Professional Documents
Culture Documents
Cryptanalysis
§ The art and science of breaking cipher text is called cryptanalysis.
§ Cryptanalysis is seeing through the disguise and it is practiced by cryptanalysts.
§ Cryptanalysis deals with finding the encryption key for breaking cryptographic
algorithms without the knowledge of the encryption
§ Cryptanalyst: a person who breaks cryptographic codes . Also referred to as “the
attacker” or the “intruder”
Cryptography
The word cryptography comes from the two Greek words: Krypto (secret) and
graphein (write). So cryptography means secret writing.
§ The art and science of keeping messages secure is called cryptography and it is
practiced by cryptographers
§ It is the practice and study of techniques for secure communication in the
presence of third parties. Cryptography deals with creating documents that can be
shared secretly over public communication channels
§ Modern cryptography exists at the intersection of the disciplines of mathematics,
computer science, and electrical engineering. Applications of cryptography include
ATM cards, computer passwords, and electronic commerce
Cryptology
§ Cryptography and cryptanalysis is collectively known as Cryptology.
§ The branch of mathematics encompasses both cryptography and cryptanalysis is
called cryptology and its practitioners are called cryptologists.
§ Modern cryptologists are generally trained in theoretical mathematics—they
have to be
Encryption
It uses modular arithmetic to transform the integer that each plaintext letter
corresponds to into another integer that corresponds to a cipher text letter. The
encryption function for a single letter is :
E ( x ) = ( a x + b ) mod m
Modulus m: size of the
alphabet a and b: key of the
cipher.
a must be chosen such that a and m are co prime.
Decryption
In deciphering the cipher text, we must perform the opposite (or inverse)
functions on the cipher text to retrieve the plaintext. Once again, the first step is
to convert each of the cipher text letters into their integer values. The
decryption function is
D ( x ) = a^-1 ( x - b ) mod m
a^-1 : modular multiplicative inverse of a modulo m. i.e., it satisfies
the equation 1 = a a^-1 mod m.
Do not use vendor-supplied defaults for system passwords and other security
parameters
Track and monitor all access to network resources and cardholder data
ITA 2000
● The Information Technology Act, 2000 or ITA, 2000 or IT Act, was notified
on October 17, 2000. It is the law that deals with cybercrime and electronic
commerce in India. In this article, we will look at the objectives and features of the
Information Technology Act, 2000.
● In 1996, the United Nations Commission on International Trade Law
(UNCITRAL) adopted the model law on electronic commerce (e-commerce) to
bring uniformity in the law in different countries.
● The Information Technology Act, 2000 provides legal recognition to the
transaction done via electronic exchange of data and other electronic means of
communication or electronic commerce transactions.
● This also involves the use of alternatives to a paper-based method of
communication and information storage to facilitate the electronic filing of
documents with the Government agencies.
Lucifer Cipher
LUCIFER uses a combination of transposition and substitution crypting as a
starting point in decoding ciphers One variant, described by Feistel in 1971,] uses
a 48-bit key and operates on 48-bit blocks. The cipher is a substitution–
permutation network and uses two 4-bit S-boxes. The key selects which S-boxes
are used. The patent describes the execution of the cipher operating on 24 bits at
a time, and also a sequential version operating on 8 bits at a time.
Another variant by John L. Smith from the same year uses a 64-bit key
operating on a 32-bit block, using one addition mod 4 and a singular 4-bit S-
box. The construction is designed to operate on 4 bits per clock cycle. This may
be one of the smallest block-cipher implementations known. Feistel later
described a stronger variant that uses a 128-bit key and operates on 128-bit
blocks.
IDEA
In cryptography, the International Data Encryption Algorithm (IDEA),
originally called Improved Proposed Encryption Standard (IPES), is a
symmetric-key block cipher designed by James Massey of ETH Zurich and
Xuejia Lai and was first described in
1991. The algorithm was intended as a replacement for the Data Encryption
Standard (DES). IDEA is a minor revision of an earlier cipher Proposed
Encryption Standard (PES).
