SlideShare a Scribd company logo
Intro to Cryptography
Galin Dinkov
Intro
Definition
● Cryptography - κρυπτό (kryptós) "hidden, secret" + γράφειν (graphein)
"writing"
● Cryptology - κρυπτό (kryptós) "hidden, secret" + λογία (logia), "study"
● Study of techniques for secure communication in the presence of third parties
called adversaries
● Main fields
○ Data confidentiality - restricted access over the information
○ Data integrity - assurance of the accuracy and consistency of the data
○ Authentication - confirming the validity of sorm form of identification
○ Non-repudiation - assurance of data origin and authorship
Terminology
● Plaintext - ordinary information, understandable by human
● Ciphertext - unintelligible text, encrypted text
● Encryption - encoding a message or information in such a way that only
authorized parties can access it
● Decryption - restoring the original plaintext from the ciphertext
● Cipher - algorithm for encryption/decryption
● Key - a secret parameter used in the encryption/decryption process
● Cryptosystem - definitions, key-generation, enc/dec algorithms
● Symmetric/Asymmetric - single common key / different keys
● Cryptanalysis - acquiring information from encrypted messages without having
the secret key
Common Actors
● Alice and Bob - fictional characters using a cryptosystem
● Eve (eavesdropper) - listening to a private conversation
● Mallory - an active attacker
History
● Classical cryptography - ancient, medieval
● WWI, WWII - Enigma …
● Modern - computers, public-key, hashing, quantum
computing …
● Politics - NSA, NIST ...
Crypto How to...
How to
Communicate
With Secret
Messages?
Classic Ciphers
● Transposition cipher - positions of the letters
are shifted according to a regular system
● Substitution cipher - plaintext letters are
altered according to some rules (key)
○ Simple - per letter
○ Mono/Poly-alphabetic - single, or multiple substitutions
○ Polygraphic - substitute groups of letters
Route cipher
Caesar cipher
Vigenère cipher
Breaking Classic Ciphers
● Brute-force
● Frequency analysis
● Demo
Perfect Secrecy
● One-time pad - random key, long at least as the message
● Does not reveal any of the functions of the message, except its maximum
length
● Security depends on the entropy of the key
● Difficult to use for long messages
● If reused it is vulnerable
Stream Cipher
● Generates one time pad using pseudo random number generator
● Then combines it with the message
● The pad is generated based on a key
● Security depends on the entropy of the key and the random function
● Example algorithms - RC4 and ChaCha20
● Used in hardware because is fast
Block Cipher
● Divides the message into blocks and encrypt each block
● If the message length is not divisible by block size padding is applied
● Works in different modes: ECB, CBC, PCBC, CFB, OFB, CTR ...
● Examples: DES, 3DES, AES, Blowfish ...
How to Hide
Message
Existence?
Steganography
Practice of concealing a file, message,
image, or video within another file,
message, image, or video.
● Physical - invisible ink, microdots,
knits, …
● Digital - image, audio, video or other
file, text in blogs or forums
● Linguistic - acrostic, misspellings, ...
Tools
How to Ensure
Data Integrity?
Hash Functions
Function used to map data of arbitrary size to
data of fixed size.
● Cryptographic hash functions -
deterministic, one-Way, uniformly
distributed, infeasible collisions, quick to
compute
● MD 2/4/5/6 - Message-Digest Algorithm
● SHA 1/2/3 - Secure Hash Algorithms
● RIPEMD - RACE Integrity Primitives
Evaluation Message Digest
● BLAKE 1/2
Hash Function Security
● Preimage resistance - hard to find message m from a given hash h = hash(m)
● Second preimage resistance - given a message m1 it should be difficult to find
another different message m2 such as hash(m1) = hash(m2)
● Collision resistance - it should be difficult to find to messages m1 and m2 such
as hash(m1) = hash(m2)
● Rainbow table - precomputed table for reversing cryptographic hash
functions, usually for cracking password hashes
● Birthday attack
Message Authentication Code (MAC)
Short piece of information used to authenticate a message, to confirm that the
message came from the stated sender (its authenticity) and has not been changed.
● CBC-MAC
● HMAC
● …
●
● Length-extension attack
How to Securely
Share Common
Secret?
Public-Key Cryptography
● Digital signatures - content is digitally signed with an individual’s private key and is
verified by the individual’s public key
● Encryption - content is encrypted using an individual’s public key and can only be
decrypted with the individual’s private key
● Authentication – since the individual’s unique private key was used to apply the
signature, recipients can be confident that the individual was the one to actually apply
the signature
● Non-repudiation – since the individual is the only one with access to the private key
used to apply the signature, he/she cannot later claim that it wasn’t him/her who
applied the signature
● Integrity - when the signature is verified, it checks that the contents of the document or
message match what was in there when the signature was applied. Even the slightest
change to the original document would cause this check to fail.
Key Exchange Theory
Math
● One-way function - easy to compute on every input, but hard to invert
● Trapdoor function - easy to compute in one direction, yet difficult to compute
in the opposite unless having a special information, called the "trapdoor"
○ Modular arithmetics
○ Discrete logarithm
○ Prime factorization
Diffie-Hellman Key Exchange
Video
RSA - Rivest–Shamir–Adleman
● Invented in 1977
● Used for digital signatures and
securing sessions (SSL)
Explanation
Elliptic curve cryptography (ECC)
Explanation:
https://youtu.be/dCvB-mhkT0w
https://youtu.be/F3zzNa42-tQ
ECC Domain Parameters:
p - prime field (modulo)
a,b - curve parameters
G - generator point
n - ord(G) (n x G = 0)
h - cofactor of n
Private Key (k) = Random Number < n - 1
Public Key (K) = k ∗ G
K = 1E99423A4ED27608A15A2616A2B0E9E52CED330AC530EDCC32C8FFC6A526AEDD * G
K = (x, y)
x = F028892BAD7ED57D2FB57BF33081D5CFCF6F9ED3D3D7F159C2E2FFF579DC341A
y = 07CF33DA18BD734C600B96A72BBC4749D5141C90EC8AC328AE52DDFE2E505BDB
Breaking
● Find the private key from the public key
● Classic quantum computer
● Topological quantum computer
Zero knowledge proofs
Method by which one party (the prover) can prove to another party (the verifier)
that a given statement is true, without conveying any information apart from the
fact that the statement is indeed true.
How to Send
Secure Emails?
Email Encryption
PGP:
https://en.wikipedia.org/wiki/Pretty_
Good_Privacy
S/MIME:
https://en.wikipedia.org/wiki/S/MIME
More...
How to Surf the
Web Securely?
SSL/TLS
Public Key Infrastructure (PKI)
● Certificate Authorities (CA) - X.509
● Web of Trust
● Blockchain PKI - Emercoin
How to Surf the
Web Privately?
Tor
Final
https://www.linkedin.com/in/galindinkov/
by Galin Dinkov

