SlideShare a Scribd company logo

Cscu module 04 data encryption

Sejahtera Affif
Sejahtera Affif
1 of 23
Download to read offline
Data Encryption Module 4 Simplifying Security. 1 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.
May 23, 2011 40 Percent of IT Workers Could Hold Employer Networks Hostage, Survey Finds Roughly 40 percent of IT workers believe they could hold an employer’s network hostage — even after leaving the company — by withholding or hiding encryption keys, according to a recent survey of 500 IT security specialists. The study, released Monday, May 23, also revealed that a third of survey respondents were confident that their knowledge and access to encryption keys and certificates could bring a company to a halt with little effort. Conducted in April 2011, the survey was sanctioned by Venafi, a network key and encryption provider. “It’s a shame that so many people have been sold encryption but not the means or knowledge to manage it,” said Jeff Hudson, CEO of Venafi, in a statement. “IT departments must track where the keys are and monitor and manage who has access to them. ... It’s no longer rocket science. Yet recent, costly breaches at Sony, Epsilon and elsewhere reinforce the need for both more encryption and effective management.” http://www.govtech.com 2 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.
3 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Module Objectives Common Terminologies What Is Encryption? Objectives of Encryption Types of Encryption Encryption Standards Symmetric vs. Asymmetric Encryption Usage of Encryption Digital Certificates Working of Digital Certificates Digital Signature How Digital Signature Works? Cryptography Tools
Module Flow 4 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Encryption Types of Encryption Encryption Standards Digital Certificates Digital Signature Cryptography Tools
CommonTerminologies Plaintext Plaintext or cleartext is unencrypted readable text Cipher Text Cipher text is encrypted and unreadable until it is decrypted to plaintext with a key Encryption Key An encryption key is a piece of information that is used to encrypt and decrypt data 5 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.
Encryption is the process of converting data into a cipher text that cannot be understood by the unauthorized people To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it Encryption is used to protect sensitive information during transmission and storage Encrypted DATA is received by Alice Alice receives the plain data after 6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. What Is Encryption? Plain text Bob (‘Morpheus’) Alice decryption Encrypted DATA (‘3*.,~’@!w9”)
Objectives of Encryption 7 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Data Integrity Authentication Non‐repudiation The receiver of a message can check whether the message was modified during transmission, either accidentally or deliberately The receiver of a message can verify the origin of the message No other user should be able to send a message to the recipient as the original sender (data origin authentication) The sender of a message cannot deny that he/she has sent the message
8 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Usage of Encryption It helps to safely store sensitive information on a computer or external storage media Encryption is used to protect user credentials such as user name and passwords Encryption provides assurance of a sender’s identity Encryption provides a secure medium for users to connect to their friends’ or employees’ network from outside of the home or office It is also used as a resource for web‐based information exchange to protect important information such as credit card numbers It provides a higher level of trust when receiving files from other users by ensuring that the source and contents of the message are trusted
Module Flow 9 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Encryption Types of Encryption Encryption Standards Digital Certificates Digital Signature Cryptography Tools
Symmetric Encryption Encryption Decryption Encryption Decryption Hash function 10 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Types of Encryption Symmetric Encryption Symmetric encryption (secret‐key, shared‐key, and private‐key) uses the same key for encryption and decryption Asymmetric Encryption Asymmetric encryption (public key) uses different encryption keys for encryption and decryption. These keys are known as public and private keys Hash Function Hash function (message digests or one‐way encryption) uses no key for encryption and decryption Dear John, This is my A/C number 7974392830 Dear John, This is my A/C number 7974392830 Guuihifhofn kbifkfnnfk Nklclmlm #^*&(*)_(_ Plain text Cipher text Plain text Asymmetric Encryption Dear John, This is my A/C number 7974392830 Dear John, This is my A/C number 7974392830 Guuihifhofn kbifkfnnfk Nklclmlm #^*&(*)_(_ Plain text Cipher text Plain text Hash function Plain text Cipher text
Symmetric vs. Asymmetric Encryption Symmetric Encryption Asymmetric Encryption 11 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Symmetric encryption uses only one key for both encryption and decryption The key cannot be shared freely Symmetric encryption requires that both the sender and the receiver know the secret key Using symmetric encryption, data can be encrypted faster This algorithm is less complex and faster Symmetric encryption ensures confidentiality and integrity Asymmetric Encryption uses a public key for encryption and a private key for decryption In asymmetric encryption, the public key can be freely shared, which eliminates the risk of compromising the secret key The encryption process using Asymmetric Encryption is slower and more complex Asymmetric encryption ensures confidentiality, integrity, authentication, and non‐repudiation
