciphertext C  P = DK(C)  It represents the decryption of C to get the plaintext P again.  It then follows that: DK( (EK(P)) ) = P  Note:  E and D are just mathematical functions PU Gujranwala Campus
Two major techniques for encryption  Symmetric Encryption  Sender and receiver use same key (shared secret)  Also known as:  Conventional Encryption  Secret Key Encryption  Was the only method used prior to the 1970s  Still most widely used  Public Key (Asymmetric) Encryption  Sender and receiver use different keys  Technique published in 1976 PU Gujranwala Campus
Simplified Model (Symmetric Encryption) PU Gujranwala Campus
Conventional Encryption Ingredients  An encryption scheme has five ingredients:  Plaintext  Encryption algorithm  Secret Key  Cipher text  Decryption algorithm  Security depends on the secrecy of the key, not the secrecy of the algorithm PU Gujranwala Campus
Strong Encryption  An encryption algorithm needs to be strong  This means that an attacker who knows:  the algorithm  some pieces of ciphertext  some plaintext-ciphertext pairs (possibly)  cannot deduce:  the plaintext, or  the key PU Gujranwala Campus
Importance of Secret Key  Every encryption and decryption process has two aspects:  The algorithm  The key used for encryption and decryption  In general, the algorithm used for encryption and decryption processes is usually known to everybody. However, it is the key used for encryption and decryption that makes the process of cryptography secure  The greater the length of the key, the more difficult it will be to break it using brute-force attack PU Gujranwala Campus
Key  A key is a digital code that can be used to encrypt, decrypt, and sign information.  Some keys are kept private while others are shared and must be distributed in a secure manner.  The area of key management has seen much progress in the past years; this is mainly because it makes key distribution secure and scaleable in an automated fashion.  Important issues with key management are creating and distributing the keys securely. PU Gujranwala Campus
Importance of the Key  Usually, cryptographic mechanisms use both an algorithm (a mathematical function) and a secret value known as a key.  Most algorithms undergo years of scrutiny by the world's best cryptographers who validate the strength of the algorithm.  The algorithms are widely known and available; it is the key that is kept secret and provides the required security. PU Gujranwala Campus
Importance of the Key  Analogy of Combination Lock  The key is similar to the combination to a lock. Although the concept of a combination lock is well known, you can't open a combination lock easily without knowing the combination.  In addition, the more numbers a given combination has, the more work must be done to guess the combination--- the same is true for cryptographic keys.  The more bits that are in a key, the less susceptible a key is to being compromised by a third party. PU Gujranwala Campus
Issue of Key Length  The number of bits required in a key to ensure secure encryption in a given environment can be controversial.  The longer the key space---the range of possible values of the key---the more difficult it is to break the key in a brute-force attack.  In a brute-force attack, you apply all combinations of a key to the algorithm until you succeed in deciphering the message.  However, the longer the key, the more computationally expensive the encryption and decryption process can be.  The goal is to make breaking a key "cost" more than the worth of the information the key is protecting. PU Gujranwala Campus
Number of Possible Combinations PU Gujranwala Campus
Cryptanalysis  Cryptanalysis is the process of trying to find the plaintext or key  Two main approaches  Brute Force  try all possible keys  Exploit weaknesses in the algorithm or key PU Gujranwala Campus
Cryptanalysis: Brute Force Attack  Try all possible keys until code is broken  On average, need to try half of all possible keys  Infeasible if key length is sufficiently long PU Gujranwala Campus
Three Basic Cryptographic Functions  Cryptography is the basis for all secure communications; it is, therefore, important that you understand three basic cryptographic functions:  Symmetric encryption  Asymmetric encryption  One-way hash functions.  Most current authentication, integrity, and confidentiality technologies are derived from these three cryptographic functions. PU Gujranwala Campus
Symmetric Key Encryption  Symmetric encryption, often referred to as secret key encryption, uses a common key and the same cryptographic algorithm to scramble and unscramble a message.  Example: Suppose we have two users, Alice and Bob, who want to communicate securely with each other.  Both Alice and Bob have to agree on the same cryptographic algorithm to use for encrypting and decrypting data.  They also have to agree on a common key--- the secret key---to use with their chosen encryption/decryption algorithm. PU Gujranwala Campus
Symmetric Key Encryption  A simplistic secret key algorithm is the Caesar Cipher.  The Caesar Cipher replaces each letter in the original message with the letter of the alphabet n places further down the alphabet.  The algorithm shifts the letters to the right or left (depending on whether you are encrypting or decrypting).  Figure shows two users, Alice and Bob communicating with a Caesar Cipher where the key, n, is three letters. PU Gujranwala Campus
