3. Two kinds of Cryptography
Symmetric
1) Ram and Manoj agree on a
cryptosystem
2) Ram and Manoj agree on a
key
3) Ram takes her plaintext
message and encrypts it using
the encryption algorithm and
the key. This creates a cipher
text message
4) Ram sends the cipher text
message to Manoj.
5) Manoj decrypts the cipher
text message with the same
algorithm and key and reads
it
Asymmetric
1) Ram and Manoj agree on a
public-key cryptosystem
2) Manoj sends Alice his public
key
3) Ram encrypts her message
using Manoj’s public key and
sends it to Bob
4) Ram decrypts Ram’s message
using his private key
5) Ram decrypts the cipher text
message with the different
algorithm and key.
4. Public-key algorithms
Public key are not a substitute for symmetric algorithms.
Public key are not used to encrypt messages, they are used to encrypt
keys .
5. Digital Signatures with Encryption
1) Ram signs the message with her private key
SR(M)
2) Ram encrypts the signed message with Manoj’s public
key and sends it to Manoj
EM(SR(M))
3) Manoj decrypts the message with his private key
DM(EM(SR(M))) = SR(M)
4) Manoj verifies with Ram’s public key and recovers the
message
VR(SR(M)) = M
6. Attacks against
Public-key Cryptography
How Ram gets Manoj’s public key?
from secure database
How to protect the public key?
database is read-only to everyone, only writable to Trent
Trent can sign each public key by his own private key (Key
Certification Authority or Key Distribution Center)
7. Security Mechanisms
Specific use of certain algorithms, protocols, and
procedures to provide one or more security services
Examples:
Authentication – use password, fingerprint.
Access Control – specify access rights based on the user id,
role/group to specific transactions .
Data Confidentiality – encrypt information using a specific
algorithm
Data Integrity – detect and prevent unauthorized change to content
Non-Repudiation – use electronic signature to ensure authenticity
Availability – increase filter malicious traffic.
8. Assignment Question
Q 1. Explain following terms:
A) Private key
B) Public key
Q 2. Explain cryptography in information security and
discuss the types of attacks an encrypted message.
Q3. Explain the digital signature with hash function and
describe the model of digital signature.