Module Flow 12 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Encryption Types of Encryption Encryption Standards Digital Certificates Digital Signature Cryptography Tools
13 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Encryption Standards Data Encryption Standard (DES) Advanced Encryption Standard (AES) Data Encryption Standard (DES) is the name of the Federal information Processing Standard (FIPS) 46‐3, which describes the data encryption algorithm (DEA) The DEA is a symmetric cryptosystem originally designed for implementation in hardware DEA is also used for single‐user encryption, such as to store files on a hard disk in encrypted form Advanced Encryption Standard (AES) is a symmetric‐key encryption standard adopted by the U.S. government It has a 128‐bit block size, with key sizes of 128, 192 and 256 bits, respectively, for AES‐128, AES‐192 and AES‐256
Module Flow 14 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Encryption Types of Encryption Encryption Standards Digital Certificates Digital Signature Cryptography Tools
A digital certificate is an electronic card that provides credential information while performing online transactions It acts as an electronic counterpart to a drivers license, passport, or membership card and verifies the identity of all users involved in online transactions A digital certificate generally contains: 15 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Digital Certificates Details of owner’s public key Digital signature of the CA (issuer) Serial number of digital signature Owner’s name Expiration date of public key Name of the Certificate Authority (CA) who issued the digital certificate
How Digital Certificates Work Determined Result Public Key Certificate Public Key  Validation of electronic signature 16 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Private Key  Inquires about public key certificate validity to validation authority Message in public key certificate signed with digital signature User Public Key Certificate Updates Information User Applies for Certificate Registration Authority (RA) Request for Issuing Certificate Validation Authority (VA) Certification Authority (CA)
Module Flow 17 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Encryption Types of Encryption Encryption Standards Digital Certificates Digital Signature Cryptography Tools
18 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Digital Signature Digital signature implements asymmetric cryptography to simulate the security properties of a signature in digital, rather than written form Digital signature schemes involve two encryption keys: a private key for signing the message and a public key for verifying signatures Digital standards follow the open standards as they are not tied to an individual or manufacturer It is often used to implement electronic signatures and can be used by any type of message It is independent of the signature verification between the sender and the receiver
How Digital Signature Works 19 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. SIGN SEAL DELIVER ACCEPT OPEN VERIFY Encrypt message using one‐time symmetric key Encrypt the symmetric key using recipient’s PUBLIC key Mail electronic envelopes to the recipient Confidential Information Rehash the message and compare it with the hash value attached with the mail Recipient decrypt one‐time symmetric key using his PRIVATE key Decrypt message using one‐time symmetric key Hash value Sender signs hash code using his PRIVATE key Append the signed hash code to message Unlock the hash value using sender’s PUBLIC key
Module Flow 20 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Encryption Types of Encryption Encryption Standards Digital Certificates Digital Signature Cryptography Tools
Cryptography Tool: TrueCrypt 21 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. http://www.truecrypt.org TrueCrypt creates a virtual encrypted disk within a file and mounts it as a real disk Encrypts an entire partition or storage device such as USB flash drive or hard drive Encrypts a partition or drive where Windows is installed (pre‐boot authentication) Encryption is automatic, real‐time (on‐the‐fly), and transparent
PixelCryptor http://www.codegazer.com 22 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Folder Lock http://www.newsoftwares.net EncryptOnClick http://www.2brightsparks.com AxCrypt http://www.axantum.com Cryptainer LE http://www.cypherix.co.uk SafeHouse Explorer http://www.safehousesoftware.com Advanced Encryption Package http://www.intercrypto.com Kruptos 2 Professional http://www.kruptos2.co.uk Cryptography Tools
23 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Module Summary  Encryption is the process of converting data into a cipher text that cannot be understood by the unauthorized people  Symmetric encryption uses only one key for both encryption and decryption, whereas asymmetric encryption uses a public key for encryption and a private key for decryption  Encryption provides a higher level of trust when receiving files from other users by ensuring that the source and contents of the message are trusted  A digital certificate is an electronic card that provides credential information when performing online transactions  A digital signature implements asymmetric cryptography to simulate the security properties of a signature in digital, rather than written form

