1. Overview of Cryptography
"If you think cryptography can solve your problem, then
you don't understand your problem and you don't
understand cryptography."
-- Bruce Schneier
2. Overview of Cryptography
What is Cryptography?
Cryptography is an often misunderstood and misused security tool.
Today more than ever, privacy is a necessary part of business
communications. The following is an overview of public key
cryptography and one of its more widely-used implementations, Pretty
Good Privacy (PGP).
3.
4. Types of Cryptographic Systems
Secret Codes
The simplest and oldest way to send a secret
message to someone. The code must be known to
the sender or recipient.
Code Phrase True Meaning
My coffee is cold
Pass the cream
Launch the missiles
Don’t launch the missiles
5. Types of Cryptographic Systems
Ciphers
Substitution ciphers are the simplest type of cipher system.
Each letter of the alphabet is assigned to a number or different letter.
ROT13 is a commonly used cipher.
A B C D E F G H I J K L M
1 2 3 4 5 6 7 8 9 A B C . . .
7. Types of Cryptographic Systems
One-Time Pads
One-Time Pads uses a different key for a specific time
period.
Truly secure, no patterns evolve.
Most vulnerabilities due to human carelessness.
14 07 09 06 10 02 25 13 17 08 15
One-Time Pad - Shift each encrypted letter x places to the right
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
fazmyqbgnke
Encrypted Message
This is a test
Decrypted Text
8.
9. Cryptographic Methods
Secret Key (symmetric) Cryptography
A single key is used to both encrypt and decrypt a
message. A secure channel must be in place for users
to exchange this common key.
Plaintext Message
Secret Key
Encrypted Message
Secret Key
10. Cryptographic Methods
Public Key (asymmetric) Cryptography
Two keys are used for this method, the public key is used to encrypt.
The private key is used to decrypt. This is used when it isn’t feasible to
securely exchange keys.
Jay’s Public Key
Jay’s Private Key
Frank
Encrypted
Message
Clear Text
11. Cryptographic Methods
One-Way Functions
One-way functions:
Used to generate a fixed-length hash (also known as a message-digest) of a
file. This hash is essentially a ‘digital fingerprint’ of the file that would be sent
along with a document. The recipient would use the same method to generate
a hash. If the hashes do not match the file has been altered.
Message Crypto-Algorithm
5058f1af8388633f609cadb75a75dc9d
128 bit digital fingerprint
12. Pretty Good Privacy
PGP or Pretty Good Privacy is as the name suggest a package that guarantees
privacy or in other words it is an encryption package. PGP was developed by
Phil Zimmermann.
PGP is a dual-key or public-key cryptosystem (also known as asymmetric
cipher). One key is kept secret, the other key is made public. To communicate
with the owner of the secret key a message is encrypted with the
corresponding public key, this message can only be decrypted using the secret
key.
When a user encrypts plaintext with PGP, PGP first compresses the plaintext
Data compression saves modem transmission time and disk space and, more
importantly, strengthens cryptographic security.
13. Cont’d……..
Compression reduces these patterns in the plaintext, thereby greatly
enhancing resistance to cryptanalysis. (Files that are too short to compress or
which don't compress well aren't compressed.)
PGP then creates a session key, which is a one-time-only secret key. This key is
a random number generated from the random movements of your mouse and
the keystrokes you type.
This session key works with a very secure, fast conventional encryption
algorithm to encrypt the plaintext; the result is cipher text.
Once the data is encrypted, the session key is then encrypted to the recipient's
public key. This public key-encrypted session key is transmitted along with the
cipher text to the recipient.
14.
15. •Decryption works in the reverse. The recipient's copy
of PGP uses his or her private key to recover the
temporary session key, which PGP then uses to
decrypt the conventionally-encrypted cipher text.
16. Digital Signature
Digital Signature and Verification
Digital signature is a mechanism by which a message is authenticated i.e. proving that a
message is effectively coming from a given sender, much like a signature on a paper
document. For instance, suppose that Alice wants to digitally sign a message to Bob. To
do
so, she uses her private-key to encrypt the message; she then sends the message along
with
her public-key (typically, the public key is attached to the signed message). Since Alice’s
public-key is the only key that can decrypt that message, a successful decryption
constitutes
a Digital Signature Verification, meaning that there is no doubt that it is Alice’s private
key
that encrypted the message.