ENCRYPTION

Cryptology is the science of encryptionCryptography

• Literally means hidden writing• Is the process of making and using codes to secure communication

Cryptanalysis• Is the process of obtaining the original message from an encrypted message without knowing the algorithms or keys used for encryption

Two types of Keys: • Asymmetric or Public Key Encryption (two keys)• Symmetric or Private Key Encryption(Single key)

Public key encryption algorithms are rarely used for data confidentiality because of their performance constraints.Instead, public key encryption algorithms are typically used in applications involving authentication using digital signatures and key management.

Secret key cryptography is often referred to as symmetric cryptography because the same key encrypts and decrypts.

Asymmetric encryption is more complex and more secure. Asymmetric encryption's added safety comes at a price: More computation is required, so the process takes longer.

Although, symmetric encryption is fast, it is not as safe as asymmetric encryption because someone could “steal” the key and decode the messages. But because of its speed, it's commonly used for e-commerce transactions.

If you use a computer and the internet, you’re using encryption!

Enables all organizations regardless of their size, to be both user-and-IT friendly

AuthenticationProtects personal data such as passwords.

PrivacyProvides for confidentiality of private information.

IntegrityEnsures that a document or file has not been altered.

AccountabilityPrevents denial or plagiarism.

Data Encryption Standard (DES):Most widely used algorithmPioneered by IBMIt is symmetric cryptosystemDeveloped to protect sensitive, unclassified, US government, Computer data.Used to provide authentication of electronic

funds transfer messages.

History of cryptography36th century - The Sumerians develop cuneiform writing and the Egyptians develop hieroglyphic writing.16th century - The Phoenicians develop an alphabet600-500 - Hebrew scholars make use of simple mono-alphabetic substitution ciphers (such as the Atbash cipher)c. 400 - Spartan use of scytale (alleged)c. 400 - Herodotus reports use of steganography in reports to Greece from Persia (tattoo on shaved head)100-1 CE - Notable Roman ciphers such as the Caesar cipher.

Plain: A B C D E F G H I J K L M N O P Q R S T U V W X Y ZCipher: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C

Example: Hello, my first name is Carlos = KHOOR, PB ILUVW QDPH LV FDUORV

http://www.sccs.swarthmore.edu/users/03/julieg/hw14cipher.html

Click Here

The Confederate Cipher Disk

The Vigenère cipher was named for Blaise de Vigenère, even though it was invented by Leon Battista Alberti in 1467, 56 years before Vigenère was born. It uses a Caesar cipher with a different shift at each letter in the text, with the amount of the shift defined by a repeating keyword.

Confederate Cipher Disc A good example of the Vigenère Cipher is the Confederate Cipher Disk that was used as a field cipher during the American Civil War (1861-1865). It was usually supplied in a small leather bag (see below). CSA stands for Confederate States of America, and SS means Secret Service.

Spanish-American War The same cipher disc was used during the Spanish-American War of 1898, when a paper-based version of it was included in the Giddings Field Message-Book, a small A6-size booklet with a green leather cover and a short pencil.

In the 1790s, Thomas Jefferson invented the "wheel cypher" as he called it, which was a stack of 36 wooden wheels mounted on an axle. Each wheel was unique, with a different random alphabetic arrangement on its circumference. The order of each of the wheels on the axle gives the number of possibilities for the key, which is 36!. For a small number of short messages, this is considered a very strong cipher, even today. This picture shows a cipher wheel found in a home near Jefferson's mansion in Virginia, which looks exactly like the description given by Jefferson. It now resides in the NSA National Cryptologic Museum in Fort Meade, Maryland. Jefferson's invention was lost to history, until discovered in his papers in 1922. Coincidentally, it was independently re-invented and entered service in the US military in that same year and remained in active use until 1942.