Caesar Cipher  Alphabetic circular shift  For each letter i of text: let pi=0 if letter is a, and pi=1 if letter is b, etc let key k be the size of the shift  Encryption: ci = Ek(pi) = (pi + k) mod 26  Decryption: pi = Dk(ci) = (ci – k) mod 26  Example (setting k = 3) attack at dawn DWWDFN DW GDZQ PU Gujranwala Campus
Attacking Caesar Cipher  Brute force  Key is just one letter (or number between 1 and 25)  Try all 25 keys  Easy! PU Gujranwala Campus
Monoalphabetic substitution  Use arbitrary mapping of plaintext letters onto ciphertext  e.g. Example: attack at dawn XCCXQJ XC MXBF PU Gujranwala Campus
Attacking Monoalphabetic  Brute force  Very difficult; Key is 26 letters long  No. of possible keys = 26! = 4 x 1026  Algorithm weaknesses:  Frequency of letters in English language is well known  Can deduce plaintext->ciphertext mapping by analysing frequency of occurrence  e.g. on analysing plenty of ciphertext, most frequent letter probably corresponds to ‘E’  Can spot digrams and trigrams  Digram: common 2-letter sequence; e.g. ‘th’, ‘an’, ‘ed’  Trigram: common 3-letter sequence: e.g. ‘ing’, ‘the’, ‘est’ PU Gujranwala Campus
English Letter Frequencies PU Gujranwala Campus
Vigenère Cipher  Set of related monoalphabetic substitution rule is used.  “Add” repeating keyword to plaintext  In effect, 26 Caesar ciphers are used  Example: PU Gujranwala Campus
Vigenère Cipher PU Gujranwala Campus
Attacking Vigenère Cipher  Brute force  More difficult; like password cracking  The longer the key the harder brute force is PU Gujranwala Campus
One-Time Password  One-time password (OTP) is an encryption technique that cannot be cracked if used correctly. In this technique, a plaintext is paired with a random secret key (also referred to as a one-time password). Then, each bit or character of the plaintext is encrypted by combining it with the corresponding bit or character from the password using modular addition. Cipher Text = message + key (mod 26) PU Gujranwala Campus
One-Time Pads  An OTP is a list of numbers, in completely random order, that is used to encode a message  If the numbers on OTP are truly random and OTP is only used once, then ciphertext provides no mechanism to recover the original key and the message  OTPs are used for short messages and in a very high security environment PU Gujranwala Campus
One-Time Pad  Uses random key that is as long as the message  Can use key only once One-Time Pad PU Gujranwala Campus
One-Time Password Operation PU Gujranwala Campus
One-Time Passwords  Problems with OTPs  Generation of truly random one-time passwords  Distribution of the one-time passwords between communicating entities  Not feasible for use in high-traffic environments PU Gujranwala Campus
Playfair Cipher  not even the large number of keys in a monoalphabetic cipher provides security  one approach to improving security was to encrypt multiple letters  the Playfair Cipher is an example  invented by Charles Wheatstone in 1854, but named after his friend Baron Playfair
Playfair Key Matrix  a 5X5 matrix of letters based on a keyword  fill in letters of keyword (sans duplicates)  fill rest of matrix with other letters  eg. using the keyword MONARCHY MONAR CHYBD EFGIK LPQST UVWXZ
Encrypting and Decrypting  plaintext encrypted two letters at a time: 1. if a pair is a repeated letter, insert a filler like 'X', eg. "balloon" encrypts as "ba lx lo on" 2. if both letters fall in the same row, replace each with letter to right (wrapping back to start from end), eg. “ar" encrypts as "RM" 3. if both letters fall in the same column, replace each with the letter below it (again wrapping to top from bottom), eg. “mu" encrypts to "CM" 4. otherwise each letter is replaced by the one in its row in the column of the other letter of the pair, eg. “hs" encrypts to "BP", and “ea" to "IM" or "JM" (as desired)
Security of the Playfair Cipher  security much improved over monoalphabetic  since have 26 x 26 = 676 digrams  was widely used for many years (eg. US & British military in WW1)  it can be broken, given a few hundred letters  since still has much of plaintext structure
Rail Fence cipher  write message letters out diagonally over a number of rows  then read off cipher row by row  eg. write message out as: m e m a t r h t g p r y e t e f e t e o a a t  giving ciphertext MEMATRHTGPRYETEFETEOAAT
Column Transposition Ciphers  In a columnar transposition, the message is written out in rows of a fixed length, and then read out again column by column  and the columns are chosen in some scrambled order.  Key: G E R M A N  G E R M A N (326415) d e f e n d t h e e a s t w a l l o f t h e c a s t l e x x G E R M A N d e f e n d t h e e a s t w a l l o f t h e c a s t l e x x n e d e d f a h t e s e l w t l o a c t f e a h x t s e x l
Column Transposition Ciphers A E G M N R (123456) n e d e d f a h t e s e l w t l o a c t f e a h x t s e x l The ciphertext is read off along the columns: nalcxehwttdttfseeleedsoaxfeahl G E R M A N d e f e n d t h e e a s t w a l l o f t h e c a s t l e x x n e d e d f a h t e s e l w t l o a c t f e a h x t s e x l The ciphertext is read off along the columns: nalcxehwttdttfseeleedsoaxfeahl

