Attribution Non-Commercial (BY-NC)

6 views

Attribution Non-Commercial (BY-NC)

- Asymmetric Encryption Facts[1]
- [Tugas Bahasa Inggris BSI Semester 2] Description of Cryptography and Steganography
- tech seminar1
- Network Security
- Design and Analysis of a Novel Digital Image Encryption Scheme
- CNS Syllabus
- 1_w-intro
- Cryptography
- vjchavda
- An Authentication Protocol for Mobile Devices Using Hyperelliptic Curve Cryptography
- Cryptography
- Security Issues and Solutions in Vehicular Adhoc Network a Review Approach
- Public Key Cryptosystem Using Improved Rabin Algorithm for Wireless Sensor Networks
- London Python Developer_AWS Devop Engineer
- Advantages of Classical Cryptography Over the Quantum Cryptography
- Os Protection Security(1)
- Introduction to Cryptography Basic Principles
- Public Key Cryptography
- Data Confidential Against Untrusted Servers Using Attribute-based Encryption
- Dual Polarization of Antenna for Wireless Applications

You are on page 1of 11

If you have found this useful please mail me your name,contact number,your feed back Urs

Yatheesh12c5@gmail.com

ABSTRACT: The past twenty years have seen cryptography move from arcane to commonplace, from difficult to easy, from expensive to cheap. Many influences are at work. Network security is a complicated subject, historically only tackled by well-trained and experienced experts. However, as more and more people become ``wired'', an increasing number of people need to understand the basics of security in a networked world. This document was written with the basic computer user and information systems manager in mind, explaining the concepts needed to read through the hype in the marketplace and understand risks and how to deal with them.

4. CRYPTOGRAPHY

The type of operations used

The number of keys used The way in which data is processed 5. TYPES OF CRYPTOGRAPHY

Secret Key Cryptography Public Key Cryptography Hash Functions 6. ALGORITHM TYPES AND STRENGTHS Stream algorithms Block algorithms

Some things about this future are already clear. Cryptographic operations will disappear into the infrastructure. The complexities of cryptography and of cryptographic key management will be hidden from users. New sorts of protocols will become practical. New sorts of businesses will be possible. We will describe several such protocols and businesses. CONTENT 1. INTRODUCTON 2. HISTORY 3. KEYWORDS

Key management

Public key encryption Digital signatures

9. HYBRID CRYPTOSYSTEMS

Key encapsulation Data encapsulation

10. CRYPTANALISIS

Cryptography Cryptographer Cryptanalysis Cryptology Cryptanalyst Ciphertext-only attack known-plaintext attack Chosen-plaintext attack Chosen-ciphertext attack Adaptive chosen-plaintext

Related-key attack

12. CRYPTOSYSTEMS 13. FEATURES OF CRYPTOGRAPHY

14. APPLICATIONS 15.ADVANTAGES DISADVANTAGES 16. CONCLUSION AND

17.REFERENCES

conversion of messages from a comprehensible form into an incomprehensible one and back again at the other end, rendering it unreadable by interceptors or eavesdroppers without secret knowledge. Encryption was used to ensure secrecy in communications, such as those of spies, military leaders, and diplomats. In recent decades, the field has expanded beyond confidentiality concerns to include techniques for message integrity checking, sender/receiver identity authentication, digital signatures, interactive proofs and secure computation, among others.

KEY WORDS

INTRODUCTION

Cryptography is the practice and study of hiding information. Modern cryptography intersects the disciplines of mathematics, computer science, and engineering. cryptography referred almost exclusively to encryption, which is the process of converting ordinary information into unintelligible gibberish ( ciphertext ). Decryption is the reverse, in other words, moving from the unintelligible ciphertext back to plaintext[1]. A cipher is a pair of algorithms that create the encryption and the reversing decryption. The detailed operation of a cipher is controlled both by the algorithm and in each instance by a key. This is a secret parameter for a specific message exchange context

Cryptography: The techniques or algorithm used for converting plaintext into ciphertext are called cryptographic techniques. The study of these techniques is known as Cryptography[1]. Cryptographer: The person who deals with Cryptography. Cryptanalysis: Studying the ciphertext to obtain plaintext or Key without knowing actual algorithm or key used is called as cryptanalysis. Cryptology: The study of cryptographer and cryptanalysis. Cryptanalyst: The person deals with cryptanalysis.