This is the US Army M-94 cipher wheel first produced in 1922 and used until 1942, when it was replaced by the M-209. There are 25 wheels, numbered inside from 1 to 25 (also B to Z) and the daily key is the order of these 25 wheels on the spindle. The key length is 25! (25 factorial = 25 X 24 X 23 X ... X 2 X 1 = 1.55 X 10**25) which is larger than the German Army Enigma machine's key length.

The M-209, designated CSP-1500 by the Navy (C-38 by the manufacturer) is a portable, mechanical cipher machine used by the US military primarily in World War II, though it remained in active use through the Korean War. The M-209 was designed by Swedish cryptographer Boris Hagelin in response to a request for such a portable cipher machine, and was an improvement of an earlier machine, the C-36.

The Enigma cipher machine was invented by a German engineer, Arthur Scherbius, who applied for his patent on February 23, 1918. This was in the same time frame that 3 other inventors from 3 other countries also applied for a patent for a rotary cipher machine. Scherbius first tried to sell his design to the German military but finding no interest decided to start up his own company to manufacture the Enigma for commercial sale. The German Navy adopted the Enigma in 1926 and the Army in 1928. Both services modified the Enigma for their purposes, and would continue to modify their Enigmas and keep them different through the end of WW2. They both added the plugboard, which swaps letters in pairs before and after the signal goes to the rotors, adding a significant cryptologic strength to the Enigma. By this time the weight of the Army Enigma was 26 lbs., much lighter than the original machines but still heavy for a battlefield cipher. This was a much stronger cipher than the US M-209 but the US cipher machine weighed only 6 lbs., did not require batteries and had a printer so it could be operated by one person.

German Lorenz cipher machine, used in World War II to encrypt very-high-level general staff messages

SIGABA was similar to the Enigma in basic theory, in that it

used a series of rotors to encipher every character of the

plaintext into a different character of ciphertext. Unlike

Enigma's three rotors however, the SIGABA included fifteen, and did not use a reflecting rotor. The machine was so successful that

during the war, the German cryptanalysts gave up on even recording their intercepts of the

messages. They found it impregnable.

Motorola SECTEL 2500 (Secure Telephone Unit STU-III )

The SECTEL 2500 was a secure telephone manufactured by Motorola in Seguin (Texas, USA) around 1990. It was intended for US government use, and is capable of utilizing two different encryption algorithms for secure communication. It uses the NIST Standard DES algorithm . The algorithm is selected by the information contained on the Key Storage Device (KSD) which is inserted at the right. If the inserted KSD is a Crypto Ignition Key (CIK), the SECTEL 2500 will go secure using Type 2 encryption. If the inserted KSD is a Terminal Activation Key (TAK) or a Security Activation Key (SAK), Type 3 encryption will be selected.

The KSD-64 is a so-called Key Storage Device (KSD) developed by the American NSA for use with electronic cryptographic equipment. It is manufactured by Datakey Electronics in Savage (Minnesota, USA). It is typically used as a Crypto Ignition Key (CIK) in key-splitting applications, but it can also be used for other purposes, such as a FILL key.

The image on the right shows a typical KSD-64 key, which looks like a plastic toy key. Hidden inside, is a custom-made parallel EEPROM with 64 Kbits of storage capacity. The 28 contacts of the EEPROM are situated in between the plastic teeth of the key.

Devices supporting the KSD, have a so-called keyceptacle in which the key can be inserted. Once inserted, the key is activated by rotating it 90° clockwise, until it clicks. In that position, the 28 contacts of the key are connected to 28 contacts inside the keyceptacle.

The KSD-64 is no longer in production and is replaced by the compatible PK-64KC, which is also available from Datakey Electronics.

In use at 9/11

On 11 September 2001, the two largest towers of the World Trade Center in New York (USA) were attacked by terrorists. When it happened, president George W. Bush was visiting Emma E. Booker Elementary School in Sarasota (Florida).