Recommended

Cryptography
CryptographyCryptography
Cryptography
IGZ Software house
 
SYMMETRIC CRYPTOGRAPHY
SYMMETRIC CRYPTOGRAPHY SYMMETRIC CRYPTOGRAPHY
SYMMETRIC CRYPTOGRAPHY
Santosh Naidu
 
Unit-2-IS (1).pdf
Unit-2-IS (1).pdfUnit-2-IS (1).pdf
Unit-2-IS (1).pdf
ShaikSameena24
 
Unit 1
Unit 1Unit 1
Unit 1
Trupti Kodinariya
 
Cryptography by Durlab Kumbhakar
Cryptography by Durlab KumbhakarCryptography by Durlab Kumbhakar
Cryptography by Durlab Kumbhakar
Durlove Kumbhakar
 
Otp
OtpOtp
Otpdraihl
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and Cryptography
Gayathridevi120
 
Ch34508510
Ch34508510Ch34508510
Ch34508510
IJERA Editor
 

Recommended

Cryptography
CryptographyCryptography
Cryptography
IGZ Software house
 
SYMMETRIC CRYPTOGRAPHY
SYMMETRIC CRYPTOGRAPHY SYMMETRIC CRYPTOGRAPHY
SYMMETRIC CRYPTOGRAPHY
Santosh Naidu
 
Unit-2-IS (1).pdf
Unit-2-IS (1).pdfUnit-2-IS (1).pdf
Unit-2-IS (1).pdf
ShaikSameena24
 
Unit 1
Unit 1Unit 1
Unit 1
Trupti Kodinariya
 
Cryptography by Durlab Kumbhakar
Cryptography by Durlab KumbhakarCryptography by Durlab Kumbhakar
Cryptography by Durlab Kumbhakar
Durlove Kumbhakar
 
Otp
OtpOtp
Otpdraihl
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and Cryptography
Gayathridevi120
 
Ch34508510
Ch34508510Ch34508510
Ch34508510
IJERA Editor
 
Traditional symmetric-key cipher
Traditional symmetric-key cipherTraditional symmetric-key cipher
Traditional symmetric-key cipher
Vasuki Ramasamy
 
ch09_rsa_nemo.ppt
ch09_rsa_nemo.pptch09_rsa_nemo.ppt
ch09_rsa_nemo.ppt
ChandraB15
 
