SlideShare une entreprise Scribd logo

Cryptography-101

Télécharger en tant que PPTX, PDF
Vishal Punjabi
Vishal Punjabi
TechnologieFormation
1  sur  36
CRYPTOGRAPHY - 101 VISHAL PUNJABI vp0502@gmail.com
OVERVIEW • Terminologies • Symmetric key algorithms -Vernam cipher -A5/1 -DES -AES • Asymmetric key algorithms -RSA -Deffie Hellman • Some cryptographic hashes • Tools for cryptanalysis
TERMINOLOGY • Cryptology-Art and science of making “secret codes”. • Cryptography- The practice and study of hiding information. • Cryptanalysis-Art of finding some weakness and insecurity in a cryptographic scheme.
CRYPTOGRAPHIC TERMINOLOGY • Plain text-The format of the data before being encrypted. • Cipher Text-The “scrambled” format of data after being encrypted. • Key-A secret value used during the encryption and decryption process • Encryption-Method of transforming plain text into an unreadable format • Decryption-Method of obtaining the encrypted message back to its original form.
ENCRYPTION AND DECRYPTION
TYPES OF ALGORITHMS Cryptographic algorithms Symmetric key Asymmetric key (Shared secret key) (Public key)
SYMMETRIC KEY ENCRYPTION
TYPES OF SYMMETRIC CIPHERS • Stream ciphers – Encrypts one bit/character at a time • Block ciphers – Break plaintext message in equal-size blocks – Encrypts each block as a unit
SUBSTITUTION CIPHER • Substituting by a character “key” places ahead of the current character a)Monoalphabetic cipher (Stream cipher) • Eg. PlainText : THIS IS AN EASY TASK • Key : 3 • Encryption : WKLV LV DQ HDVB WDVN b) Polyalphabetic cipher (Block cipher) • Eg : THIS IS AN EASY TASK. • Make group of 3 characters and a set of keys used could be 135. THI SIS ANE… Encryption : UKN TLX…
TRANSPOSITION CIPHER • Transposition ciphers use the letters of the plaintext message, but they permute the order of the letters. Encrypt : hello my dear friend Key: 2143 1. Remove spaces 2. Divide the text into blocks of 4 characters. 3. Add bogus character(s) at the end(if reqiured). hello myde arfr iend Ciphertext: ehol ymed rarf eidn After decryption : hello myde arfr iend
VERNAM CIPHER • Each character from the plaintext is encrypted by a modular addition which a number from the secret random key pad which is of the same length as the plain text. Step 1: Convert the letters to their numeric equivalents V E R N A M C I P H E R 21 4 17 13 0 12 2 8 15 7 4 17 Assume the random 2 digit no. series (key) 76 48 16 82 44 03 58 11 60 05 10 88 Step 2: Add the numeric equivalent and the corresponding random no. Random no + numeric equivalent =sum Sum 97 52 33 95 44 15 60 19 75 12 14 105
VERNAM CIPHER Step 3 : Perform sum mod 26 19 0 7 17 18 15 8 19 23 12 14 1 Ciphertext ---- t a h r s p i t x m o b Decryption Step 1 a = (numeric equivalent of ciphertext - key) Step 2 a mod 26 (if a negative then keep adding 26 till you get a positive no.) Step 3 Convert numeric equivalent back to alphabet
A5/1 STREAM CIPHER • GSM uses A5/1 as a cryptographic algorithm. • Phone communication in GSM is done as a sequence of 228 bit frames. • A5/1 creates a bit stream of 228 bits in a 228 bit buffer which is EX-Ored with 228 bits of plain text to generate the ciphertext.
A5/1 STREAM CIPHER
A5/1 STREAM CIPHER • It was initially kept secret, but became public knowledge through leaks and reverse engineering. • COPACOBANA was the first commercially available solution to break the cipher.
RC4 STREAM CIPHER • Most widely used stream cipher used in popular protocols such as Secure Sockets Layer (SSL) (to protect Internet traffic) and WEP (to secure wireless networks). • Designed by Ron Rivest in 1984. • Hence the name RC4( Rivest cipher 4). • Fluhrer, Mantin and Shamir attack AND Klein's Attack are a few attempts.
RC4 STREAM CIPHER • Consists of 2 parts: Key Scheduling Algorithm (KSA) & Pseudo-Random Generation Algorithm • 8 bits of the plain text is Exored with a byte of the key to produce a byte of ciphertext. • Key stream is a a sequence of bytes( can contain 1-256 bytes).
DATA ENCRYPTION STANDARD (DES) • Modern symmetric key block cipher. • Developed by IBM and then published by National Institute of standards and technology(NIST). • Vulnerable only because of its small key length. • Often used in VPN servers.