Recommended

Encrypted mobile communications
Encrypted mobile communicationsEncrypted mobile communications
Encrypted mobile communicationsPhantom Encrypt
 
Lecture 6 web security
Lecture 6 web securityLecture 6 web security
Lecture 6 web securityrajakhurram
 
Analysis of VoIP Forensics with Digital Evidence Procedure
Analysis of VoIP Forensics with Digital Evidence ProcedureAnalysis of VoIP Forensics with Digital Evidence Procedure
Analysis of VoIP Forensics with Digital Evidence Procedureijsrd.com
 
Practical Network Security
Practical Network SecurityPractical Network Security
Practical Network SecuritySudarsun Santhiappan
 
Modified honey encryption scheme for encoding natural language message
Modified honey encryption scheme for encoding natural language messageModified honey encryption scheme for encoding natural language message
Modified honey encryption scheme for encoding natural language messageIJECEIAES
 
End end-security
End end-securityEnd end-security
End end-securityPatatino Melis
 
Cryptographysecurity 1222867498937700-9
Cryptographysecurity 1222867498937700-9Cryptographysecurity 1222867498937700-9
Cryptographysecurity 1222867498937700-9muthulx
 
fundamental of network security
fundamental of network securityfundamental of network security
fundamental of network securityManish Tiwari
 

Recommended

Encrypted mobile communications
Encrypted mobile communicationsEncrypted mobile communications
Encrypted mobile communicationsPhantom Encrypt
 
Lecture 6 web security
Lecture 6 web securityLecture 6 web security
Lecture 6 web securityrajakhurram
 
Analysis of VoIP Forensics with Digital Evidence Procedure
Analysis of VoIP Forensics with Digital Evidence ProcedureAnalysis of VoIP Forensics with Digital Evidence Procedure
Analysis of VoIP Forensics with Digital Evidence Procedureijsrd.com
 
Practical Network Security
Practical Network SecurityPractical Network Security
Practical Network SecuritySudarsun Santhiappan
 
Modified honey encryption scheme for encoding natural language message
Modified honey encryption scheme for encoding natural language messageModified honey encryption scheme for encoding natural language message
Modified honey encryption scheme for encoding natural language messageIJECEIAES
 
End end-security
End end-securityEnd end-security
End end-securityPatatino Melis
 
Cryptographysecurity 1222867498937700-9
Cryptographysecurity 1222867498937700-9Cryptographysecurity 1222867498937700-9
Cryptographysecurity 1222867498937700-9muthulx
 
fundamental of network security
fundamental of network securityfundamental of network security
fundamental of network securityManish Tiwari
 
Askozia VoIP Security white paper - 2017, English
Askozia VoIP Security white paper - 2017, EnglishAskozia VoIP Security white paper - 2017, English
Askozia VoIP Security white paper - 2017, EnglishAskozia
 
Computersystemssecurity 090529105555-phpapp01
Computersystemssecurity 090529105555-phpapp01Computersystemssecurity 090529105555-phpapp01
Computersystemssecurity 090529105555-phpapp01Miigaa Mine
 
Network Security Fundamental
Network Security FundamentalNetwork Security Fundamental
Network Security FundamentalMousmi Pawar
 
Network Security
Network SecurityNetwork Security
Network SecurityRamasubbu .P
 
Allot ServiceProtector - DDos Mitigation
Allot ServiceProtector - DDos MitigationAllot ServiceProtector - DDos Mitigation
Allot ServiceProtector - DDos MitigationAllot Communications
 
