King Fahd University of Petroleum Minerals College of
- Slides: 41
King Fahd University of Petroleum & Minerals College of Computer Science & Engineering SEC 511 Principles of Information Assurance and Security Lecture 3 Cryptography Overview
Cryptography Definition • Comes from Greek word meaning “secret writing” • It refers to the science of transforming information into a secure form while it is being transmitted or stored so that unauthorized users cannot access it 2
Goals of Cryptography Secure communication 3
Goals of Cryptography Secure storage 4
Services Provided by Cryptography Goal Description Confidentiality Keeping information secret and allow only authorized parties to access it [3]. Authentication Verifying an entity’s identity (e. g: user, computer) [3]. Integrity Ensuring that information is correct and has not been altered by unauthorized person or a malicious software [3]. Non-repudiation Proving that a user performed an action and preventing him/her from denying the performed action (e. g: sender/receiver sent/received a message) [3]. 5
Cryptography Components 6
Terminology • Plaintext: Original unencrypted information. • Ciphertext: The information after being encrypted by an encryption algorithm. • Encryption: Producing ciphertext from plaintext using cryptosystem (also called encipherment). • Decryption: Reverse process of encryption (also called decipherment). • Algorithm: Process of encrypting and decrypting information based on a mathematical procedure. 7
Terminology Key: Value used by an algorithm to encrypt or decrypt a message, and should only be known by sender/receiver. Cipher: Encryption or decryption algorithm tool used to create encrypted or decrypted a text. 8
Categories of Cryptography 9
Symmetric-Key Cryptography 10
Symmetric-Key Cryptography In symmetric-key cryptography, the same key is used by the sender (for encryption) and the receiver (for decryption). The key is shared. 11
Modes of operation* Figure 8. 1 Modes of operation 8. 12 * See: Forouzan, Chapter 8 12
Electronic Code Book (ECB) Figure 8. 2 Electronic codebook (ECB) mode 13
Cipher Block Chaining (CBC) Figure 8. 3 Cipher block chaining (CBC) mode 14
Cipher Feedback (CFB) Figure 8. 4 Encryption in cipher feedback (CFB) mode 15
CFB as a Stream Cipher Figure 8. 5 Cipher feedback (CFB) mode as a stream cipher 8. 16 16
Output Feedback (OFB) Each bit in the ciphertext is independent of the previous bit or bits. This avoids error propagation. Figure 8. 6 Encryption in output feedback (OFB) mode 17
OFB as a Stream Cipher Figure 8. 7 Output feedback (OFB) mode as a stream cipher 8. 18 18
Counter (CTR) In the counter (CTR) mode, there is no feedback. The pseudorandomness in the key stream is achieved using a counter. Figure 8. 8 Encryption in counter (CTR) mode 8. 19 19
CTR mode as a stream cipher Figure 8. 9 Counter (CTR) mode as a stream cipher 8. 20 20
Modern Symmetric-key Ciphers • Symmetric-key: A shared secret key is used for both encryption and decryption. • Block Ciphers: • • Each block of data is encrypted at once Examples: DES, AES • Stream Ciphers: • • Small unit of data (bit, byte, character) is encrypted individually. Examples: RC 4, A 5/1 21
Data Encryption Standard (DES) • • • 6. 22 DES: was published by NIST in 1975 Block size: 64 bits Key size: 56 bits Phase-out: NIST adopted 3 DES in 1999 Encryption and decryption with DES: 22
Advanced Encryption Standard (AES) • • AES: adopted by NIST in 2001 to replace 3 DES. Block size: 128 bits Key sizes: 128/192/256 bits AES Security: • More secure than DES and 3 DES due to larger blocks and keys. • Most of the known attacks on DES were already tested on AES. • AES Implementation: • Can be implemented in software, hardware, and firmware. • Implementation can use table lookup process or routines. • Simplicity and Cost: • AES is design to run efficiently on an 8 -bit processor. 6. 23 23
Symmetric Vs Asymmetric Cryptography 24