DES ALGORITHM • DES is a Feistel cipher – 64 bit block length – 56 bit key length – 16 rounds – 48 bits of key used each round (subkey) • Each round is simple (for a block cipher) • Security depends primarily on “S-boxes” – Each S-boxes maps 6 bits to 4 bits
L R key 32 28 28 expand shift shift One 48 28 28 Round 32 Ki 48 of 48 compress S-boxes 28 28 DES 32 P box 32 32 32 key L R
DES ATTACKS • Brute force attack • Differential cryptanalysis • Linear cryptanalysis • Improved Davies' attack • distributed.net and the Electronic Frontier Foundation collaborated to publicly break a DES key in 22 hours and 15 minutes • Now replaced by AES
ADVANCED ENCRYPTION STANDARD (AES) • Replacement for DES • AES competition (late 90’s) – NSA openly involved – Transparent process – Many strong algorithms proposed – Rijndael Algorithm ultimately selected • Iterated block cipher (like DES) • Not a Feistel cipher (unlike DES) • 3 versions are : AES - 128 AES - 192 AES – 256 • Used in Open SSL and WPA2
AES OVERVIEW • Block size: 128, 192 or 256 bits • Key length: 128, 192 or 256 bits (independent of block size) • 10 to 14 rounds (depends on key length) • Each round uses 4 functions (in 3 “layers”) – ByteSub (nonlinear layer) – ShiftRow (linear mixing layer) – MixColumn (nonlinear layer) – AddRoundKey (key addition layer)
ATTACKS • Side-channel attack • Brute force attack • XSL attack • Related-key attack • Known-key distinguishing attack
ASYMMETRIC KEY ENCRYPTION
RSA • The most common public-key algorithm is the RSA cryptosystem, named for its inventors (Rivest, Shamir, and Adleman). • Applications 1. To protect web traffic, in the SSL protocol (Security Socket Layer), 2. To guarantee email privacy and authenticity in PGP (Pretty Good Privacy) 3. To guarantee remote connection in SSH (Secure Shell) 4. Furthermore it plays an important role in the modern payment systems through SET protocol (Secure Electronic Transaction).
ALGORITHM • Let p and q be two large prime numbers • Let N = pq be the modulus • Find ф(n)=(p-1).(q-1) • Choose e such that it is relatively prime to ф(n). • Choose d such that : e x d mod ф(n)=1 • Public key is (N,e) • Private key is d • To encrypt message M compute – C = Me mod N • To decrypt C compute – M = Cd mod N
RSA ATTACKS • Factoring the Public Key To make RSA secure recommended size of p and q is 512 bits(154 decimal digits). This makes n 1024 bits. • Guessing d • Cycle Attack • Common Modulus
Diffie Hellman • Invented by Williamson (GCHQ) and, independently, by D and H (Stanford) • A “key exchange” algorithm – Used to establish a shared symmetric key - Not for encrypting or signing but for exchanging keys.
1. P is very large prime no and g is its primitive root. 2. Alice chooses a large random no. x such that 0<= x <= p-1 and calculates R1= gx mod p. 3. Bob chooses another large random no. y such that 0<= y <= p-1 and calculates R2=gy mod p. 4. Alice sends R1 to Bob. Alice does not send x; she only sends R1. 5. Bob sends R2 to Alice. Bob does not send y; he only sends R2. 6. Alice calculates K= (R2)x mod p. 7. Bob calculates K= (R1)y mod p.
ATTACKS 1. Discrete logarithm attack Intruder can intercept R1 and R2. If he can find x from R1=gx mod p and y from R2=gy mod p then he can calculate k=gxy mod p 2. Man in the middle attack.
SOME CRYPTOGRAPHIC HASHES a) MD5(Message Digest 5) • Developed by Ron Rivest of MIT. • Was the mostly used secure hash algorithm till it was cracked. • Takes an input msg of arbitrary length and produces as output a 128-bit message digest. • The input is processed in 512-bit block. • Attacks possible on MD5 are Bruteforce and Fast collision attacks.
SOME CRYPTOGRAPHIC HASHES b) SHA-1(Secure hash algorithm) • Developed by NIST(National Institute of standards and technology). SHA-1 Logic : • The algorithm takes as input a message with a maximum length of less than 264 bits and produces a 160-bit message digest. • The input is processed in 512-bit blocks.
TOOLS FOR CRYPTANALYSTS • Ganzúa-A cryptanalysis tool for classical ciphers • EverCrack - Open Source Cryptanalysis Engine • Lepton's Crack • Online crackers
SOME RESOURCES • CRYPTOGRAPHY CLASS BY STANFORD http://www.crypto-class.org/ • Awesome videos http://www.intypedia.com/ • CRYPTOGRAPHY AND NETWORK SECURITY -BEHEROUZ A FOROUZAN
THANK YOU 

