Unit 4

Encryption

ENCRYPTION

UNIT-IV

ABHISHEK SRIVASTAVA (CSE)

TABLE OF CONTENTS

We will be talking about...

What is Encryption?

Why Do We Use Encryption?

How Does It Work? (x3)

Pros and Cons

Real Life Examples


WHAT IS ENCRYPTION?

Encryption: The process of coding text

Decryption: The process of decoding text

Decryption is the opposite of encryption

A security method used to protect data

Files on computers

Data being passed through the Internet

ATM machines

E-Commerce

Facebook password.


Encryption: The process of coding text into a secret code which is made up of a jumble of letters, numbers, and symbols that no one can read.Decryption: The process of decoding text from a secret code into regular readable text.

A security method used to protect a computer from getting hacked by a third party.Encryption can protect:-Files on computers-Data being passed through the internet such as:

ATM machines (because a PIN is passing through one machine to another, if it was not encrypted someone could extract it),

E-Commerce (because when credit card information is given to the company that's making business, a hacker could easily steal the credit card number so they can steal money if the number isn't encrypted)

In the diagram, it shows a Facebook password getting encrypted into coded text, and then decrypted into the regular readable text.

WHY DO WE USE ENCRYPTION?

To secure important information e.g. :

Health records

Credit card information

Student records

Etc.

Prevents information from getting stolen or read

Without encryption, there is no reliable security


Because the majority of people these days use the Internet to communicate, purchase products etc.They want to protect their information from being viewed by an unwanted third party.No one wants their credit card information being revealed to others.

Encryption prevents this personal information from getting stolen or read. If a hacker came across the information, he/she wouldn't understand the encrypted data.

Without encryption, you have really no security. It's like writing a secret on a postcard to a friend. While it is being delivered, any mailman could just read it and know what you wrote.

HOW DOES IT WORK?

Encryption allows the sender to transform data from plain text into cipher text by using a key

Cipher text: coded text

Key: what is used to encrypt and decrypt text

Two different types of encryption:

Asymmetric encryption (Public key encryption)

Symmetric encryption

Adrianna wants to send Melissa a message...


Encryption allows the sender of the data to transform the data from plain text into ciphertext by using a keyCiphertext: it is the result of your text after it is encrypted. It is coded text made up of a mix of letters, numbers and symbols.Key: an encryption key is used to encrypt and decrypt text. It's like locking and unlocking a door.

There are two different types of encryption:Asymmetric encryption (public key encryption): It uses two different keys, public and private to encrypt and decrypt data.Symmetric encryption: it uses two of the same keys, or a pair of keys to encrypt and decrypt data.We will talk about these two types of encryption throughout the next couple of slides.

Both of these examples of encryption will be associated if Adrianna wants to send a message to me (Melissa)...

REAL LIFE EXAMPLES

Used in the military and the government

Now used in everyday life:

Online banking

E-commerce

Student records, health records, tax records etc.

ATM machines

Social networking (emails, texts, instant messengers)

Businesses


Used in the military and the government to protect secrets from intruders. In the military when they deliver a message, they encrypt it so the enemy won't find out what their plans are.

Used in everyday life for:-online banking: to protect your credit card numbers/debit numbers etc.-E-commerce: to protect any personal information (i.e. Any payment numbers, addresses, postal codes, phone numbers, emails etc.)-student records: to protect your student information from being tampered with.-ATM machines: Protect PIN's from being stolen-Social networking: protect conversations and passwords from being stolen.-Businesses: Keeping information secret from rival companies

DATA ENCRYPTION


CONTENT

Data encryption definition.

Types of data encryption.

Difference between symmetric and asymmetric.

Encryption Methods.

Data Encryption Standard (DES).

Public Key Cryptosystem


DATA ENCRYPTION DEFINITION

Data encryption refers to mathematical calculations and algorithmic schemes that transform plaintext into cypher text, a form that is non-readable to unauthorized parties. The recipient of an encrypted message uses a key which triggers the algorithm mechanism to decrypt the data, transforming it to the original plaintext version


DATA ENCRYPTION


A public key encryption scheme has six ingredients

Plaintext

encryption algorithm

public and private key

cipher text

decryption algorithm


TYPES OF DATA ENCRYPTION

In symmetric (Single key):

The encryption and decryption keys are the same.


A SYMMETRIC ENCRYPTION SCHEME HAS FIVE INGREDIENTS

Plaintext

Encryption Algorithm

Secret key

Cipher Text

Decryption


.

In asymmetric (two keys):

The encryption and decryption keys are different.


.


DIFFERENCE B/W ASYMMETRIC & SYMMETRIC ENCRYPTION

The symmetric one key is used for symmetric and a symmetric but in asymmetric different keys are use for encryption and description.

In symmetric, sender and receiver must share the algorithm and key but in a symmetric sender and receiver must have one matched pair of keys.

In symmetric key must be kept secret but in asymmetric two keys must of kept secret.


PUBLIC KEY CRYPTOGRAPHY

A form of cryptography in which the key used to encrypt a message differs from the key used to decrypt it.

In public key cryptography, a user has a pair of cryptographic keysa public key and a private key. The private key is kept secret, while the public key may be widely distributed.

The two main branches of public key cryptography are:

1. Public key encryption

2. Digital signatures


PUBLIC KEY ENCRYPTION

A message encrypted with a recipient's public key cannot be decrypted by anyone except the recipient possessing the corresponding private key.

Contd.

Actual algorithms - two linked keys:Public_key_encryption


KEY TERMS

Public and private keys:

This is a pair of keys that have been selected so that if one is used for encryption, the other is used for decryption. The exact transformations performed by the algorithm depend on the public or private key that is provided as input.

