Symmetric encryption uses a single key to encrypt and decrypt messages. It provides confidentiality by ensuring encrypted information can only be understood by the intended parties who share the secret key. Symmetric encryption algorithms can be classified based on their operations, number of keys used, and how plaintext is processed. They use substitution and permutation operations along with multiple rounds to provide both confusion and diffusion of the plaintext. Popular symmetric algorithms include DES, Triple DES, and AES, which use the Feistel cipher structure and substitution-permutation networks. Keys must be distributed securely between communicating parties for encryption and decryption.
This PPT explains about the term "Cryptography - Encryption & Decryption". This PPT is for beginners and for intermediate developers who want to learn about Cryptography. I have also explained about the various classes which .Net provides for encryption and decryption and some other terms like "AES" and "DES".
What is Asymmetric Encryption? Understand with Simple ExamplesCheapSSLsecurity
Learn what is Asymmetric Encryption and how asymmetric encryption works with examples. Also, demystify the difference between asymmetric vs symmetric encryption.
A brief introduction to Crytography,the various types of crytography and the advantages and disadvantages associated to using the following tyes with some part of the RSA algorithm
This presentation introduces the Basics of Cryptography and Network Security concepts. Heavily derived from content from William Stalling's book with the same title.
As data security becomes of paramount importance, we are going to need to have a reasonable understanding of encryption and encryption techniques. We will discuss the different types of encryption techniques and understand the difference between hashing (one way encryption) and encryption (designed to be two way). We will look at what is industry best practice for encryption today, and why. We will also look at some issues relating to performance of encryption.
This PPT explains about the term "Cryptography - Encryption & Decryption". This PPT is for beginners and for intermediate developers who want to learn about Cryptography. I have also explained about the various classes which .Net provides for encryption and decryption and some other terms like "AES" and "DES".
What is Asymmetric Encryption? Understand with Simple ExamplesCheapSSLsecurity
Learn what is Asymmetric Encryption and how asymmetric encryption works with examples. Also, demystify the difference between asymmetric vs symmetric encryption.
A brief introduction to Crytography,the various types of crytography and the advantages and disadvantages associated to using the following tyes with some part of the RSA algorithm
This presentation introduces the Basics of Cryptography and Network Security concepts. Heavily derived from content from William Stalling's book with the same title.
As data security becomes of paramount importance, we are going to need to have a reasonable understanding of encryption and encryption techniques. We will discuss the different types of encryption techniques and understand the difference between hashing (one way encryption) and encryption (designed to be two way). We will look at what is industry best practice for encryption today, and why. We will also look at some issues relating to performance of encryption.
Επιχειρηματικότητα και μοντέλα διαδικτυακής επιχειρηματικοτηταςIosif Alvertis
This lecture on "Entrepreneurship in a Digital Era" is part of the course "Topics of Advanced Management", for the MBA provided by NTUA, as I presented it in class in 2016 (in Greek).
Effect of substituents and functions on drug structure activity relationshipsOmar Sokkar
The replacement, in an active molecule, of a hydrogen atom by a substituent (alkyl, halogen, hydroxyl, nitro, cyano, alkoxy, amino, carboxylate, etc.) or a functional group can deeply modify The potency, The duration, Perhaps even the nature of the pharmacological effect.
In cryptography, a block cipher is a deterministic algorithm operating on ... Systems as a means to effectively improve security by combining simple operations such as .... Finally, the cipher should be easily cryptanalyzable, such that it can be ...
Training and Tips that are very helpful to gain knowledge in the field of information Security and passing your CISSP Certification Exam.
To be CISSP Certified Please Check out the link below:
http://asmed.com/cissp-isc2/
Cryptography and network security Nit701Amit Pathak
Cryptography and network security descries the security parameter with the help of public and private key. Digital signature is one of the most important area which we apply in our daily life for transferring the data.
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...editor1knowledgecuddle
Today is the era of Internet and networks applications. So,Information security is a challenging issue in today’s technological world. There is a demand for a stronger encryption which is very hard to crack. The role of Cryptography is most important in the field of network security. There is a broad range of cryptographic algorithms that are used for securing networks and presently continuous researches on the new cryptographic algorithms are going on for evolving more advanced techniques for secures
communication. In this study is made for the cryptography algorithms, particularly algorithms- AES, DES, RSA, Blowfishare compared and performance is evaluated. Also some enhanced algorithms are described and compared with the enhanced algorithms.