Recommandé

DES
DESDES
DESNaga Srimanyu Timmaraju
 
Data encryption techniques and standard
Data encryption techniques and standardData encryption techniques and standard
Data encryption techniques and standardSarika Jadhav
 
Data encryption standard
Data encryption standardData encryption standard
Data encryption standardchauhankapil
 
DES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationDES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationsarhadisoftengg
 
The des algorithm illustrated
The des algorithm illustratedThe des algorithm illustrated
The des algorithm illustratedNIKKHILK111
 
Triple Data Encryption Standard (t-DES)
Triple Data Encryption Standard (t-DES) Triple Data Encryption Standard (t-DES)
Triple Data Encryption Standard (t-DES) Hardik Manocha
 
Data Encryption Standard
Data Encryption StandardData Encryption Standard
Data Encryption StandardAmirul Wiramuda
 
Data encryption standard
Data encryption standardData encryption standard
Data encryption standardPrasad Prabhu
 

Recommandé

DES
DESDES
DESNaga Srimanyu Timmaraju
 
Data encryption techniques and standard
Data encryption techniques and standardData encryption techniques and standard
Data encryption techniques and standardSarika Jadhav
 
Data encryption standard
Data encryption standardData encryption standard
Data encryption standardchauhankapil
 
DES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationDES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationsarhadisoftengg
 
The des algorithm illustrated
The des algorithm illustratedThe des algorithm illustrated
The des algorithm illustratedNIKKHILK111
 
Triple Data Encryption Standard (t-DES)
Triple Data Encryption Standard (t-DES) Triple Data Encryption Standard (t-DES)
Triple Data Encryption Standard (t-DES) Hardik Manocha
 
Data Encryption Standard
Data Encryption StandardData Encryption Standard
Data Encryption StandardAmirul Wiramuda
 
Data encryption standard
Data encryption standardData encryption standard
Data encryption standardPrasad Prabhu
 
Aes (advance encryption standard)
Aes (advance encryption standard) Aes (advance encryption standard)
Aes (advance encryption standard) Sina Manavi
 
Blow fish final ppt
Blow fish final pptBlow fish final ppt
Blow fish final pptAjay AJ
 
RC 4
RC 4 RC 4
RC 4 Sovan Paul
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)Haris Ahmed
 
Data encryption, Description, DES
Data encryption, Description, DESData encryption, Description, DES
Data encryption, Description, DESHuawei Technologies
 
Information and network security 18 modern techniques block ciphers
Information and network security 18 modern techniques block ciphersInformation and network security 18 modern techniques block ciphers
Information and network security 18 modern techniques block ciphersVaibhav Khanna
 
