5Cryptography New..

Cryptography

JITHENDRABABU B L

Information Security

The three goals of security—confidentiality, integrity and availability—can be threatened by security attacks.

Security services

Standards have been defined for security services to achieve security goals and prevent security attacks.

Cryptography

Cryptography means – “SECRET WRITING”

The art and science of keeping messages secure by altering or transforming them .

Cryptography is the science of using mathematics to encrypt and decrypt data.

Cryptography enables you to store sensitive information or transmit it across insecure networks (like the Internet) so that it cannot be read by anyone except the intended recipient.

Cryptanalysis is the science of analyzing and breaking secure communication. Cryptanalysts are also called attackers.

Plaintext: easy to understand form (original message)Cipher text: difficult to understand formEncryption: encoding (plaintext -> cipher text)Decryption: decoding (cipher text -> plaintext)

General Terms

Types of Cryptographic Systems

Symmetric Key: Secret Key Encryption(Same key for encryption and decryption)

Asymmetric Key: Public Key Encryption (Different keys for encryption and decryption)

Symmetric-key cryptography is based on sharing secrecy;asymmetric-key cryptography is based on personal secrecy.

Symmetric Cryptography

In a cryptosystem that uses symmetric cryptography, both parties will be using the same key for encryption and decryption

symmetric keys are also called secret keys because this type ofencryption relies on each user to keep the key a secret and properly protected. If this key got into an intruder’s hand, that intruder would have the ability to decrypt any intercepted message encrypted with this key.

Strengths

• Much faster than asymmetric systems• Hard to break if using a large key size

Weaknesses

• Key distribution: It requires a secure mechanism to deliver keys properly.• Scalability: Each pair of users needs a unique pair of keys, so the number of keys grow exponentially.• Limited security: It can provide confidentiality, but not authenticity or non repudiation.

• Data Encryption Standard (DES)• Triple DES (3DES)• Blowfish• IDEA• RC4, RC5, and RC6

Examples

Example- monoalphabetic substitution

Use the additive cipher with key = 15 to encrypt the message “hello”.

We apply the encryption algorithm to the plaintext, character by character:

The cipher text is therefore “wtaad”.The cipher text is therefore “wtaad”.

Example : substitution cipher

Alice needs to send the message “Enemy attacks tonight” to Bob. Alice and Bob have agreed to divide the text into groups of five characters and then permute the characters in each group. The following shows the grouping after adding a bogus character (z) at the end to make the last group the same size as the others.

The key used for encryption and decryption is a permutation key, which shows how the character are permuted. For this message, assume that Alice and Bob used the following key:

The third character in the plaintext block becomes the first character in the cipher text block, the first character in the plaintext block becomes the second character in the cipher text block and so on. The permutation yields:

Alice sends the ciphertext “eemyntaacttkonshitzg” to Bob. Bob divides the ciphertext into five-character groups and, using the key in the reverse order, finds the plaintext.

DES

The Data Encryption Standard (DES) is a symmetric-key block cipher published by the National Institute of Standards and Technology (NIST) in 1977. DES has been the most widely used symmetric-key block cipher since its publication.

AES

The Advanced Encryption Standard (AES) is a symmetric-key block cipher published by the US National Institute of Standards and Technology (NIST) in 2001 in response to the shortcoming of DES, for example its small key size.

Asymmetric Cryptography

In symmetric key cryptography, a single secret key is used between entities, whereas in public key systems, each entity has different keys, or asymmetric keys.

The two different asymmetric keys are mathematically related. If a message is encrypted by one key, the other key is required to decrypt the message.

In a public key system, the pair of keys is made up of one public key and one private key. The public key can be known to everyone, and the private key must only be known to the owner.

Strengths

• Better key distribution than symmetric systems• Better scalability than symmetric systems• Can provide confidentiality, authentication, and non repudiation

Weaknesses

• Works much slower than symmetric systems

• RSA• Elliptic Curve Cryptosystem (ECC)• Diffie-Hellman• El Gamal• Digital Signature Standard (DSS)

Examples

Plain Text m: numeric representation

me Cipher textc=me mod n

l 12 248832 17

o 15 759375 15

v 22 5153632 22

e 5 3125 10

Cipher text

cd m=cd mod n Plain Text

17 481968572106750915091411825223071697

12 l

15 12783403948858939111232751568359375

75159375 o

22 851643319086537701956194499721106030592

515322632 v

10 1000000000000000000000000000 31255 e

c=me mod n

m=cd mod nencryption: e=5, n=35

decryption: d=29, n=35

RSA algorithm

A major benefit of public key cryptography is that it provides a method for employing digital signatures.

Digital signatures enable the recipient of information to verify the authenticity of the information’s origin, and also verify that the information is intact. Thus, public key digital signatures provide authentication and data integrity.

A digital signature also provides non-repudiation, which means that it prevents the sender from claiming that he or she did not actually send the information.

Digital Signature

Instead of encrypting information using someone else’s public key, youencrypt it with your private key. If the information can be decrypted with your public key, then it must have originated with you.

Digital signature process

The sender uses a signing algorithm to sign the message. The message and the signature are sent to the recipient. The recipient receives the message and the signature and applies the verifying algorithm to the combination. If the result is true, the message is accepted, otherwise it is rejected.