When travelling, the Secret Service always has a STU-III unit readily available in a nearby room. Moments after the attack, Bush used a Motorola SECTEL to speak with his security staff. STU-III phones allow secure conversions over standard (insecure) analog telephone lines, up to the level of Top Secret.

Example:In this example, the Wikipedia logo has been split into two shares. Each white pixel in the original logo is split into two of the same small blocks that have full black and white pixels. When these two blocks are overlaid, they align exactly, and so the result is a light-colored block (with half black and half white pixels). Each black pixel in the original logo is split into two complementary small blocks. When these two blocks are overlaid, the result is a completely black block.If each pixel in the original image is split randomly into two shares as described above, the shares are correlated together and reveal the original image. Still, when each individual share is considered alone (i.e., when the other share is unknown), it is a totally random collection of blocks. Given only one share, a second share can be crafted to reveal any possible image; therefore, individual shares reveal no information about the original image.

Encrypted Chat is a good way of providing support to users and it is said you can safely give personal information

regarding billing with the encrypted stream of data using Live person.

Key management is one of the most critical aspects of an encryption system.

It includes creating strong keys, distributing them securely, certifying them correct, protecting while in use, and revoking them they are compromised or expired.

Most encryption systems have a method for users to generate keys in many cases, the user chooses a password.

Keys must be transported securely to ensure the integrity of the keys.

If keys are transmitted, they must be checked on arrival to ensure they have not been manipulated (usually done manually or by digital signatures).

Certificate Authorities (CAs) ensure the integrity of the keys and prevent an attacker from introducing their own keys.

Public keys require integrity protection (provided by certification), but they do not require confidentiality protection. However, all copies of the private key of a public key system must be protected at all times.

Session keys may only exist for a given session and may be deleted after the session.

Public key pairs are generally certified for one or two years.

If a key is lost or compromised, the owner of the key should inform users that it is not be used.

In the case of a public key encryption systems, the owner must post the revocation to all of the potential key servers.

Trust is underlying concept of all security and encryption.

There are two primary models that are used for trust:Hierarchical trustWeb of trust

The Hierarchical Trust model is based on a chain of authority, in which you trust someone if someone higher up in the chain certifies it.

The Hierarchical Trust model is complicated to put into practice because there is no real root-level CA.

Establishing an internal CA and public key infrastructure for a business is a challenging task that demands a lot resources.

The Web of Trust model was first used by Pretty Good Privacy (PGP).

It is based on the concept that each user certifies their own certificate and passes that certificate off to known associates.

The primary advantage is that there is no large investment in infrastructure.

The primary disadvantage is a lack of scalability.

Encryption is simply the obfuscation of information in such a way so as to allow authorized individuals to see it, but to hide from unauthorized individuals.

The Private Key encryption requires all parties authorized to read the information to have the same key.

The Public Key encryption uses two keys. One key is used to encrypt information and another key is used to decrypt it.

A digital signature is a method of authenticating electronic information using encryption.

Key Management includes creating strong keys, distributing them securely, certifying that they are correct, protecting them while they are in use, and revoking them when they are compromised or expired.

There are two primary models that are used for trust: Hierarchical Trust and Web of Trust.

Book “Network Security A Beginner’s Guide” by Eric Maiwald

Class Materials of Dr. Eamon P. Doherty

http://en.wikipedia.org/wiki/History_of_cryptography

http://freevideolectures.com/Course/2656/CSCI-E-2-Bits/4

http://www.livinginternet.com/i/is_crypt_pkc_inv.htm

http://encryption.moonvalley.com/history.htm

http://www.exploratorium.edu/ronh/secret/secret.html

http://www.vectorsite.net/ttcode.html

http://en.wikipedia.org/wiki/Visual_cryptography

http://en.wikipedia.org/wiki/Digital_signature

http://en.wikipedia.org/wiki/Google_Talk

http://www.braingle.com/brainteasers/codes/index.php

Click here to see the moviewww.youtube.com/watch?v=ySP-dvcOgas