1 / 25

Computer Data Security & Privacy

Computer Data Security & Privacy. Lecture # 3 Symmetric & A Symmetric Encryption. Some Basic Terminology. Plaintext - original message Ciphertext - coded message Cipher - algorithm for transforming plaintext to ciphertext Key - info used in cipher known only to sender/receiver

derrickh
Télécharger la présentation

Computer Data Security & Privacy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Computer Data Security & Privacy

  2. Lecture # 3 Symmetric & A Symmetric Encryption

  3. Some Basic Terminology • Plaintext - original message • Ciphertext- coded message • Cipher - algorithm for transforming plaintext to ciphertext • Key - info used in cipher known only to sender/receiver • Encipher (encrypt)- converting plaintext to ciphertext

  4. Some Basic Terminology cont… • Decipher (decrypt)- recovering ciphertext from plaintext • Cryptography - study of encryption principles/methods • Cryptanalysis (codebreaking)- study of principles/ methods of deciphering ciphertext without knowing key • Cryptology - field of both cryptography and cryptanalysis

  5. Conventional Encryption Principles • In conventional cryptography, also called secret-key or symmetric-keyencryption, one key is used both for encryption and decryption. The DataEncryption Standard (DES) and Advance Encryption Standard (AES) are an example of a conventional encryption.

  6. Conventional Encryption Principles cont… • An encryption scheme has five ingredients: • Plaintext • Encryption algorithm • Secret Key • Ciphertext • Decryption algorithm • Security depends on the secrecy of the key, not the secrecy of the algorithm

  7. cryptosystem thatis widely employed by the Federal Government. Figure 3.1 is an illustration ofthe conventional encryption process. Conventional encryption it is very fast. However, a sender and recipient to communicate securely using conventional encryption, they must agree upon a key and keep it secret between themselves.

  8. Figure 3.1: Conventional encryption

  9. Requirements • Two requirements for secure use of symmetric encryption: • a strong encryption algorithm • a secret key known only to sender / receiver • Mathematically have: Y = EK(X) X = DK(Y) • Assume encryption algorithm is known • Implies a secure channel to distribute key

  10. Public-Key Cryptography • Asymmetric crypto-systems depend on two or more entities sharing a common secret. Asymmetric crypto-systems also have to construct secret keys but they are only stored locally and doesn’t have to be transmitted to the other parties participating in the communication. However asymmetric crypto-systems have to generate other keys as well, called public-keys, which have to be transmitted authentically.

  11. An asymmetric crypto-system is asymmetric in the sense that two opposite operations are defined; the first, which can be performed by everyone with the use of the receiver’s public key; the second, which can only be performed with the receiver’s private key (secret key). The first operation is the encryption of the message and the second operation is the decryption of the same message.

  12. The primary benefit of public key cryptography is that it allows people who have no preexisting security arrangement to exchange messages securely. The need for sender and receiver to share secret keys via some secure channel is eliminated; all communications involve only public keys, and no private key is ever transmitted or shared Figure 3.2.

  13. Some examples of public-key cryptosystems are Elgamal (named for its inventor, Taher Elgamal), RSA (named for its inventors, Ron Rivest, Adi Shamir, and Leonard Adleman).

  14. Figure 3.2: .Public key encryption

  15. Encryption using Public-Key system

  16. Applications for Public-Key Cryptosystems • Three categories: • Encryption/decryption: The sender encrypts a message with the recipient’s public key. • Digital signature: The sender ”signs” a message with its private key. • Key exchange: Two sides cooperate two exhange a session key.

  17. Cryptographic Attack Methods • There are six related cryptographic attack methods, including three plaintext-based methods and three ciphertext-based methods as shown in Table 3.1:

  18. Table 3.1: Attack cryptographic methods

  19. Brute Force Attacks • A brute force attack systematically attempts every possible key. In Figure 3.3 is an example of a brute force attack on a 4-bit key (24=16 times)

  20. Figure 3.3: 4-bits Key of a brute force attack

  21. Class work!!! • Brute force attack on a 2-bit key • Brute force attack on a 3-bit key

  22. Given a finite key length and sufficient time, a brute force attack is always successful. • Encryption algorithms can become susceptible to brute force attacks over time as CPU speeds increase.

  23. Man in the Middle Attack • Makes it seem that two computers are communicating with each other. Actually sending and receiving data with computer between them (Active or passive) as shown in Figure 3.4.

  24. Figure 3.4: Man in the Middle Attack

  25. END SLIDE SHOW L: Rania Tabeidi

More Related