The document discusses various topics related to cryptography and network security. It defines key terms like cryptography, plaintext, ciphertext, encryption, decryption, symmetric key encryption, public key encryption, hashing, digital signatures, AES, DES, and firewall. It provides details on how symmetric and public key encryption works, the structure and process of AES encryption, key expansion in AES, and implementation aspects of AES on CPUs. The document provides an overview of important concepts and algorithms in cryptography and network security.
The Security Problem
Program Threats
System and Network Threats
Cryptography as a Security Tool
User Authentication
Implementing Security Defenses
Firewalling to Protect Systems and Networks
Computer-Security Classifications
An Example: Windows XP
1 Symmetric Encryption
2 Message Authentication and Hash Functions
3 Public-Key Encryption
4 Digital Signatures and Key Management
5 Random and Pseudo random Numbers
6 Practical Application: Encryption of Stored Data
7 Symmetric vs Asymmetric
The Security Problem
Program Threats
System and Network Threats
Cryptography as a Security Tool
User Authentication
Implementing Security Defenses
Firewalling to Protect Systems and Networks
Computer-Security Classifications
An Example: Windows XP
1 Symmetric Encryption
2 Message Authentication and Hash Functions
3 Public-Key Encryption
4 Digital Signatures and Key Management
5 Random and Pseudo random Numbers
6 Practical Application: Encryption of Stored Data
7 Symmetric vs Asymmetric
Cryptography is a technique used today hiding any confidential information from the attack of an intruder. Today data communication mainly depends upon digital data communication, where prior requirement is data security, so that data should reach to the intended user. The protection of multimedia data, sensitive information like credit cards, banking transactions and social security numbers is becoming very important. The protection of these confidential data from unauthorized access can be done with many encryption techniques. So for providing data security many cryptography techniques are employed, such as symmetric and asymmetric techniques. In this review paper different asymmetric cryptography techniques, such as RSA (Rivest Shamir and Adleman), Diffie-Hellman, DSA (Digital Signature Algorithm), ECC (Elliptic curve cryptography) are analyzed. Also in this paper, a survey on existing work which uses different techniques for image encryption is done and a general introduction about cryptography is also given. This study extends the performance parameters used in encryption processes and analyzing on their security issues.
Performance Comparison of File Security System using TEA and Blowfish Algorithmsijtsrd
With the progress in data exchange by the electronic system, the need for information security has become a necessity. Due to the growth of multimedia application, security becomes an important issue of communication and storage of different files. To make its reality, cryptographic algorithms are widely used as essential tools. Cryptographic algorithms provide security services such as confidentiality, authentication, data integrity and secrecy by encryption. Different cryptographic algorithms are commonly used for information security in many research areas. Although there are two encryption techniques, asymmetric and symmetric, the simpler symmetric encryption technique is employed for testing file security system. In this study, the performance evaluation of the most common two symmetric encryption algorithms such as TEA and Blowfish algorithm is focused on the execution time intervals. Simulation has been conducted with many types of file encryption like .pdf, .txt, .doc, .docx, .xlsx, .pptx, .ppt, .xls, .jpg, .png and most common video file formats by using Java Programming Language. Win Myat Thu | Tin Lai Win | Su Mu Tyar "Performance Comparison of File Security System using TEA and Blowfish Algorithms" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-5 , August 2019, URL: https://www.ijtsrd.com/papers/ijtsrd26462.pdfPaper URL: https://www.ijtsrd.com/engineering/computer-engineering/26462/performance-comparison-of-file-security-system-using-tea-and-blowfish-algorithms/win-myat-thu
International Journal of Engineering Research and Development (IJERD)IJERD Editor
journal publishing, how to publish research paper, Call For research paper, international journal, publishing a paper, IJERD, journal of science and technology, how to get a research paper published, publishing a paper, publishing of journal, publishing of research paper, reserach and review articles, IJERD Journal, How to publish your research paper, publish research paper, open access engineering journal, Engineering journal, Mathemetics journal, Physics journal, Chemistry journal, Computer Engineering, Computer Science journal, how to submit your paper, peer reviw journal, indexed journal, reserach and review articles, engineering journal, www.ijerd.com, research journals,
yahoo journals, bing journals, International Journal of Engineering Research and Development, google journals, hard copy of journal
Overview on Symmetric Key Encryption AlgorithmsIJERA Editor
In today’s digital communication era sharing of information is increasing significantly. The information being transmitted is vulnerable to various passive and active attacks. Therefore, the information security is one of the most challenging aspects of communication. Cryptography is the one of the main categories of computer security that converts information from its normal form into an unreadable form by using Encryption and Decryption Techniques. The two main characteristics that identify and differentiate one encryption algorithm from another are its ability to secure the protected data against attacks and its speed and efficiency in doing so. There are basically two techniques of cryptography Symmetric and Asymmetric. This paper presents a detailed study of the symmetric encryption techniques.