Network security jeni corrected 1
Network security jeni corrected 1Network security jeni corrected 1
Network security jeni corrected 1NIVEDHINIMANIVANNAN
 
Cryptography - 101
Cryptography - 101Cryptography - 101
Cryptography - 101n|u - The Open Security Community
 
A Tutorial on Linear and Differential Cryptanalysis by Howard M. Heys
A Tutorial on Linear and Differential Cryptanalysis by Howard M. HeysA Tutorial on Linear and Differential Cryptanalysis by Howard M. Heys
A Tutorial on Linear and Differential Cryptanalysis by Howard M. HeysInformation Security Awareness Group
 
Csc342 lec 7 network security des
Csc342 lec 7 network security desCsc342 lec 7 network security des
Csc342 lec 7 network security desKabul Education University
 
Encryption algorithms
Encryption algorithmsEncryption algorithms
Encryption algorithmstrilokchandra prakash
 
AES Abstract
AES AbstractAES Abstract
AES AbstractSathrukaSinha
 
block ciphers
block ciphersblock ciphers
block ciphersAsad Ali
 
Chapter 3: Block Ciphers and the Data Encryption Standard
Chapter 3: Block Ciphers and the Data Encryption StandardChapter 3: Block Ciphers and the Data Encryption Standard
Chapter 3: Block Ciphers and the Data Encryption StandardShafaan Khaliq Bhatti
 
Advanced Encryption Standard (AES) with Dynamic Substitution Box
Advanced Encryption Standard (AES) with Dynamic Substitution BoxAdvanced Encryption Standard (AES) with Dynamic Substitution Box
Advanced Encryption Standard (AES) with Dynamic Substitution BoxHardik Manocha
 
Introduction to encryption
Introduction to encryptionIntroduction to encryption
Introduction to encryptionfaffyman
 
Cryptography Intro
Cryptography IntroCryptography Intro
Cryptography IntroChristopher Martin
 
Cryptography
CryptographyCryptography
CryptographyDeepak Kumar
 
Implementation of-hybrid-cryptography-algorithm
Implementation of-hybrid-cryptography-algorithmImplementation of-hybrid-cryptography-algorithm
Implementation of-hybrid-cryptography-algorithmIjcem Journal
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network SecurityRamki M
 
Cybersecurity cyberlab3
Cybersecurity cyberlab3Cybersecurity cyberlab3
Cybersecurity cyberlab3rayborg
 
Cryptography and steganography lesson and discription.pptx
Cryptography and steganography lesson and discription.pptxCryptography and steganography lesson and discription.pptx
Cryptography and steganography lesson and discription.pptxRobertCarreonBula
 

Contenu connexe

Tendances

Aes (advance encryption standard)
Aes (advance encryption standard) Aes (advance encryption standard)
Aes (advance encryption standard) Sina Manavi
 
Blow fish final ppt
Blow fish final pptBlow fish final ppt
Blow fish final pptAjay AJ
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)Haris Ahmed
 
Data encryption, Description, DES
Data encryption, Description, DESData encryption, Description, DES
Data encryption, Description, DESHuawei Technologies
 
Information and network security 18 modern techniques block ciphers
Information and network security 18 modern techniques block ciphersInformation and network security 18 modern techniques block ciphers
Information and network security 18 modern techniques block ciphersVaibhav Khanna
 
Network security jeni corrected 1
Network security jeni corrected 1Network security jeni corrected 1
Network security jeni corrected 1NIVEDHINIMANIVANNAN
 
A Tutorial on Linear and Differential Cryptanalysis by Howard M. Heys
A Tutorial on Linear and Differential Cryptanalysis by Howard M. HeysA Tutorial on Linear and Differential Cryptanalysis by Howard M. Heys
A Tutorial on Linear and Differential Cryptanalysis by Howard M. HeysInformation Security Awareness Group
 
block ciphers
block ciphersblock ciphers
block ciphersAsad Ali
 
Chapter 3: Block Ciphers and the Data Encryption Standard
Chapter 3: Block Ciphers and the Data Encryption StandardChapter 3: Block Ciphers and the Data Encryption Standard
Chapter 3: Block Ciphers and the Data Encryption StandardShafaan Khaliq Bhatti
 