More Related Content

What's hot

Cryptography
CryptographyCryptography
Cryptography
Hassan Osama
 
basic encryption and decryption
 basic encryption and decryption basic encryption and decryption
basic encryption and decryption
Rashmi Burugupalli
 
Elementry Cryptography
Elementry CryptographyElementry Cryptography
Elementry Cryptography
Tata Consultancy Services
 
Post quantum cryptography - thesis
Post quantum cryptography - thesisPost quantum cryptography - thesis
Post quantum cryptography - thesis
Samy Shehata
 
Authenticated Encryption Gcm Ccm
Authenticated Encryption Gcm CcmAuthenticated Encryption Gcm Ccm
Authenticated Encryption Gcm Ccm
Vittorio Giovara
 
Post quantum cryptography
Post quantum cryptographyPost quantum cryptography
Post quantum cryptography
Samy Shehata
 
TakeDownCon Rocket City: Cryptanalysis by Chuck Easttom
TakeDownCon Rocket City: Cryptanalysis by Chuck Easttom TakeDownCon Rocket City: Cryptanalysis by Chuck Easttom
TakeDownCon Rocket City: Cryptanalysis by Chuck Easttom
EC-Council
 
Ch02...1
Ch02...1Ch02...1
Ch02...1
nathanurag
 
A Concise Introduction to Cryptographic Concepts
A Concise Introduction to Cryptographic ConceptsA Concise Introduction to Cryptographic Concepts
A Concise Introduction to Cryptographic Concepts
Gokul Alex
 