Cipher text:

This is the scrambled message produced as output. It depends on the plaintext and the key. For a given message, two different keys will produce two different cipher texts.


A GENERAL APPROACH

Contd.

encrypauthen


Step 1 :Each user generates a pair of keys to be used for the encryption and decryption of messages.

Step 2 :Each user places public key in a public register or other accessible file. As encryption figure suggests, each user maintains a collection of public keys obtained from others.

Step 3 :If user1 wishes to send a confidential message to user2, user1 encrypts the message using user2's public key.

Step 4 :When user1 receives the message, he decrypts it using his private key. No other recipient can decrypt the message because only user1 knows his private key


Authentication & security:

There is some source A that produces a message in plaintext, X =[X1, X2,..., XM,]. The M elements of X are letters in some finite alphabet. The message is intended for destination B. B generates a related pair of keys: a public key, PUb, and a private key, PRb. PRb is known only to B, whereas PUb is publicly available.

A generates another pair of keys: a public key, PUa, and a private key, PRa. PRa is known only to A, whereas PUa is publicly available.

Contd.


SECRECY IN A PUBLIC KEY ENCRYPTION :

Step 1:A encrypt the massage using Bs public key PUb and send it to B.With the message X and the encryption key PUb as input, A forms the cipher text Y = [Y1, Y2,..., YN]:

Step 2:B decrypt the massage using its private key PRb. Using its private key PRb and the cipher text Y it obtain the original massage X


Authentication In A Public Key Encryption :

Step 1:A prepares a message to B and encrypts it using A's private key before transmitting it.

Step 2:B can decrypt the message using A's public key. Because the message was encrypted using A's private key, only A could have prepared the message.


Comparing Secrecy and Authentication

In authentication technique :It is impossible to alter the message without access to A's private key, so the message is authenticated both in terms of source and in terms of data integrity. But secrecy doesn't provide this advantage.

Thus the authentication is much more confidential and secure in terms of alteration of the massage.


Authentication & Security:

Contd.

Public-Key Cryptosystem Authentication and Secrecy


DIGITAL SIGNATURE

An authentication mechanism that enables the creator of a message to attach a code that acts as a signature.

In situations where there is not complete trust between sender and receiver, something more than authentication is needed.

1. It must verify the author and the date and time of the signature.

2. It must to authenticate the contents at the time of the signature.

3. It must be verifiable by third parties, to resolve disputes.

Thus, the digital signature function includes the authentication function.

A variety of approaches has been proposed for the digital signature function. These approaches fall into two categories: direct and arbitrated


Direct Digital Signature :

The direct digital signature involves only the communicating parties (source, destination). It is assumed that the destination knows the public key of the source. A digital signature may be formed by encrypting the entire message with the sender's private key or by encrypting a hash code of the message with the sender's private key.


Arbitrated Digital Signature :

The problems associated with direct digital signatures can be addressed by using an arbiter.

As with direct signature schemes, there is a variety of arbitrated signature schemes. In general terms, they all operate as follows. Every signed message from a sender X to a receiver Y goes first to an arbiter A, which check its origin and context and then sent to Y.


Applications For Public-key Cryptosystems

Public key cryptosystem used in many systems such as:

1.Decision support system

2. RSA Algorithm

3. Elliptic Curve

4. Diffie-Hellman key exchange


COMPUTATIONAL COST

It is computationally easy for a party B to generate a pair (public key PUb, private key PRb).

It is computationally easy for a sender A, knowing the public key and the message to be encrypted, M, to generate the corresponding cipher text:

C = E(PUb, M)

It is computationally easy for the receiver B to decrypt the resulting cipher text using the private key to recover the original message:

M = D(PRb, C) = D[PRb, E(PUb, M)]

It is computationally infeasible for an adversary, knowing the public key, PUb, to determine the private key, PRb.


WEAKNESSES

Computational costKeys in public-key cryptography, due to their unique nature, are more computationally costly than their counterparts in secret-key cryptography.

Vulnerable to brute force attacks Keys in asymmetric cryptography are more vulnerable to brute force attacks than in secret-key cryptography.

Vulnerable to the man in the middle attack Public-key cryptography also has vulnerabilities to attacks such as the man in the middle attack. In this situation, a malicious third party intercepts a public key on its way to one of the parties involved


Click to edit Master title style

Click to edit Master text styles

Second level

Third level

Fourth level

Fifth level



Click to edit Master subtitle style




Second level

Third level

Fourth level

Fifth level







Second level

Third level

Fourth level

Fifth level


Second level

Third level

Fourth level

Fifth level





Second level

Third level

Fourth level

Fifth level



Second level

Third level

Fourth level

Fifth level







Second level

Third level

Fourth level

Fifth level








Second level

Third level

Fourth level

Fifth level




Second level

Third level

Fourth level

Fifth level




Second level

Third level

Fourth level

Fifth level


Second level

Third level

Fourth level

Fifth level





Second level

Third level

Fourth level

Fifth level




Second level

Third level

Fourth level

Fifth level



Click to edit Master subtitle style




Second level

Third level

Fourth level

Fifth level







Second level

Third level

Fourth level

Fifth level


Second level

Third level

Fourth level

Fifth level





Second level

Third level

Fourth level

Fifth level



Second level

Third level

Fourth level

Fifth level







Second level

Third level

Fourth level

Fifth level








Second level

Third level

Fourth level

Fifth level




Second level

Third level

Fourth level

Fifth level


Engineering

Unit 4