IDEA operates on 64-bit blocks using a 128-bit key and consists of a series of 8
identical transformations (a round, see the illustration) and an output
transformation (the half-round). The processes for encryption and decryption are
similar. IDEA derives much of its security by interleaving operations from
different groups — modular addition and multiplication, and bitwise eXclusive
OR (XOR) — which are algebraically "incompatible" in some sense.
Blowfish
Blowfish is the first symmetric encryption algorithm created by Bruce Schneier
in 1993. Symmetric encryption uses a single encryption key to both encrypt and
decrypt data. The sensitive data and the symmetric encryption key are utilized
within the encryption algorithm to turn the sensitive data into ciphertext.
Blowfish, along with its successor Two fish, was in the running to replace the
Data Encryption Standard (DES) but failed due to the small size of its block.
Blowfish uses a block size of 64, which is considered wholly insecure. Twofish
fixed this issue, by implementing a block with a size of 128. Blowfish is much
faster than DES, but it trades in its speed for security.
Block Size: 64-bits
Key Size: 32-bits to 448-bits
variable size Number of sub keys:
18 [P-array] Number of rounds: 16
Number of substitution boxes: 4 [each having 512 entries of 32-bits each]
Rijndael.
The Advanced Encryption Standard (AES), also known by its original name
Rijndael is a specification for the encryption of electronic data established by the
U.S. National Institute of Standards and Technology (NIST) in 2001.
AES is a subset of the Rijndael block cipher developed By
two Belgian cryptographers, Vincent Rijmen and Joan Daemen, who submitted a
proposal to NIST during the AES selection process. Rijndael is a family of
ciphers with different key and block sizes. For AES, NIST selected three
members of the Rijndael family, each with a block size of 128 bits, but three
different key lengths: 128, 192 and 256 bits. AES is based on a design principle
known as a substitution–permutation network, and is efficient in both software
and hardware. Unlike its predecessor DES, AES does not use a Feistel network.
AES is a variant of Rijndael, with a fixed block size of 128 bits, and a key size
of 128, 192, or 256 bits. By contrast, Rijndael per se is specified with block and
key sizes that may be any multiple of 32 bits, with a minimum of 128 and a
maximum of 256 bits.
AES operates on a 4 × 4 column-major order array of bytes, termed the state
Plafire
The Playfair cipher or Playfair square or Wheatstone–Playfair cipher is a
manual symmetric encryption technique and was the first literal digram
substitution cipher. The scheme was invented in 1854 by Charles
Wheatstone, but bears the name of Lord Playfair for promoting its use.
The technique encrypts pairs of letters (bigrams or digrams), instead of single
letters as in the simple substitution cipher and rather more
complex Vigenère cipher systems then in use. The Playfair is thus
significantly harder to break since the frequency analysis used for simple
substitution ciphers does not work with it. The frequency analysis of
bigrams is possible, but considerably more difficult. With 600[1] possible
bigrams rather than the 26 possible monograms (single symbols, usually
letters in this context), a considerably larger cipher text is required in order
to be useful.
Encryption is one of the most common ways to protect sensitive data. Encryption
works by taking plain text and converting it into cipher text, which is made up of
seemingly random characters. Only those who have the special key can decrypt it.
AES uses symmetric key encryption, which involves the use of only one secret key to
cipher and decipher information.
The Advanced Encryption Standard (AES) is the first and only publicly accessible
cipher approved by the US National Security Agency (NSA) for protecting top secret
information. AES was first called Rijndael after its two developers, Belgian
cryptographers Vincent Rijmen and Joan Daemen
They make use of a hardware-based set of security modules and an AES engine.
When the host writes data to the flash storage device, a Random Number Generator
(RNG) generates the 256-bit symmetric cipher key, which is passed to the AES
engine. The AES engine encrypts the plain text (source data) into cipher text
(encrypted data) and sends it to the NAND flash for storage.