Cryptography
CryptographyCryptography
Cryptography
prasham95
 
Bt0088 cryptography and network security1
Bt0088 cryptography and network security1Bt0088 cryptography and network security1
Bt0088 cryptography and network security1
Techglyphs
 
Cryptography
CryptographyCryptography
Cryptography
jayashri kolekar
 
Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01
Saif Kassim
 
TakeDownCon Rocket City: Cryptanalysis by Chuck Easttom
TakeDownCon Rocket City: Cryptanalysis by Chuck Easttom TakeDownCon Rocket City: Cryptanalysis by Chuck Easttom
TakeDownCon Rocket City: Cryptanalysis by Chuck Easttom EC-Council
 
a performance analysis of generalized key scheme block cipher (gksbc) algorit...
a performance analysis of generalized key scheme block cipher (gksbc) algorit...a performance analysis of generalized key scheme block cipher (gksbc) algorit...
a performance analysis of generalized key scheme block cipher (gksbc) algorit...
INFOGAIN PUBLICATION
 
Basic techniques in cryptography
Basic techniques in cryptographyBasic techniques in cryptography
Basic techniques in cryptography
Shraddha Gupta
 
Ch09
Ch09Ch09
Ch09Joe Christensen
 
622 Crypto Presentattion.pptx
622 Crypto Presentattion.pptx622 Crypto Presentattion.pptx
622 Crypto Presentattion.pptx
SUFFOCATETHEKISO
 
4.Cryptography handout 2.pptx
4.Cryptography handout 2.pptx4.Cryptography handout 2.pptx
4.Cryptography handout 2.pptx
MikiAbera
 
Cryptography - Overview
Cryptography - OverviewCryptography - Overview
Cryptography - Overview
Mohammed Adam
 
Lecture 5 - Cryptography.pptx
Lecture 5 - Cryptography.pptxLecture 5 - Cryptography.pptx
Lecture 5 - Cryptography.pptx
mustafaenayat
 
Day5
Day5Day5
Day5
Jai4uk
 
Cryptography using python
Cryptography using pythonCryptography using python
Cryptography using python
KaushikRamabhotla
 
Cns 1
Cns 1Cns 1
Cns 1
BhumikaPal1
 
Rsa
RsaRsa
Rsaismaelhaider
 
Encryption is a process of converting a message, image, or any other .pdf
Encryption is a process of converting a message, image, or any other .pdf Encryption is a process of converting a message, image, or any other .pdf
Encryption is a process of converting a message, image, or any other .pdf
rachanaprade
 
Unit --3.ppt
Unit --3.pptUnit --3.ppt
Unit --3.ppt
DHANABALSUBRAMANIAN
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 

More Related Content

Similar to Cryptography.ppt

Traditional symmetric-key cipher
Traditional symmetric-key cipherTraditional symmetric-key cipher
Traditional symmetric-key cipher
Vasuki Ramasamy
 
ch09_rsa_nemo.ppt
ch09_rsa_nemo.pptch09_rsa_nemo.ppt
ch09_rsa_nemo.ppt
ChandraB15
 
Cryptography
CryptographyCryptography
Cryptography
prasham95
 
Bt0088 cryptography and network security1
Bt0088 cryptography and network security1Bt0088 cryptography and network security1
Bt0088 cryptography and network security1
Techglyphs
 
Cryptography
CryptographyCryptography
Cryptography
jayashri kolekar
 
Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01
Saif Kassim
 
TakeDownCon Rocket City: Cryptanalysis by Chuck Easttom
TakeDownCon Rocket City: Cryptanalysis by Chuck Easttom TakeDownCon Rocket City: Cryptanalysis by Chuck Easttom
TakeDownCon Rocket City: Cryptanalysis by Chuck Easttom EC-Council
 
a performance analysis of generalized key scheme block cipher (gksbc) algorit...
a performance analysis of generalized key scheme block cipher (gksbc) algorit...a performance analysis of generalized key scheme block cipher (gksbc) algorit...
a performance analysis of generalized key scheme block cipher (gksbc) algorit...
INFOGAIN PUBLICATION
 
