This document provides an overview of the DES and RSA encryption algorithms. DES is a symmetric algorithm that is fast for large data sizes but requires securely exchanging keys, while RSA is an asymmetric algorithm that is slower for large data sizes but uses public/private key pairs to encrypt and decrypt. The document then demonstrates implementing DES and RSA encryption using the OpenSSL tool, including generating keys, encrypting and decrypting files, and best practices for key exchange between two parties.
Cloud Computing offers an on-demand and scalable access to a shared pool of resources hosted in a data center at providers’ site. It reduces the overheads of up-front investments and financial risks for the end-user. Regardless of the fact that cloud computing offers great advantages to the end users, there are several challenging issues that are mandatory to be addressed.
In computing, a denial-of-service (DoS) attack is an attempt to make a machine or network resource unavailable to its intended users, such as to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet - Wikipedia
Cloud Computing offers an on-demand and scalable access to a shared pool of resources hosted in a data center at providers’ site. It reduces the overheads of up-front investments and financial risks for the end-user. Regardless of the fact that cloud computing offers great advantages to the end users, there are several challenging issues that are mandatory to be addressed.
In computing, a denial-of-service (DoS) attack is an attempt to make a machine or network resource unavailable to its intended users, such as to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet - Wikipedia
Introduction to Public key Cryptosystems with block diagrams
Reference : Cryptography and Network Security Principles and Practice , Sixth Edition , William Stalling
cyber Security and Cryptography Elgamal Encryption Algorithm, Not-petya Case study all in one.
ElGamal encryption is a public-key cryptosystem
ElGamal Algo. uses asymmetric key encryption for communicating between two parties and encrypting the message.
This cryptosystem is based on the difficulty of finding discrete logarithm in a cyclic group
It is based on the Diffie–Hellman key exchange And It was described by Taher Elgamal in 1985.
Receiver Generates public and private keys.
Select Large Prime No. (P)
Select Decryption key/ private Key (D)
gcd(D,P)=1
Select Second part of Encryption key or public key (E1) & gcd(E1,P)=1
Third part of the encryption key or public key (E2)
E2 = E1D mod P
Public Key=(E1, E2, P) & Private key=D
In 2017 Maersk was impacted by Not-Petya ransomware attack and their network was down for a whole 9 days.
A total of 49,000 PCs and 7,000 servers were encrypted by Not-petya. Other companies that were impacted by the same attack are Merck, TNT express etc.
The tools used in Notpetya were EternalBlue and Mimikatz and hence the attack was very fast and devastating for victims.
It was The Most Devastating Cyber attack in History that’s
How a single piece of code crashed the world.
switching techniques in data communication and networkingHarshita Yadav
it is a detailed presentation on switching techniques. it includes the three types of switching technique. it is described in such manner that you can learn switching without any difficulties.
Symmetric encryption and message confidentialityCAS
Symmetric Encryption Principles
Data Encryption Standard
Advanced Encryption Standard
Stream Ciphers and RC4
Cipher Block Modes of Operation
Key Distribution
The sender initializes the checksum to 0 and adds all data items and the checksum. However, 36 cannot be expressed in 4 bits. The extra two bits are wrapped and added with the sum to create the wrapped sum value 6. The sum is then complemented, resulting in the checksum value 9 (15 − 6 = 9).
Pgp-Pretty Good Privacy is the open source freely available tool to encrypt your emails then you can very securely send mails to others over internet without fear of eavesdropping by cryptanalyst.
The presentation describes basics of cryptography and information security. It covers goals of cryptography, history of cipher symmetric and public key cryptography
Introduction to Public key Cryptosystems with block diagrams
Reference : Cryptography and Network Security Principles and Practice , Sixth Edition , William Stalling
cyber Security and Cryptography Elgamal Encryption Algorithm, Not-petya Case study all in one.
ElGamal encryption is a public-key cryptosystem
ElGamal Algo. uses asymmetric key encryption for communicating between two parties and encrypting the message.
This cryptosystem is based on the difficulty of finding discrete logarithm in a cyclic group
It is based on the Diffie–Hellman key exchange And It was described by Taher Elgamal in 1985.
