- 2. TABLE OF CONTENTS • We will be talking about... • • What is Encryption? • Why Do We Use Encryption? • How Does It Work? (x3) • Pros and Cons • Real Life Examples 1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 3. WHAT IS ENCRYPTION? • Encryption: The process of coding text • Decryption: The process of decoding text • Decryption is the opposite of encryption • • A security method used to protect data • Files on computers • Data being passed through the Internet • ATM machines • E-Commerce • Facebook password. 1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 4. WHY DO WE USE ENCRYPTION? To secure important information e.g. : • Health records • Credit card information • Student records • Etc. • • Prevents information from getting stolen or read • • Without encryption, there is no reliable security 1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 5. HOW DOES IT WORK? ● Encryption allows the sender to transform data from plain text into cipher text by using a key • Cipher text: coded text • Key: what is used to encrypt and decrypt text • Two different types of encryption: • Asymmetric encryption (Public key encryption) • Symmetric encryption • • Adrianna wants to send Melissa a message... 1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 6. REAL LIFE EXAMPLES ● Used in the military and the government ● ● Now used in everyday life: • Online banking • E-commerce • Student records, health records, tax records etc. • ATM machines • Social networking (emails, texts, instant messengers) • Businesses 1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 7. DATA ENCRYPTION 1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 8. CONTENT • Data encryption definition. • Types of data encryption. • Difference between symmetric and asymmetric. • Encryption Methods. • Data Encryption Standard (DES). • Public Key Cryptosystem • • • • • 1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 9. DATA ENCRYPTION DEFINITION Data encryption refers to mathematical calculations and algorithmic schemes that transform plaintext into cypher text, a form that is non-readable to unauthorized parties. The recipient of an encrypted message uses a key which triggers the algorithm mechanism to decrypt the data, transforming it to the original plaintext version 1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 10. DATA ENCRYPTION 1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 11. A public key encryption scheme has six ingredients • Plaintext • • encryption algorithm • • public and private key • • cipher text • • decryption algorithm 1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 12. TYPES OF DATA ENCRYPTION • In symmetric (Single key): The encryption and decryption keys are the same. • 1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 13. A SYMMETRIC ENCRYPTION SCHEME HAS FIVE INGREDIENTS Plaintext • Encryption Algorithm • Secret key • Cipher Text • Decryption 1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 14. . • In asymmetric (two keys): • The encryption and decryption keys are different. • 1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 15. . 1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 16. DIFFERENCE B/W ASYMMETRIC & SYMMETRIC ENCRYPTION • The symmetric one key is used for symmetric and a symmetric but in asymmetric different keys are use for encryption and description. • In symmetric, sender and receiver must share the algorithm and key but in a symmetric sender and receiver must have one matched pair of keys. • In symmetric key must be kept secret but in asymmetric two keys must of kept secret. 1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 17. PUBLIC KEY CRYPTOGRAPHY • A form of cryptography in which the key used to encrypt a message differs from the key used to decrypt it. • In public key cryptography, a user has a pair of cryptographic keys—a public key and a private key. The private key is kept secret, while the public key may be widely distributed. • The two main branches of public key cryptography are: 1. Public key encryption 2. Digital signatures 1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 18. PUBLIC KEY ENCRYPTION A message encrypted with a recipient's public key cannot be decrypte by anyone except the recipient possessing the corresponding private key. • ContdContd.. Actual algorithms - two linked keys: 1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 19. KEY TERMS Public and private keys: This is a pair of keys that have been selected so that if one is used for encryption, the other is used for decryption. The exact transformations performed by the algorithm depend on the public or private key that is provided as input. Cipher text: This is the scrambled message produced as output. It depends on the plaintext and the key. For a given message, two different keys will produce two different cipher texts. 1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 20. A GENERAL APPROACH ContdContd..1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 21. Step 1 : Each user generates a pair of keys to be used for the encryption and decryption of messages. Step 2 : Each user places public key in a public register or other accessible file. As encryption figure suggests, each user maintains a collection of public keys obtained from others. Step 3 : If user1 wishes to send a confidential message to user2, user1 encrypts the message using user2's public key. Step 4 : When user1 receives the message, he decrypts it using his private key. No other recipient can decrypt the message because only user1 knows his private key 1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 22. Authentication & security: • There is some source A that produces a message in plaintext, X =[X1, X2,..., XM,]. The M elements of X are letters in some finite alphabet. The message is intended for destination B. B generates a related pair of keys: a public key, PUb, and a private key, PRb. PRb is known only to B, whereas PUb is publicly available. • • A generates another pair of keys: a public key, PUa, and a private key, PRa. PRa is known only to A, whereas PUa is publicly available. Contd.Contd.1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 23. SECRECY IN A PUBLIC KEY ENCRYPTION : Step 1:Step 1: A encrypt the massage using B’s public key PUb andA encrypt the massage using B’s public key PUb and send it to B.send it to B. With the message X and the encryption key PUb asWith the message X and the encryption key PUb as input, A forms the cipher text Y = [Y1, Y2,..., YN]:input, A forms the cipher text Y = [Y1, Y2,..., YN]: Step 2:Step 2: B decrypt the massage using it’s private key PRb.B decrypt the massage using it’s private key PRb. Using it’s private key PRb and the cipher text Y itUsing it’s private key PRb and the cipher text Y it obtain the original massage Xobtain the original massage X 1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 24. Authentication In A Public Key Encryption : Step 1:Step 1: A prepares a message to B and encrypts it usingA prepares a message to B and encrypts it using A's private key before transmitting it.A's private key before transmitting it. Step 2:Step 2: B can decrypt the message using A's public key.B can decrypt the message using A's public key. Because the message was encrypted using A'sBecause the message was encrypted using A's private key, only A could have prepared theprivate key, only A could have prepared the message.message. 