Lecture 05 - Cryptography PDF
Document Details
Uploaded by EntrancedTangent2432
University of Technology and Applied Sciences - Ibri
Tags
Summary
This lecture covers cryptography, including various types such as symmetric and asymmetric cryptography, along with their algorithms like DES, 3DES, and AES. Topics like encryption, decryption, and key exchange are also discussed. The lecture notes also address public key cryptography and its implementation. It is part of a larger course on information security offered by the University of Technology and Applied Sciences.
Full Transcript
CSSY1208 Introduction to Information Security Lecture 05 - Cryptography Textbook : The Basics of Information Security Understanding the Fundamentals of InfoSec in Theory and Practice Second Edition, Jason Andress Elsevier Publication Referenced Book : Cryptography and Network...
CSSY1208 Introduction to Information Security Lecture 05 - Cryptography Textbook : The Basics of Information Security Understanding the Fundamentals of InfoSec in Theory and Practice Second Edition, Jason Andress Elsevier Publication Referenced Book : Cryptography and Network Security 6th Edition, William Stallings, Pearson Publication Outline CHAPTER-5-Cryptography Introduction Cryptographic machines Symmetric versus asymmetric cryptography Hash functions Digital signatures Certificates Protecting data at rest, in motion, and in use. 3 Introduction The chief security measure that allows us to make use of technologies is cryptography. The use of cryptography is an integral part of computing, networking, and the vast set of transactions that take place over such devices on a daily basis. We depend on cryptography when we have conversations on our cell phones, check our e-mail, buy things from online retailers, file our taxes, and do other activities. Encryption itself is actually a subset of cryptography, referring specifically to the transformation of unencrypted data, called plaintext or cleartext, into its encrypted form, called ciphertext. Decryption is the process of recovering the plaintext message from the ciphertext. The plaintext and ciphertext may also be generically referred to as the message. Cryptanalysis, The science of breaking through the encryption used to create the ciphertext. Cryptology, The overarching field of study that covers cryptography and cryptanalysis. 4 Encryption - Decryption Source Destination Encryption Decryption Plaintext Encryption Ciphertext Decryption Plaintext 5 Cryptography… Confidentiality: information is only read/known/learnt by authorised people. Authenticity: process of confirming the correctness of the claimed identity. Integrity: information should only be modified by authorised people. Non-Repudiation: a user should not be able to deny sending a message. 6 Encryption of Personals Files Encryption is an important part of your file protection and information protection strategy. The encryption process encodes your data (referred to as plaintext) into ciphertext. Unlike plaintext, ciphertext can't be used by people or computers unless and until the ciphertext is decrypted. Decryption requires an encryption key that only authorized users have. Encryption helps ensure that only authorized recipients can decrypt your content. Content includes files, email messages, calendar entries, and so on. You can have multiple layers of encryption in place at the same time. 7 Symmetric cryptography There are two basic techniques for encrypting information: private key encryption (also called symmetric encryption) public key encryption (also called asymmetric encryption). Private key encryption: The same key is used for encryption and decryption. The key has to be private. Public key encryption: Two different keys are used. One for encryption and another for decryption. One key is public and one key private. In many cases, symmetric key cryptography is much faster than asymmetric, but symmetric cryptography brings with it the issue of key exchange so it was difficult to determine which was best to use when designing a secure 8 infrastructure. Symmetric key cryptography Symmetric key cryptography, also known as private key cryptography. utilizes a single key for both encryption of the plaintext and decryption of the ciphertext. The key itself must be shared between the sender and the receiver, and this process, known as key exchange 9 Symmetric key algorithms DES – DES is a block cipher based on symmetric key cryptography and uses a 56-bit key. 3DES - 3DES (pronounced triple DES), which is simply DES used to encrypt each block three times, each time with a different key. AES - AES is a set of symmetric block ciphers is the replacement for DES, AES uses three different ciphers: one with a 128-bit key, one 10 with a 192- Asymmetric Cryptography Cryptography involves the use of two keys: A public key, which may be known by anybody, and can be used to encrypt messages, and verify signatures A private key, known only to the recipient, used to decrypt messages, and sign (create) signatures 11 Public Key Cryptography 12 Public Key Cryptography Alice and Bob Here Bob wants to send a message to Alice. Bob will encrypt the message with the public key of Alice and sends it to Alice. Alice will decrypt the same message with her private key. The private key must be the combination pair of its public key. Then only this will satisfy. In this case there is no authenticity, i.e. anybody can send the message to Alice. Alice cannot predict this has been send from Bob 13 Asymmetric key algorithms The RSA algorithm, named for its creators Ron Rivest, Adi Shamir, and Leonard Adleman, is an asymmetric algorithm used all over the world. used in the Secure Sockets Layer (SSL) protocol, which is used to secure many common transactions such as Web and e-mail traffic. 14 Hash functions Hash functions represent a third cryptography type alongside symmetric and asymmetric cryptography, what we might call keyless cryptography. Hash functions, also referred to as message digests. create a largely unique and fixed-length hash value. Any slight change to the message will change the hash. The hash can be sent with the message so that the receiver can verify its integrity. The receiver simply hashes the message again using the same algorithm. Then compares the two hashes. – If the hashes match, the message has not changed. – If they do not match, the message has been altered. 15 Online Hash Calculator https://www.tools4noobs.com/online_tools/hash/ 16 Digital signatures Digital signatures are a great example of where the hash function is used. Digital signatures allow us to sign a message in order to: – enable detection of changes to the message contents – ensure that the message was legitimately sent by the expected party – prevent the sender from denying that he or she sent the message, known as nonrepudiation. To digitally sign a message(generating a digital signature): – the sender would generate a hash of the message. – then use his private key to encrypt the hash. The sender would then send the digital signature along with the message, usually by appending it to the message itself. 17 Certificates In addition to hashes and digital signatures, we have another construct by which we can scale up the use of message signing, in the form of digital certificates, commonly known as certificates. Certificates are created to link a public key to a particular individual and are often used as a form of electronic identification for that particular person. A certificate is typically formed by taking the public key and identifying information, such as a name and address and having them signed by a Certificate Authority (CA). 18 Protecting data at rest, in motion, and in use We can divide practical uses of cryptography into two major categories: Protecting data at rest and protecting data in motion. Protecting data at rest is important because of the large amount of stored data that can be found on devices such as backup tapes, flash drives, and hard drives in portable devices such as laptops. Protecting data in motion is vital as well because of the enormous amount of business that is conducted over the19