Cryptographic Algorithms For Secure Data Communication
Cryptographic Algorithms For Secure Data CommunicationCryptographic Algorithms For Secure Data Communication
Cryptographic Algorithms For Secure Data CommunicationCSCJournals
 
GDPR: Protecting Your Data
GDPR: Protecting Your DataGDPR: Protecting Your Data
GDPR: Protecting Your DataUlf Mattsson
 
Digital signature and digital identity
Digital signature and digital identityDigital signature and digital identity
Digital signature and digital identityEmanuele Cisbani
 
Network Security
Network SecurityNetwork Security
Network Securityhj43us
 
Network Security(Symmetric Ciphers)
Network Security(Symmetric Ciphers)Network Security(Symmetric Ciphers)
Network Security(Symmetric Ciphers)Gayathridevi120
 
Virtual private network a veritable tool for network security
Virtual private network a veritable tool for network securityVirtual private network a veritable tool for network security
Virtual private network a veritable tool for network securityeSAT Publishing House
 
Digital certificates
Digital certificatesDigital certificates
Digital certificatesBuddhika Karunanayaka
 
Study and implementation of DES on FPGA
Study and implementation of DES on FPGAStudy and implementation of DES on FPGA
Study and implementation of DES on FPGAVenkata Kishore
 
Survey Paper: Cryptography Is The Science Of Information Security
Survey Paper: Cryptography Is The Science Of Information SecuritySurvey Paper: Cryptography Is The Science Of Information Security
Survey Paper: Cryptography Is The Science Of Information SecurityCSCJournals
 
Chapter 2
Chapter 2Chapter 2
Chapter 2shahhardik27
 
Lecture 5
Lecture 5Lecture 5
Lecture 5Education
 
Cryptppt1
Cryptppt1Cryptppt1
Cryptppt1Anu Chaudhry
 
Radio Frequency Identification (RFID) Security issues and possible solutions
Radio Frequency Identification (RFID) Security issues and possible solutionsRadio Frequency Identification (RFID) Security issues and possible solutions
Radio Frequency Identification (RFID) Security issues and possible solutionsAhmad Sharifi
 
Network Security & Attacks
Network Security & AttacksNetwork Security & Attacks
Network Security & AttacksNetwax Lab
 
s117
s117s117
s117s1170034
 
Cscu module 04 data encryption
Cscu module 04 data encryptionCscu module 04 data encryption
Cscu module 04 data encryptionAlireza Ghahrood
 
CN GP 4 Cryptogaraphy.pptx
CN GP 4 Cryptogaraphy.pptxCN GP 4 Cryptogaraphy.pptx
CN GP 4 Cryptogaraphy.pptxGarimaJain745610
 

More Related Content

What's hot

Askozia VoIP Security white paper - 2017, English
Askozia VoIP Security white paper - 2017, EnglishAskozia VoIP Security white paper - 2017, English
Askozia VoIP Security white paper - 2017, EnglishAskozia
 
Computersystemssecurity 090529105555-phpapp01
Computersystemssecurity 090529105555-phpapp01Computersystemssecurity 090529105555-phpapp01
Computersystemssecurity 090529105555-phpapp01Miigaa Mine
 
Network Security Fundamental
Network Security FundamentalNetwork Security Fundamental
Network Security FundamentalMousmi Pawar
 
Allot ServiceProtector - DDos Mitigation
Allot ServiceProtector - DDos MitigationAllot ServiceProtector - DDos Mitigation
Allot ServiceProtector - DDos MitigationAllot Communications
 
Cryptographic Algorithms For Secure Data Communication
Cryptographic Algorithms For Secure Data CommunicationCryptographic Algorithms For Secure Data Communication
Cryptographic Algorithms For Secure Data CommunicationCSCJournals
 
GDPR: Protecting Your Data
GDPR: Protecting Your DataGDPR: Protecting Your Data
GDPR: Protecting Your DataUlf Mattsson
 
Digital signature and digital identity
Digital signature and digital identityDigital signature and digital identity
Digital signature and digital identityEmanuele Cisbani
 
Network Security
Network SecurityNetwork Security
Network Securityhj43us
 
Network Security(Symmetric Ciphers)
Network Security(Symmetric Ciphers)Network Security(Symmetric Ciphers)
Network Security(Symmetric Ciphers)Gayathridevi120
 