Basic techniques in cryptography
Basic techniques in cryptographyBasic techniques in cryptography
Basic techniques in cryptography
Shraddha Gupta
 
622 Crypto Presentattion.pptx
622 Crypto Presentattion.pptx622 Crypto Presentattion.pptx
622 Crypto Presentattion.pptx
SUFFOCATETHEKISO
 
4.Cryptography handout 2.pptx
4.Cryptography handout 2.pptx4.Cryptography handout 2.pptx
4.Cryptography handout 2.pptx
MikiAbera
 
Cryptography - Overview
Cryptography - OverviewCryptography - Overview
Cryptography - Overview
Mohammed Adam
 
Lecture 5 - Cryptography.pptx
Lecture 5 - Cryptography.pptxLecture 5 - Cryptography.pptx
Lecture 5 - Cryptography.pptx
mustafaenayat
 
Day5
Day5Day5
Day5
Jai4uk
 
Cryptography using python
Cryptography using pythonCryptography using python
Cryptography using python
KaushikRamabhotla
 
Cns 1
Cns 1Cns 1
Cns 1
BhumikaPal1
 
Encryption is a process of converting a message, image, or any other .pdf
Encryption is a process of converting a message, image, or any other .pdf Encryption is a process of converting a message, image, or any other .pdf
Encryption is a process of converting a message, image, or any other .pdf
rachanaprade
 
Unit --3.ppt
Unit --3.pptUnit --3.ppt
Unit --3.ppt
DHANABALSUBRAMANIAN
 

Similar to Cryptography.ppt (20)

Traditional symmetric-key cipher
Traditional symmetric-key cipherTraditional symmetric-key cipher
Traditional symmetric-key cipher
 
ch09_rsa_nemo.ppt
ch09_rsa_nemo.pptch09_rsa_nemo.ppt
ch09_rsa_nemo.ppt
 
Cryptography
CryptographyCryptography
Cryptography
 
Bt0088 cryptography and network security1
Bt0088 cryptography and network security1Bt0088 cryptography and network security1
Bt0088 cryptography and network security1
 
Cryptography
CryptographyCryptography
Cryptography
 
Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01
 
TakeDownCon Rocket City: Cryptanalysis by Chuck Easttom
TakeDownCon Rocket City: Cryptanalysis by Chuck Easttom TakeDownCon Rocket City: Cryptanalysis by Chuck Easttom
TakeDownCon Rocket City: Cryptanalysis by Chuck Easttom
 
a performance analysis of generalized key scheme block cipher (gksbc) algorit...
a performance analysis of generalized key scheme block cipher (gksbc) algorit...a performance analysis of generalized key scheme block cipher (gksbc) algorit...
a performance analysis of generalized key scheme block cipher (gksbc) algorit...
 
Basic techniques in cryptography
Basic techniques in cryptographyBasic techniques in cryptography
Basic techniques in cryptography
 
Ch09
Ch09Ch09
Ch09
 
622 Crypto Presentattion.pptx
622 Crypto Presentattion.pptx622 Crypto Presentattion.pptx
622 Crypto Presentattion.pptx
 
4.Cryptography handout 2.pptx
4.Cryptography handout 2.pptx4.Cryptography handout 2.pptx
4.Cryptography handout 2.pptx
 
Cryptography - Overview
Cryptography - OverviewCryptography - Overview
Cryptography - Overview
 
Lecture 5 - Cryptography.pptx
Lecture 5 - Cryptography.pptxLecture 5 - Cryptography.pptx
Lecture 5 - Cryptography.pptx
 
Day5
Day5Day5
Day5
 
Cryptography using python
Cryptography using pythonCryptography using python
Cryptography using python
 