Cryptography
CryptographyCryptography
Cryptography
Suhepi Saputri
 
Crpto ppt
Crpto pptCrpto ppt
Crpto ppt
Asmita Pal
 
Information Security Cryptography ( L03- Old Cryptography Algorithms )
Information Security Cryptography ( L03- Old Cryptography Algorithms )Information Security Cryptography ( L03- Old Cryptography Algorithms )
Information Security Cryptography ( L03- Old Cryptography Algorithms )
Anas Rock
 
Secret key cryptography
Secret key cryptographySecret key cryptography
Secret key cryptography
Prabhat Goel
 
Cryptography & network security
Cryptography & network securityCryptography & network security
Cryptography & network security
sathu30
 
Cryptography by gaurav singh
Cryptography by gaurav singhCryptography by gaurav singh
Cryptography by gaurav singh
Gaurav Singh
 
cryptography and network security
cryptography and network security cryptography and network security
cryptography and network security
nitishV3
 
Chapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutanChapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutan
newbie2019
 
Cns 1
Cns 1Cns 1
Symmetric ciphermodel
Symmetric ciphermodelSymmetric ciphermodel
Symmetric ciphermodel
priyapavi96
 
Classical Encryption Techniques
Classical Encryption TechniquesClassical Encryption Techniques
Classical Encryption Techniques
university of education,Lahore
 

What's hot (20)

Cryptography
CryptographyCryptography
Cryptography
 
basic encryption and decryption
 basic encryption and decryption basic encryption and decryption
basic encryption and decryption
 
Elementry Cryptography
Elementry CryptographyElementry Cryptography
Elementry Cryptography
 
Post quantum cryptography - thesis
Post quantum cryptography - thesisPost quantum cryptography - thesis
Post quantum cryptography - thesis
 
Authenticated Encryption Gcm Ccm
Authenticated Encryption Gcm CcmAuthenticated Encryption Gcm Ccm
Authenticated Encryption Gcm Ccm
 
Post quantum cryptography
Post quantum cryptographyPost quantum cryptography
Post quantum cryptography
 
TakeDownCon Rocket City: Cryptanalysis by Chuck Easttom
TakeDownCon Rocket City: Cryptanalysis by Chuck Easttom TakeDownCon Rocket City: Cryptanalysis by Chuck Easttom
TakeDownCon Rocket City: Cryptanalysis by Chuck Easttom
 
Ch02...1
Ch02...1Ch02...1
Ch02...1
 
A Concise Introduction to Cryptographic Concepts
A Concise Introduction to Cryptographic ConceptsA Concise Introduction to Cryptographic Concepts
A Concise Introduction to Cryptographic Concepts
 
Cryptography
CryptographyCryptography
Cryptography
 
Crpto ppt
Crpto pptCrpto ppt
Crpto ppt
 
Information Security Cryptography ( L03- Old Cryptography Algorithms )
Information Security Cryptography ( L03- Old Cryptography Algorithms )Information Security Cryptography ( L03- Old Cryptography Algorithms )
Information Security Cryptography ( L03- Old Cryptography Algorithms )
 
Secret key cryptography
Secret key cryptographySecret key cryptography
Secret key cryptography
 
Cryptography & network security
Cryptography & network securityCryptography & network security
Cryptography & network security
 
Cryptography by gaurav singh
Cryptography by gaurav singhCryptography by gaurav singh
Cryptography by gaurav singh
 
cryptography and network security
cryptography and network security cryptography and network security
cryptography and network security
 
Chapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutanChapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutan
 
Cns 1
Cns 1Cns 1
Cns 1
 
Symmetric ciphermodel
Symmetric ciphermodelSymmetric ciphermodel
Symmetric ciphermodel
 
Classical Encryption Techniques
Classical Encryption TechniquesClassical Encryption Techniques
Classical Encryption Techniques
 

Similar to Intro to Cryptography

Asymmetric Cryptography
Asymmetric CryptographyAsymmetric Cryptography
Asymmetric Cryptography
UTD Computer Security Group
 
PresentationonCRYPTOGRAPHY.pptx
PresentationonCRYPTOGRAPHY.pptxPresentationonCRYPTOGRAPHY.pptx
PresentationonCRYPTOGRAPHY.pptx
HRockyAman
 