Virtual private network a veritable tool for network security
Virtual private network a veritable tool for network securityVirtual private network a veritable tool for network security
Virtual private network a veritable tool for network securityeSAT Publishing House
 
Study and implementation of DES on FPGA
Study and implementation of DES on FPGAStudy and implementation of DES on FPGA
Study and implementation of DES on FPGAVenkata Kishore
 
Survey Paper: Cryptography Is The Science Of Information Security
Survey Paper: Cryptography Is The Science Of Information SecuritySurvey Paper: Cryptography Is The Science Of Information Security
Survey Paper: Cryptography Is The Science Of Information SecurityCSCJournals
 
Radio Frequency Identification (RFID) Security issues and possible solutions
Radio Frequency Identification (RFID) Security issues and possible solutionsRadio Frequency Identification (RFID) Security issues and possible solutions
Radio Frequency Identification (RFID) Security issues and possible solutionsAhmad Sharifi
 
Network Security & Attacks
Network Security & AttacksNetwork Security & Attacks
Network Security & AttacksNetwax Lab
 

What's hot (20)

Askozia VoIP Security white paper - 2017, English
Askozia VoIP Security white paper - 2017, EnglishAskozia VoIP Security white paper - 2017, English
Askozia VoIP Security white paper - 2017, English
 
Computersystemssecurity 090529105555-phpapp01
Computersystemssecurity 090529105555-phpapp01Computersystemssecurity 090529105555-phpapp01
Computersystemssecurity 090529105555-phpapp01
 
Network Security Fundamental
Network Security FundamentalNetwork Security Fundamental
Network Security Fundamental
 
Network Security
Network SecurityNetwork Security
Network Security
 
Allot ServiceProtector - DDos Mitigation
Allot ServiceProtector - DDos MitigationAllot ServiceProtector - DDos Mitigation
Allot ServiceProtector - DDos Mitigation
 
Cryptographic Algorithms For Secure Data Communication
Cryptographic Algorithms For Secure Data CommunicationCryptographic Algorithms For Secure Data Communication
Cryptographic Algorithms For Secure Data Communication
 
GDPR: Protecting Your Data
GDPR: Protecting Your DataGDPR: Protecting Your Data
GDPR: Protecting Your Data
 
Digital signature and digital identity
Digital signature and digital identityDigital signature and digital identity
Digital signature and digital identity
 
Network Security
Network SecurityNetwork Security
Network Security
 
Network Security(Symmetric Ciphers)
Network Security(Symmetric Ciphers)Network Security(Symmetric Ciphers)
Network Security(Symmetric Ciphers)
 
Virtual private network a veritable tool for network security
Virtual private network a veritable tool for network securityVirtual private network a veritable tool for network security
Virtual private network a veritable tool for network security
 
Digital certificates
Digital certificatesDigital certificates
Digital certificates
 
Study and implementation of DES on FPGA
Study and implementation of DES on FPGAStudy and implementation of DES on FPGA
Study and implementation of DES on FPGA
 
Survey Paper: Cryptography Is The Science Of Information Security
Survey Paper: Cryptography Is The Science Of Information SecuritySurvey Paper: Cryptography Is The Science Of Information Security
Survey Paper: Cryptography Is The Science Of Information Security
 
Chapter 2
Chapter 2Chapter 2
Chapter 2
 
Lecture 5
Lecture 5Lecture 5
Lecture 5
 
Cryptppt1
Cryptppt1Cryptppt1
Cryptppt1
 
Radio Frequency Identification (RFID) Security issues and possible solutions
Radio Frequency Identification (RFID) Security issues and possible solutionsRadio Frequency Identification (RFID) Security issues and possible solutions
Radio Frequency Identification (RFID) Security issues and possible solutions
 
Network Security & Attacks
Network Security & AttacksNetwork Security & Attacks
Network Security & Attacks
 
s117
s117s117
s117
 

Similar to Cscu module 04 data encryption

Cscu module 04 data encryption
Cscu module 04 data encryptionCscu module 04 data encryption
Cscu module 04 data encryptionAlireza Ghahrood
 