Introduction to Cyberspace and its Architecture, Evolution and Basic Concepts of Internet, Cyberspace, Internet Ownership and Management, Data Security and Management, Data Encryption and Digital Signature, Convergence. Internet Telephony
and VPN, Social Issues in the Regulation of Cyberspace, The Regulability of Cyberspace, UNCITRAL Model Law on Electronics Commerce 1996
Data Encryption : A Powerful and an Approachable Technology! Sai Natkar
Encryption is the process of changing information in a way as to make it unreadable by anyone except those possessing special knowledge that allows them to change the information back to its original, readable form. Encryption is important because it allows us to protect data that we don’t want anyone else to have access to.
A Study of Different Partitioning Clustering Techniqueijsrd.com
In the field of software, Data mining is very useful to identify the interesting patterns and trends from the large amount of stored data into different database and data repository. Clustering technique is basically used to extract the unknown pattern from the large set of data for electronic stored data, business and real time applications. Clustering is a division of data into different groups. Data are grouped into clusters with high intra group similarity and low inter group similarity [2]. Clustering is an unsupervised learning technique. Clustering is useful technique that applied into many areas like marketing studies, DNA analysis, text mining and web documents classification. In the large database, the clustering task is very complex with many attributes. There are many methods to deal with these problems. In this paper we discuss about the different Partitioning Based Methods like- K-Means, K-Medoids and Fuzzy K-Means and compare the advantages or disadvantages over these techniques.
Computer Security : Introduction, Need for security, Principles of Security,
Types of Attacks
Cryptography : Plain text and Cipher Text, Substitution techniques, Caesar
Cipher, Mono-alphabetic Cipher, Polygram, Polyalphabetic Substitution,
Playfair, Hill Cipher, Transposition techniques, Encryption and Decryption,
Symmetric and Asymmetric Key Cryptography, Steganography, Key Range and
Key Size,
Possible Types of Attacks
Symmetric Key Algorithms and AES: Algorithms types and modes, Overview
of Symmetric key Cryptography, Data Encryption Standard (DES), International
Data Encryption Algorithm (IDEA), RC4, RC5, Blowfish, Advanced Encryption
Standard (AES)
Asymmetric Key Algorithms, Digital Signatures and RSA: Brief history of
Asymmetric Key Cryptography, Overview of Asymmetric Key Cryptography,
RSA algorithm, Symmetric and Asymmetric key cryptography together, Digital
Signatures, Knapsack Algorithm, Some other algorithms (Elliptic curve
cryptography, ElGamal, problems with the public key exchange)
Cryptography is a technique used today hiding any confidential information from the attack of an intruder. Today data communication mainly depends upon digital data communication, where prior requirement is data security, so that data should reach to the intended user. The protection of multimedia data, sensitive information like credit cards, banking transactions and social security numbers is becoming very important. The protection of these confidential data from unauthorized access can be done with many encryption techniques. So for providing data security many cryptography techniques are employed, such as symmetric and asymmetric techniques. In this review paper different asymmetric cryptography techniques, such as RSA (Rivest Shamir and Adleman), Diffie-Hellman, DSA (Digital Signature Algorithm), ECC (Elliptic curve cryptography) are analyzed. Also in this paper, a survey on existing work which uses different techniques for image encryption is done and a general introduction about cryptography is also given. This study extends the performance parameters used in encryption processes and analyzing on their security issues.