CRYPTOGRAPHY:

HISTORY

All encryption algorithms are based on two general principals Substitution: In which each element in plaintext is mapped into another element. Transposition: In which elements in the plaintext are rearranged. The fundamental requirement is that no information be lost. 2. The number of keys used: If both sender and receiver use the same key, the system referred to as symmetric, single key, secretkey, or conventional encryption. If the sender and receiver use a different key, the system is referred to as asymmetric, two-key,or public-key encryption. 3.The way in which the plaintext is processed: A block cipher process the input one block of elements at a time, producing an block for each input block. A stream cipher process the inputelements continuously, producing output one element at a time, as its goesalong

by their application and use. The following are the three types of Algorithm that are discussed[ Secret Key Cryptography (SKC): Uses a single key for both encryption and decryption. Public Key Cryptography (PKC): Uses one key for encryption and another for decryption. Hash Functions: transformation to information. Uses a mathematical irreversibly "encrypt"

SYMMETRIC-KEY CRYPTOGRAPHY The most widely used symmetric key cryptographic method is the Data Encryption Standard (DES). It uses a fixed length, 56-bit key and an efficient algorithm to quickly encrypt and decrypt messages. It can be easily implemented in hardware, making the encryption and decryption process even faster. In general, increasing the key size makes the system more secure. A variation of DES, called Triple-DES or DES-EDE (encryptdecrypt-encrypt), uses three applications of DES and two independent DES keys to produce an effective key length of 168 bits. The International Data Encryption Algorithm (IDEA) was invented by James Massey and Xuejia Lai of ETH Zurich, Switzerland in 1991. IDEA uses a fixed length, 128-bit key (larger than DES but smaller than TripleDES). It is also faster than Triple-DES. In the early 1990s, Don Rivest of RSA Data Security, Inc., invented the algorithms RC2 and RC4. These use variable length keys and

TYPES OF CRYPTOGRAPHY There are several ways of classifying cryptographic algorithms. For purposes of this report they will be categorized based on the number of keys that are employed for encryption and decryption, and further defined

are claimed to be even faster than IDEA. However, implementations may be exported from the U.S. only if they use key lengths of 40 bits or fewer. Despite the efficiency of symmetric key cryptography , it has a fundamental weak spotkey management. Since the same key is used for encryption and decryption, it must be kept secure. If an adversary knows the key, then the message can be decrypted. At the same time, the key must be available to the sender and the receiver and these two parties may be physically separated. Symmetric key cryptography transforms the problem of transmitting messages securely into that of transmitting keys securely. This is an improvement , because keys are much smaller than messages, and the keys can be generated beforehand. Nevertheless, ensuring that the sender and receiver are using the same key and that potential adversaries do not know this key remains a major stumbling block. This is referred to as the key management problem.

PUBLIC-KEY CRYPTOGRAPHY Asymmetric key cryptography overcomes the key management problem by using different encryption and decryption key pairs. Having knowledge of one key, say the encryption key, is not sufficient enough to determine the other key - the decryption key. Therefore, the encryption key can be made public, provided the decryption key is held only by the party wishing to receive encrypted messages (hence the name public/private key cryptography). Anyone can use the public key to encrypt a message, but only the recipient can decrypt it. [3] RSA is a widely used public/private key algorithm is, named after the initials of its inventors, Ronald L. Rivest, Adi Shamir, and Leonard M. Adleman [RSA 91]. It depends on the difficulty of factoring the product of two very large prime numbers. Although used for encrypting whole messages, RSA is much less efficient than symmetric key algorithms such as DES. ElGamal is another public/private key algorithm .This uses a different arithmetic algorithm than RSA, called the discrete logarithm problem. The mathematical relationship between the public/private key pair permits a general rule: any message encrypted with one key of the pair can be successfully decrypted only with that key's counterpart. To encrypt with the public key means you can decrypt only with

DES:

the private key. The converse is also true - to encrypt with the private key means you can decrypt only with the public key. HASH FUNCTION Is a type of one-way function this are fundamental for much of cryptography. A one way function - is a function that is easy to calculate but hard to invert. It is difficult to calculate the input to the function given its output. The precise meanings of "easy" and "hard" can be specified mathematically. With rare exceptions, almost the entire field of public key cryptography rests on the existence of one-way functions.

hash function ca also be referred to as a function with certain additional security properties to make it suitable for use as a primitive in various information security applications, such as authentication and message integrity. It takes a long string (or message) of any length as input and produces a fixed length string as output, sometimes termed a message digest or a digital fingerprint.

