This document provides an overview of symmetric and asymmetric cryptography. Symmetric cryptography uses the same key for encryption and decryption, while asymmetric cryptography uses different keys. The Merkle-Hellman knapsack cryptosystem was one of the earliest public key systems, but it was broken. The RSA algorithm uses a public/private key pair to encrypt and decrypt messages securely. DES was developed as a standard for encrypting sensitive data.
The presentation covers the following:
Basic Terms
Cryptography
The General Goals of Cryptography
Common Types of Attacks
Substitution Ciphers
Transposition Cipher
Steganography- “Concealed Writing”
Symmetric Secret Key Encryption
Types of Symmetric Algorithms
Common Symmetric Algorithms
Asymmetric Secret Key Encryption
Common Asymmetric Algorithms
Public Key Cryptography
Hashing Techniques
Hashing Algorithms
Digital Signatures
Transport Layer Security
Public key infrastructure (PKI)
The presentation covers the following:
Basic Terms
Cryptography
The General Goals of Cryptography
Common Types of Attacks
Substitution Ciphers
Transposition Cipher
Steganography- “Concealed Writing”
Symmetric Secret Key Encryption
Types of Symmetric Algorithms
Common Symmetric Algorithms
Asymmetric Secret Key Encryption
Common Asymmetric Algorithms
Public Key Cryptography
Hashing Techniques
Hashing Algorithms
Digital Signatures
Transport Layer Security
Public key infrastructure (PKI)
Cryptography is the science of using mathematics to encrypt and decrypt data.
Cryptography enables you to store sensitive information or transmit it across insecure networks so that it cannot be read by anyone except the intended recipient.
While computer systems today have some of the best security systems ever, they are more vulnerable than ever before.
This vulnerability stems from the world-wide access to computer systems via the Internet.
Computer and network security comes in many forms, including encryption algorithms, access to facilities, digital signatures, and using fingerprints and face scans as passwords.
The presentation gives a brief overview and history about steganography and discusses the various types and techniques of steganography.
The types of steganography included are:
Text
Image
Audio
This PPT explains about the term "Cryptography - Encryption & Decryption". This PPT is for beginners and for intermediate developers who want to learn about Cryptography. I have also explained about the various classes which .Net provides for encryption and decryption and some other terms like "AES" and "DES".
Cryptography is the science of using mathematics to encrypt and decrypt data.
Cryptography enables you to store sensitive information or transmit it across insecure networks so that it cannot be read by anyone except the intended recipient.
While computer systems today have some of the best security systems ever, they are more vulnerable than ever before.
This vulnerability stems from the world-wide access to computer systems via the Internet.
Computer and network security comes in many forms, including encryption algorithms, access to facilities, digital signatures, and using fingerprints and face scans as passwords.
The presentation gives a brief overview and history about steganography and discusses the various types and techniques of steganography.
The types of steganography included are:
Text
Image
Audio
This PPT explains about the term "Cryptography - Encryption & Decryption". This PPT is for beginners and for intermediate developers who want to learn about Cryptography. I have also explained about the various classes which .Net provides for encryption and decryption and some other terms like "AES" and "DES".
A brief study on Storage Area Network (SAN), SAN architecture & its importance. It focuses on the techniques and the technologies that have evolved around SAN & its Security.
In recent years, we have seen an overwhelming number of TV commercials that promise that the Cloud can help with many problems, including some family issues. What stands behind the terms “Cloud” and “Cloud Computing,” and what we can actually expect from this phenomenon? A group of students of the Computer Systems Technology department and Dr. T. Malyuta, whom has been working with the Cloud technologies since its early days, will provide an overview of the business and technological aspects of the Cloud.
traditional private/secret/single key cryptography uses one key
Key is shared by both sender and receiver
if the key is disclosed communications are compromised
also known as symmetric, both parties are equal
hence does not protect sender from receiver forging a message & claiming is sent by sender
Sasha Romijn - Everything I always wanted to know about crypto, but never tho...Codemotion
For many years, I had entirely given up on ever understanding the anything about cryptography. However, I’ve since learned it’s not nearly as hard as I thought to understand many of the important concepts. In this talk, I’ll take you through some of the underlying principles of modern applications of cryptography. We’ll talk about our goals, the parts are involved, and how to prevent and understand common vulnerabilities. This’ll help you to make better choices when you implement crypto in your products, and will improve your understanding of how crypto is applied to things you already use.