Performance Comparison of File Security System using TEA and Blowfish Algorithmsijtsrd
With the progress in data exchange by the electronic system, the need for information security has become a necessity. Due to the growth of multimedia application, security becomes an important issue of communication and storage of different files. To make its reality, cryptographic algorithms are widely used as essential tools. Cryptographic algorithms provide security services such as confidentiality, authentication, data integrity and secrecy by encryption. Different cryptographic algorithms are commonly used for information security in many research areas. Although there are two encryption techniques, asymmetric and symmetric, the simpler symmetric encryption technique is employed for testing file security system. In this study, the performance evaluation of the most common two symmetric encryption algorithms such as TEA and Blowfish algorithm is focused on the execution time intervals. Simulation has been conducted with many types of file encryption like .pdf, .txt, .doc, .docx, .xlsx, .pptx, .ppt, .xls, .jpg, .png and most common video file formats by using Java Programming Language. Win Myat Thu | Tin Lai Win | Su Mu Tyar "Performance Comparison of File Security System using TEA and Blowfish Algorithms" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-5 , August 2019, URL: https://www.ijtsrd.com/papers/ijtsrd26462.pdfPaper URL: https://www.ijtsrd.com/engineering/computer-engineering/26462/performance-comparison-of-file-security-system-using-tea-and-blowfish-algorithms/win-myat-thu
International Journal of Engineering Research and Development (IJERD)IJERD Editor
journal publishing, how to publish research paper, Call For research paper, international journal, publishing a paper, IJERD, journal of science and technology, how to get a research paper published, publishing a paper, publishing of journal, publishing of research paper, reserach and review articles, IJERD Journal, How to publish your research paper, publish research paper, open access engineering journal, Engineering journal, Mathemetics journal, Physics journal, Chemistry journal, Computer Engineering, Computer Science journal, how to submit your paper, peer reviw journal, indexed journal, reserach and review articles, engineering journal, www.ijerd.com, research journals,
yahoo journals, bing journals, International Journal of Engineering Research and Development, google journals, hard copy of journal
Overview on Symmetric Key Encryption AlgorithmsIJERA Editor
In today’s digital communication era sharing of information is increasing significantly. The information being transmitted is vulnerable to various passive and active attacks. Therefore, the information security is one of the most challenging aspects of communication. Cryptography is the one of the main categories of computer security that converts information from its normal form into an unreadable form by using Encryption and Decryption Techniques. The two main characteristics that identify and differentiate one encryption algorithm from another are its ability to secure the protected data against attacks and its speed and efficiency in doing so. There are basically two techniques of cryptography Symmetric and Asymmetric. This paper presents a detailed study of the symmetric encryption techniques.
Introduction to Cyberspace and its Architecture, Evolution and Basic Concepts of Internet, Cyberspace, Internet Ownership and Management, Data Security and Management, Data Encryption and Digital Signature, Convergence. Internet Telephony
and VPN, Social Issues in the Regulation of Cyberspace, The Regulability of Cyberspace, UNCITRAL Model Law on Electronics Commerce 1996
Data Encryption : A Powerful and an Approachable Technology! Sai Natkar
Encryption is the process of changing information in a way as to make it unreadable by anyone except those possessing special knowledge that allows them to change the information back to its original, readable form. Encryption is important because it allows us to protect data that we don’t want anyone else to have access to.
A Study of Different Partitioning Clustering Techniqueijsrd.com
In the field of software, Data mining is very useful to identify the interesting patterns and trends from the large amount of stored data into different database and data repository. Clustering technique is basically used to extract the unknown pattern from the large set of data for electronic stored data, business and real time applications. Clustering is a division of data into different groups. Data are grouped into clusters with high intra group similarity and low inter group similarity [2]. Clustering is an unsupervised learning technique. Clustering is useful technique that applied into many areas like marketing studies, DNA analysis, text mining and web documents classification. In the large database, the clustering task is very complex with many attributes. There are many methods to deal with these problems. In this paper we discuss about the different Partitioning Based Methods like- K-Means, K-Medoids and Fuzzy K-Means and compare the advantages or disadvantages over these techniques.