CISSP Week 16
CISSP Week 16CISSP Week 16
CISSP Week 16
jemtallon
 
Network security
Network securityNetwork security
Network security
ABHISHEK KUMAR
 
Introduction to cryptography
Introduction to cryptographyIntroduction to cryptography
Introduction to cryptography
Suresh Thammishetty
 
3 pkc+rsa
3 pkc+rsa3 pkc+rsa
3 pkc+rsa
Shashank Mishra
 
Pooguzhali
PooguzhaliPooguzhali
PUBLIC KEY & RSA.ppt
PUBLIC KEY & RSA.pptPUBLIC KEY & RSA.ppt
PUBLIC KEY & RSA.ppt
RizwanBasha12
 
CISSP Week 20
CISSP Week 20CISSP Week 20
CISSP Week 20
jemtallon
 
Public Key Cryptography and RSA algorithm
Public Key Cryptography and RSA algorithmPublic Key Cryptography and RSA algorithm
Public Key Cryptography and RSA algorithm
Indra97065
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network security
Nagendra Um
 
Cryptography
CryptographyCryptography
Cryptography
Pratiksha Patil
 
Cryptography seminar 2017
Cryptography seminar 2017Cryptography seminar 2017
Cryptography seminar 2017
ASHISH DHAR
 
OpenPGP/GnuPG Encryption
OpenPGP/GnuPG EncryptionOpenPGP/GnuPG Encryption
OpenPGP/GnuPG Encryption
Tanner Lovelace
 
White Paper on Cryptography
White Paper on Cryptography White Paper on Cryptography
White Paper on Cryptography
Durgesh Malviya
 
Ch9
Ch9Ch9
2. public key cryptography and RSA
2. public key cryptography and RSA2. public key cryptography and RSA
2. public key cryptography and RSA
Dr.Florence Dayana
 
Public key algorithm
Public key algorithmPublic key algorithm
Public key algorithm
Prateek Pandey
 
RSA Algm.pptx
RSA Algm.pptxRSA Algm.pptx
RSA Algm.pptx
Sou Jana
 
Rsa
RsaRsa

Similar to Intro to Cryptography (20)

Asymmetric Cryptography
Asymmetric CryptographyAsymmetric Cryptography
Asymmetric Cryptography
 
PresentationonCRYPTOGRAPHY.pptx
PresentationonCRYPTOGRAPHY.pptxPresentationonCRYPTOGRAPHY.pptx
PresentationonCRYPTOGRAPHY.pptx
 
CISSP Week 16
CISSP Week 16CISSP Week 16
CISSP Week 16
 
Network security
Network securityNetwork security
Network security
 
Introduction to cryptography
Introduction to cryptographyIntroduction to cryptography
Introduction to cryptography
 
3 pkc+rsa
3 pkc+rsa3 pkc+rsa
3 pkc+rsa
 
Pooguzhali
PooguzhaliPooguzhali
Pooguzhali
 
PUBLIC KEY & RSA.ppt
PUBLIC KEY & RSA.pptPUBLIC KEY & RSA.ppt
PUBLIC KEY & RSA.ppt
 
CISSP Week 20
CISSP Week 20CISSP Week 20
CISSP Week 20
 
Public Key Cryptography and RSA algorithm
Public Key Cryptography and RSA algorithmPublic Key Cryptography and RSA algorithm
Public Key Cryptography and RSA algorithm
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network security
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography seminar 2017
Cryptography seminar 2017Cryptography seminar 2017
Cryptography seminar 2017
 
OpenPGP/GnuPG Encryption
OpenPGP/GnuPG EncryptionOpenPGP/GnuPG Encryption
OpenPGP/GnuPG Encryption
 
White Paper on Cryptography
White Paper on Cryptography White Paper on Cryptography
White Paper on Cryptography
 
Ch9
Ch9Ch9
Ch9
 
2. public key cryptography and RSA
2. public key cryptography and RSA2. public key cryptography and RSA
2. public key cryptography and RSA
 
Public key algorithm
Public key algorithmPublic key algorithm
Public key algorithm
 
RSA Algm.pptx
RSA Algm.pptxRSA Algm.pptx
RSA Algm.pptx
 
Rsa
RsaRsa
Rsa
 

Recently uploaded

TEQnation 2024: Sustainable Software: May the Green Code Be with You
TEQnation 2024: Sustainable Software: May the Green Code Be with YouTEQnation 2024: Sustainable Software: May the Green Code Be with You
TEQnation 2024: Sustainable Software: May the Green Code Be with You
marcofolio
 