CN GP 4 Cryptogaraphy.pptx
CN GP 4 Cryptogaraphy.pptxCN GP 4 Cryptogaraphy.pptx
CN GP 4 Cryptogaraphy.pptxGarimaJain745610
 
Performance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish AlgorithmsPerformance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish Algorithmsijtsrd
 
Security in E-commerce
Security in E-commerceSecurity in E-commerce
Security in E-commercem8817
 
Secrity project keyvan
Secrity project keyvanSecrity project keyvan
Secrity project keyvanitrraincity
 
International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)irjes
 
Security for e commerce
Security for e commerceSecurity for e commerce
Security for e commerceMohsin Ahmad
 
PRESENTATION ON CRYPTOGRAPHY.pptx
PRESENTATION ON CRYPTOGRAPHY.pptxPRESENTATION ON CRYPTOGRAPHY.pptx
PRESENTATION ON CRYPTOGRAPHY.pptxRiddhiGupta84
 
A Survey on Cryptographic Techniques for Network Security.pdf
A Survey on Cryptographic Techniques for Network Security.pdfA Survey on Cryptographic Techniques for Network Security.pdf
A Survey on Cryptographic Techniques for Network Security.pdfYasmine Anino
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Saif Kassim
 
Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...IOSR Journals
 

Similar to Cscu module 04 data encryption (20)

Cscu module 04 data encryption
Cscu module 04 data encryptionCscu module 04 data encryption
Cscu module 04 data encryption
 
CN GP 4 Cryptogaraphy.pptx
CN GP 4 Cryptogaraphy.pptxCN GP 4 Cryptogaraphy.pptx
CN GP 4 Cryptogaraphy.pptx
 
Encryption in Cryptography
Encryption in CryptographyEncryption in Cryptography
Encryption in Cryptography
 
Encryption by fastech
Encryption by fastechEncryption by fastech
Encryption by fastech
 
Performance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish AlgorithmsPerformance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish Algorithms
 
Security in E-commerce
Security in E-commerceSecurity in E-commerce
Security in E-commerce
 
Secrity project keyvan
Secrity project keyvanSecrity project keyvan
Secrity project keyvan
 
$ii7oi5i-12
$ii7oi5i-12$ii7oi5i-12
$ii7oi5i-12
 
E comm jatin
E comm jatinE comm jatin
E comm jatin
 
International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)
 
Security for e commerce
Security for e commerceSecurity for e commerce
Security for e commerce
 
Security pre
Security preSecurity pre
Security pre
 
PRESENTATION ON CRYPTOGRAPHY.pptx
PRESENTATION ON CRYPTOGRAPHY.pptxPRESENTATION ON CRYPTOGRAPHY.pptx
PRESENTATION ON CRYPTOGRAPHY.pptx
 
Analysis of Cryptography Techniques
Analysis of Cryptography TechniquesAnalysis of Cryptography Techniques
Analysis of Cryptography Techniques
 
A Survey on Cryptographic Techniques for Network Security.pdf
A Survey on Cryptographic Techniques for Network Security.pdfA Survey on Cryptographic Techniques for Network Security.pdf
A Survey on Cryptographic Techniques for Network Security.pdf
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
 
Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01
 
Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...
 
Encryption techniques
Encryption techniques Encryption techniques
Encryption techniques
 