Advanced Encryption Standard (AES) with Dynamic Substitution Box
Advanced Encryption Standard (AES) with Dynamic Substitution BoxAdvanced Encryption Standard (AES) with Dynamic Substitution Box
Advanced Encryption Standard (AES) with Dynamic Substitution BoxHardik Manocha
 
Introduction to encryption
Introduction to encryptionIntroduction to encryption
Introduction to encryptionfaffyman
 
Implementation of-hybrid-cryptography-algorithm
Implementation of-hybrid-cryptography-algorithmImplementation of-hybrid-cryptography-algorithm
Implementation of-hybrid-cryptography-algorithmIjcem Journal
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network SecurityRamki M
 

Tendances (20)

Aes (advance encryption standard)
Aes (advance encryption standard) Aes (advance encryption standard)
Aes (advance encryption standard)
 
Blow fish final ppt
Blow fish final pptBlow fish final ppt
Blow fish final ppt
 
RC 4
RC 4 RC 4
RC 4
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)
 
Data encryption, Description, DES
Data encryption, Description, DESData encryption, Description, DES
Data encryption, Description, DES
 
Information and network security 18 modern techniques block ciphers
Information and network security 18 modern techniques block ciphersInformation and network security 18 modern techniques block ciphers
Information and network security 18 modern techniques block ciphers
 
Network security jeni corrected 1
Network security jeni corrected 1Network security jeni corrected 1
Network security jeni corrected 1
 
Cryptography - 101
Cryptography - 101Cryptography - 101
Cryptography - 101
 
A Tutorial on Linear and Differential Cryptanalysis by Howard M. Heys
A Tutorial on Linear and Differential Cryptanalysis by Howard M. HeysA Tutorial on Linear and Differential Cryptanalysis by Howard M. Heys
A Tutorial on Linear and Differential Cryptanalysis by Howard M. Heys
 
Csc342 lec 7 network security des
Csc342 lec 7 network security desCsc342 lec 7 network security des
Csc342 lec 7 network security des
 
Encryption algorithms
Encryption algorithmsEncryption algorithms
Encryption algorithms
 
AES Abstract
AES AbstractAES Abstract
AES Abstract
 
block ciphers
block ciphersblock ciphers
block ciphers
 
Chapter 3: Block Ciphers and the Data Encryption Standard
Chapter 3: Block Ciphers and the Data Encryption StandardChapter 3: Block Ciphers and the Data Encryption Standard
Chapter 3: Block Ciphers and the Data Encryption Standard
 
Advanced Encryption Standard (AES) with Dynamic Substitution Box
Advanced Encryption Standard (AES) with Dynamic Substitution BoxAdvanced Encryption Standard (AES) with Dynamic Substitution Box
Advanced Encryption Standard (AES) with Dynamic Substitution Box
 
Introduction to encryption
Introduction to encryptionIntroduction to encryption
Introduction to encryption
 
Cryptography Intro
Cryptography IntroCryptography Intro
Cryptography Intro
 
Cryptography
CryptographyCryptography
Cryptography
 
Implementation of-hybrid-cryptography-algorithm
Implementation of-hybrid-cryptography-algorithmImplementation of-hybrid-cryptography-algorithm
Implementation of-hybrid-cryptography-algorithm
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network Security
 

Similaire à Cryptography-101

Cybersecurity cyberlab3
Cybersecurity cyberlab3Cybersecurity cyberlab3
Cybersecurity cyberlab3rayborg
 
Cryptography and steganography lesson and discription.pptx
Cryptography and steganography lesson and discription.pptxCryptography and steganography lesson and discription.pptx
Cryptography and steganography lesson and discription.pptxRobertCarreonBula
 
Cryptography and network security Nit701
Cryptography and network security Nit701Cryptography and network security Nit701
Cryptography and network security Nit701Amit Pathak
 
Cryptography & Steganography
Cryptography & SteganographyCryptography & Steganography
Cryptography & SteganographyAnimesh Shaw
 