Receiver Generates public and private keys.
Select Large Prime No. (P)
Select Decryption key/ private Key (D)
gcd(D,P)=1
Select Second part of Encryption key or public key (E1) & gcd(E1,P)=1
Third part of the encryption key or public key (E2)
E2 = E1D mod P
Public Key=(E1, E2, P) & Private key=D
In 2017 Maersk was impacted by Not-Petya ransomware attack and their network was down for a whole 9 days.
A total of 49,000 PCs and 7,000 servers were encrypted by Not-petya. Other companies that were impacted by the same attack are Merck, TNT express etc.
The tools used in Notpetya were EternalBlue and Mimikatz and hence the attack was very fast and devastating for victims.
It was The Most Devastating Cyber attack in History that’s
How a single piece of code crashed the world.
switching techniques in data communication and networkingHarshita Yadav
it is a detailed presentation on switching techniques. it includes the three types of switching technique. it is described in such manner that you can learn switching without any difficulties.
Symmetric encryption and message confidentialityCAS
Symmetric Encryption Principles
Data Encryption Standard
Advanced Encryption Standard
Stream Ciphers and RC4
Cipher Block Modes of Operation
Key Distribution
The sender initializes the checksum to 0 and adds all data items and the checksum. However, 36 cannot be expressed in 4 bits. The extra two bits are wrapped and added with the sum to create the wrapped sum value 6. The sum is then complemented, resulting in the checksum value 9 (15 − 6 = 9).
Pgp-Pretty Good Privacy is the open source freely available tool to encrypt your emails then you can very securely send mails to others over internet without fear of eavesdropping by cryptanalyst.
The presentation describes basics of cryptography and information security. It covers goals of cryptography, history of cipher symmetric and public key cryptography
Talk given at Devoxx UK 2014
Caveat - without the video these slides can be taken out of context, see Parleys for the full video.
RSA is the oldest kid in the public-key cryptography playground, and its position of toughest and fastest is under sharp competition from ECC (Elliptic Curve Cryptography). We look at the mathematical difference between the two cryptosystems, showing why ECC is faster and “harder” than RSA, but also very energy efficient hence its unique advantage in the mobile space. We show how to use ECC in your Java and Android applications. Before finally summarising the “state of the union” for RSA and ECC in the light of the Snowden leaks, and the likely near-future for public-key cryptography.
Elliptic Curve Cryptography for those who are afraid of mathsMartijn Grooten
A low level introduction into elliptic curve cryptography, as presented at BSides San Francisco 2016.
NB don't be put off by the 100 slides; every transition is on its own slide.
Elliptic Curve Cryptography and Zero Knowledge ProofArunanand Ta
Elliptic Curve Cryptography and Zero Knowledge Proof
Presentation by Nimish Joseph, at College of Engineering Cherthala, Kerala, India, during Faculty Development Program, on 06-Nov-2013
Speaker: Mateusz Kocielski
Language: English
We used to believe that some software is secure. I'd like to decompose our faith in it by touching every prime factor of our daily computing environments. This implies the roller-coaster ride from user space to the farthest parts of the Universe by 0.1-days and oddities of software that we use each day. Our goal is to realize how many assumptions are hidden in saying that some piece of code is secure.
CONFidence: http://confidence.org.pl/pl/
We used to believe that some software is secure. I'd like to decompose our faith in it by touching every prime factor of our daily computing environments. This implies the roller-coaster ride from user space to the farthest parts of the Universe by 0.1-days and oddities of software that we use each day. Our goal is to realize how many assumptions are hidden in saying that some piece of code is secure.
From Kernel Space to User Heaven #NDH2k13Jaime Sánchez
FROM KERNEL SPACE TO USER HEAVEN at NUIT DU HACK 2013 by JAIME SANCHEZ
More information at:
Twitter: @segofensiva
Website: http://www.seguridadofensiva.com
What if you could enqueue from kernel space to user space all your incoming and outgoing network connections? Maybe you could develop some offensive/defensive applications to modify headers and payloads in real time, to detect unauthorized traffic like dns tunneling connections or to fool some well known network tools. This will be showed in Linux-powered devices. It will be explained too some remote OS fingerprinting techniques, both active and passive, implemented in tools like nmap, p0f, or vendor appliances, and a how to defeat them. This technique doesn't need virtual machines or kernel patches, and is highly portable to other platforms.