Cns 1
Cns 1Cns 1
Cns 1
 
Rsa
RsaRsa
Rsa
 
Encryption is a process of converting a message, image, or any other .pdf
Encryption is a process of converting a message, image, or any other .pdf Encryption is a process of converting a message, image, or any other .pdf
Encryption is a process of converting a message, image, or any other .pdf
 
Unit --3.ppt
Unit --3.pptUnit --3.ppt
Unit --3.ppt
 

Recently uploaded

The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 

Recently uploaded (20)

The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 

Cryptography.ppt

  • 2. Cryptography  Cryptography is the science of writing or reading coded messages.  Cryptography comes from the Greek words for “secret writing”  Historically, four groups of people have contributed to the art of cryptography  The military  The diplomatic corps  The diarists  Of these, the military has had the most important role in this field PU Gujranwala Campus
  • 3. Encryption and Decryption  Encryption  The process for producing ciphertext from plaintext.  Decryption  The reverse Encryption is called Decryption. Plaintext Plaintext Ciphertext Encryption Decryption PU Gujranwala Campus
  • 4. Common Cryptography Terms  Plain Text  Original message  The message to be encrypted  Cipher  Secret method of writing (i.e. algorithm)  Key  Plain text is transformed by a function that is parameterized by a key  Some critical information used by the cipher, known only to sender and/or receiver  Ciphertext  Transformed message  The output of the encryption process PU Gujranwala Campus
  • 5. Common Cryptography Terms  Intruder  An enemy who hears and accurately copies down the complete ciphertext, can be active or passive  Cryptanalysis  Attempting to discover plaintext or key or both  The art of breaking ciphers  Cryptography  Science of secret writing  The art of devising ciphers  Cryptology  Collection of Cryptanalysis and Cryptography  Study of both cryptography and cryptanalysis PU Gujranwala Campus
  • 7. Symbolic Notations for Encryption  C = EK(P)  It means that the encryption of the plaintext P using key K gives ciphertext C  P = DK(C)  It represents the decryption of C to get the plaintext P again.  It then follows that: DK( (EK(P)) ) = P  Note:  E and D are just mathematical functions PU Gujranwala Campus
  • 8. Two major techniques for encryption  Symmetric Encryption  Sender and receiver use same key (shared secret)  Also known as:  Conventional Encryption  Secret Key Encryption  Was the only method used prior to the 1970s  Still most widely used  Public Key (Asymmetric) Encryption  Sender and receiver use different keys  Technique published in 1976 PU Gujranwala Campus
  • 10. Conventional Encryption Ingredients  An encryption scheme has five ingredients:  Plaintext  Encryption algorithm  Secret Key  Cipher text  Decryption algorithm  Security depends on the secrecy of the key, not the secrecy of the algorithm PU Gujranwala Campus
  • 11. Strong Encryption  An encryption algorithm needs to be strong  This means that an attacker who knows:  the algorithm  some pieces of ciphertext  some plaintext-ciphertext pairs (possibly)  cannot deduce:  the plaintext, or  the key PU Gujranwala Campus
  • 12. Importance of Secret Key  Every encryption and decryption process has two aspects:  The algorithm  The key used for encryption and decryption  In general, the algorithm used for encryption and decryption processes is usually known to everybody. However, it is the key used for encryption and decryption that makes the process of cryptography secure  The greater the length of the key, the more difficult it will be to break it using brute-force attack PU Gujranwala Campus
  • 13. Key  A key is a digital code that can be used to encrypt, decrypt, and sign information.  Some keys are kept private while others are shared and must be distributed in a secure manner.  The area of key management has seen much progress in the past years; this is mainly because it makes key distribution secure and scaleable in an automated fashion.  Important issues with key management are creating and distributing the keys securely. PU Gujranwala Campus
