22 views

Uploaded by Harish Khatri

CRYPTOGRAPHIC TECHNIQUES..

- Cryptography - Cryptographic Token Interface Standard - RSA Labs
- Cryptology for Engineers
- Security of Data with RGB Color and AES Encryption Techniques
- A Comparative Analysis of.pdf
- Cryptography
- Cryptography Info Sec Pro Guide - Sean-Philip Oriyano
- Java 1
- Iaetsd-secure Emails an Integrity Assured Email
- 30. Comp Sci - Cryptographt - Manali Tawde
- Computer Security and Cryptography Exams
- Crypto
- Encrypting and Decrypting Data in C
- Preprocessing and Secure Computations for Privacy Preservation Data Mining
- 6910
- A Privacy Preserving of Composite Private/Public Key in Cloud Servers
- Color Cryptography
- IS UNIT5
- (PDF) Security of Database Management Systems
- Symmetric and Asymmetric Encryption
- 07 Perlner Quantum

You are on page 1of 41

Fundamentals of Information Security

Chapter 2

Cryptographic Techniques

Web Security: Theory & Applications

School of Software, Sun Yat-sen University

Chapter 2 - Outline

2.1 Cryptology Introduction

• Introduction

• History

• Concepts & Items

2.2 Symmetric Key Cryptographic Algorithms

• Introduction

• Types & Modes

• Data Encryption Standard (DES)

• Advanced Encryption Standard (AES)

Web Security : Theory And Applications

2 / 41

Chapter 2 - Outline

2.3 Asymmetric Key Cryptographic Algorithms

• Introduction

• The RSA Algorithm

• Digital Signatures

2.4 Hashing Algorithms

• Introduction

• Message-Digest Algorithm (MD5)

2.5 Typical Applications

**• MD5 and Passwords
**

• AES and Wi-Fi Protected Access

• RSA and E-Business

Web Security : Theory And Applications

3 / 41

Chapter 2 - Outline

2.1 Cryptology Introduction

• Introduction

• History

• Concepts & Items

2.2 Symmetric Key Cryptographic Algorithms

2.3 Asymmetric Key Cryptographic Algorithms

2.4 Hashing Algorithms

2.5 Typical Applications

Web Security : Theory And Applications

4 / 41

"study". from Greek kryptós. data integrity. or -logia. authentication. and gráphein. "hidden.1.2. Web Security : Theory And Applications 5 / 41 .1 Introduction Definition • Cryptography (or cryptology. secret". respectively) is the practice and study of techniques for secure communication in the presence of third parties (called adversaries). and non-repudiation. "writing". More generally. it is about constructing and analyzing protocols that overcome the influence of adversaries and which are related to various aspects in information security such as data confidentiality.1 Cryptology Introduction 2.

1 Cryptology Introduction • • Modern cryptography intersects the disciplines of mathematics. and electrical engineering. and electronic commerce. computer science. computer passwords.2. Applications of cryptography include ATM cards. Web Security : Theory And Applications 6 / 41 .

1.2.2 History The Manual ERA The Mechanical ERA The Modern ERA German Lorenz cipher machine. used in World War II to encrypt very-high-level general staff messages Web Security : Theory And Applications 7 / 41 .1 Cryptology Introduction 2.

Non-repudiation. Integrity.3 Concepts & Items Plain Text and Cipher Text Key and Key Space Cryptosystem Services • Confidentiality. Asymmetric Attributes of Strong Encryption • Confusion. Authenticity.2. Access Control Cryptographic Methods • Symmetric.1.1 Cryptology Introduction 2. Diffusion Web Security : Theory And Applications 8 / 41 .

Outline 2.5 Typical Applications Web Security : Theory And Applications 9 / 41 .1 Cryptology Introduction 2.3 Asymmetric Key Cryptographic Algorithms 2.Chapter 2 .4 Hashing Algorithms 2.2 Symmetric Key Cryptographic Algorithms • Introduction • Types & Modes • Data Encryption Standard (DES) • Advanced Encryption Standard (AES) 2.

2. The two parties must somehow exchange the key in a secure way.1 Introduction Symmetric-key cryptography is sometimes called secretkey cryptography. Symmetric-key systems are simpler and faster.2 Symmetric Key Crypt. Web Security : Theory And Applications 10 / 41 . Algorithms 2. It is a kind of encryption system in which the sender and receiver of a message share a single. common key that is used to encrypt and decrypt the message. Data Encryption Standard.2. The most popular symmetric-key system is the DES.

.K)=E(M1.K)E(M2.K)… .2 Algorithm Types and Modes Algorithm Types • Block Cipher： E(M.2 Symmetric Key Crypt.E(Mn.2.2. Algorithms 2.K) 。 M为明文，分割成M1、M2… Mn区段。加密速度慢，但 较安全。 • Stream Cipher： Web Security : Theory And Applications 11 / 41 .