Computer Security : Introduction, Need for security, Principles of Security,
Types of Attacks
Cryptography : Plain text and Cipher Text, Substitution techniques, Caesar
Cipher, Mono-alphabetic Cipher, Polygram, Polyalphabetic Substitution,
Playfair, Hill Cipher, Transposition techniques, Encryption and Decryption,
Symmetric and Asymmetric Key Cryptography, Steganography, Key Range and
Key Size,
Possible Types of Attacks
Symmetric Key Algorithms and AES: Algorithms types and modes, Overview
of Symmetric key Cryptography, Data Encryption Standard (DES), International
Data Encryption Algorithm (IDEA), RC4, RC5, Blowfish, Advanced Encryption
Standard (AES)
Asymmetric Key Algorithms, Digital Signatures and RSA: Brief history of
Asymmetric Key Cryptography, Overview of Asymmetric Key Cryptography,
RSA algorithm, Symmetric and Asymmetric key cryptography together, Digital
Signatures, Knapsack Algorithm, Some other algorithms (Elliptic curve
cryptography, ElGamal, problems with the public key exchange)
encryption is the process of encoding a message or information in such a way that only authorized parties can access it and those who are not authorized cannot. Encryption does not itself prevent interference but denies the intelligible content to a would-be interceptor.
Cryptography is a method of securing communications through some protocols in order to make the information secure or understandable only by the sender and the receiver.
Information and network security 31 public key cryptographyVaibhav Khanna
Public-key cryptography, or asymmetric cryptography, is a cryptographic system that uses pairs of keys: public keys, and private keys. The generation of such key pairs depends on cryptographic algorithms which are based on mathematical problems termed one-way function
Various types of Antennas and their working
Isotropic Antenna and SWR measurement
Block Diagram of Transmitter using AM and FM
Block Diagram of Receiver using AM and FM
Real Time Systems – Issues in Real Time Computing – Structure of a real time system – Process – Task – Threads.
Classification of Tasks – Task Periodicity – Periodic Tasks- Sporadic Tasks – Aperiodic Tasks – Task Scheduling –
Classification of Scheduling Algorithms – Event Driven Scheduling – Rate monotonic scheduling – Earliest deadline first scheduling.
Inter Process Communication:- Shared data problem, Use of Semaphore(s), Priority Inversion Problem and Deadlock Situations -
Introduction to Reliability Evaluation Techniques –
Reliability Models for Hardware Redundancy –
Permanent faults only - Transient faults.
Introduction to clock synchronization –
A Non-Fault-Tolerant Synchronization Algorithm –
Fault-Tolerant Synchronization in Hardware –
Completely connected zero propagation time system –
Sparse interconnection zero propagation time system –
Fault tolerant analysis with Signal Propagation delays.
Sources of Power Dissipation
Dynamic Power Dissipation
Static Power Dissipation
Power Reduction Techniques
Algorithmic Power Minimization
Architectural Power Minimization
Logic and Circuit Level Power Minimization
Control Logic Power Minimization
System Level Power Management.
Public switched Telephone networks – Switching system principles–PABX switching– ISDN, Cellular mobile communication systems – GSM, GPRS, DECT, UMTS, IMT2000, Limited range Cordless Phones and Facsimile, Wifi and Bluetooth.
Home Appliances: Basic principle and block diagram of microwave oven; washing machine hardware and software, components of air conditioning and refrigeration systems, Proximity Sensors and accelerometer sensors in home appliances.
Television Standards and systems: Components of a TV system –interlacing – composite video signal. Colour TV – Luminance and Chrominance signal; Monochrome and Colour Picture Tubes – Colour TV systems–NTSC, PAL, SECAM-Components of a Remote Control and TV camera tubes, HDTV, LED and LCD TVs, DTH TV.
More from Sri Manakula Vinayagar Engineering College (20)
We all have good and bad thoughts from time to time and situation to situation. We are bombarded daily with spiraling thoughts(both negative and positive) creating all-consuming feel , making us difficult to manage with associated suffering. Good thoughts are like our Mob Signal (Positive thought) amidst noise(negative thought) in the atmosphere. Negative thoughts like noise outweigh positive thoughts. These thoughts often create unwanted confusion, trouble, stress and frustration in our mind as well as chaos in our physical world. Negative thoughts are also known as “distorted thinking”.
Read| The latest issue of The Challenger is here! We are thrilled to announce that our school paper has qualified for the NATIONAL SCHOOLS PRESS CONFERENCE (NSPC) 2024. Thank you for your unwavering support and trust. Dive into the stories that made us stand out!
The Art Pastor's Guide to Sabbath | Steve ThomasonSteve Thomason
What is the purpose of the Sabbath Law in the Torah. It is interesting to compare how the context of the law shifts from Exodus to Deuteronomy. Who gets to rest, and why?