1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 25. Comparing Secrecy and Authentication • In authentication technique :It is impossible to alter the message without access to A's private key, so the message is authenticated both in terms of source and in terms of data integrity. But secrecy doesn't provide this advantage. • • • Thus the authentication is much more confidential and secure in terms of alteration of the massage. 1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 26. Authentication & Security: Contd.Contd.1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 27. DIGITAL SIGNATURE • An authentication mechanism that enables the creator of a message to attach a code that acts as a signature. • In situations where there is not complete trust between sender and receiver, something more than authentication is needed. • 1. It must verify the author and the date and time of the signature. • 2. It must to authenticate the contents at the time of the signature. • 3. It must be verifiable by third parties, to resolve disputes. • Thus, the digital signature function includes the authentication function. • A variety of approaches has been proposed for the digital signature function. These approaches fall into two categories: direct and arbitrated 1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 28. Direct Digital Signature : The direct digital signature involves only the communicating parties (source, destination). It is assumed that the destination knows the public key of the source. A digital signature may be formed by encrypting the entire message with the sender's private key or by encrypting a hash code of the message with the sender's private key. 1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 29. Arbitrated Digital Signature : • The problems associated with direct digital signatures can be addressed by using an arbiter. • As with direct signature schemes, there is a variety of arbitrated signature schemes. In general terms, they all operate as follows. Every signed message from a sender X to a receiver Y goes first to an arbiter A, which check it’s origin and context and then sent to Y. • 1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 30. Applications For Public-key Cryptosystems Public key cryptosystem used in many systems such as: 1.Decision support system 2. RSA Algorithm 3. Elliptic Curve 4. Diffie-Hellman key exchange 1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 31. COMPUTATIONAL COST • It is computationally easy for a party B to generate a pair (public key PUb, private key PRb). • It is computationally easy for a sender A, knowing the public key and the message to be encrypted, M, to generate the corresponding cipher text: • C = E(PUb, M) • It is computationally easy for the receiver B to decrypt the resulting cipher text using the private key to recover the original message: • M = D(PRb, C) = D[PRb, E(PUb, M)] • It is computationally infeasible for an adversary, knowing the public key, PUb, to determine the private key, PRb. • 1/9/17 ABHISHEK SRIVASTAVA (CSE)
- 32. WEAKNESSES ComputatioComputatio nal costnal cost Keys in public-key cryptography, due to theirKeys in public-key cryptography, due to their unique nature, are more computationally costlyunique nature, are more computationally costly than their counterparts in secret-keythan their counterparts in secret-key cryptography.cryptography. VulnerableVulnerable to bruteto brute forceforce attacksattacks Keys in asymmetric cryptography are moreKeys in asymmetric cryptography are more vulnerable to brute force attacks than in secret-vulnerable to brute force attacks than in secret- key cryptography.key cryptography. VulnerableVulnerable to the manto the man in thein the middlemiddle attackattack Public-key cryptography also has vulnerabilitiesPublic-key cryptography also has vulnerabilities to attacks such as the man in the middle attack.to attacks such as the man in the middle attack. In this situation, a malicious third partyIn this situation, a malicious third party intercepts a public key on its way to one of theintercepts a public key on its way to one of the parties involvedparties involved 1/9/17 ABHISHEK SRIVASTAVA (CSE)

- Encryption: The process of coding text into a secret code which is made up of a jumble of letters, numbers, and symbols that no one can read. Decryption: The process of decoding text from a secret code into regular readable text. A security method used to protect a computer from getting hacked by a third party. Encryption can protect: -Files on computers -Data being passed through the internet such as: ATM machines (because a PIN is passing through one machine to another, if it was not encrypted someone could extract it), E-Commerce (because when credit card information is given to the company that&apos;s making business, a hacker could easily steal the credit card number so they can steal money if the number isn&apos;t encrypted) In the diagram, it shows a Facebook password getting encrypted into coded text, and then decrypted into the regular readable text.
- Because the majority of people these days use the Internet to communicate, purchase products etc. They want to protect their information from being viewed by an unwanted third party. No one wants their credit card information being revealed to others. Encryption prevents this personal information from getting stolen or read. If a hacker came across the information, he/she wouldn&apos;t understand the encrypted data. Without encryption, you have really no security. It&apos;s like writing a secret on a postcard to a friend. While it is being delivered, any mailman could just read it and know what you wrote.
- Encryption allows the sender of the data to transform the data from plain text into ciphertext by using a key Ciphertext: it is the result of your text after it is encrypted. It is coded text made up of a mix of letters, numbers and symbols. Key: an encryption key is used to encrypt and decrypt text. It&apos;s like locking and unlocking a door. There are two different types of encryption: Asymmetric encryption (public key encryption): It uses two different keys, public and private to encrypt and decrypt data. Symmetric encryption: it uses two of the same keys, or a pair of keys to encrypt and decrypt data. We will talk about these two types of encryption throughout the next couple of slides. Both of these examples of encryption will be associated if Adrianna wants to send a message to me (Melissa)...
- Used in the military and the government to protect secrets from intruders. In the military when they deliver a message, they encrypt it so the enemy won&apos;t find out what their plans are. Used in everyday life for: -online banking: to protect your credit card numbers/debit numbers etc. -E-commerce: to protect any personal information (i.e. Any payment numbers, addresses, postal codes, phone numbers, emails etc.) -student records: to protect your student information from being tampered with. -ATM machines: Protect PIN&apos;s from being stolen -Social networking: protect conversations and passwords from being stolen. -Businesses: Keeping information secret from rival companies