[Ruxcon Monthly Sydney 2011] Proprietary Protocols Reverse Engineering : Rese...Moabi.com
This presentation given in 2011 during the first Ruxcon Monthly (Ruxmon) Sydney focuses on proprietary protocols reverse engineering and vulnerability audits.
There is great research in the field of data security these days. Storing information digitally in the cloud and transferring it over the internet proposes risks of disclosure and unauthorized access, thus users, organizations and businesses are adapting new technology and methods to protect their data from breaches. In this paper, we introduce a method to provide higher security for data transferred over the internet, or information based in the cloud. The introduced method for the most part depends on the Advanced Encryption Standard (AES) algorithm. Which is currently the standard for secret key encryption. A standardized version of the algorithm was used by The Federal Information Processing Standard 197 called Rijndael for the Advanced Encryption Standard. The AES algorithm processes data through a combination of Exclusive-OR operations (XOR), octet substitution with an S-box, row and column rotations, and a MixColumn operations. The fact that the algorithm could be easily implemented and run on a regular computer in a reasonable amount of time made it highly favorable and successful.
In this paper, the proposed method provides a new dimension of security to the AES algorithm by securing the key itself such that even when the key is disclosed, the text cannot be deciphered. This is done by enciphering the key using Output Feedback Block Mode Operation. This introduces a new level of security to the key in a way in which deciphering the data requires prior knowledge of the key and the algorithm used to encipher the key for the purpose of deciphering the transferred text.
Keywords: Keywords: Keywords: Keywords: Keywords: Keywords: Keywords:
1. DES & RSA Algorithms Overview
Tutorial
03/01/2013 NOUNI El Bachir 1
2. Comparison And Uses
DES : It's a symmetric algorithm designed for
encrypting data. Its advantage is that it's fast for
large data size, but it present one inconvenient
is that of changing keys between the tow tiers.
03/01/2013 NOUNI El Bachir 2
3. Comparison And Uses
RSA : it's an asymmetric algorithm designed for
encrypting data also. Its inconvenience is that
it's too slow for large data size. It use tow keys
instead of DES which uses one shared key. One
of these keys is secret and the other is public.
The Data that is encrypted by one is decrypted
by the other but not by the same key.
03/01/2013 NOUNI El Bachir 3
4. Tools
Through this tutorial we will use the Openssl
tool. This tool is by default integrated in Linux.
For Windows users they should download this
tool by following this link :
http://slproweb.com/products/Win32OpenSSL.html
After the installation of openssl; whether you
add the path of openssl.exe to your system
path, our each time at the command prompt
you use the full path of openssl.exe.
03/01/2013 NOUNI El Bachir 4
5. Parameters Of These Algorithms
DES :
− Secret key (64 bits)
− Initialization vector (64 bits)
RSA :
− Secret key
− Secret key length
− Public key
− The modulus
03/01/2013 NOUNI El Bachir 5
6. TP : Test Each Algorithm (DES)
The instructions thereafter were tested under
Linux system.
DES :
To use this algorithm we have to generate first
its parameters (secret key,initialization vector).
To do so we will use /dev/urandom file and
head command.
The synopsis of each one is :
03/01/2013 NOUNI El Bachir 6
7. TP : Test Each Algorithm (DES)
|> cat /dev/urandom | head -1 > random.bin
the result after using |> xxd random.bin to show file
content in Hex format :
0000000: 95c3 e2d9 62c9 8d24 fa03 69e7 59aa aa11 ....b..$..i.Y...
So we choose 95C3E2D962C98D24 as secret Key
and FA0369E759AAAA11 as initialization vector.