UMiami degree offer diploma Transcript
UMiami degree offer diploma TranscriptUMiami degree offer diploma Transcript
UMiami degree offer diploma Transcript
attueb
 
Celebrity Girls Call Mumbai 9930687706 Unlimited Short Providing Girls Servic...
Celebrity Girls Call Mumbai 9930687706 Unlimited Short Providing Girls Servic...Celebrity Girls Call Mumbai 9930687706 Unlimited Short Providing Girls Servic...
Celebrity Girls Call Mumbai 9930687706 Unlimited Short Providing Girls Servic...
kiara pandey
 
Unleashing the Future: Building a Scalable and Up-to-Date GenAI Chatbot with ...
Unleashing the Future: Building a Scalable and Up-to-Date GenAI Chatbot with ...Unleashing the Future: Building a Scalable and Up-to-Date GenAI Chatbot with ...
Unleashing the Future: Building a Scalable and Up-to-Date GenAI Chatbot with ...
confluent
 
Mobile App Development Company in Noida - Drona Infotech.
Mobile App Development Company in Noida - Drona Infotech.Mobile App Development Company in Noida - Drona Infotech.
Mobile App Development Company in Noida - Drona Infotech.
Mobile App Development Company in Noida - Drona Infotech
 
Hotel Management Software Development Company
Hotel Management Software Development CompanyHotel Management Software Development Company
Hotel Management Software Development Company
XongoLab Technologies LLP
 
Introduction to Cloud computing for Internet of Things
Introduction to Cloud computing for Internet of ThingsIntroduction to Cloud computing for Internet of Things
Introduction to Cloud computing for Internet of Things
NachuSubramanian1
 
How To Fill Timesheet in TaskSprint: Quick Guide 2024
How To Fill Timesheet in TaskSprint: Quick Guide 2024How To Fill Timesheet in TaskSprint: Quick Guide 2024
How To Fill Timesheet in TaskSprint: Quick Guide 2024
TaskSprint | Employee Efficiency Software
 
Russian Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service ...
Russian Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service ...Russian Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service ...
Russian Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service ...
shanihomely
 
NYGGS 360: A Complete ERP for Construction Innovation
NYGGS 360: A Complete ERP for Construction InnovationNYGGS 360: A Complete ERP for Construction Innovation
NYGGS 360: A Complete ERP for Construction Innovation
NYGGS Construction ERP Software
 
HIRE A HACKER FOR CHEATING HUSBAND/WIFE)
HIRE A HACKER FOR CHEATING HUSBAND/WIFE)HIRE A HACKER FOR CHEATING HUSBAND/WIFE)
HIRE A HACKER FOR CHEATING HUSBAND/WIFE)
josephinedrea942
 
當測試開始左移
當測試開始左移當測試開始左移
當測試開始左移
Jersey (CHE-PING) Su
 
Tour and travel website management in odoo,
Tour and travel website management in odoo,Tour and travel website management in odoo,
Tour and travel website management in odoo,
Axis Technolabs
 
Independent Girls call Service Pune 000XX00000 Provide Best And Top Girl Serv...
Independent Girls call Service Pune 000XX00000 Provide Best And Top Girl Serv...Independent Girls call Service Pune 000XX00000 Provide Best And Top Girl Serv...
Independent Girls call Service Pune 000XX00000 Provide Best And Top Girl Serv...
bhumivarma35300
 
Mumbai Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service A...
Mumbai Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service A...Mumbai Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service A...
Mumbai Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service A...
3610stuck
 
Busty Girls Call Mumbai 9930245274 Unlimited Short Providing Girls Service Av...
Busty Girls Call Mumbai 9930245274 Unlimited Short Providing Girls Service Av...Busty Girls Call Mumbai 9930245274 Unlimited Short Providing Girls Service Av...
Busty Girls Call Mumbai 9930245274 Unlimited Short Providing Girls Service Av...
revolutionary575
 