Lets take a closer look at both symmetric and public key cryptography. As a subset of cryptography, cryptographic algorithms can be divided into two categories: Stream algorithms Operate on plaintext one byte at a time, where a byte is a character, number, or special character. The process is inefficient and slow. In this application, functions are characterized and evaluated in terms of their ability to withstand attack by an adversary. More specifically, given a message x, if it is computationally infeasible to find a message y not equal to x such that H(x) = H(y) then H is said to be a weakly collision-free hash function. A strongly collision-free hash function H is one for which it is computationally infeasible to find any two messages x and y such that H(x) = H(y). The requirements for a good cryptographic hash function are stronger than those in many other applications (error correction and audio identification not included). For this reason, cryptographic hash functions make good stock hash functions--even functions whose cryptographic security is compromised, such as MD5 and SHA-1. The SHA-2 algorithm, however, has no known compromises Block algorithms Operate on plaintext in groups of bytes, called blocks (hence the name block algorithms or block ciphers). Typical block sizes for modern algorithms is 64 bytes, small enough to work with but large enough to deter code breakers. Unfortunately, with the current speed of microprocessors, breaking a 64-byte algorithm using brute force is proving to be to relatively easy task.

VARIATIONS IN PUBLIC KEY AND PRIVATE KEY CRYPTOGRAPHY

Symmetric-key cryptosystems use the same key for encryption and decryption of a message, though a message or group of messages may have a different key than others. A significant disadvantage of symmetric ciphers is the key management necessary to use them securely. Each distinct pair of communicating parties must, ideally, share

a different key, and perhaps each ciphertext exchanged as well. The number of keys required increases as the square of the number of network members, which very quickly requires complex key management schemes to keep them all straight and secret.

KEYMANAGEMENT

they are necessarily related. Instead, both keys are generated secretly, as an interrelated pair. In public-key cryptosystems, the public key may be freely distributed, while its paired private key must remain secret. The public key is typically used for encryption, while the private or secret key is used for decryption. Padlock icon from the Firefox Web browser, meant to indicate a page has been sent in SSL or TLS-encrypted protected form. However, such an icon is not a guarantee of security; any subverted browser might mislead a user by displaying such an icon when a transmission is not actually being protected by SSL or TLS. The two main branches of public key cryptography are:

One disadvantage of symmetric-key algorithms is the requirement of a shared secret key, with one copy at each end. In order to ensure secure communications between everyone in a population of n people a total of n(n 1)/2 keys are needed, which is the total number of possible communication channels.[1] To limit the impact of a potential discovery by a cryptographic adversary, they should be changed regularly and kept secure during distribution and in service. The process of selecting, distributing and storing keys is known as key management, and is difficult to achieve reliably and securely.

Unlike symmetric algorithms, asymmetric key algorithms use a different key for encryption than for decryption. I.e., a user knowing the encryption key of an asymmetric algorithm can encrypt messages, but cannot derive the decryption key and cannot decrypt messages encrypted with that key. A short comparison of these two types of algorithms is given below: Whitfield Diffie and Martin Hellman proposed the notion of public-key (asymmetric key) cryptography in which two different but mathematically related keys are used a public key and a private key. A public key system is so constructed that calculation of one key ('private key') is computationally infeasible from the other ('public key'), even though

Public key encryption a message encrypted with a recipient's public key cannot be decrypted by anyone except a possessor of the matching private key -- presumably, this will be the owner of that key and the person associated with the public key used. This is used for confidentiality. Digital signatures a message signed with a sender's private key can be verified by anyone who has access to the sender's public key, thereby proving that the sender had access to the private key (and therefore is likely to be the person associated with the public key used), and the part of the message that has not been tampered with. In digital signature schemes, there are two algorithms: one for signing, in which a secret key is used to process the message (or a hash of the message, or both), and

one for verification, in which the matching public key is used with the message to check the validity of the signature.

a key encapsulation scheme, which is a public-key cryptosystem, and a data encapsulation scheme, which is a symmetric-key cryptosystem.