Similar to Secure Encyrption Systems Chapter 2 (20)
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
2. IntroductionIntroduction
There are two main types of cryptography:There are two main types of cryptography:
symmetric (secret key) cryptographysymmetric (secret key) cryptography
asymmetric (public key) cryptographyasymmetric (public key) cryptography
3. Symmetric (Secret Key)Symmetric (Secret Key)
CryptographyCryptography
Symmetric (secret key) cryptographySymmetric (secret key) cryptography
Data is encrypted using a key.Data is encrypted using a key.
The same key must be use to decrypt the data.The same key must be use to decrypt the data.
The security of a symmetric cryptography rests in theThe security of a symmetric cryptography rests in the
key.key.
Divulging the key - anyone could encrypt and decryptDivulging the key - anyone could encrypt and decrypt
the message.the message.
Example : Data Encryption Standard (DES)Example : Data Encryption Standard (DES)
4. Symmetric (Secret Key)Symmetric (Secret Key)
CryptographyCryptography
Problem with Symmetric CryptographyProblem with Symmetric Cryptography
(Distribution of Keys)(Distribution of Keys)
The main problem is getting the sender and receiverThe main problem is getting the sender and receiver
agree on the secret key without anyone else finding out.agree on the secret key without anyone else finding out.
If they are in separate physical locations, they must trustIf they are in separate physical locations, they must trust
a courier or a phone system or some other transmissiona courier or a phone system or some other transmission
medium to prevent the disclosure of the secret key beingmedium to prevent the disclosure of the secret key being
communicated.communicated.
Anyone who overhears or intercepts the key in transitAnyone who overhears or intercepts the key in transit
can later read, modify and forge all messages encryptedcan later read, modify and forge all messages encrypted
using that key.using that key.
5. Asymmetric (Public Key)Asymmetric (Public Key)
CryptographyCryptography
Asymmetric (public key) cryptographyAsymmetric (public key) cryptography
Different keys used for encryption and decryptionDifferent keys used for encryption and decryption
The ciphering algorithm are called the public keyThe ciphering algorithm are called the public key
algorithms becausealgorithms because one of the keys used can beone of the keys used can be
made publicmade public..
Example : a complete stranger can use theExample : a complete stranger can use the publicpublic
encryption key to encryptencryption key to encrypt a message but only aa message but only a
specific person with the correspondingspecific person with the corresponding secretsecret
decryption key can decrypt the messagedecryption key can decrypt the message..
In these systems, the encryption key is often calledIn these systems, the encryption key is often called
the public key and the decryption key is often calledthe public key and the decryption key is often called
the private key.the private key.
Example : RSAExample : RSA
6. Asymmetric (Public Key)Asymmetric (Public Key)
CryptographyCryptography
Concern about public key algorithm:Concern about public key algorithm:
The concern covers three categories:The concern covers three categories:
Fortitude in providing unbreakable securityFortitude in providing unbreakable security
PracticalityPracticality
ApplicabilityApplicability
Many of the algorithms are insecureMany of the algorithms are insecure
Among secure algorithm, many are impractical –Among secure algorithm, many are impractical –
key size too large or ciphertext is much larger thankey size too large or ciphertext is much larger than
plaintextplaintext
Only few algorithms are both secure and practical :Only few algorithms are both secure and practical :
Some are only suitable for key distributionSome are only suitable for key distribution
Some are only suitable for encryptionSome are only suitable for encryption
7. Merkle-Hellman KnapsackMerkle-Hellman Knapsack
One of the earliest public key cryptosystem invented byOne of the earliest public key cryptosystem invented by
Ralph Merkle and Martin Hellman in 1978.Ralph Merkle and Martin Hellman in 1978.
Is based on theIs based on the subset sum problemsubset sum problem (a special case of the(a special case of the
knapsack problemknapsack problem): given a list of numbers and a third): given a list of numbers and a third
number, which is the sum of a subset of these numbers,number, which is the sum of a subset of these numbers,
determine the subset.determine the subset.
In general, this problem is known to beIn general, this problem is known to be NP-completeNP-complete;;
however, there are some 'easy' instances which can behowever, there are some 'easy' instances which can be
solved efficiently.solved efficiently.
However, the scheme was broken by Adi Shamir, not byHowever, the scheme was broken by Adi Shamir, not by
attacking the knapsack problem, but rather by breaking theattacking the knapsack problem, but rather by breaking the
conversion from an easy knapsack to a hard one.conversion from an easy knapsack to a hard one.
8. Merkle-Hellman KnapsackMerkle-Hellman Knapsack
What is a knapsack problem?What is a knapsack problem?