2 Symmetric Key Crypt.2. Algorithms Web Security : Theory And Applications 12 / 41 .

Algorithms Algorithm Modes • Electronic Code Book (ECB) Mode Web Security : Theory And Applications 13 / 41 .2 Symmetric Key Crypt.2.

2 Symmetric Key Crypt.2. Algorithms Source Web Security : Theory And Applications ECB mode non-ECB mode 14 / 41 .

2 Symmetric Key Crypt.2.Encryption Web Security : Theory And Applications 15 / 41 . Algorithms • Cipher Block Chaining (CBC) Mode (IBM.1976) • CBC .

Decryption Web Security : Theory And Applications 16 / 41 . Algorithms • CBC .2 Symmetric Key Crypt.2.

Algorithms • Cipher Feedback (CFB) Mode • CFB .2 Symmetric Key Crypt.2.Encryption Web Security : Theory And Applications 17 / 41 .

Decryption Web Security : Theory And Applications 18 / 41 .2 Symmetric Key Crypt.2. Algorithms • CFB .

2 Symmetric Key Crypt.encryption Web Security : Theory And Applications 19 / 41 .2. Algorithms • Output Feedback (OFB) Mode • OFB .

Algorithms • OFB .Decryption Web Security : Theory And Applications 20 / 41 .2 Symmetric Key Crypt.2.

2 Symmetric Key Crypt. Algorithms 2.2.3 Data Encryption Standard（DES） Background and History How DES Works • Feistel function Web Security : Theory And Applications 21 / 41 .2.

2. Algorithms 2. FIPS PUB 197 • Rijndael .Joan Daemen & Vincent Rijmen Properties • Block length = 128 bit • Key length = 128/192/256 bit Steps • AddRoundKey • SubBytes • ShiftRows • MixColumns Web Security : Theory And Applications 22 / 41 .2 Symmetric Key Crypt.4 Advanced Encryption Standard（AES） Introduction • 2001.2.

Outline 2.4 Hashing Algorithms 2.3 Asymmetric Key Cryptographic Algorithms • Introduction • The RSA Algorithm • Digital Signatures 2.1 Cryptology Introduction 2.5 Typical Applications Web Security : Theory And Applications 23 / 41 .2 Symmetric Key Cryptographic Algorithms 2.Chapter 2 .

Algorithms 2.a public key known to everyone and a private or secret key known only to the recipient of the message. Moreover. Bob then uses his private key to decrypt it.1 Introduction Definition • Scenery • A cryptographic system that uses two keys -.3.3 Asymmetric Key Crypt. Property • It is important that the public and private keys are related in such a way that only the public key can be used to encrypt messages and only the corresponding private key can be used to decrypt them. When Alice wants to send a secure message to Bob. she uses Bob's public key to encrypt the message. Web Security : Theory And Applications 24 / 41 . it is virtually impossible to deduce the private key from the known public key.2.

3. the factoring problem. Algorithms 2.3 Asymmetric Key Crypt.2 The RSA Algorithm Introduction • Ron Rivest. Web Security : Theory And Applications 25 / 41 . Adi Shamir & Leonard Adleman (MIT.2. 1977) • RSA algorithm is based on the presumed difficulty of factoring large integers.

Let N=pq. q). Algorithms How RSA Works • Generating of Public key and Private key • • • • • • Select two different big prims p and q. By Euler’s function.3 Asymmetric Key Crypt. Web Security : Theory And Applications 26 / 41 .2. (e. the number of integers less than and prim to N is (N) = (pq) = (p) (q) = ( p-1)(q-1) Select an integer e which is less than and prim to (N) Compute d by：ed 1 (mod (N)) Destroy p and q (when N is big enough. Alice will send her (e. and (d.N) the private key.N) in secret. but keep her (d.N) to Bob.N) is used as the public key. it will be extremely difficult to find p.

Bob has Alice’s public key (e. Web Security : Theory And Applications 27 / 41 . Alice can decode n from c by c d n(mod N ) . • Decryption • By applying her private (d. By applying the key (e.3 Asymmetric Key Crypt. or c n e mod N Then Bob can send c to Alice through an unsafe channel. Firstly he transforms m to an integer n less than N in a presumed method. or n c d mod N and recover the m from n.2. Algorithms • Encryption • Suppose that Bob want to send Alice a message m. n is encrypted to c： n e c(mod N ).N) in hand.N).N).

n c d mod N So n c d mod N (n e ) d mod N n ed mod N n mod N Web Security : Theory And Applications 28 / 41 . Algorithms • Principle of RSA • By Euler’s function. we have n k ( N ) 1 n mod N in another hand. ed 1 (mod (N)). so ned n mod N Now we have c n e mod N .3 Asymmetric Key Crypt. given two prims p and q satisfied N=pq and one integer n satisfied 0<n<N.2. or ed = k (N)+1.

