Lecture 05 - Cryptography PDF

Summary

This lecture covers cryptography, including various types such as symmetric and asymmetric cryptography, along with their algorithms like DES, 3DES, and AES. Topics like encryption, decryption, and key exchange are also discussed. The lecture notes also address public key cryptography and its implementation. It is part of a larger course on information security offered by the University of Technology and Applied Sciences.

Full Transcript

CSSY1208
Introduction to Information
Security
Lecture 05 - Cryptography
 Textbook :
The Basics of Information Security
Understanding the Fundamentals of InfoSec in
Theory and Practice

Second Edition,
Jason Andress
Elsevier Publication

Referenced Book :
Cryptography and Network Security
6th Edition, William Stallings, Pearson Publication
Outline
CHAPTER-5-Cryptography
Introduction
Cryptographic machines
Symmetric versus asymmetric cryptography
Hash functions
Digital signatures
Certificates
Protecting data at rest, in motion, and in use.

3
Introduction
The chief security measure that allows us to make use of technologies is cryptography.

The use of cryptography is an integral part of computing, networking, and the vast set
of transactions that take place over such devices on a daily basis.

We depend on cryptography when we have conversations on our cell phones, check our
e-mail, buy things from online retailers, file our taxes, and do other activities.

Encryption itself is actually a subset of cryptography, referring specifically to the
transformation of unencrypted data, called plaintext or cleartext, into its encrypted
form, called ciphertext.

Decryption is the process of recovering the plaintext message from the ciphertext. The
plaintext and ciphertext may also be generically referred to as the message.

Cryptanalysis, The science of breaking through the encryption used to create the
ciphertext.

Cryptology, The overarching field of study that covers cryptography and cryptanalysis. 4
 Encryption - Decryption

Source Destination
Encryption Decryption

Plaintext Encryption Ciphertext Decryption Plaintext

5
Cryptography…
Confidentiality: information is only read/known/learnt by authorised
people.

Authenticity: process of confirming the correctness of the claimed
identity.

Integrity: information should only be modified by authorised people.

Non-Repudiation: a user should not be able to deny sending a
message.

6
 Encryption of Personals Files
Encryption is an important part of your file protection and information
protection strategy.

The encryption process encodes your data (referred to as plaintext) into
ciphertext.

Unlike plaintext, ciphertext can't be used by people or computers unless and
until the ciphertext is decrypted.

Decryption requires an encryption key that only authorized users have.

Encryption helps ensure that only authorized recipients can decrypt your
content.
Content includes files, email messages, calendar entries, and so on.

You can have multiple layers of encryption in place at the same time.

7
Symmetric cryptography
There are two basic techniques for encrypting information:
private key encryption (also called symmetric encryption)
public key encryption (also called asymmetric encryption).

Private key encryption: The same key is used for encryption and
decryption. The key has to be private.

Public key encryption: Two different keys are used. One for encryption and
another for decryption. One key is public and one key private.

In many cases, symmetric key cryptography is much faster than
asymmetric,

but symmetric cryptography brings with it the issue of key exchange
so it was difficult to determine which was best to use when designing a secure
8
infrastructure.
 Symmetric key cryptography
Symmetric key cryptography, also known as private key
cryptography.

utilizes a single key for both encryption of the plaintext and
decryption of the ciphertext.

The key itself must be shared between the sender and the receiver,
and this process, known as key exchange

9
 Symmetric key algorithms
DES – DES is a block cipher based on symmetric key cryptography
and uses a
56-bit key.

3DES - 3DES (pronounced triple DES), which is simply DES used to
encrypt each
block three times, each time with a different key.

AES - AES is a set of symmetric block ciphers is the replacement for
DES,

AES uses three different ciphers: one with a 128-bit key, one
10
with a 192-
 Asymmetric Cryptography
Cryptography involves the use of two keys:

 A public key, which may be known by anybody, and can be
used to encrypt messages, and verify signatures

 A private key, known only to the recipient, used to
decrypt messages, and sign (create) signatures

11
Public Key Cryptography

12
Public Key Cryptography
Alice and Bob

Here Bob wants to send a message to Alice. Bob will encrypt the
message with the public key of Alice and sends it to Alice. Alice will
decrypt the same message with her private key.

The private key must be the combination pair of its public key. Then
only this will satisfy.

In this case there is no authenticity, i.e. anybody can send the
message to Alice. Alice cannot predict this has been send from Bob

13
 Asymmetric key algorithms

The RSA algorithm, named for its creators Ron Rivest, Adi

Shamir, and Leonard Adleman, is an asymmetric algorithm used all

over the world.

used in the Secure Sockets Layer (SSL) protocol, which is used to

secure many common transactions such as Web and e-mail traffic.

14
 Hash functions
Hash functions represent a third cryptography type alongside symmetric
and asymmetric cryptography, what we might call keyless
cryptography.

Hash functions, also referred to as message digests.

create a largely unique and fixed-length hash value.

Any slight change to the message will change the hash.
The hash can be sent with the message so that the receiver can verify its
integrity.
The receiver simply hashes the message again using the same
algorithm.

Then compares the two hashes.
– If the hashes match, the message has not changed.
– If they do not match, the message has been altered.
15
Online Hash Calculator
https://www.tools4noobs.com/online_tools/hash/

16
 Digital signatures
Digital signatures are a great example of where the hash function is
used.

Digital signatures allow us to sign a message in order to:
– enable detection of changes to the message contents
– ensure that the message was legitimately sent by the expected party
– prevent the sender from denying that he or she sent the message, known as
nonrepudiation.

To digitally sign a message(generating a digital signature):
– the sender would generate a hash of the message.
– then use his private key to encrypt the hash.

The sender would then send the digital signature along with the message,
usually by appending it to the message itself. 17
 Certificates
In addition to hashes and digital signatures, we have another
construct by which we can scale up the use of message signing, in
the form of digital certificates, commonly known as certificates.

Certificates are created to link a public key to a particular
individual and are often used as a form of electronic identification
for that particular person.

A certificate is typically formed by taking the public key and
identifying information, such as a name and address and having
them signed by a Certificate Authority (CA).

18
 Protecting data at rest, in
motion, and in use
We can divide practical uses of cryptography into two major
categories:
Protecting data at rest and protecting data in motion.

Protecting data at rest is important because of the large
amount of stored data that can be found on devices such as
backup tapes, flash drives, and hard drives in portable devices
such as laptops.

Protecting data in motion is vital as well because of the
enormous amount of business that is conducted over the19