Overview on Cryptography and Network Security
Overview on Cryptography and Network SecurityOverview on Cryptography and Network Security
Overview on Cryptography and Network SecurityDr. Rupa Ch
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersSam Bowne
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersSam Bowne
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersSam Bowne
 
Trible data encryption standard (3DES)
Trible data encryption standard (3DES)Trible data encryption standard (3DES)
Trible data encryption standard (3DES)Ahmed Mohamed Mahmoud
 
4. Block Ciphers
4. Block Ciphers 4. Block Ciphers
4. Block Ciphers Sam Bowne
 
Chapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutanChapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutannewbie2019
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
CH02-CompSec4e.pptx
CH02-CompSec4e.pptxCH02-CompSec4e.pptx
CH02-CompSec4e.pptxams1ams11
 

Similaire à Cryptography-101 (20)

Cybersecurity cyberlab3
Cybersecurity cyberlab3Cybersecurity cyberlab3
Cybersecurity cyberlab3
 
Cryptography and steganography lesson and discription.pptx
Cryptography and steganography lesson and discription.pptxCryptography and steganography lesson and discription.pptx
Cryptography and steganography lesson and discription.pptx
 
Cryptography and network security Nit701
Cryptography and network security Nit701Cryptography and network security Nit701
Cryptography and network security Nit701
 
Cryptography & Steganography
Cryptography & SteganographyCryptography & Steganography
Cryptography & Steganography
 
Overview on Cryptography and Network Security
Overview on Cryptography and Network SecurityOverview on Cryptography and Network Security
Overview on Cryptography and Network Security
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block Ciphers
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block Ciphers
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block Ciphers
 
1 DES.pdf
1 DES.pdf1 DES.pdf
1 DES.pdf
 
Trible data encryption standard (3DES)
Trible data encryption standard (3DES)Trible data encryption standard (3DES)
Trible data encryption standard (3DES)
 
4. Block Ciphers
4. Block Ciphers 4. Block Ciphers
4. Block Ciphers
 
section-8.ppt
section-8.pptsection-8.ppt
section-8.ppt
 
Common Crypto Pitfalls
Common Crypto PitfallsCommon Crypto Pitfalls
Common Crypto Pitfalls
 
Class3
Class3Class3
Class3
 
Chapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutanChapter 8 cryptography lanjutan
Chapter 8 cryptography lanjutan
 
Modern Cryptography
Modern CryptographyModern Cryptography
Modern Cryptography
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITY
 
CH02-CompSec4e.pptx
CH02-CompSec4e.pptxCH02-CompSec4e.pptx
CH02-CompSec4e.pptx
 
Ch03
Ch03Ch03
Ch03
 

Dernier

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 

Dernier (20)