After that we can encrypt and decrypt a file.
|> Openssl enc -e -des-cbc -in inputfile -out outputfile -nosalt -K
95C3E2D962C98D24 -iv FA0369E759AAAA11 -a
03/01/2013 NOUNI El Bachir 7
8. TP : Test Each Algorithm (DES)
-des-cbc : DES algorithm using CBC mode
-e : for encryption
-in [inputfile] : to specify input file
-out [outputfile] : to specify output file
-K XX..XX : to specify secret key 64 bits
-iv XX..XX : to specify initialization vector 64 bits
-a : encoding output file in base64 format
-nosalt : no salt will be used
03/01/2013 NOUNI El Bachir 8
9. TP : Test Each Algorithm (DES)
For decryption we use the same command line,
we have to just change -e option by -d for
decryption.
03/01/2013 NOUNI El Bachir 9
10. TP : Test Each Algorithm (RSA)
The implementation of RSA follow three steps :
Generate a encrypted secret key of 1024 or
2048 length.
Generate the public key from the secret one.
To do so, we will use genrsa and rsa commands.
Synopsis of these commands is :
03/01/2013 NOUNI El Bachir 10
11. TP : Test Each Algorithm (RSA)
openssl genrsa [-out filename] [-passout arg] [-des] [-des3] [-idea]
[-f4] [-3] [-rand file(s)] [-engine id] [numbits]
openssl rsa [-inform PEM|NET|DER] [-outform PEM|NET|DER] [-in
filename] [-passin arg] [-out filename] [-passout arg] [-sgckey] [-
des] [-des3] [-idea] [-text] [-noout] [-modulus] [-check] [-pubin]
[-pubout] [-engine id]
For encryption we will use rsautl command of
following synopsis :
openssl rsautl [-in file] [-out file] [-inkey file] [-pubin] [-
certin] [-sign] [-verify] [-encrypt] [-decrypt] [-pkcs] [d-ssl] [-
raw] [-hexdump] [-asn1parse]
Lets now try this algorithm :
03/01/2013 NOUNI El Bachir 11
12. TP : Test Each Algorithm (RSA)
To generate the secret key :
|> openssl genrsa -des -out sckey.pem 2048
-des : DES which will be used to encrypt the
secret key.
-out : to specify the output file.
2048 : key length.
After Enter Key press the prompt will demand to
you to enter a phrase password.
03/01/2013 NOUNI El Bachir 12
13. TP : Test Each Algorithm (RSA)
To generate the public key :
|> openssl rsa -pubout < sckey.pem > pkey.pem
-pubout : to specify that wie want to generate a
public key from the secret one sckey.pem.
< : input flow redirection
> : output flow redirection
03/01/2013 NOUNI El Bachir 13
14. TP : Test Each Algorithm (RSA)
To encrypt data with public key :
|> openssl rsautl -encrypt -in inputfile -out outputfile -inkey pkey.pem
-pubin -a
-encrypt : for encryption.
-in : to specify input file path.
-out : to specify output file.
-inkey : key file to use.
-pubin : specify that the key specified with -inkey
is a public key. Without this options secret key
is used.
03/01/2013 NOUNI El Bachir 14
15. Best practice
RSA : to exchange shared secret key
DES : to encrypt data using exchanged shared
secret key.
Scenario :
Alice (sA,PA) and Bobe (sB,PB).
Alice want send data to Bobe, but it is the first
time. So they should define a shared key.
03/01/2013 NOUNI El Bachir 15
16. Best practice
So Alice had to generate a random 64 bits key
(DES) and an initialization vector (64 bits) and
encrypt it using the public key of Bobe P B. Then
send it to Bobe.
Bobe will receive encrypted key and will decrypt it.
At this moment its ok but he should send an
acknowledgment to Alice to tell him that he
receive the key successfully. So he should
encrypt the received key using public key of
Alice and send it to him.
03/01/2013 NOUNI El Bachir 16
17. Best practice
After this handshaking it is ok to exchange
encrypted that using shared secret key (64 bits).
It is recommended to use Tripe DES instead of
DES because it is more secure. To use this
algorithm in what we have seen, you can just
change -des by -des3 in RSA section and for
DES section you choose -des-ede-cbc instead
of -des-cbc.
03/01/2013 NOUNI El Bachir 17