Palestine last event orientationfvgnh .pptxRaedMohamed3
An EFL lesson about the current events in Palestine. It is intended to be for intermediate students who wish to increase their listening skills through a short lesson in power point.
2024.06.01 Introducing a competency framework for languag learning materials ...Sandy Millin
http://sandymillin.wordpress.com/iateflwebinar2024
Published classroom materials form the basis of syllabuses, drive teacher professional development, and have a potentially huge influence on learners, teachers and education systems. All teachers also create their own materials, whether a few sentences on a blackboard, a highly-structured fully-realised online course, or anything in between. Despite this, the knowledge and skills needed to create effective language learning materials are rarely part of teacher training, and are mostly learnt by trial and error.
Knowledge and skills frameworks, generally called competency frameworks, for ELT teachers, trainers and managers have existed for a few years now. However, until I created one for my MA dissertation, there wasn’t one drawing together what we need to know and do to be able to effectively produce language learning materials.
This webinar will introduce you to my framework, highlighting the key competencies I identified from my research. It will also show how anybody involved in language teaching (any language, not just English!), teacher training, managing schools or developing language learning materials can benefit from using the framework.
Ethnobotany and Ethnopharmacology:
Ethnobotany in herbal drug evaluation,
Impact of Ethnobotany in traditional medicine,
New development in herbals,
Bio-prospecting tools for drug discovery,
Role of Ethnopharmacology in drug evaluation,
Reverse Pharmacology.
Operation “Blue Star” is the only event in the history of Independent India where the state went into war with its own people. Even after about 40 years it is not clear if it was culmination of states anger over people of the region, a political game of power or start of dictatorial chapter in the democratic setup.
The people of Punjab felt alienated from main stream due to denial of their just demands during a long democratic struggle since independence. As it happen all over the word, it led to militant struggle with great loss of lives of military, police and civilian personnel. Killing of Indira Gandhi and massacre of innocent Sikhs in Delhi and other India cities was also associated with this movement.
How to Split Bills in the Odoo 17 POS ModuleCeline George
Bills have a main role in point of sale procedure. It will help to track sales, handling payments and giving receipts to customers. Bill splitting also has an important role in POS. For example, If some friends come together for dinner and if they want to divide the bill then it is possible by POS bill splitting. This slide will show how to split bills in odoo 17 POS.
This is a presentation by Dada Robert in a Your Skill Boost masterclass organised by the Excellence Foundation for South Sudan (EFSS) on Saturday, the 25th and Sunday, the 26th of May 2024.
He discussed the concept of quality improvement, emphasizing its applicability to various aspects of life, including personal, project, and program improvements. He defined quality as doing the right thing at the right time in the right way to achieve the best possible results and discussed the concept of the "gap" between what we know and what we do, and how this gap represents the areas we need to improve. He explained the scientific approach to quality improvement, which involves systematic performance analysis, testing and learning, and implementing change ideas. He also highlighted the importance of client focus and a team approach to quality improvement.
2. Cryptography
• Cryptography comes from the Greek words for
''secret writing.’’ The messages to be encrypted,
known as the plaintext, are transformed by a
function that is parameterized by a key.
3. Plain text and Cipher text:
• The original message, before being transformed, is called plain
text.
• After the message is transformed, it is called cipher text.
– An encryption algorithm transforms the plaintext into
ciphertext;
– a decryption algorithm transforms the ciphertext back into
plaintext.
– The sender uses an encryption algorithm, and the receiver
uses a decryption algorithm.
4. Encryption model
• Cryptography can provide confidentiality, integrity, authentication
and non-repudiation of messages.
• Cryptography can also be used to authenticate the sender and
receiver of the message to each other.
5. Data Encryption
• Encryption is a security method in which information is encoded
in such a way that only authorized user can read it. It uses
encryption algorithm to generate ciphertext that can only be read
if decrypted.
• There are two types of encryptions schemes as listed below:
– Symmetric Key encryption
– Public Key encryption
•
6. Symmetric Key encryption
• Symmetric key encryption algorithm uses same cryptographic
keys for both encryption and decryption of cipher text.
Symmetric encryption is generally more efficient than asymmetric encryption and
therefore preferred when large amounts of data need to be exchanged.