RSA and DSA are two of the most popular digital signature schemes. Digital signatures are central to the operation of public key infrastructures and many network security schemes. Public-key cryptosystems are commonly hybrid cryptosystems, in which a fast highquality symmetric-key encryption algorithm is used for the message itself, while the relevant symmetric key is sent with the message, but encrypted using a public-key algorithm. Similarly, hybrid signature schemes are often used, in which a cryptographic hash function is computed, and only the resulting hash is digitally signed HYBRID CRYPTOSYSTEMS In modern cryptosystems designs, both asymmetric (public key) and symmetric algorithms are used to take advantage of the virtues of both. Asymmetric algorithms are used to distribute symmetric-keys at the start of a session. Once a symmetric key is known to all parties of the session, faster symmetric-key algorithms using that key can be used to encrypt the remainder of the session. This simplifies the key distribution problem, because asymmetric keys only have to be distributed authentically, whereas symmetric keys need to be distributed in an authentic and confidential manner.

The hybrid cryptosystem is itself a publickey system, whose public and private keys are the same as in the key encapsulation scheme. CRYPTANALISIS

Cryptanalysis has coevolved together with cryptography, and the contest can be traced through the history of cryptographynew ciphers being designed to replace old broken designs, and new cryptanalytic techniques invented to crack the improved schemes. In practice, they are viewed as two sides of the same coin: in order to create secure cryptography, you have to design against possible cryptanalysis.

It is a common misconception that every encryption method can be broken. Most ciphers, apart from the one-time pad, can be broken with enough computational effort by brute force attack, but the amount of effort needed may be exponentially dependent on the key size, as compared to the effort needed to use the cipher.

4.Chosen-ciphertext attack:

The cryptanalyst may be able to choose ciphertexts and learn their corresponding plaintexts.

5.Adaptive

chosen-plaintext: like a chosen-plaintext attack, except the attacker can choose subsequent plaintexts based on information learned from previous encryptions. Similarly Adaptive chosen ciphertext attack. 6.Related-key attack: Like a chosenplaintext attack, except the attacker can obtain ciphertexts encrypted under two different keys. The keys are unknown, but the relationship between them is known; for example, two keys that differ in the one bit. Variants of the Enigma machine, used by Germany's military and civil authorities from the late 1920s through World War II, implemented a complex electromechanical polyalphabetic cipher. There are a wide variety of cryptanalytic attacks, and they can be classified in any of several ways. A common distinction turns on what an attacker knows and what capabilities are available.

1.Ciphertext-only attack:

Cryptanalysis of symmetric-key ciphers typically involves looking for attacks against the block ciphers or stream ciphers that are more efficient than any attack that could be against a perfect cipher. For example, a simple brute force attack against DES requires one known plaintext and 255 decryptions, trying approximately half of the possible keys, to reach a point at which chances are better than even the key sought will have been found. But this may not be enough assurance; a linear cryptanalysis attack against DES requires 243 known plaintexts and approximately 243 DES operations. This is a considerable improvement on brute force attacks. Public-key algorithms are based on the computational difficulty of various problems. While pure cryptanalysis uses weaknesses in the algorithms themselves, other attacks on cryptosystems are based on actual use of the algorithms in real devices, and are called side-channel attacks. If a cryptanalyst has access to, say, the amount of time the device took to encrypt a

The cryptanalyst has access only to the ciphertext (good modern cryptosystems are usually effectively immune to ciphertextonly attacks).

2.known-plaintext attack:

The cryptanalyst has access to a ciphertext and its corresponding plaintext (or to many such pairs).