Russian Girls Call Mumbai 🛵🚡9833363713 💃 Choose Best And Top Girl Service And...
Russian Girls Call Mumbai 🛵🚡9833363713 💃 Choose Best And Top Girl Service And...Russian Girls Call Mumbai 🛵🚡9833363713 💃 Choose Best And Top Girl Service And...
Russian Girls Call Mumbai 🛵🚡9833363713 💃 Choose Best And Top Girl Service And...
dream girl
 
Top Chinese Government-backed APT Groups
Top Chinese Government-backed APT GroupsTop Chinese Government-backed APT Groups
Top Chinese Government-backed APT Groups
SOCRadar
 
Private Girls Call Navi Mumbai 🛵🚡9820252231 💃 Choose Best And Top Girl Servic...
Private Girls Call Navi Mumbai 🛵🚡9820252231 💃 Choose Best And Top Girl Servic...Private Girls Call Navi Mumbai 🛵🚡9820252231 💃 Choose Best And Top Girl Servic...
Private Girls Call Navi Mumbai 🛵🚡9820252231 💃 Choose Best And Top Girl Servic...
902basic
 
ERP Software Solutions Provider in Coimbatore
ERP Software Solutions Provider in CoimbatoreERP Software Solutions Provider in Coimbatore
ERP Software Solutions Provider in Coimbatore
Nextskill Technologies
 

Recently uploaded (20)

TEQnation 2024: Sustainable Software: May the Green Code Be with You
TEQnation 2024: Sustainable Software: May the Green Code Be with YouTEQnation 2024: Sustainable Software: May the Green Code Be with You
TEQnation 2024: Sustainable Software: May the Green Code Be with You
 
UMiami degree offer diploma Transcript
UMiami degree offer diploma TranscriptUMiami degree offer diploma Transcript
UMiami degree offer diploma Transcript
 
Celebrity Girls Call Mumbai 9930687706 Unlimited Short Providing Girls Servic...
Celebrity Girls Call Mumbai 9930687706 Unlimited Short Providing Girls Servic...Celebrity Girls Call Mumbai 9930687706 Unlimited Short Providing Girls Servic...
Celebrity Girls Call Mumbai 9930687706 Unlimited Short Providing Girls Servic...
 
Unleashing the Future: Building a Scalable and Up-to-Date GenAI Chatbot with ...
Unleashing the Future: Building a Scalable and Up-to-Date GenAI Chatbot with ...Unleashing the Future: Building a Scalable and Up-to-Date GenAI Chatbot with ...
Unleashing the Future: Building a Scalable and Up-to-Date GenAI Chatbot with ...
 
Mobile App Development Company in Noida - Drona Infotech.
Mobile App Development Company in Noida - Drona Infotech.Mobile App Development Company in Noida - Drona Infotech.
Mobile App Development Company in Noida - Drona Infotech.
 
Hotel Management Software Development Company
Hotel Management Software Development CompanyHotel Management Software Development Company
Hotel Management Software Development Company
 
Introduction to Cloud computing for Internet of Things
Introduction to Cloud computing for Internet of ThingsIntroduction to Cloud computing for Internet of Things
Introduction to Cloud computing for Internet of Things
 
How To Fill Timesheet in TaskSprint: Quick Guide 2024
How To Fill Timesheet in TaskSprint: Quick Guide 2024How To Fill Timesheet in TaskSprint: Quick Guide 2024
How To Fill Timesheet in TaskSprint: Quick Guide 2024
 
Russian Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service ...
Russian Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service ...Russian Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service ...
Russian Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service ...
 
NYGGS 360: A Complete ERP for Construction Innovation
NYGGS 360: A Complete ERP for Construction InnovationNYGGS 360: A Complete ERP for Construction Innovation
NYGGS 360: A Complete ERP for Construction Innovation
 
HIRE A HACKER FOR CHEATING HUSBAND/WIFE)
HIRE A HACKER FOR CHEATING HUSBAND/WIFE)HIRE A HACKER FOR CHEATING HUSBAND/WIFE)
HIRE A HACKER FOR CHEATING HUSBAND/WIFE)
 
當測試開始左移
當測試開始左移當測試開始左移
當測試開始左移
 
Tour and travel website management in odoo,
Tour and travel website management in odoo,Tour and travel website management in odoo,
Tour and travel website management in odoo,
 
Independent Girls call Service Pune 000XX00000 Provide Best And Top Girl Serv...
Independent Girls call Service Pune 000XX00000 Provide Best And Top Girl Serv...Independent Girls call Service Pune 000XX00000 Provide Best And Top Girl Serv...
Independent Girls call Service Pune 000XX00000 Provide Best And Top Girl Serv...
 