we select small p.N) Let p=3.2. q=11.3 Asymmetric Key Crypt. Algorithms Example of RSA • For continent.N) and (d.q and e. • Suppose A want to sent a string “key” to B by RSA encryption. ① Compute (e. N=pq=311=33 f(N)=(p-1)(q-1)=210=20 We take e=3 (3 is prim to 20) and try to get d such that ed1 mod f(n)，即3d1 mod 20。 We get d by trial: Web Security : Theory And Applications 29 / 41 .

we find that when d=7. Algorithms f(n)=(p-1)(q-1)=210=20. ed 1 mod f(n) holds. d ed (ed) mod f(n) 1 3 3 2 6 6 3 9 9 4 12 12 5 15 15 6 18 18 7 21 1 8 24 4 9 27 7 From the table. Take e=3 and try d.2.3 Asymmetric Key Crypt. Web Security : Theory And Applications 30 / 41 .

Algorithms So the public key and the private key are as KU =(e.3 Asymmetric Key Crypt.N)=(7.33) and KR =(d.33) Web Security : Theory And Applications 31 / 41 .2.N)=(3.

M3 are 11.3 Asymmetric Key Crypt.05.M2. Algorithms ② Digitization a b c d e f g h i j k l m 01 02 03 04 05 06 07 08 09 10 11 12 13 n o p q r d t u v e x y z 14 15 16 17 18 19 20 21 22 23 24 25 26 By the Code Table. the code values of the string “key” M1.25 Note that the max value of any code is 26 (it can not over N=33). Web Security : Theory And Applications 32 / 41 .2.

C2 = 53 mod 33. M2= 5. Web Security : Theory And Applications 33 / 41 .2. M3 = 167 mod 33 And we get M1= 11. M2 = 267 mod 33.3 Asymmetric Key Crypt. M3= 25 ⑤ Message recovery By checking the Code Table. Algorithms ③ Encryption By Me= C (mod N) we have C = Me (mod N) That is C1 = 113 mod 33. the string “key” is recovered. C3= 16 ④ Decryption By Cd= M (mod N) we have M = Cd (mod N) That is M1 = 117 mod 33. C3 = 253 mod 33 And we get C1= 11. C2= 26.

Algorithms 2.3 Digital Signatures Web Security : Theory And Applications 34 / 41 .2.3 Asymmetric Key Crypt.3.

2 Symmetric Key Cryptographic Algorithms 2.Outline 2.Chapter 2 .3 Asymmetric Key Cryptographic Algorithms 2.4 Hashing Algorithms • Introduction • Message-Digest Algorithm (MD5) 2.5 Typical Applications Web Security : Theory And Applications 35 / 41 .1 Cryptology Introduction 2.

Introduction Hashing Hashing value Hashing algorithms Data fingerprint Web Security : Theory And Applications 36 / 41 .2.4.1.4 Hashing Algorithms 2.

Message-Digest Algorithm (MD) What’s MD5 • • Message-Digest Algorithm 5 128-bits length Web Security : Theory And Applications 37 / 41 .2.4 Hashing Algorithms 2.4.2.

4 • • Show me how MD5 works. Design an executable MD5 program in C with some short samples.2.2.4 Hashing Algorithms Assignments of Sec. Web Security : Theory And Applications 38 / 41 .

5 Typical Applications • Assignments of Sec.2 Symmetric Key Cryptographic Algorithms 2.4 Hashing Algorithms 2.Chapter 2 . • AES and Wi-Fi protected access. Web Security : Theory And Applications 39 / 41 .1 Cryptology Introduction 2.2.Outline 2.5 – Write a short thesis on one of the three applications • MD5 and password protection. • RSA and electronic business.3 Asymmetric Key Cryptographic Algorithms 2.

http://en. Cryptography and Network Security: Principles and Practice (5th Edition).wikipedia.org/wiki/ Birthday attack Cryptography Data Encryption Standard Diffie–Hellman key exchange Digital signature Hash function Information_security MD5 Public-key cryptography RSA Web Security : Theory And Applications 40 / 41 . William Stallings.References 1. Prentice Hall 2010 2.

Thank you! Web Security : Theory And Applications 41 / 41 .