3.Chosen-plaintext attack:

The cryptanalyst may choose a plaintext and learn its corresponding ciphertext (perhaps many times).

number of plaintexts or report an error in a password or PIN character, he may be able to use a timing attack to break a cipher that is otherwise resistant to analysis. An attacker might also study the pattern and length of messages to derive valuable information; this is known as traffic analysis and can be quite useful to an alert adversary. And, of course, social engineering, and other attacks against the personnel who work with cryptosystems or the messages they handle (e.g., bribery, extortion, blackmail, espionage, torture, ...) may be the most productive attacks of all.

CRYPTOGRAPHIC PRIMITIVES

and forth communication among two or more parties in space or across time .Such cryptosystems are sometimes called cryptographic protocols.[4] Some widely known cryptosystems: RSA encryption, Schnorr signature, ElGamal encryption, PGP

FEATURES OF CRYPTOGRAPHY :

There are two areas that show promise in the field of cryptography: Quantum cryptography and DNA cryptography. Quantum cryptography attempts to achieve the same security of information as other forms of cryptography but through the use of photons, or packets of light. The process, though still in experimental stages, makes use of the polarization nature of light and is proving to be a very promising defense against eavesdropping . DNA cryptography makes use of specially selected DNA strands whose combination results to a specific solution to a problem. Still in its infancy, DNA cryptography looks promising .

APPLICATIONS Cryptography is used in applications ATM cards. Computer passwords. Electronic commerce which all depend on cryptography. Emails. Computer networks. ADVANTAGES AND DISADVANTAGES

Much of the theoretical work in cryptography concerns cryptographic primitives algorithms with basic cryptographic propertiesMuch of the theoretical work in cryptography concerns cryptographic primitives algorithms with basic cryptographic properties. These primitives provide fundamental properties, which are used to develop more complex tools called cryptosystems or cryptographic protocols, which guarantee one or more high-level security properties. Typical examples of cryptographic primitives include pseudorandom functions, one-way functions, etc.

CRYPTOSYSTEMS

One or more cryptographic primitives are often used to develop a more complex algorithm, called a cryptographic system, or cryptosystem. . Cryptosystems) are designed to provide particular functionality (e.g. public key encryption) while guaranteeing certain security properties .Cryptosystems use the properties of the underlying cryptographic primitives to support the system's security properties. A sophisticated cryptosystem can be derived from a combination of several more primitive cryptosystems. In many cases, the cryptosystem's structure involves back

Even though public key cryptography is the accepted standard, its not foolproof. For this reason, it has not completely replaced symmetric cryptography. Here are some of the main advantages and disadvantages [5].

ADVANTAGES

1. The biggest advantage of public key cryptography is the secure nature of the private key. In fact, it never needs to be transmitted or revealed to anyone. 2. It enables the use of digital certificates and digital timestamps, which is a very secure technique of signature authorization. We will look at digital timestamps and digital signatures in a moment.

DISADVATAGES:

1. Transmission time for documents encrypted using public key cryptography are significantly slower then symmetric cryptography. In fact, transmission of very large documents is prohibitive. 2. The key sizes must be significantly larger than symmetric cryptography to achieve the same level of protection. 3. Public key cryptography is susceptible to impersonation attacks.

CONCLUSION: Cryptography is not as scary as it seems at first. It is up to you as a developer and/or architect to make sure that your applications maintain data integrity, secrecy, and authenticity. With .NET's built-in support for symmetric and asymmetric ciphers your application should be able to protect data in a variety of different situations. Protecting a single field in a database or protecting-large scale B2B communications has now been made much easier with .NET. REFERENCES: [1].http://en.wikipedia.org/wiki/cryptograp hy. [2].http://rsa.com. [3].http://en.wikipedia.org/wiki/publickey. [4]http://en.wikipedia.org/wiki/Cryptosyst em.

[5].Cryptography And Network Security -- William Stallings.