Symmetric-key cryptography is sometimes called secret-key cryptography. The
most popular symmetric-key system is the Data Encryption Standard (DES).
7. Symmetric Key
• An encryption system in which the sender and receiver of a
message share a single, common key that is used to encrypt and
decrypt the message. Contrast this with public-key cryptology,
which utilizes two keys - a public key to encrypt messages and a
private key to decrypt them.
• Symmetric-key systems are simpler and faster, but their main
drawback is that the two parties must somehow exchange the
key in a secure way. Public-key encryption avoids this problem
because the public key can be distributed in a non-secure way,
and the private key is never transmitted.
8. Symmetric Key Cryptography
• Symmetric key cryptography (or symmetric encryption) is a type of
encryption scheme in which the same key is used both to encrypt
and decrypt messages.
• Such a method of encoding information has been largely used in
the past decades to facilitate secret communication between
governments and militaries. Nowadays, symmetric key algorithms
are widely applied in various types of computer systems to
enhance data security.
• Examples for symmetric key cryptography include AES, DES, and
3DES. Key exchange protocols used to establish a shared
encryption key include Diffie-Hellman (DH), elliptic curve (EC) and
RSA.
9. How does symmetric encryption work?
• Symmetric encryption schemes rely on a single key that is shared
between two or more users. The same key is used to encrypt and
decrypt the so-called plaintext (which represents the message or
piece of data that is being encoded). The process of encryption
consists of running a plaintext (input) through an encryption
algorithm called a cipher, which in turn generates a ciphertext
(output).
• If the encryption scheme is strong enough, the only way for a
person to read or access the information contained in the
ciphertext is by using the corresponding key to decrypt it. The
process of decryption is basically converting the ciphertext back to
plaintext.
10. Cont..
• The security of symmetric encryption systems is based on how
difficult it randomly guess the corresponding key to brute force
them.
• A 128-bit key, for example, would take billions of years to guess
using common computer hardware. The longer the encryption key
is, the harder it becomes to crack it.
• Keys that are 256-bits length are generally regarded as highly
secure and theoretically resistant to quantum computer brute force
attacks.
11. Cont..
The most common symmetric encryption schemes used today are
based on block and stream ciphers.
• Block ciphers group data into blocks of predetermined size and
each block is encrypted using the corresponding key and encryption
algorithm (e.g., 128-bit plaintext is encrypted into 128-bit
ciphertext).
• On the other hand, stream ciphers do not encrypt plaintext data by
blocks, but rather by 1-bit increments (1-bit plaintext is encrypted
into 1-bit ciphertext at a time).
12. Symmetric vs. Asymmetric encryption
• Symmetric encryption is one of the two major methods of encrypting
data in modern computer systems. The other is asymmetric encryption,
which is the major application of public key cryptography. The main
difference between these methods is the fact that asymmetric systems
use two keys rather than the one employed by the symmetric schemes.
One of the keys can be publicly shared (public key), while the other must
be kept in private (private key).
• The use of two keys instead of one also produces a variety of functional
differences between symmetric and asymmetric encryption. Asymmetric
algorithms are more complex and slower than the symmetric ones.
Because the public and private keys employed in asymmetric encryption
are to some degree mathematically related, the keys themselves must
also be considerably longer to provide a similar level of security offered
by shorter symmetric keys.
13. Advantages and disadvantages
• Symmetric algorithms provide a fairly high level of security while at the same
time allowing for messages to be encrypted and decrypted quickly. The relative
simplicity of symmetric systems is also a logistical advantage, as they require
less computing power than the asymmetric ones. In addition, the security
provided by symmetric encryption can be scaled up simply by increasing key
lengths. For every single bit added to the length of a symmetric key, the
difficulty of cracking the encryption through a brute force attack increases
exponentially.
14. Advantages and disadvantages
• While symmetric encryption offers a wide range of benefits, there is one major
disadvantage associated with it: the inherent problem of transmitting the keys
used to encrypt and decrypt data. When these keys are shared over an
unsecured connection, they are vulnerable to being intercepted by malicious
third parties. If an unauthorized user gains access to a particular symmetric key,
the security of any data encrypted using that key is compromised. To solve this
problem, many web protocols use a combination of symmetric and asymmetric
encryption to establish secure connections. Among the most prominent
examples of such a hybrid system is the Transport Layer Security
(TLS) cryptographic protocol used to secure large portions of the modern
internet.