Given N = {17, 38, 73, 4, 11, 1}
Find a subset of N whose elements adds up to 53.
Is it 73? No!
How about 17? If 17, the balance would be 36 and therefore it
cannot be 17.
38? 53 - 38 = 15 = 4 + 11.
Therefore {38, 11, 4} is the solution
Generally to solve it, what it needs is an NP-Complete
complexity, exponential time behavior in term off the size
of the problem, in this case the number of integers.
needs to backtrack, discard etc….
9. Merkle-Hellman KnapsackMerkle-Hellman Knapsack
The scheme is to encode a binary message as a
solution to a knapsack problem, reducing the
ciphertext to the target sum obtained by adding terms
corresponding to 1s in the plaintext.
PlaintextPlaintext 11 00 11 00 00 11 00 11 11 00 11 00
KnapsackKnapsack 11 22 55 99 2020 4343 11 22 55 99 2020 4343
Target Sum = 1 + 5 + 43 2 + 5 + 20
= 49 = 27
10. Merkle-Hellman KnapsackMerkle-Hellman Knapsack
Superincreasing Knapsack
When the elements of the set are arranged strictly such
that
ak > Σ aj from j = 1 to k-1
the knapsack problem becomes simpler This kind of
arrangement are called superincreasing.
Example: Set of {1, 4, 11, 17, 38, 73}
Because the elements are ordered, and an element ai is
always > sum of all the lower elements, it is easy to
decide whether to discard or to include.
11. Merkle-Hellman KnapsackMerkle-Hellman Knapsack
Encryption Technique
It is a public-key cryptosystem:
public key : is the set of integers of a knapsack problem
(non-superincreasing knapsack – NSI)
private key : is the corresponding superincreasing
knapsack - SI
Genius of Merkle Hellman was to discover a means
to transform an SI knapsack to NSI knapsack.
The transformation is not obvious but reversible.
12. Merkle-Hellman KnapsackMerkle-Hellman Knapsack
Transforming SI (Superincreasing) to NSI (Non – Superincreasing)
Let s = {s1, s2, s3, ……sM}. Choose a multiplier w and a
modulus n such that
n > sM
(w, n) is relatively prime (no common factor)
Then h = {h1, h2, h3, ……hM} such that
h1 = w * s1 mod n, h2 = w * s2 mod n, and so on.
13. Merkle-Hellman KnapsackMerkle-Hellman Knapsack
Example of transforming SI to NSIExample of transforming SI to NSI
Suppose s = {1, 2, 4, 9} and suppose w = 15
and n = 17
1 * 15 mod 17 = 15
2 * 15 mod 17 = 13
4 * 15 mod 17 = 9
9 * 15 mod 17 = 16
So H = {15, 13, 9, 16} and this is NSI.
14. Merkle-Hellman KnapsackMerkle-Hellman Knapsack
Example (Encrypt Process)
Given S = {1, 2, 4, 9} (private key) and H = {15,
13, 9, 16} (public key) with w = 15, n = 17 and m
= 4 (divide the block into m bits). Message is
0100 1011 1010 0101.
With H = {15, 13, 9, 16} the message is encoded
as follows:
[0 1 0 0] * [15, 13, 9, 16] = 13
[1 0 1 1] * [15, 13, 9, 16] = 40
[1 0 1 0] * [15, 13, 9, 16] = 24
[0 1 0 1] * [15, 13, 9, 16] = 29
15. Merkle-Hellman KnapsackMerkle-Hellman Knapsack
Example Decryption Process
To decrypt, we first need to find the inverse of
15 mod 17 and this is equal to 8. Multiply all the
encrypted message C with 8 mod 17 to get the
sum si.
Note :
S = {1, 2, 4, 9} (private key)
13 * 8 mod 17 = 2 = [0100]
40 * 8 mod 17 = 14 = [1011]
24 * 8 mod 17 = 5 = [1010]
29 * 8 mod 17 = 11 = [0101]
The recovered message is 0100101110100101
16. Merkle-Hellman KnapsackMerkle-Hellman Knapsack
Inverse 15 mod 17Inverse 15 mod 17
15 * y mod 17 = 115 * y mod 17 = 1
15 * 1 mod 17 = 15 mod 17 = 1515 * 1 mod 17 = 15 mod 17 = 15
15 * 2 mod 17 = 30 mod 17 = 1315 * 2 mod 17 = 30 mod 17 = 13
15 * 3 mod 17 = 45 mod 17 = 1115 * 3 mod 17 = 45 mod 17 = 11
15 * 4mod 17 = 60 mod 17 = 915 * 4mod 17 = 60 mod 17 = 9
15 * 5 mod 17 = 75 mod 17 = 715 * 5 mod 17 = 75 mod 17 = 7
15 * 6 mod 17 = 80 mod 17 = 515 * 6 mod 17 = 80 mod 17 = 5
15 * 7 mod 17 = 105 mod 17 = 315 * 7 mod 17 = 105 mod 17 = 3
15 * 8 mod 17 = 120 mod 17 = 115 * 8 mod 17 = 120 mod 17 = 1
17. RSA AlgorithmRSA Algorithm
The RSA algorithm is named after Ron
Rivest, Adi Shamir and Leonard Adleman
who invented it in 1977.