Sw2
Sw2Sw2
Sw2
 

Cscu module 04 data encryption

  • 1. Data Encryption Module 4 Simplifying Security. 1 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.
  • 2. May 23, 2011 40 Percent of IT Workers Could Hold Employer Networks Hostage, Survey Finds Roughly 40 percent of IT workers believe they could hold an employer’s network hostage — even after leaving the company — by withholding or hiding encryption keys, according to a recent survey of 500 IT security specialists. The study, released Monday, May 23, also revealed that a third of survey respondents were confident that their knowledge and access to encryption keys and certificates could bring a company to a halt with little effort. Conducted in April 2011, the survey was sanctioned by Venafi, a network key and encryption provider. “It’s a shame that so many people have been sold encryption but not the means or knowledge to manage it,” said Jeff Hudson, CEO of Venafi, in a statement. “IT departments must track where the keys are and monitor and manage who has access to them. ... It’s no longer rocket science. Yet recent, costly breaches at Sony, Epsilon and elsewhere reinforce the need for both more encryption and effective management.” http://www.govtech.com 2 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.
  • 3. 3 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Module Objectives Common Terminologies What Is Encryption? Objectives of Encryption Types of Encryption Encryption Standards Symmetric vs. Asymmetric Encryption Usage of Encryption Digital Certificates Working of Digital Certificates Digital Signature How Digital Signature Works? Cryptography Tools
  • 4. Module Flow 4 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Encryption Types of Encryption Encryption Standards Digital Certificates Digital Signature Cryptography Tools
  • 5. CommonTerminologies Plaintext Plaintext or cleartext is unencrypted readable text Cipher Text Cipher text is encrypted and unreadable until it is decrypted to plaintext with a key Encryption Key An encryption key is a piece of information that is used to encrypt and decrypt data 5 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.
  • 6. Encryption is the process of converting data into a cipher text that cannot be understood by the unauthorized people To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it Encryption is used to protect sensitive information during transmission and storage Encrypted DATA is received by Alice Alice receives the plain data after 6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. What Is Encryption? Plain text Bob (‘Morpheus’) Alice decryption Encrypted DATA (‘3*.,~’@!w9”)
  • 7. Objectives of Encryption 7 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Data Integrity Authentication Non‐repudiation The receiver of a message can check whether the message was modified during transmission, either accidentally or deliberately The receiver of a message can verify the origin of the message No other user should be able to send a message to the recipient as the original sender (data origin authentication) The sender of a message cannot deny that he/she has sent the message
  • 8. 8 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Usage of Encryption It helps to safely store sensitive information on a computer or external storage media Encryption is used to protect user credentials such as user name and passwords Encryption provides assurance of a sender’s identity Encryption provides a secure medium for users to connect to their friends’ or employees’ network from outside of the home or office It is also used as a resource for web‐based information exchange to protect important information such as credit card numbers It provides a higher level of trust when receiving files from other users by ensuring that the source and contents of the message are trusted
  • 9. Module Flow 9 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Encryption Types of Encryption Encryption Standards Digital Certificates Digital Signature Cryptography Tools
  • 10. Symmetric Encryption Encryption Decryption Encryption Decryption Hash function 10 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Types of Encryption Symmetric Encryption Symmetric encryption (secret‐key, shared‐key, and private‐key) uses the same key for encryption and decryption Asymmetric Encryption Asymmetric encryption (public key) uses different encryption keys for encryption and decryption. These keys are known as public and private keys Hash Function Hash function (message digests or one‐way encryption) uses no key for encryption and decryption Dear John, This is my A/C number 7974392830 Dear John, This is my A/C number 7974392830 Guuihifhofn kbifkfnnfk Nklclmlm #^*&(*)_(_ Plain text Cipher text Plain text Asymmetric Encryption Dear John, This is my A/C number 7974392830 Dear John, This is my A/C number 7974392830 Guuihifhofn kbifkfnnfk Nklclmlm #^*&(*)_(_ Plain text Cipher text Plain text Hash function Plain text Cipher text
  • 11. Symmetric vs. Asymmetric Encryption Symmetric Encryption Asymmetric Encryption 11 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Symmetric encryption uses only one key for both encryption and decryption The key cannot be shared freely Symmetric encryption requires that both the sender and the receiver know the secret key Using symmetric encryption, data can be encrypted faster This algorithm is less complex and faster Symmetric encryption ensures confidentiality and integrity Asymmetric Encryption uses a public key for encryption and a private key for decryption In asymmetric encryption, the public key can be freely shared, which eliminates the risk of compromising the secret key The encryption process using Asymmetric Encryption is slower and more complex Asymmetric encryption ensures confidentiality, integrity, authentication, and non‐repudiation
