Technical Paper Presentation  

TECH-TALK 2014   

Topic: Advanced Cryptography and Implementation  

  Presented By,

Mr. Manish Ambre (144003) Mr. Akash Jadhav (144024)

CUSROW WADIA INSTITUTE OF TECHNOLOGY,19, BUND GARDEN ROAD, PUNE-01.

 

Advanced Cryptography And Its Implementation

Index

1. Introduction2. What is Cryptography?3. History

Introduction

Cryptography is the practice of the enciphering and deciphering of messages in secret code in order to render them unintelligible to all but the intended receiver.

It is the key technology in secure electronics. Modern cryptography has many uses, such as to digitally sign documents, for access control, for copyright protection, etc.

Cryptography is the science of secret writing. It is the science of safe and secure communication.

What is Cryptography?(An Example)

Suppose if some one wants to send a message to a receiver, and wants to be sure that no one else knows of it.

However there is a possibility that some one opens the letter or hears the electronic communication.

So the sender converts the message into unintelligible form (i.e. he encrypts the message)

The encrypted message can be decrypted, i.e. reconverted into its original form only by a key, which is known to the sender and receiver.

Without the key, the message cannot be decrypted.

Hence the message can only be accessed by the sender and the receiver only.

Sender

ReceiverUnknownPerson

History

Cryptography has been around for hundreds of years.

It has been used for different purposes, since when man felt the need of

it.

It has developed as the time has passed.

The Roman emperor Julius Ceaser, used basic encryption methods for

his secret messages.

He used to write the messages in an encrypted form (secret method of

writing).

History

Babington Plot: Cryptography was used in the 1586 plot to assassinate Queen Elizabeth and put Mary, Queen of Scots on the throne in her place. Ultimately led to Mary’s execution.

During the World War II, mechanical and electromechanical ciphers were used.

The Nazi Germans used many different methods for protecting their confidential data.

History

The Lorenz cipher used during WWII by the Germans

Cryptography- Basic Concepts

Cryptography: It is the art or the science of transforming intelligible message into one that is unintelligible, and then retransforming the message back to its original form.

Plaintext - the original intelligible message 

Cipher text - the transformed message

Cipher - an algorithm for transforming an intelligible message into one that is unintelligible by transposition and/or substitution methods

Key - some critical information used by the cipher, known only to the sender & receiver.

Cryptography- Basic Concepts

Encipher (encode) - the process of converting plaintext to cipher text using a cipher and a key

Decipher (decode) - the process of converting cipher text back into plaintext using a cipher and a key

Cryptanalysis - the study of principles and methods of transforming an unintelligible message back into an intelligible message without knowledge of the key. Also called code breaking.

Authentication - Process of proving one’s identity.

Cryptography- Basic Concepts

Plaintext Cipher Text

PlaintextCipher Text

KeyEncrypt Decrypt

Cryptographic systems - classification

Cryptographic systems are classified along three dimensions, 1) The type of operations used for transforming plaintext to cipher text

Substitution Transposition

2) The number of keys used Single key, symmetric, secret key, conventional Two keys, asymmetric, public key

3) The way in which plaintext is processed Block cipher Stream cipher

Encryption and Decryption

Encryption is the science of changing data so that it is unrecognizable and useless to an unauthorized person.

Decryption is changing it back to its original form.

Hello @!*w9Plain text

Encrypted data

Encryption and Decryption

Data(“Morpheus”)

EncryptionEncrypted Data(“3*:~>@!w9”)

Key

Private Key

The most secure techniques use a mathematical algorithm and a variable value known as a 'key'.

The selected key (often any random character string) is input on encryption and is integral to the changing of the data. The EXACT same key MUST be input to enable decryption of the data.

This is the basis of the protection.... if the key (sometimes called a password) is only known by authorized individual(s), the data cannot be exposed to other parties.

Only those who know the key can decrypt it. This is known as 'private key' cryptography, which is the most well known form.

Cryptographic Methods

 Cryptographic Algorithms generally fall into one of two different categories, or are a combination of both.

Symmetric1

Asymmetric2

Asymmetric + Symmetric3

Cryptographic Methods

Symmetric Fast Only provides confidentiality Need secure channel for key distribution Key management headaches from large number of key pairs to

maintain N(N1)/2 Examples: DES, AES, Blowfish, RC4, RC5

Cryptographic Methods

Asymmetric Large mathematical operations make it slower than symmetric

algorithms No need for out of band key distribution (public keys are

public!) Scales better since only a single key pair needed per individual Can provide authentication and no repudiation Examples: RSA, El Gamal, ECC, Diffie-Hellman

Applications of Cryptography

In particular, the secure exchange of computer data is of great importance to banking, government, and commercial communications.

The principles of cryptography are today applied to the encryption of fax, television, and computer network communications.

Username

PasswordMr. Alex

xxxxxxxxxx

ATM and Debit cards

DEBIT CARD

9875 XXXX XXXX XXXXMr. Robert12345

Exp12/75

The Personal Identity number or PIN that is entered by the Card owner to perform transactions, along with the card is a form of cryptography.The original PIN in plain text format may be with the owner or can be encrypted on the card itself (cipher text format).The PIN is also present in the Bank computers, but is in cipher text format.This allows only the user to receive unrestricted access to his/her bank account, for performing transactions.

ATM and Debit cards

Similarly, the communication between the ATM machine, and the bank’s central computer, is encrypted to prevent anyone from tapping into the phone lines and recording the signals sent to the ATM to authorize the dispensing of cash in response to a legitimate user request and then later feeding the same signals to the ATM repeatedly to deceive it into dispensing money illegitimately.

Lottery Tickets

Lottery tickets are simply printed on pasteboard and hence are easily counterfeited if one knows what to print on the ticket.

Each ticket, however, has two numbers printed on it- one being the identifying number that will be announced when a winner is selected and the other being an encrypted version of this number.

Thus, when the winning number is made known, the would-be counterfeiter is unable to print an acceptable encrypted code.

National Lottery

1001 XXXX 0000

XX009 5321 WQRTU

A 123456789B 987654321C 000000000D 999999999E XXXXXXX

Rs. 100000Rs. 50000

Rs. 20000

Credit Cards

The Credit Cards have a small microprocessor built into the card itself.

The card and the card reader execute a sequence of encrypted sign-/countersign-like exchanges to verify that each is dealing with a legitimate counterpart.

Once this is done, the transaction is carried out in an encrypted format to prevent any including the cardholder or the merchant whose card reader is involved, from eavesdropping on the exchange and then later impersonating either party to defraud the system.

9875 XXXX XXXX XXXX

12345Exp

12/75

VISACREDIT CARD

E-mail

Email encryption can rely on public-key cryptography, in which users can each publish a public key that others can use to encrypt messages to them, while keeping secret a private key they can use to decrypt such messages or to digitally encrypt and sign messages they send.

@

E-mail

Because encryption can be difficult for users, security and compliance managers at companies and government agencies automate the process for employees and executives by using encryption appliances and services that automate encryption.

Instead overflying on voluntary cooperation, automated encryption, based undefined policies, takes the decision and the process out of the users 'hands.

Emails are routed through a gate way appliance that has been configured to ensure compliance with regulatory and security policies.

Emails that require it are automatically encrypted and sent.