• It should also be noted that all types of computer encryption are subject to
vulnerabilities due to improper implementation. While a sufficiently long key
can make a brute force attack mathematically impossible, errors in
implementation made by programmers often create weaknesses that open up
the way for cyber-attacks.
15. Public Key encryption
• Public key encryption algorithm uses pair of keys, one of which is
a secret key and one of which is public. These two keys are
mathematically linked with each other.
16. Hashing
• Hashing is a technique used to encrypt data and generate
unpredictable hash values. It is the hash function that generates
the hash code, which helps to protect the security of
transmission from unauthorized users.
• Hashing algorithm provides a way to verify that the message
received is the same as the message sent. It can take a plain text
message as input and then computes a value based on that
message.
17. Function of Hash algorithms
• Key Points
• The length of computed value is much shorter than the original
message. It is possible that different plain text messages could
generate the same value.
• Here we will discuss a sample hashing algorithm in which we will
multiply the number of a’s, e’s and h’s in the message and will then
add the number of o’s to this value.
• For example, the message is “ the combination to the safe is two,
seven, thirty-five”. The hash of this message, using our simple
hashing algorithm is as follows: 2 x 6 x 3 ) + 4 = 40
18. Digital signatures
Authentication
• Digital signatures help to authenticate the sources of messages.
For example, if a bank’s, branch office sends a message to central
office, requesting for change in balance of an account. If the
central office could not authenticate that message is sent from an
authorized source, acting of such request could be a serious
mistake.
Integrity
• Once the message is signed, any change in the message would
invalidate the signature.
Non-repudiation
• By this property, any entity that has signed some information
cannot at a later time deny having signed it.
20. Public Key Cryptography
• Unlike symmetric key cryptography, we do not find historical use of public-key
cryptography. It is a relatively new concept.
• Symmetric cryptography was well suited for organizations such as
governments, military, and big financial corporations were involved in the
classified communication.
• With the spread of more unsecure computer networks in last few decades, a
genuine need was felt to use cryptography at larger scale. The symmetric key
was found to be non-practical due to challenges it faced for key management.
This gave rise to the public key cryptosystems.
21. The process of encryption and decryption is depicted in the following illustration
22. Public key encryption scheme
• Different keys are used for encryption and decryption. This is a
property which set this scheme different than symmetric
encryption scheme.
• Each receiver possesses a unique decryption key, generally referred
to as his private key.
• Receiver needs to publish an encryption key, referred to as his
public key.
• Some assurance of the authenticity of a public key is needed in this
scheme to avoid spoofing by adversary as the receiver. Generally,
this type of cryptosystem involves trusted third party which
certifies that a particular public key belongs to a specific person or
entity only.
23. Cont..
• Encryption algorithm is complex enough to prohibit attacker from
deducing the plaintext from the ciphertext and the encryption
(public) key.
• Though private and public keys are related mathematically, it is not
be feasible to calculate the private key from the public key. In fact,
intelligent part of any public-key cryptosystem is in designing a
relationship between two keys.