Keywords - AES, DES, BLOWFISH, Decryption, Encryption, Security
This presentation consists of the Seminar, provided by me in the partial fulfillment of my Bachelors Degree in G B Pant Engineering College. Seminar included information about Encryption, Decryption, Cryptosystems and Authenticity in crytosystem.
Today in modern era of internet we share some sensitive data to information transmission. but need to ensure security. So we focus on Cryptography modern technique for secure transmission of information over network.
Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...zachdwg
Unlocking Cryptography: Understanding the Basics, Tricks, and Uses
This presentation helps you understand how cryptography works. It starts by explaining what cryptography is and goes on to describe different ways to hide information securely. You'll learn about secret codes, special math tricks, and how hackers try to break them. Plus, you'll discover how people use cryptography to keep their messages safe when sending them over the internet, keeping their money secure, and much more. Whether you're just curious or want to learn how to protect your own information, this book has got you covered!
For a college course -- CNIT 140: "Cryptography for Computer Networks" at City College San Francisco
Instructor: Sam Bowne
More info: https://samsclass.info/141/141_S19.shtml
Based on "Serious Cryptography: A Practical Introduction to Modern Encryption", by Jean-Philippe Aumasson, No Starch Press (November 6, 2017), ISBN-10: 1593278268 ISBN-13: 978-1593278267
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Essentials of Automations: Optimizing FME Workflows with Parameters
Lecture3a symmetric encryption
1. Symmetric
Encryption and Message
Confidentiality
RAJA M KHURRAM SHAHZAD
2. Cryptography
• Why do we need cryptography?
– Requirements - must be sure that:
– Be sure our confidential information can’t be understood by anyone
than the intended
– Protect against interception
2
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
3. Cryptography
• Classified along three independent dimensions:
1. The type of operations used for transforming plain-text to cipher text
Substitution: each element is mapped to another element
Transposition: elements are rearranged
2. The number of keys used
symmetric (single key)
asymmetric (two-keys, or public-key encryption)
3. The way in which the plain-text is processed
block cipher
stream cipher
3
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
4. Big picture
4
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
5. Conventional Encryption Principles
• An encryption scheme has five ingredients:
1. Plain-text 2. Encryption algorithm (Strong)
3. Secret Keys (Shared and kept secretly)
4. Cipher text 5. Decryption algorithm
(Cipher Text: result of encryption performed on plaintext using an algorithm,
called a cipher)
• Security depends on the secrecy of the key, not the secrecy of
the algorithm
• Most important algorithm: Data Encryption Algorithm (DEA)
1. Data Encryption Standard – DES
2. Triple DEA – TDEA
3. International Data Encryption Algorithm - IDEA
5
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
6. Example
6
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
7. Average Time for Exhaustive Key Search
Key Size (bits) Number of Alternative Keys Time required at 106
Decryption/µs
32 232 = 4.3 x 109 2.15 milliseconds
56 256 = 7.2 x 1016 10 hours
128 2128 = 3.4 x 1038 5.4 x 1018 years
168 2168 = 3.7 x 1050 5.9 x 1030 years
7
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
8. Fun Work : Zodiac’s “My Name is” cipher
http://www.opordanalyt
ical.com/articles/Zodia
c3.htm
8
ET2437 - Network Security
9. Cryptanalysis
Type of attack Known to cryptanalyst
Ciphertext only Encryption algorithm
Ciphertext to be decoded
Known plaintext Encryption algorithm
Ciphertext to be decoded
One or more plaintext-ciphertext pair
Chosen plaintext Encryption algorithm
Ciphertext to be decoded
Plaintext chosen by cryptanalyst with ciphertext pair
Chosen ciphertext Encryption algorithm
Ciphertext to be decoded
Ciphertext chosen by cryptanalyst with plaintext
Chosen text Encryption algorithm
Ciphertext to be decoded
Plaintext chosen by cryptanalyst with ciphertext pair
Ciphertext chosen by cryptanalyst with plaintext 9
10. Substitution-Permutation Networks
• In 1949 Claude Shannon introduced idea of Substitution-
Permutation (SP) networks
SP Networks is a series of linked mathematical operations used in
block cipher algorithms
Modern Substitution-Transposition product cipher
• These form the basis of modern block ciphers
• SP networks are based on the two primitive cryptographic
operations:
Substitution (S-box)
Permutation (P-box)
Provide confusion and diffusion of message
10
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
11. Substitution-Permutation Networks
• Takes a block of the plaintext and the
key as inputs
• Applies several alternating "rounds" or
"layers" of substitution boxes (S-boxes)
and permutation boxes (P-boxes) to
produce the ciphertext block.