Mumbai Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service A...
Mumbai Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service A...Mumbai Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service A...
Mumbai Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service A...
 
Busty Girls Call Mumbai 9930245274 Unlimited Short Providing Girls Service Av...
Busty Girls Call Mumbai 9930245274 Unlimited Short Providing Girls Service Av...Busty Girls Call Mumbai 9930245274 Unlimited Short Providing Girls Service Av...
Busty Girls Call Mumbai 9930245274 Unlimited Short Providing Girls Service Av...
 
Russian Girls Call Mumbai 🛵🚡9833363713 💃 Choose Best And Top Girl Service And...
Russian Girls Call Mumbai 🛵🚡9833363713 💃 Choose Best And Top Girl Service And...Russian Girls Call Mumbai 🛵🚡9833363713 💃 Choose Best And Top Girl Service And...
Russian Girls Call Mumbai 🛵🚡9833363713 💃 Choose Best And Top Girl Service And...
 
Top Chinese Government-backed APT Groups
Top Chinese Government-backed APT GroupsTop Chinese Government-backed APT Groups
Top Chinese Government-backed APT Groups
 
Private Girls Call Navi Mumbai 🛵🚡9820252231 💃 Choose Best And Top Girl Servic...
Private Girls Call Navi Mumbai 🛵🚡9820252231 💃 Choose Best And Top Girl Servic...Private Girls Call Navi Mumbai 🛵🚡9820252231 💃 Choose Best And Top Girl Servic...
Private Girls Call Navi Mumbai 🛵🚡9820252231 💃 Choose Best And Top Girl Servic...
 
ERP Software Solutions Provider in Coimbatore
ERP Software Solutions Provider in CoimbatoreERP Software Solutions Provider in Coimbatore
ERP Software Solutions Provider in Coimbatore
 