  • 12. Module Flow 12 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Encryption Types of Encryption Encryption Standards Digital Certificates Digital Signature Cryptography Tools
  • 13. 13 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Encryption Standards Data Encryption Standard (DES) Advanced Encryption Standard (AES) Data Encryption Standard (DES) is the name of the Federal information Processing Standard (FIPS) 46‐3, which describes the data encryption algorithm (DEA) The DEA is a symmetric cryptosystem originally designed for implementation in hardware DEA is also used for single‐user encryption, such as to store files on a hard disk in encrypted form Advanced Encryption Standard (AES) is a symmetric‐key encryption standard adopted by the U.S. government It has a 128‐bit block size, with key sizes of 128, 192 and 256 bits, respectively, for AES‐128, AES‐192 and AES‐256
  • 14. Module Flow 14 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Encryption Types of Encryption Encryption Standards Digital Certificates Digital Signature Cryptography Tools
  • 15. A digital certificate is an electronic card that provides credential information while performing online transactions It acts as an electronic counterpart to a drivers license, passport, or membership card and verifies the identity of all users involved in online transactions A digital certificate generally contains: 15 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Digital Certificates Details of owner’s public key Digital signature of the CA (issuer) Serial number of digital signature Owner’s name Expiration date of public key Name of the Certificate Authority (CA) who issued the digital certificate
  • 16. How Digital Certificates Work Determined Result Public Key Certificate Public Key  Validation of electronic signature 16 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Private Key  Inquires about public key certificate validity to validation authority Message in public key certificate signed with digital signature User Public Key Certificate Updates Information User Applies for Certificate Registration Authority (RA) Request for Issuing Certificate Validation Authority (VA) Certification Authority (CA)
  • 17. Module Flow 17 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Encryption Types of Encryption Encryption Standards Digital Certificates Digital Signature Cryptography Tools
  • 18. 18 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Digital Signature Digital signature implements asymmetric cryptography to simulate the security properties of a signature in digital, rather than written form Digital signature schemes involve two encryption keys: a private key for signing the message and a public key for verifying signatures Digital standards follow the open standards as they are not tied to an individual or manufacturer It is often used to implement electronic signatures and can be used by any type of message It is independent of the signature verification between the sender and the receiver
  • 19. How Digital Signature Works 19 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. SIGN SEAL DELIVER ACCEPT OPEN VERIFY Encrypt message using one‐time symmetric key Encrypt the symmetric key using recipient’s PUBLIC key Mail electronic envelopes to the recipient Confidential Information Rehash the message and compare it with the hash value attached with the mail Recipient decrypt one‐time symmetric key using his PRIVATE key Decrypt message using one‐time symmetric key Hash value Sender signs hash code using his PRIVATE key Append the signed hash code to message Unlock the hash value using sender’s PUBLIC key
  • 20. Module Flow 20 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Encryption Types of Encryption Encryption Standards Digital Certificates Digital Signature Cryptography Tools
  • 21. Cryptography Tool: TrueCrypt 21 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. http://www.truecrypt.org TrueCrypt creates a virtual encrypted disk within a file and mounts it as a real disk Encrypts an entire partition or storage device such as USB flash drive or hard drive Encrypts a partition or drive where Windows is installed (pre‐boot authentication) Encryption is automatic, real‐time (on‐the‐fly), and transparent
  • 22. PixelCryptor http://www.codegazer.com 22 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Folder Lock http://www.newsoftwares.net EncryptOnClick http://www.2brightsparks.com AxCrypt http://www.axantum.com Cryptainer LE http://www.cypherix.co.uk SafeHouse Explorer http://www.safehousesoftware.com Advanced Encryption Package http://www.intercrypto.com Kruptos 2 Professional http://www.kruptos2.co.uk Cryptography Tools
  • 23. 23 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Module Summary  Encryption is the process of converting data into a cipher text that cannot be understood by the unauthorized people  Symmetric encryption uses only one key for both encryption and decryption, whereas asymmetric encryption uses a public key for encryption and a private key for decryption  Encryption provides a higher level of trust when receiving files from other users by ensuring that the source and contents of the message are trusted  A digital certificate is an electronic card that provides credential information when performing online transactions  A digital signature implements asymmetric cryptography to simulate the security properties of a signature in digital, rather than written form