Date post: | 15-Apr-2017 |
Category: |
Data & Analytics |
Upload: | akash-jadhav |
View: | 373 times |
Download: | 3 times |
Technical Paper Presentation
TECH-TALK 2014
Topic: Advanced Cryptography and Implementation
Presented By,
Mr. Manish Ambre (144003) Mr. Akash Jadhav (144024)
CUSROW WADIA INSTITUTE OF TECHNOLOGY,19, BUND GARDEN ROAD, PUNE-01.
Advanced Cryptography And Its Implementation
Index
1. Introduction2. What is Cryptography?3. History
Introduction
Cryptography is the practice of the enciphering and deciphering of messages in secret code in order to render them unintelligible to all but the intended receiver.
It is the key technology in secure electronics. Modern cryptography has many uses, such as to digitally sign documents, for access control, for copyright protection, etc.
Cryptography is the science of secret writing. It is the science of safe and secure communication.
What is Cryptography?(An Example)
Suppose if some one wants to send a message to a receiver, and wants to be sure that no one else knows of it.
However there is a possibility that some one opens the letter or hears the electronic communication.
So the sender converts the message into unintelligible form (i.e. he encrypts the message)
The encrypted message can be decrypted, i.e. reconverted into its original form only by a key, which is known to the sender and receiver.
Without the key, the message cannot be decrypted.
Hence the message can only be accessed by the sender and the receiver only.
Sender
ReceiverUnknownPerson
History
Cryptography has been around for hundreds of years.
It has been used for different purposes, since when man felt the need of
it.
It has developed as the time has passed.
The Roman emperor Julius Ceaser, used basic encryption methods for
his secret messages.
He used to write the messages in an encrypted form (secret method of
writing).
History
Babington Plot: Cryptography was used in the 1586 plot to assassinate Queen Elizabeth and put Mary, Queen of Scots on the throne in her place. Ultimately led to Mary’s execution.
During the World War II, mechanical and electromechanical ciphers were used.
The Nazi Germans used many different methods for protecting their confidential data.
History
The Lorenz cipher used during WWII by the Germans
Cryptography- Basic Concepts
Cryptography: It is the art or the science of transforming intelligible message into one that is unintelligible, and then retransforming the message back to its original form.
Plaintext - the original intelligible message
Cipher text - the transformed message
Cipher - an algorithm for transforming an intelligible message into one that is unintelligible by transposition and/or substitution methods
Key - some critical information used by the cipher, known only to the sender & receiver.
Cryptography- Basic Concepts
Encipher (encode) - the process of converting plaintext to cipher text using a cipher and a key
Decipher (decode) - the process of converting cipher text back into plaintext using a cipher and a key
Cryptanalysis - the study of principles and methods of transforming an unintelligible message back into an intelligible message without knowledge of the key. Also called code breaking.
Authentication - Process of proving one’s identity.
Cryptography- Basic Concepts
Plaintext Cipher Text
PlaintextCipher Text
KeyEncrypt Decrypt
Cryptographic systems - classification
Cryptographic systems are classified along three dimensions, 1) The type of operations used for transforming plaintext to cipher text
Substitution Transposition
2) The number of keys used Single key, symmetric, secret key, conventional Two keys, asymmetric, public key
3) The way in which plaintext is processed Block cipher Stream cipher
Encryption and Decryption
Encryption is the science of changing data so that it is unrecognizable and useless to an unauthorized person.
Decryption is changing it back to its original form.
Hello @!*w9Plain text
Encrypted data
Encryption and Decryption
Data(“Morpheus”)
EncryptionEncrypted Data(“3*:~>@!w9”)
Key
Private Key
The most secure techniques use a mathematical algorithm and a variable value known as a 'key'.
The selected key (often any random character string) is input on encryption and is integral to the changing of the data. The EXACT same key MUST be input to enable decryption of the data.
This is the basis of the protection.... if the key (sometimes called a password) is only known by authorized individual(s), the data cannot be exposed to other parties.
Only those who know the key can decrypt it. This is known as 'private key' cryptography, which is the most well known form.
Cryptographic Methods
Cryptographic Algorithms generally fall into one of two different categories, or are a combination of both.
Symmetric1
Asymmetric2
Asymmetric + Symmetric3
Cryptographic Methods
Symmetric Fast Only provides confidentiality Need secure channel for key distribution Key management headaches from large number of key pairs to
maintain N(N1)/2 Examples: DES, AES, Blowfish, RC4, RC5
Cryptographic Methods
Asymmetric Large mathematical operations make it slower than symmetric
algorithms No need for out of band key distribution (public keys are
public!) Scales better since only a single key pair needed per individual Can provide authentication and no repudiation Examples: RSA, El Gamal, ECC, Diffie-Hellman
Applications of Cryptography
In particular, the secure exchange of computer data is of great importance to banking, government, and commercial communications.
The principles of cryptography are today applied to the encryption of fax, television, and computer network communications.
Username
PasswordMr. Alex
xxxxxxxxxx
ATM and Debit cards
DEBIT CARD
9875 XXXX XXXX XXXXMr. Robert12345
Exp12/75
The Personal Identity number or PIN that is entered by the Card owner to perform transactions, along with the card is a form of cryptography.The original PIN in plain text format may be with the owner or can be encrypted on the card itself (cipher text format).The PIN is also present in the Bank computers, but is in cipher text format.This allows only the user to receive unrestricted access to his/her bank account, for performing transactions.
ATM and Debit cards
Similarly, the communication between the ATM machine, and the bank’s central computer, is encrypted to prevent anyone from tapping into the phone lines and recording the signals sent to the ATM to authorize the dispensing of cash in response to a legitimate user request and then later feeding the same signals to the ATM repeatedly to deceive it into dispensing money illegitimately.
Lottery Tickets
Lottery tickets are simply printed on pasteboard and hence are easily counterfeited if one knows what to print on the ticket.
Each ticket, however, has two numbers printed on it- one being the identifying number that will be announced when a winner is selected and the other being an encrypted version of this number.
Thus, when the winning number is made known, the would-be counterfeiter is unable to print an acceptable encrypted code.
National Lottery
1001 XXXX 0000
XX009 5321 WQRTU
A 123456789B 987654321C 000000000D 999999999E XXXXXXX
Rs. 100000Rs. 50000
Rs. 20000
Credit Cards
The Credit Cards have a small microprocessor built into the card itself.
The card and the card reader execute a sequence of encrypted sign-/countersign-like exchanges to verify that each is dealing with a legitimate counterpart.
Once this is done, the transaction is carried out in an encrypted format to prevent any including the cardholder or the merchant whose card reader is involved, from eavesdropping on the exchange and then later impersonating either party to defraud the system.
9875 XXXX XXXX XXXX
12345Exp
12/75
VISACREDIT CARD
Email encryption can rely on public-key cryptography, in which users can each publish a public key that others can use to encrypt messages to them, while keeping secret a private key they can use to decrypt such messages or to digitally encrypt and sign messages they send.
@
Because encryption can be difficult for users, security and compliance managers at companies and government agencies automate the process for employees and executives by using encryption appliances and services that automate encryption.
Instead overflying on voluntary cooperation, automated encryption, based undefined policies, takes the decision and the process out of the users 'hands.
Emails are routed through a gate way appliance that has been configured to ensure compliance with regulatory and security policies.
Emails that require it are automatically encrypted and sent.