Week2.pdf

Full Transcript

Cryptography Basics
An Introduction to Cryptography, Symmetric and Asymmetric
Encryption, and Key Management
Table of Contents
1.Introduction to Cryptography
2.Symmetric Encryption
3.Asymmetric Encryption
4.Key Management
Introduction to Cryptography
Definition of Cryptography
The practice and study of techniques for securing communication and
data in the presence of adversaries.
History of Cryptography
Ancient Egypt: Hieroglyphs
Caesar Cipher
World War II: Enigma Machine
Modern Cryptography
Computer and network security
History of Cryptography
Hieroglyphs is the writing
system ancient Egyptians
used for inscriptions
mostly on walls of temples
and tombs, as well as
statues, coffins. These
were created for eternity,
either for the gods or for
the afterlife.
History of Cryptography
It is a type of
substitution cipher in which
each letter in the plaintext is
replaced by a letter some
fixed number of positions
down the alphabet.
History of Cryptography
The Enigma machine is a
cipher device developed
and used in the early- to
mid-20th century to protect
commercial, diplomatic, and
military communication.
Goals of Cryptography
Confidentiality
Ensuring that information is accessible only to those authorized to
have access.
Integrity
Ensuring that information is accurate and unaltered.
Authentication
Verifying the identity of a person or entity.
Non-repudiation
Assurance that someone cannot deny the validity of something.
Symmetric Encryption
Definition
Encryption method where the same key is used for both encryption and
decryption.
Examples
AES (Advanced Encryption Standard)
DES (Data Encryption Standard)
Advantages
Fast and efficient
Disadvantages
Key distribution problem
How Symmetric Encryption Works

Encryption Process
Plaintext is converted to ciphertext using an encryption key.
Decryption Process
Ciphertext is converted back to plaintext using the same key.
How Symmetric Encryption Works
Sample Code:
Asymmetric Encryption
Definition
Encryption method where two different keys are used: a public key and a
private key.
Examples
RSA (Rivest-Shamir-Adleman)
ECC (Elliptic Curve Cryptography)
Advantages
Solves the key distribution problem
Disadvantages
Slower compared to symmetric encryption
How Asymmetric Encryption Works
Encryption Process
Public key is used to encrypt the message.
Decryption Process
Private key is used to decrypt the message.
How Asymmetric Encryption Works
Explanation
1.Key Generation:
1. rsa.generate_private_key generates a
private key. The public key is derived from
this private key.
2. The public_exponent is typically set to
65537 for security and efficiency reasons.
3. The key_size determines the strength of the
encryption. A size of 2048 bits is common
for secure RSA encryption.
2.Message Encryption:
1. The public_key.encrypt method encrypts
the message using the public key and OAEP
padding with SHA-256 hashing. OAEP
(Optimal Asymmetric Encryption Padding) is
a padding scheme often used with RSA
encryption to provide semantic security.
3.Message Decryption:
1. The private_key.decrypt method decrypts
the ciphertext using the private key and the
same OAEP padding scheme used for
encryption.
Key Management
Definition
The process of managing cryptographic keys in a cryptosystem.
Key Generation
Creating cryptographic keys.
Key Distribution
Securely distributing keys to parties.
Key Storage
Securely storing keys to prevent unauthorized access.
Key Management Challenges
Key Distribution
Ensuring keys are delivered securely.
Key Storage
Protecting keys from theft or loss.
Key Rotation
Regularly updating keys to maintain security.
Key Revocation
Removing keys that are no longer secure.
Best Practices in Key Management
Use Strong Keys
Choose keys with sufficient length and complexity.
Implement Key Rotation
Regularly change keys to limit exposure.
Secure Key Storage
Use hardware security modules (HSMs) for storing keys.
Access Controls
Limit access to keys based on the principle of least privilege.