Asymmetric-Key Cryptography Asymmetric key cryptosystem: • Uses two separate keys: 1. 2. • Public: for encryption (receiver’s public key) Private: for decryption (receiver’s private key). Examples: • RSA • • El. Gamal Rabin 25
Asymmetric-Key Cryptography 26
Keys Used in Crcyptography 27
Kerckhoff’s principle • Based on Kerckhoff’s principle, one should always assume that the adversary knows the encryption/decryption algorithm. The resistance of the cipher to attack must be based only on the secrecy of the key. • Claude Shannon (father of Information Theory) reformulated the principle simply: The enemy knows the system • This to contrast to: Security through obscurity 28
Cryptanalysis As cryptography is the science and art of creating secret codes, cryptanalysis is the science and art of breaking those codes. 29
Cryptanalysis: Ciphertext-Only Attack The attacker has only a ciphertext 30
Cryptanalysis: Known-Plaintext Attack The attacker has access to a plaintext/ciphertext pair, in addition to the intercepted ciphertext. 31
Cryptanalysis: Chosen-Plaintext Attack The attacker chooses the pair plaintext/ciphertext 32
Cryptanalysis: Chosen-Ciphertext Attack The attacker chooses the ciphertext and decrypts it. 33
The Need for Integrity The cryptography systems that we have studied so far provide secrecy, or confidentiality, but not integrity. However, there are occasions where we may not even need secrecy but instead must have integrity. See: Forouzan Chapter 11 34
Document and Fingerprint One way to preserve the integrity of a document is through the use of a fingerprint. If Alice needs to be sure that the contents of her document will not be changed, she can put her fingerprint at the bottom of the document. 35
Message and Message Digest The electronic equivalent of the document and fingerprint pair is the message and digest pair. 36
Checking Integrity 37
Cryptographic Hash Function A cryptographic hash function is a deterministic procedure that takes an arbitrary block of data and returns a fixed-size bit string. The data to be encoded is often called the "message, " and the hash value is sometimes called the message digest or simply digest. The ideal cryptographic hash function has four main or significant properties: 1. it is easy (but message 2. it is infeasible 3. it is infeasible 4. it is infeasible not necessarily quick) to compute the hash value for any given to generate a message that has a given hash to modify a message without changing the hash to find two different messages with the same hash 38
Cryptographic Hash Function 39
Summary How to guarantee each combination of the following: Confidentiality Authentication Integrity Non-Repudiation 40
The end Reading: Forouzan Chapters: 3, 6, 7, 8, 10, and 11
- Milk alkali syndrome
- Fahd: hi, ryan. where are you going?
- Fuente del rey fahd
- King saud university college of medicine
- King saud university college of medicine
- Prodofol
- King saud university college of pharmacy
- King saud university college of medicine
- King saud university college of pharmacy
- King saud university college of pharmacy
- College of engineering, king abdulaziz university
- King saud university college of business administration
- Ufa colleges and universities
- 詹景裕
- The king is dead - long live the king
- King ___________ of france called himself "the sun king."
- King college kriterleri
- Prof. dr hab. n. med. anna piekarska
- King's college criterios
- King's college criterios
- Alan turing king's college
- Nora middleware
- Applied medical sciences
- Ksu mechanical engineering
- King abdulaziz university english language institute
- جامعة الملك عبدالعزيز رابغ
- King saud university riyadh
- King saud university hospital nurse salary
- Petroleum registry
- Petroleum ether composition
- Petroleum contact water
- How is cracking done
- Petroleum facts
- Statoil ministry of petroleum and energy
- Importance of fossil fuels
- Mineral resources and petroleum authority of mongolia
- Derivatives of naphthalene slideshare
- Petroleum engineer pros and cons
- Composition of petroleum
- Bharat petroleum
- Botas petroleum pipeline corporation
- Angola