  • 14. Importance of the Key  Usually, cryptographic mechanisms use both an algorithm (a mathematical function) and a secret value known as a key.  Most algorithms undergo years of scrutiny by the world's best cryptographers who validate the strength of the algorithm.  The algorithms are widely known and available; it is the key that is kept secret and provides the required security. PU Gujranwala Campus
  • 15. Importance of the Key  Analogy of Combination Lock  The key is similar to the combination to a lock. Although the concept of a combination lock is well known, you can't open a combination lock easily without knowing the combination.  In addition, the more numbers a given combination has, the more work must be done to guess the combination--- the same is true for cryptographic keys.  The more bits that are in a key, the less susceptible a key is to being compromised by a third party. PU Gujranwala Campus
  • 16. Issue of Key Length  The number of bits required in a key to ensure secure encryption in a given environment can be controversial.  The longer the key space---the range of possible values of the key---the more difficult it is to break the key in a brute-force attack.  In a brute-force attack, you apply all combinations of a key to the algorithm until you succeed in deciphering the message.  However, the longer the key, the more computationally expensive the encryption and decryption process can be.  The goal is to make breaking a key "cost" more than the worth of the information the key is protecting. PU Gujranwala Campus
  • 17. Number of Possible Combinations PU Gujranwala Campus
  • 18. Cryptanalysis  Cryptanalysis is the process of trying to find the plaintext or key  Two main approaches  Brute Force  try all possible keys  Exploit weaknesses in the algorithm or key PU Gujranwala Campus
  • 19. Cryptanalysis: Brute Force Attack  Try all possible keys until code is broken  On average, need to try half of all possible keys  Infeasible if key length is sufficiently long PU Gujranwala Campus
  • 20. Three Basic Cryptographic Functions  Cryptography is the basis for all secure communications; it is, therefore, important that you understand three basic cryptographic functions:  Symmetric encryption  Asymmetric encryption  One-way hash functions.  Most current authentication, integrity, and confidentiality technologies are derived from these three cryptographic functions. PU Gujranwala Campus
  • 21. Symmetric Key Encryption  Symmetric encryption, often referred to as secret key encryption, uses a common key and the same cryptographic algorithm to scramble and unscramble a message.  Example: Suppose we have two users, Alice and Bob, who want to communicate securely with each other.  Both Alice and Bob have to agree on the same cryptographic algorithm to use for encrypting and decrypting data.  They also have to agree on a common key--- the secret key---to use with their chosen encryption/decryption algorithm. PU Gujranwala Campus
  • 22. Symmetric Key Encryption  A simplistic secret key algorithm is the Caesar Cipher.  The Caesar Cipher replaces each letter in the original message with the letter of the alphabet n places further down the alphabet.  The algorithm shifts the letters to the right or left (depending on whether you are encrypting or decrypting).  Figure shows two users, Alice and Bob communicating with a Caesar Cipher where the key, n, is three letters. PU Gujranwala Campus
  • 23. Caesar Cipher  Alphabetic circular shift  For each letter i of text: let pi=0 if letter is a, and pi=1 if letter is b, etc let key k be the size of the shift  Encryption: ci = Ek(pi) = (pi + k) mod 26  Decryption: pi = Dk(ci) = (ci – k) mod 26  Example (setting k = 3) attack at dawn DWWDFN DW GDZQ PU Gujranwala Campus
  • 24. Attacking Caesar Cipher  Brute force  Key is just one letter (or number between 1 and 25)  Try all 25 keys  Easy! PU Gujranwala Campus
  • 25. Monoalphabetic substitution  Use arbitrary mapping of plaintext letters onto ciphertext  e.g. Example: attack at dawn XCCXQJ XC MXBF PU Gujranwala Campus
  • 26. Attacking Monoalphabetic  Brute force  Very difficult; Key is 26 letters long  No. of possible keys = 26! = 4 x 1026  Algorithm weaknesses:  Frequency of letters in English language is well known  Can deduce plaintext->ciphertext mapping by analysing frequency of occurrence  e.g. on analysing plenty of ciphertext, most frequent letter probably corresponds to ‘E’  Can spot digrams and trigrams  Digram: common 2-letter sequence; e.g. ‘th’, ‘an’, ‘ed’  Trigram: common 3-letter sequence: e.g. ‘ing’, ‘the’, ‘est’ PU Gujranwala Campus