- Cryptography - Cryptographic Token Interface Standard - RSA LabsUploaded bySyed Kazim Raza
- Cryptology for EngineersUploaded byZow Niak
- Security of Data with RGB Color and AES Encryption TechniquesUploaded byIRJET Journal
- A Comparative Analysis of.pdfUploaded byMajid Khan
- CryptographyUploaded byPurnima Tummala
- Cryptography Info Sec Pro Guide - Sean-Philip OriyanoUploaded bypanther717
- Java 1Uploaded byKallol Sen
- Iaetsd-secure Emails an Integrity Assured EmailUploaded byiaetsdiaetsd
- 30. Comp Sci - Cryptographt - Manali TawdeUploaded byTJPRC Publications
- Computer Security and Cryptography ExamsUploaded byLucien Yemah
- CryptoUploaded byLam Sin Wing
- Encrypting and Decrypting Data in CUploaded byravishukla111
- Preprocessing and Secure Computations for Privacy Preservation Data MiningUploaded byIAEME Publication
- 6910Uploaded byAlsiona Tafilaj
- A Privacy Preserving of Composite Private/Public Key in Cloud ServersUploaded byseventhsensegroup
- Color CryptographyUploaded byHimanshu Bhatt
- IS UNIT5Uploaded bySudharsan Bala
- (PDF) Security of Database Management SystemsUploaded byYaazhni Urmika Perera
- Symmetric and Asymmetric EncryptionUploaded byViney Bansal
- 07 Perlner QuantumUploaded byHeba Abughali

- Nepa Policy CommentaryUploaded byHarish Khatri
- HSS 374 Research ProjectUploaded byHarish Khatri
- StrategicTechnologyManagement CaseStudyUploaded byVenkata Nagabhushana Shastry
- AVN 1010Uploaded byHarish Khatri
- ATK Report.pdfUploaded byTwisha Prasad
- Case StudyUploaded byHarish Khatri
- New Zealand Commonwealth Scholarship Application Form 2017Uploaded byfadihassan
- Project GuideUploaded byHarish Khatri
- Emaar & Starbucks Presentation NotesUploaded byHarish Khatri
- Emaar & Starbucks Presentation NotesUploaded byHarish Khatri
- Audit InterviewUploaded bySaami Awan
- Economic Letter IBPUploaded byHarish Khatri
- The Fukushima Daïchi AccidentUploaded byHarish Khatri
- Dawn-Suppliment-2009-12-30Uploaded byFazalJaturie
- Indonesia Consumer Report 2014Uploaded bybrinalloyuli
- Green_Supply_Chain_Management_Practices.pdfUploaded byHarish Khatri
- Global Warming5(Bilgen)Uploaded byHarish Khatri
- Case Study Finland Revised 07 20101Uploaded byHarish Khatri
- 500SolvedMCQsofHRMUploaded bySuresh Tolani
- Employment and Salary Trends in the Gulf 2016.pdfUploaded byOutofbox
- Fall 2015 Project Guidelines (MGT 201)Uploaded byHarish Khatri
- 04WattPress.pdfUploaded byHarish Khatri

- penetration-testing-sample-report-2013.pdfUploaded byBrandon Gilchrist
- SSH LibrariesUploaded bymemoteto
- Backuppc Faq_ Ssh SetupUploaded bylemen84
- WpaUploaded byLebeneib
- Attacking Android ApplicationsUploaded byCasio Clock
- Cis Controls v7.0.1-eBookUploaded byalgari
- CryptographyUploaded byCandela Krup
- web securityUploaded byhussam
- Chapter 1 RobberyUploaded byjmar
- Exploit PDF Ac TrojanUploaded byKelly
- Lecture9 - Network SecurityUploaded byPrasad Kularatne
- CCNA Sec 02Uploaded byAissa Chaabi
- Three-Pass Protocol Concept in Hill Cipher Encryption Technique Ver 2Uploaded byAndysah Putra Utama Siahaan
- Network Access Control GuideUploaded byapi-19920690
- PUBLIC KEY INFRASTRUCTUREUploaded byapi-27431931
- Defense Pro Apsolute Attack Prevention BrochureUploaded byArelia Calderon
- Ref Cer Pci1862Uploaded byharyani
- Cyber-Security Toolbox Edition 3Uploaded byLaurent Durad
- DNS Secure Email Sp1800 6Uploaded bychandramani_yadav197
- Privacy EssayUploaded byTINAIDA
- Chapter03 Encryption and Interception of CommunicationsUploaded byBomezzZ Enterprises
- Forgot Password a Double Layer Security for Password Protection (1)Uploaded byInternational Journal of Innovative Science and Research Technology
- Millman Halkias - Integrated ElectronicsUploaded byBeeresha R S
- Affected Items (1)Uploaded byAnonymous 9QZfmX3y
- Final Rsa PptUploaded byMounesh Panchal
- eap_testingUploaded byvadym_kovalenko4166
- Check Point VPN Debugging GuideUploaded bysgopal7
- 2. Risk Mgmt for CComputingUploaded byGeorge Reyes
- Computer Ethical IssuesUploaded byizzul_125z1419
- Ethical Hacking Training Workshop UoM CSACUploaded bySunilNjallacattu