The RSA algorithm can be used for both
public key encryption and digital
signatures (authentication).
18. RSA AlgorithmRSA Algorithm
In RSA algorithm, there are 3 importantIn RSA algorithm, there are 3 important
steps:steps:
Key generation algorithmKey generation algorithm
EncryptionEncryption
DecryptionDecryption
19. RSA AlgorithmRSA Algorithm
Key Generation AlgorithmKey Generation Algorithm
Generate two large random primes, p and q ofGenerate two large random primes, p and q of
approximately equal size such that their product n = pq isapproximately equal size such that their product n = pq is
of the required bit length (e.g: 1024 bits)of the required bit length (e.g: 1024 bits)
Compute n = pq andCompute n = pq and phiphi ((ΦΦ) = (p-1) (q-1)) = (p-1) (q-1)
Choose an integer e, 1< e < phi, such that gcd (e, phi) = 1Choose an integer e, 1< e < phi, such that gcd (e, phi) = 1
Compute the secret exponent d, 1 < d < phi, such thatCompute the secret exponent d, 1 < d < phi, such that
ed = 1 (mod phi)ed = 1 (mod phi)
The public key is (n, e) and the private key is (n, d)The public key is (n, e) and the private key is (n, d)
20. RSA AlgorithmRSA Algorithm
Encryption processEncryption process
Obtains the recipient B’s public key (n, e)Obtains the recipient B’s public key (n, e)
Represent the plaintext message asRepresent the plaintext message as
positive integer m.positive integer m.
Compute the ciphertext c = mCompute the ciphertext c = mee
mod nmod n
Sends the ciphertext c to B (recipient)Sends the ciphertext c to B (recipient)
21. RSA AlgorithmRSA Algorithm
Decryption processDecryption process
Recipient B does the following:
Uses his private key (n, d) to compute
m = cd
mod n
Extracts the plaintext from the integer
representative m.
22. RSA AlgorithmRSA Algorithm
Example :
Key Generation:
Let p = 11, q = 13, so
n = p*q = 143
(ΦΦ) = (p-1)(q-1) = 10 * 12 = 120
Choose e relatively prime to (ΦΦ), say e = 11
e * d mod ΦΦ = 1
11 * d mod 120 = 1
Therefore d = 11
Now we know : Public key ( e = 11, n = 143)
: Private key (d = 11)
p & q – prime number
n = p * q
(ΦΦ) = (p-1) (q-1)
e, n public key
d private key
23. RSA AlgorithmRSA Algorithm
Example :
Encryption process:
If plaintext m = 7,
C = me
mod n
711 mod 143 = 106
Decryption process:
To decrypt, since c = 106
m = cd
mod n = 10611
mod 143 = 7
24. RSA AlgorithmRSA Algorithm
How do you calculate 711
mod 143 = 106??
711
mod 143 =
74
mod 143 * 74
mod 143 * 72
mod 143 * 71
mod 143
= 113 * 113 * 49 * 7 (mod 143)
= 12769 * 343 (mod 143)
= 42 * 57 (mod 143)
= 2394 mod 143
= 106
25. DES (Data Encryption Standard)DES (Data Encryption Standard)
Invented by a team (led by Walter Tuchman)
based on a concept originated by Horst Feistel
of IBM and known as Lucifer
Its proper name is DEA (Data Encryption
Algorithm) in US and DEA1 in other countries.
Mandated for encryption by all federal agencies
for sensitive data.
When used for communication, both sender and
receiver must know the same secret key, which
can be used to encrypt and decrypt the message
26. DES (Data Encryption Standard)DES (Data Encryption Standard)
DES CharacteristicsDES Characteristics
Symmetric Encryption
Combination of substitution technique and transposition
technique.