  • 27. English Letter Frequencies PU Gujranwala Campus
  • 28. Vigenère Cipher  Set of related monoalphabetic substitution rule is used.  “Add” repeating keyword to plaintext  In effect, 26 Caesar ciphers are used  Example: PU Gujranwala Campus
  • 30. Attacking Vigenère Cipher  Brute force  More difficult; like password cracking  The longer the key the harder brute force is PU Gujranwala Campus
  • 31. One-Time Password  One-time password (OTP) is an encryption technique that cannot be cracked if used correctly. In this technique, a plaintext is paired with a random secret key (also referred to as a one-time password). Then, each bit or character of the plaintext is encrypted by combining it with the corresponding bit or character from the password using modular addition. Cipher Text = message + key (mod 26) PU Gujranwala Campus
  • 32. One-Time Pads  An OTP is a list of numbers, in completely random order, that is used to encode a message  If the numbers on OTP are truly random and OTP is only used once, then ciphertext provides no mechanism to recover the original key and the message  OTPs are used for short messages and in a very high security environment PU Gujranwala Campus
  • 33. One-Time Pad  Uses random key that is as long as the message  Can use key only once One-Time Pad PU Gujranwala Campus
  • 34. One-Time Password Operation PU Gujranwala Campus
  • 35. One-Time Passwords  Problems with OTPs  Generation of truly random one-time passwords  Distribution of the one-time passwords between communicating entities  Not feasible for use in high-traffic environments PU Gujranwala Campus
  • 36. Playfair Cipher  not even the large number of keys in a monoalphabetic cipher provides security  one approach to improving security was to encrypt multiple letters  the Playfair Cipher is an example  invented by Charles Wheatstone in 1854, but named after his friend Baron Playfair
  • 37. Playfair Key Matrix  a 5X5 matrix of letters based on a keyword  fill in letters of keyword (sans duplicates)  fill rest of matrix with other letters  eg. using the keyword MONARCHY MONAR CHYBD EFGIK LPQST UVWXZ
  • 38. Encrypting and Decrypting  plaintext encrypted two letters at a time: 1. if a pair is a repeated letter, insert a filler like 'X', eg. "balloon" encrypts as "ba lx lo on" 2. if both letters fall in the same row, replace each with letter to right (wrapping back to start from end), eg. “ar" encrypts as "RM" 3. if both letters fall in the same column, replace each with the letter below it (again wrapping to top from bottom), eg. “mu" encrypts to "CM" 4. otherwise each letter is replaced by the one in its row in the column of the other letter of the pair, eg. “hs" encrypts to "BP", and “ea" to "IM" or "JM" (as desired)
  • 39. Security of the Playfair Cipher  security much improved over monoalphabetic  since have 26 x 26 = 676 digrams  was widely used for many years (eg. US & British military in WW1)  it can be broken, given a few hundred letters  since still has much of plaintext structure
  • 40. Rail Fence cipher  write message letters out diagonally over a number of rows  then read off cipher row by row  eg. write message out as: m e m a t r h t g p r y e t e f e t e o a a t  giving ciphertext MEMATRHTGPRYETEFETEOAAT
  • 41. Column Transposition Ciphers  In a columnar transposition, the message is written out in rows of a fixed length, and then read out again column by column  and the columns are chosen in some scrambled order.  Key: G E R M A N  G E R M A N (326415) d e f e n d t h e e a s t w a l l o f t h e c a s t l e x x G E R M A N d e f e n d t h e e a s t w a l l o f t h e c a s t l e x x n e d e d f a h t e s e l w t l o a c t f e a h x t s e x l
  • 42. Column Transposition Ciphers A E G M N R (123456) n e d e d f a h t e s e l w t l o a c t f e a h x t s e x l The ciphertext is read off along the columns: nalcxehwttdttfseeleedsoaxfeahl G E R M A N d e f e n d t h e e a s t w a l l o f t h e c a s t l e x x n e d e d f a h t e s e l w t l o a c t f e a h x t s e x l The ciphertext is read off along the columns: nalcxehwttdttfseeleedsoaxfeahl