25. AES Origins
• clear a replacement for DES was needed
– have theoretical attacks that can break it
– have demonstrated exhaustive key search attacks
• can use Triple-DES – but slow, has small blocks
• US NIST issued call for ciphers in 1997
• 15 candidates accepted in Jun 98
• 5 were shortlisted in Aug-99
• Rijndael was selected as the AES in Oct-2000
• issued as FIPS PUB 197 standard in Nov-2001
26. The AES Cipher - Rijndael
designed by Rijmen-Daemen in Belgium
has 128/192/256 bit keys, 128 bit data
an iterative rather than Feistel cipher
processes data as block of 4 columns of 4 bytes
operates on entire data block in every round
designed to have:
resistance against known attacks
speed and code compactness on many CPUs
design simplicity
28. AES Structure
data block of 4 columns of 4 bytes is state
key is expanded to array of words
has 9/11/13 rounds in which state undergoes:
byte substitution (1 S-box used on every byte)
shift rows (permute bytes between groups/columns)
mix columns (subs using matrix multiply of groups)
add round key (XOR state with key material)
view as alternating XOR key & scramble data bytes
initial XOR key material & incomplete last round
with fast XOR & table lookup implementation
30. Some Comments on AES
1. an iterative rather than Feistel cipher
2. key expanded into array of 32-bit words
1. four words form round key in each round
3. 4 different stages are used as shown
4. has a simple structure
5. only Add Round Key uses key
6. Add Round Key a form of Vernam cipher
7. each stage is easily reversible
8. decryption uses keys in reverse order
9. decryption does recover plaintext
10.final round has only 3 stages
31. Substitute Bytes
a simple substitution of each byte
uses one table of 16x16 bytes containing a permutation
of all 256 8-bit values
each byte of state is replaced by byte indexed by row
(left 4-bits) & column (right 4-bits)
eg. byte {95} is replaced by byte in row 9 column 5
which has value {2A}
S-box constructed using defined transformation of
values in GF(28)
designed to be resistant to all known attacks
34. Shift Rows
a circular byte shift in each
1st row is unchanged
2nd row does 1 byte circular shift to left
3rd row does 2 byte circular shift to left
4th row does 3 byte circular shift to left
decrypt inverts using shifts to right
since state is processed by columns, this step permutes
bytes between the columns
36. Mix Columns
each column is processed separately
each byte is replaced by a value dependent on
all 4 bytes in the column
effectively a matrix multiplication in GF(28) using
prime poly m(x) =x8+x4+x3+x+1
39. AES Arithmetic
uses arithmetic in the finite field GF(28)
with irreducible polynomial
m(x) = x8 + x4 + x3 + x + 1
which is (100011011) or {11b}
e.g.
{02} • {87} mod {11b} = (1 0000 1110) mod {11b}
= (1 0000 1110) xor (1 0001 1011) = (0001 0101)
40. Mix Columns
can express each col as 4 equations
to derive each new byte in col
decryption requires use of inverse matrix
with larger coefficients, hence a little harder
have an alternate characterization
each column a 4-term polynomial
with coefficients in GF(28)
and polynomials multiplied modulo (x4+1)
coefficients based on linear code with maximal
distance between code words
41. Add Round Key
XOR state with 128-bits of the round key
again processed by column (though effectively a
series of byte operations)
inverse for decryption identical
since XOR own inverse, with reversed keys
designed to be as simple as possible
a form of Vernam cipher on expanded key
requires other stages for complexity / security
44. AES Key Expansion
takes 128-bit (16-byte) key and expands into
array of 44/52/60 32-bit words
start by copying key into first 4 words
then loop creating words that depend on values
in previous & 4 places back
in 3 of 4 cases just XOR these together
1st word in 4 has rotate + S-box + XOR round
constant on previous, before XOR 4th back
46. Key Expansion Rationale
designed to resist known attacks
design criteria included
knowing part key insufficient to find many more
invertible transformation
fast on wide range of CPU’s
use round constants to break symmetry
diffuse key bits into round keys
enough non-linearity to hinder analysis
simplicity of description
49. AES Decryption
AES decryption is not identical to encryption
since steps done in reverse
but can define an equivalent inverse cipher with
steps as for encryption
but using inverses of each step
with a different key schedule
works since result is unchanged when
swap byte substitution & shift rows
swap mix columns & add (tweaked) round key
51. Implementation Aspects
can efficiently implement on 32-bit CPU
redefine steps to use 32-bit words
can precompute 4 tables of 256-words
then each column in each round can be computed
using 4 table lookups + 4 XORs
at a cost of 4Kb to store tables
designers believe this very efficient
implementation was a key factor in its selection
as the AES cipher
52. Summary
have considered:
the AES selection process
the details of Rijndael – the AES cipher
looked at the steps in each round
the key expansion
implementation aspects
53.
54. Firewall
• Firewall is a barrier between Local Area Network (LAN) and the
Internet. It allows keeping private resources confidential and
minimizes the security risks. It controls network traffic, in both
directions.
• The following diagram depicts a sample firewall between LAN and
the internet. The connection between the two is the point of
vulnerability. Both hardware and the software can be used at this
point to filter network traffic.
55. There are two types of Firewall system: One works by using filters at the network layer and
the other works by using proxy servers at the user, application, or network layer.
56. • Key Points
• Firewall management must be addressed by both system
managers and the network managers.
• The amount of filtering a firewall varies. For the same firewall,
the amount of filtering may be different in different directions.