Provide confusion by systematically substituting some
bit patterns for others.
Provide diffusion by reordering bits.
Uses only standard arithmetic and logical operations.
Plaintext is encrypted in blocks of 64 bits
56-bit key - Choosing 56 bits also allowed DES to be
implemented on a single chip
64-bit key-block (8 parity bits embedded)
27. DES (Data Encryption Standard)DES (Data Encryption Standard)
Refer to your extra notes !Refer to your extra notes !
28. DES (Data Encryption Standard)DES (Data Encryption Standard)
Decryption
One advantage of DES is that decryption
is essentially the same as encryption.
The key schedule is reversed.
This is due to the fact that DES is based
on a Feistel network.
29. DES Weak Keys
• Because of the way the key is modified at each round to get the
sub-key, certain keys are weak keys.
• Weak keys are those which are unmodified at each round, because
they contain all 1’s or all 0’s in each half of the key.
Weak Key 64-bit value Actual subkey values after
(with parity) initial permutation (2x28)
0101 0101 0101 0101 00000000 00000000
1F1F 1F1F 1F1F 1F1F 00000000 FFFFFFFF
E0E0 E0E0 E0E0 E0E0 FFFFFFFF 00000000
FEFE FEFE FEFE FEFE FFFFFFFF FFFFFFFF
30. DES Semi-Weak Keys
• Some pairs of keys will encrypt a given plaintext to the same
ciphertext.
• This is because they yeild only two different subkeys, each of
which is used 8 times in the algorithm.
• These pairs are known as semi-weak keys
01FE 01FE 01FE 01FE FE01 FE01 FE01 FE01
1FE0 1FE0 1FE0 1FE0 E01F E01F E01F E01F
01E0 01E0 01E0 01E0 E001 E001 E001 E001
31. Security of DES
• There have been two major points of criticism about DES :
– key size is too small,
– the S-boxes contained secret design criteria.
• With advances in the field of cryptanalysis and the huge
increase in available computing power, DES is no longer
considered to be very secure.
32. Triple-DES Algorithm
• Triple-DES is a secure variation of the Data Encryption Standard
first developed by IBM, and later in 1977 adopted by the
U.S.government.
• Triple-DES is a 192 bit (24 characters) cipher that uses three
separate 64 bit keys and encrypts data using the DES algorithm
three times. ABI- CODER uses a variation that takes a single 192
bit (24 characters) key and then;
– encrypts data using first 64 bits (8 characters)
– decrypts same data using second 64 bits (8 characters)
– encrypts same data using the last 64 bits (8 characters)
35. Security of DESSecurity of DES
1997 – 3500 machines parallel infer a1997 – 3500 machines parallel infer a
DES key in four month.DES key in four month.
1998 - $100,000; researchers built ‘DES1998 - $100,000; researchers built ‘DES
cracker’ – DES key in four days.cracker’ – DES key in four days.
DES secure? – great deal of cooperationDES secure? – great deal of cooperation
& money. 3 DES still beyond the power of& money. 3 DES still beyond the power of
these attacks.these attacks.
36. New algorithmNew algorithm
Increasing power of computer, USIncreasing power of computer, US
National Institute of Standards andNational Institute of Standards and
Technology began the search for new,Technology began the search for new,
strong algorithm in 1995.strong algorithm in 1995.
Many participated (15 -> 5).Many participated (15 -> 5).
Based on not just security but also costBased on not just security but also cost
(efficiency) & ease of implementation.(efficiency) & ease of implementation.
Winner – Rijndael a.k.a AdvancedWinner – Rijndael a.k.a Advanced
Encryption Standard (AES).Encryption Standard (AES).
37. DesignDesign
UnclassifiedUnclassified
Publicly disclosedPublicly disclosed
Available royalty-fee worldwideAvailable royalty-fee worldwide
Symmetric block cipher algorithms (128Symmetric block cipher algorithms (128
bits)bits)
Usable with key size 128, 192, and 256Usable with key size 128, 192, and 256
bitsbits
38. AES (Rijndael)AES (Rijndael)
Created by Vincent Rijmen & JoanCreated by Vincent Rijmen & Joan
Daemen (Dutch cryptographers).Daemen (Dutch cryptographers).
Adopted for use by US government in DecAdopted for use by US government in Dec
2001.2001.
Fast on simple processors.Fast on simple processors.
Repeat cycles.Repeat cycles.
10, 12, 14 cycles for keys of 128, 192 and10, 12, 14 cycles for keys of 128, 192 and
256 bits.256 bits.