- Asymmetric Encryption Facts[1]Uploaded byManish Popli
- [Tugas Bahasa Inggris BSI Semester 2] Description of Cryptography and SteganographyUploaded byAhmed De-er
- tech seminar1Uploaded bychinmayagubbi
- Network SecurityUploaded byKrish Nithyan
- Design and Analysis of a Novel Digital Image Encryption SchemeUploaded byAIRCC - IJNSA
- CNS SyllabusUploaded bygdeepthi
- 1_w-introUploaded bysho_0801
- CryptographyUploaded byVivek Yadav
- vjchavdaUploaded byNir Infosys
- An Authentication Protocol for Mobile Devices Using Hyperelliptic Curve CryptographyUploaded byIDES
- CryptographyUploaded byahmadamminudin89
- Security Issues and Solutions in Vehicular Adhoc Network a Review ApproachUploaded byCS & IT
- Public Key Cryptosystem Using Improved Rabin Algorithm for Wireless Sensor NetworksUploaded byeditor_ijcat
- London Python Developer_AWS Devop EngineerUploaded byms6675223
- Advantages of Classical Cryptography Over the Quantum CryptographyUploaded byTI Journals Publishing
- Os Protection Security(1)Uploaded byOrlando Xavier Nieves
- Introduction to Cryptography Basic PrinciplesUploaded byReddy Sumanth
- Public Key CryptographyUploaded byHarneet Singh Chugga
- Data Confidential Against Untrusted Servers Using Attribute-based EncryptionUploaded bySengottu Velu
- Dual Polarization of Antenna for Wireless ApplicationsUploaded byEditor IJRITCC
- 189Uploaded byariyan_eghbal
- GC32-9342-00Uploaded byaksmsaid
- CryptographyUploaded byDeepan Manoj
- ZR0610334337.pdfUploaded byRareş T. Bogdan
- DNA-based cryptography: motivation, progress, challenges, and futureUploaded byDr Muhamma Imran Babar
- Survey on Security Challenge for Data Forwarding in CloudUploaded byIjsrnet Editorial
- ECCouncil-312-50v10.pdfUploaded byshiva534
- Crypto FileUploaded byMunish Wadhwa
- Cryptography and System SecurityUploaded byNirish
- CryptographyUploaded byETL LABS

- Network Security Essentials 4th Edition William Stallings Test BankUploaded byLinus Linus
- 2fUploaded byRamdhani Muttaqien
- Ch09 EncryptionUploaded byPumaruna
- CookiesUploaded byJoilson Silva Batera
- Google TipsUploaded byVenu Gopalan A G
- 01 Intro SlidesUploaded byvietvnuk53cc
- 11-01-0253-00-000i-wep-2-secureity-analysisUploaded byahmadadeelzia
- AbstractUploaded bypradeep_sharma_18
- Cisco CCNA Security-SummaryUploaded byhttp://utsit.blogspot.com.au/
- Crypto Monoalphateic CipherUploaded byEswin Angel
- Introduction to Cryptography and Network securityUploaded byvarunpant
- BasicsUploaded byStefano Izzo
- CEH v10 Module 04 - Enumeration- Www.ethicalhackx.comUploaded byethicalhacker2006
- Defense-In-Depth.pptUploaded byIndraAbdurRohman
- Network Security & Cryptography Lecture 9Uploaded byUdhay Prakash
- Traditional Crime vs Cyber CrimeUploaded byBhagyashree Hamand
- Different Types of VirusesUploaded byYuri Yuki
- Cns Chapter5Uploaded bynooti
- Openssl Aes.cUploaded byschtt
- Mod Guide.docUploaded byBrandon Moore
- Phishing PptUploaded byKartik Mistry
- Abhijit Mohanta, Mounir Hahad, Kumaraguru Velmurugan - Preventing Ransomware Understand, prevent, and remediate ransomware attacks (2018).pdfUploaded bymanuelfdzg
- Polyalphabetic Ciphers.pdfUploaded byAtulya Anand
- SY0-101 Comptia Security+Uploaded byWillyTorres
- Decentralized Access Control with Unidentified Authentication for Information Security in Cloud ComputingUploaded byIJIRST
- Pengenalan Komputer & Teknologi Maklumat Ch. 5Uploaded byمحمد شكري عبد الحليم
- White Box Cryptography-pptUploaded bysonal
- REFERENCE.docxUploaded bymdwalunjkar3095
- TB SecureSphere OWASP 2013-Top-TenUploaded byDescargarse
- 98-367 Security Fundamental Set DUploaded byShreya Agrawal