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 

Cryptography-101

  • 1. CRYPTOGRAPHY - 101 VISHAL PUNJABI vp0502@gmail.com
  • 2. OVERVIEW • Terminologies • Symmetric key algorithms -Vernam cipher -A5/1 -DES -AES • Asymmetric key algorithms -RSA -Deffie Hellman • Some cryptographic hashes • Tools for cryptanalysis
  • 3. TERMINOLOGY • Cryptology-Art and science of making “secret codes”. • Cryptography- The practice and study of hiding information. • Cryptanalysis-Art of finding some weakness and insecurity in a cryptographic scheme.
  • 4. CRYPTOGRAPHIC TERMINOLOGY • Plain text-The format of the data before being encrypted. • Cipher Text-The “scrambled” format of data after being encrypted. • Key-A secret value used during the encryption and decryption process • Encryption-Method of transforming plain text into an unreadable format • Decryption-Method of obtaining the encrypted message back to its original form.
  • 6. TYPES OF ALGORITHMS Cryptographic algorithms Symmetric key Asymmetric key (Shared secret key) (Public key)
  • 8. TYPES OF SYMMETRIC CIPHERS • Stream ciphers – Encrypts one bit/character at a time • Block ciphers – Break plaintext message in equal-size blocks – Encrypts each block as a unit
  • 9. SUBSTITUTION CIPHER • Substituting by a character “key” places ahead of the current character a)Monoalphabetic cipher (Stream cipher) • Eg. PlainText : THIS IS AN EASY TASK • Key : 3 • Encryption : WKLV LV DQ HDVB WDVN b) Polyalphabetic cipher (Block cipher) • Eg : THIS IS AN EASY TASK. • Make group of 3 characters and a set of keys used could be 135. THI SIS ANE… Encryption : UKN TLX…
  • 10. TRANSPOSITION CIPHER • Transposition ciphers use the letters of the plaintext message, but they permute the order of the letters. Encrypt : hello my dear friend Key: 2143 1. Remove spaces 2. Divide the text into blocks of 4 characters. 3. Add bogus character(s) at the end(if reqiured). hello myde arfr iend Ciphertext: ehol ymed rarf eidn After decryption : hello myde arfr iend
  • 11. VERNAM CIPHER • Each character from the plaintext is encrypted by a modular addition which a number from the secret random key pad which is of the same length as the plain text. Step 1: Convert the letters to their numeric equivalents V E R N A M C I P H E R 21 4 17 13 0 12 2 8 15 7 4 17 Assume the random 2 digit no. series (key) 76 48 16 82 44 03 58 11 60 05 10 88 Step 2: Add the numeric equivalent and the corresponding random no. Random no + numeric equivalent =sum Sum 97 52 33 95 44 15 60 19 75 12 14 105
  • 12. VERNAM CIPHER Step 3 : Perform sum mod 26 19 0 7 17 18 15 8 19 23 12 14 1 Ciphertext ---- t a h r s p i t x m o b Decryption Step 1 a = (numeric equivalent of ciphertext - key) Step 2 a mod 26 (if a negative then keep adding 26 till you get a positive no.) Step 3 Convert numeric equivalent back to alphabet
  • 13. A5/1 STREAM CIPHER • GSM uses A5/1 as a cryptographic algorithm. • Phone communication in GSM is done as a sequence of 228 bit frames. • A5/1 creates a bit stream of 228 bits in a 228 bit buffer which is EX-Ored with 228 bits of plain text to generate the ciphertext.
  • 15. A5/1 STREAM CIPHER • It was initially kept secret, but became public knowledge through leaks and reverse engineering. • COPACOBANA was the first commercially available solution to break the cipher.
  • 16. RC4 STREAM CIPHER • Most widely used stream cipher used in popular protocols such as Secure Sockets Layer (SSL) (to protect Internet traffic) and WEP (to secure wireless networks). • Designed by Ron Rivest in 1984. • Hence the name RC4( Rivest cipher 4). • Fluhrer, Mantin and Shamir attack AND Klein's Attack are a few attempts.
  • 17. RC4 STREAM CIPHER • Consists of 2 parts: Key Scheduling Algorithm (KSA) & Pseudo-Random Generation Algorithm • 8 bits of the plain text is Exored with a byte of the key to produce a byte of ciphertext. • Key stream is a a sequence of bytes( can contain 1-256 bytes).
  • 18. DATA ENCRYPTION STANDARD (DES) • Modern symmetric key block cipher. • Developed by IBM and then published by National Institute of standards and technology(NIST). • Vulnerable only because of its small key length. • Often used in VPN servers.