Intro to Cryptography

  • 3. Definition ● Cryptography - κρυπτό (kryptós) "hidden, secret" + γράφειν (graphein) "writing" ● Cryptology - κρυπτό (kryptós) "hidden, secret" + λογία (logia), "study" ● Study of techniques for secure communication in the presence of third parties called adversaries ● Main fields ○ Data confidentiality - restricted access over the information ○ Data integrity - assurance of the accuracy and consistency of the data ○ Authentication - confirming the validity of sorm form of identification ○ Non-repudiation - assurance of data origin and authorship
  • 4. Terminology ● Plaintext - ordinary information, understandable by human ● Ciphertext - unintelligible text, encrypted text ● Encryption - encoding a message or information in such a way that only authorized parties can access it ● Decryption - restoring the original plaintext from the ciphertext ● Cipher - algorithm for encryption/decryption ● Key - a secret parameter used in the encryption/decryption process ● Cryptosystem - definitions, key-generation, enc/dec algorithms ● Symmetric/Asymmetric - single common key / different keys ● Cryptanalysis - acquiring information from encrypted messages without having the secret key
  • 5. Common Actors ● Alice and Bob - fictional characters using a cryptosystem ● Eve (eavesdropper) - listening to a private conversation ● Mallory - an active attacker
  • 6. History ● Classical cryptography - ancient, medieval ● WWI, WWII - Enigma … ● Modern - computers, public-key, hashing, quantum computing … ● Politics - NSA, NIST ...
  • 9. Classic Ciphers ● Transposition cipher - positions of the letters are shifted according to a regular system ● Substitution cipher - plaintext letters are altered according to some rules (key) ○ Simple - per letter ○ Mono/Poly-alphabetic - single, or multiple substitutions ○ Polygraphic - substitute groups of letters Route cipher Caesar cipher Vigenère cipher
  • 10. Breaking Classic Ciphers ● Brute-force ● Frequency analysis ● Demo
  • 11. Perfect Secrecy ● One-time pad - random key, long at least as the message ● Does not reveal any of the functions of the message, except its maximum length ● Security depends on the entropy of the key ● Difficult to use for long messages ● If reused it is vulnerable
  • 12. Stream Cipher ● Generates one time pad using pseudo random number generator ● Then combines it with the message ● The pad is generated based on a key ● Security depends on the entropy of the key and the random function ● Example algorithms - RC4 and ChaCha20 ● Used in hardware because is fast
  • 13. Block Cipher ● Divides the message into blocks and encrypt each block ● If the message length is not divisible by block size padding is applied ● Works in different modes: ECB, CBC, PCBC, CFB, OFB, CTR ... ● Examples: DES, 3DES, AES, Blowfish ...
  • 15. Steganography Practice of concealing a file, message, image, or video within another file, message, image, or video. ● Physical - invisible ink, microdots, knits, … ● Digital - image, audio, video or other file, text in blogs or forums ● Linguistic - acrostic, misspellings, ... Tools
  • 16. How to Ensure Data Integrity?
  • 17. Hash Functions Function used to map data of arbitrary size to data of fixed size. ● Cryptographic hash functions - deterministic, one-Way, uniformly distributed, infeasible collisions, quick to compute ● MD 2/4/5/6 - Message-Digest Algorithm ● SHA 1/2/3 - Secure Hash Algorithms ● RIPEMD - RACE Integrity Primitives Evaluation Message Digest ● BLAKE 1/2
  • 18. Hash Function Security ● Preimage resistance - hard to find message m from a given hash h = hash(m) ● Second preimage resistance - given a message m1 it should be difficult to find another different message m2 such as hash(m1) = hash(m2) ● Collision resistance - it should be difficult to find to messages m1 and m2 such as hash(m1) = hash(m2) ● Rainbow table - precomputed table for reversing cryptographic hash functions, usually for cracking password hashes ● Birthday attack
  • 19. Message Authentication Code (MAC) Short piece of information used to authenticate a message, to confirm that the message came from the stated sender (its authenticity) and has not been changed. ● CBC-MAC ● HMAC ● … ● ● Length-extension attack
  • 20. How to Securely Share Common Secret?
  • 21. Public-Key Cryptography ● Digital signatures - content is digitally signed with an individual’s private key and is verified by the individual’s public key ● Encryption - content is encrypted using an individual’s public key and can only be decrypted with the individual’s private key ● Authentication – since the individual’s unique private key was used to apply the signature, recipients can be confident that the individual was the one to actually apply the signature ● Non-repudiation – since the individual is the only one with access to the private key used to apply the signature, he/she cannot later claim that it wasn’t him/her who applied the signature ● Integrity - when the signature is verified, it checks that the contents of the document or message match what was in there when the signature was applied. Even the slightest change to the original document would cause this check to fail.
  • 23. Math ● One-way function - easy to compute on every input, but hard to invert ● Trapdoor function - easy to compute in one direction, yet difficult to compute in the opposite unless having a special information, called the "trapdoor" ○ Modular arithmetics ○ Discrete logarithm ○ Prime factorization
  • 25. RSA - Rivest–Shamir–Adleman ● Invented in 1977 ● Used for digital signatures and securing sessions (SSL) Explanation
  • 26. Elliptic curve cryptography (ECC) Explanation: https://youtu.be/dCvB-mhkT0w https://youtu.be/F3zzNa42-tQ ECC Domain Parameters: p - prime field (modulo) a,b - curve parameters G - generator point n - ord(G) (n x G = 0) h - cofactor of n Private Key (k) = Random Number < n - 1 Public Key (K) = k ∗ G K = 1E99423A4ED27608A15A2616A2B0E9E52CED330AC530EDCC32C8FFC6A526AEDD * G K = (x, y) x = F028892BAD7ED57D2FB57BF33081D5CFCF6F9ED3D3D7F159C2E2FFF579DC341A y = 07CF33DA18BD734C600B96A72BBC4749D5141C90EC8AC328AE52DDFE2E505BDB
  • 27. Breaking ● Find the private key from the public key ● Classic quantum computer ● Topological quantum computer
  • 28. Zero knowledge proofs Method by which one party (the prover) can prove to another party (the verifier) that a given statement is true, without conveying any information apart from the fact that the statement is indeed true.
  • 31. How to Surf the Web Securely?
  • 33. Public Key Infrastructure (PKI) ● Certificate Authorities (CA) - X.509 ● Web of Trust ● Blockchain PKI - Emercoin
  • 34. How to Surf the Web Privately?
  • 35. Tor