Inversely, if the host wants to retrieve data from the storage device, the AES engine
decrypts the cipher text in the NAND flash, and then transmits data to the host as
plain text. The encryption/decryption process is done at the flash level and does not
require host intervention, so there is no performance degradation and data transfer
does not slow down.
AES-256 encryption mechanism in ATP SecurEncrypt
Or
In 2003 it stated: “The design and strength of all key lengths of the AES algorithm
(i.e., 128, 192 and 256) are sufficient to protect classified information up to the
SECRET level. TOP SECRET information will require use of either the 192 or 256
key lengths. The implementation of AES in products intended to protect national
security systems and/or information must be reviewed and certified by NSA prior
to their acquisition and use.”
Man-in-the-middle attacks come in two forms, one that involves physical proximity to the
intended target, and another that involves malicious software, or malware. This second
form, like our fake bank example above, is also called a man-in-the-browser attack.
Cybercriminals typically execute a man-in-the-middle attack in two phases —
interception and decryption.
With a traditional MITM attack, the cybercriminal needs to gain access to an unsecured
or poorly secured Wi-Fi router. These types of connections are generally found in public
areas with free Wi-Fi hotspots, and even in some people’s homes, if they haven’t
protected their network. Attackers can scan the router looking for specific vulnerabilities
such as a weak password.
Once attackers find a vulnerable router, they can deploy tools to intercept and read the
victim’s transmitted data. The attacker can then also insert their tools between the
victim’s computer and the websites the user visits to capture log in credentials, banking
information, and other personal information.
A successful man-in-the-middle attack does not stop at interception. The victim’s
encrypted data must then be unencrypted, so that the attacker can read and act upon it.
(a) authentication
Authentication is the process of recognizing a user’s identity. It is the
mechanism of associating an incoming request with a set of identifying
credentials. The credentials provided are compared to those on a file in a
database of the authorized user’s information on a local operating system
or within an authentication server.
(b) Access control
Access control is a security technique that regulates who or what can view or
use resources in a computing environment. It is a fundamental concept in
security that minimizes risk to the business or organization. The goal of
access control is to minimize the security risk of unauthorized access to
physical and logical systems
(c) data confidentiality
Data Confidentiality deals with protecting against the disclosure of
information by ensuring that the data is limited to those authorized or by
representing the data in such a way that its semantics remain accessible
only to those who possess some critical information
(d) data integrity
Data integrity is the overall accuracy, completeness, and consistency of
data. Data integrity also refers to the safety of data in regard to regulatory
compliance .When the integrity of data is secure, the information stored in
a database will remain complete, accurate, and reliable no matter how
long it’s stored or how often it’s accessed. Data integrity also ensures that
your data is safe from any outside forces.
13.What is digital signature? How public key cryptography is used for digital
signature.
Working
To do that they agree on a public piece of benign information that will be mixed
with their privileged information as it travels over an insecure channel. Their
secrets are mixed with the public information, or public key, and as the secrets are
exchanged the information they want to share is commingled with the common
secret. As they decipher the other’s message, they can extract the public
information and with knowledge of their own secret, deduce the new information
that was carried along. While seemingly uncomplicated in this method’s
description, when long number strings are used for private and public keys,
decryption by an outside party trying to eavesdrop is mathematically infeasible
even with considerable resources.
Encryption: The Diffie Hellman key exchange algorithm can be used to encrypt;
called Integrated Encryption Scheme, which provides security against chosen plain
Forward Secrecy: Forward secrecy-based protocols can generate new key pairs for
each new session, and they can automatically discard them when the session is
finished. In these forward Secrecy protocols, more often than not, the Diffie
The sender and receiver don’t need any prior knowledge of each other.
Once the keys are exchanged, the communication of data can be done through an
insecure channel.