  • 19. DES ALGORITHM • DES is a Feistel cipher – 64 bit block length – 56 bit key length – 16 rounds – 48 bits of key used each round (subkey) • Each round is simple (for a block cipher) • Security depends primarily on “S-boxes” – Each S-boxes maps 6 bits to 4 bits
  • 20. L R key 32 28 28 expand shift shift One 48 28 28 Round 32 Ki 48 of 48 compress S-boxes 28 28 DES 32 P box 32 32 32 key L R
  • 21. DES ATTACKS • Brute force attack • Differential cryptanalysis • Linear cryptanalysis • Improved Davies' attack • distributed.net and the Electronic Frontier Foundation collaborated to publicly break a DES key in 22 hours and 15 minutes • Now replaced by AES
  • 22. ADVANCED ENCRYPTION STANDARD (AES) • Replacement for DES • AES competition (late 90’s) – NSA openly involved – Transparent process – Many strong algorithms proposed – Rijndael Algorithm ultimately selected • Iterated block cipher (like DES) • Not a Feistel cipher (unlike DES) • 3 versions are : AES - 128 AES - 192 AES – 256 • Used in Open SSL and WPA2
  • 23. AES OVERVIEW • Block size: 128, 192 or 256 bits • Key length: 128, 192 or 256 bits (independent of block size) • 10 to 14 rounds (depends on key length) • Each round uses 4 functions (in 3 “layers”) – ByteSub (nonlinear layer) – ShiftRow (linear mixing layer) – MixColumn (nonlinear layer) – AddRoundKey (key addition layer)
  • 24. ATTACKS • Side-channel attack • Brute force attack • XSL attack • Related-key attack • Known-key distinguishing attack
  • 26. RSA • The most common public-key algorithm is the RSA cryptosystem, named for its inventors (Rivest, Shamir, and Adleman). • Applications 1. To protect web traffic, in the SSL protocol (Security Socket Layer), 2. To guarantee email privacy and authenticity in PGP (Pretty Good Privacy) 3. To guarantee remote connection in SSH (Secure Shell) 4. Furthermore it plays an important role in the modern payment systems through SET protocol (Secure Electronic Transaction).
  • 27. ALGORITHM • Let p and q be two large prime numbers • Let N = pq be the modulus • Find ф(n)=(p-1).(q-1) • Choose e such that it is relatively prime to ф(n). • Choose d such that : e x d mod ф(n)=1 • Public key is (N,e) • Private key is d • To encrypt message M compute – C = Me mod N • To decrypt C compute – M = Cd mod N
  • 28. RSA ATTACKS • Factoring the Public Key To make RSA secure recommended size of p and q is 512 bits(154 decimal digits). This makes n 1024 bits. • Guessing d • Cycle Attack • Common Modulus
  • 29. Diffie Hellman • Invented by Williamson (GCHQ) and, independently, by D and H (Stanford) • A “key exchange” algorithm – Used to establish a shared symmetric key - Not for encrypting or signing but for exchanging keys.
  • 30. 1. P is very large prime no and g is its primitive root. 2. Alice chooses a large random no. x such that 0<= x <= p-1 and calculates R1= gx mod p. 3. Bob chooses another large random no. y such that 0<= y <= p-1 and calculates R2=gy mod p. 4. Alice sends R1 to Bob. Alice does not send x; she only sends R1. 5. Bob sends R2 to Alice. Bob does not send y; he only sends R2. 6. Alice calculates K= (R2)x mod p. 7. Bob calculates K= (R1)y mod p.
  • 31. ATTACKS 1. Discrete logarithm attack Intruder can intercept R1 and R2. If he can find x from R1=gx mod p and y from R2=gy mod p then he can calculate k=gxy mod p 2. Man in the middle attack.
  • 32. SOME CRYPTOGRAPHIC HASHES a) MD5(Message Digest 5) • Developed by Ron Rivest of MIT. • Was the mostly used secure hash algorithm till it was cracked. • Takes an input msg of arbitrary length and produces as output a 128-bit message digest. • The input is processed in 512-bit block. • Attacks possible on MD5 are Bruteforce and Fast collision attacks.
  • 33. SOME CRYPTOGRAPHIC HASHES b) SHA-1(Secure hash algorithm) • Developed by NIST(National Institute of standards and technology). SHA-1 Logic : • The algorithm takes as input a message with a maximum length of less than 264 bits and produces a 160-bit message digest. • The input is processed in 512-bit blocks.
  • 34. TOOLS FOR CRYPTANALYSTS • Ganzúa-A cryptanalysis tool for classical ciphers • EverCrack - Open Source Cryptanalysis Engine • Lepton's Crack • Online crackers
  • 35. SOME RESOURCES • CRYPTOGRAPHY CLASS BY STANFORD http://www.crypto-class.org/ • Awesome videos http://www.intypedia.com/ • CRYPTOGRAPHY AND NETWORK SECURITY -BEHEROUZ A FOROUZAN
  • 36. THANK YOU