• S-box substitutes a small block of bits
(the input of the S-box) by another
block of bits (the output of the S-box).
• A P-box is a permutation of all the bits:
it takes the outputs of all the S-boxes
of one round, permutes the bits, and
feeds them into the S-boxes of the next
round. 11
12. Confusion and Dif fusion
• Cipher needs to completely obscure statistical properties of
original message
A one-time pad does this
• More practically Shannon suggested combining elements to
obtain:
Diffusion
– dissipates statistical structure of plain-text over bulk of cipher-text
– output bits should depend on the input bits in a very complex way
Confusion
– makes relationship between cipher-text and key as complex as
possible
– make it very hard to find the key even if one has a large number of
plaintext-ciphertext pairs produced with the same key. Therefore,
each bit of the ciphertext should depend on the entire key, and in
different ways on different bits of the key.
12
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
13. Feistel Cipher Structure
• Virtually all conventional block encryption algorithms, including DES have
a structure first described by Horst Feistel of IBM in 1973
• The realization of a Fesitel Network depends on the choice of the
following parameters and design features:
Block size: larger block sizes mean greater security
Key Size: larger key size means greater security
Number of rounds: multiple rounds offer increasing security
Sub-key generation algorithm: greater complexity will lead to greater difficulty
of cryptanalysis.
Fast software encryption/decryption: the speed of execution of the algorithm
becomes a concern
• implements Shannon’s substitution-permutation network concept
13
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
15. DES
• Data Encryption Standard (DES)
The most widely used encryption scheme
The algorithm is referred to the Data Encryption Algorithm (DEA)
DES is a block cipher
The plain-text is processed in 64-bit blocks
The key is 56-bits in length
• The overall processing at each iteration:
Li = Ri-1
Ri = Li-1 F(Ri-1, Ki)
• Concerns about:
The algorithm and the key length (56-bits)
15
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
16. Triple DEA
• Use three keys and three executions of the DES algorithm
(encrypt-decrypt-encrypt)
C = Cipher-text C = EK3[DK2[EK1[P]]]
P = Plain-text
EK[X] = encryption of X using key K
DK[Y] = decryption of Y using key K
• Effective key length
of 168 bits
16
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
17. Other Symmetric Block Ciphers
• International Data Encryption Algorithm (IDEA)
128-bit key
Used in PGP
• Blowfish
Easy to implement
High execution speed
Run in less than 5K of memory
• RC5
Suitable for hardware and software, Low memory requirement
Fast, simple
Adaptable to processors of different word lengths
Variable number of rounds
Variable-length key
High security
Data-dependent rotations
17
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
18. Cipher Block Modes of Operation
• Procedure of enabling the repeated and secure use of a block
cipher under a single key
• Primarily been defined for encryption and authentication
• Cipher Block Chaining Mode (CBC)
The input to the encryption algorithm is the XOR of the current plain-
text block and the preceding cipher text block.
Repeating pattern of 64-bits are not exposed
18
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
20. Location of Encryption Device
• Link encryption
A lot of encryption devices
High level of security
Decrypt each packet at every switch
• End-to-end encryption
The source encrypt and the receiver decrypts
Payload encrypted
Header in the clear
• For High Security both link and end-to-end encryption are needed
20
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
21. Key Distribution
1. A key could be selected by A and physically delivered to B.
2. A third party could select the key and physically deliver it to A
and B.
3. If A and B have previously used a key, one party could transmit
the new key to the other, encrypted using the old key.
4. If A and B each have an encrypted connection to a third party C,
C could deliver a key on the encrypted links to A and B.
• Session key
Data encrypted with a one-time session key. At the conclusion of the
session the key is destroyed
• Permanent key
Used between entities for the purpose of distributing session keys
21
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
22. The End
22
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
Editor's Notes
Every block cipher involves a transformation of a block of plaintext into a block of cipher text, where the transformation depends on the key. The mechanism of diffusion seeks to make the statistical relationship between the plaintext and cipher text as complex as possible in order to thwart attempts to deduce the key. Confusion seeks to make the relationship between the statistics of the cipher text and the value of the encryption key as complex as possible, again to thwart attempts to discover the key. So successful are diffusion and confusion in capturing the essence of the desired attributes of a block cipher that they have become the cornerstone of modern block cipher design.