Professional Documents
Culture Documents
EXAMPLES
JHON ZYLVIN M. RAMOS
AGENDA
Introduction
Advantages
Disadvantages
Common Applications
2022 Cryptography 4
HASH MESSAGE AUTHENTICATION CODE
(HMAC)
Common
Applications Advantages Disadvantages
HTTPS, SFTP, FTPS, and other HMACs are ideal for high-performance HMACs uses shared key which
systems like routers due to the use of
transfer protocols hash functions which are calculated may lead to non-repudiation. If
and verified quickly unlike the public either sender or receiver’s key is
Digital signatures key systems.
compromised, then it will be easy
Digital signatures are larger than for attackers to create
Verification of e-mail address HMACs, yet the HMACs provide
comparably higher security. unauthorized messages.
Authentication of form
HMACs are used in administrations
where public key systems are
prohibited.
20XX Cryptography 5
MESSAGE DIGEST
ALGORITHM 5
(MD5)
7f138a09169b250e9dcb378140907378
MESSAGE DIGEST
ALGORITHM 5 (MD5)
Replaced by SHA1
2022 Cryptography 7
MESSAGE DIGEST ALGORITHM 5 (MD5)
Common
Applications Advantages Disadvantages
Storing Passwords in the Preferred due to lower An MD5 hash is NOT encryption -
impossible to reverse engineer .
Database computational requirements
possible to construct the same
hash function for two distinct
To ensure the data integrity of Impossible to reverse engineer* inputs
files (MD5 checksum).
It’s easier to compare and store collision attacks are possible when
malice is introduced
Web administration smaller hashes using MD5
MD5 is comparatively slow to SHA
authentication Algorithms than it is to store a
large variable-length text Can be decrypted/cracked by Rainbow
Tables
20XX Cryptography 8
BCRYPT
$2a$12$R9h/cIPz0gi.URNNX3kh2OPST9/PgBkqquzi.Ss7KIUg
O2t0jWMUW
BCRYPT
A password-hashing function
2022 Cryptography 10
BCRYPT
Common
Applications Advantages Disadvantages
Storing Passwords in the Salt adds a random chunk of A hash NOT an encryption -
Database text to the password to be impossible to reverse engineer
encoded to protect password .
Web Application authentication cracking
A higher computational cost
Can vary the computational
cost each time it runs to slows down the process
protect from brute force bcrypt has a maximum
attacks over time password length of 72 bytes.
2022 Cryptography 11
ADVANCED
ENCRYPTION
STANDARD (AES)
UZA19z1sfSRW4jltxLcPgA==
ADVANCED ENCRYPTION
STANDARD(AES)
2022 Cryptography 13
ADVANCED ENCRYPTION STANDARD (AES)
Common
Applications Advantages Disadvantages
Encrypted Browsing has low memory requirements
It is an old technique.
Archiving and compression tools Used to transmit big data.
File encryption Smaller cipher text compares to original plain text file. Till date the only vulnerability
File Transfers (FTPS, HTTPS, SFTP) Faster and more secure compared to DES remains in the implementation of
Wide application the algorithm.
Encrypting file systems
Symmetric encryption is very fast as compared to
Disk / partition encryption asymmetric encryption Hard to implement with software
Wireless Security Even though it has been 20 years since its introduction
we have failed to break the AES algorithm as it is Every block is always encrypted in
Internet Protocol Security (IPsec) and VPN infeasible even with the current technology.
the same way –single key
Encrypting POST request payload data from
frontend to backend
2022
Cryptography 14
RIVEST–SHAMIR–
ADLEMAN (RSA)
SkSln39YIKwSceFTQJj7FnYJCLWZfPLTGbNZpyK2JGE545vWP0ylqHi5NBfy
fP6i0xElFLN3g2XksnN9BkhLbnJF+F6aj1NWPiCNvcVGHFA2pDlsfxq8/Y6x
D+yTg6uxkgza5AqYRIQ7YauNpDHoxDrQE3GgUJnz5DrMDNT0z4lK09Dbpt
vBxQbjtkTzC//2b4eDXAbU+jpPy6dz1bZw37aJNb8KeGvUxGL2qiXrbmERY
tq/gJlhF1IXHeEM4RsDq91LJF7OyJeMfCEMl65yQ6ijbipaWaGkrwZxpc7tsC
eilwwBCEG/G0dnzDYYmNOVebYQ0T9wQQdGZhVZWyeWaw==
RIVEST–SHAMIR–ADLEMAN
(RSA)
Uses Variable key length and block size and logarithmic functions
2022 Cryptography 16
RIVEST–SHAMIR–ADLEMAN (RSA)
Common
Applications Advantages Disadvantages
Digital signatures widely used asymmetric algorithm has high memory requirements
Secure data transmission RSA 2048-bit or higher key size
Encrypted Browsing SSL
Larger cipher text compares to
Used to transmit small data
original plain text file.
Transport Layer Security (TLS) Much safer as two keys are involved in
email services, web browsers, and multiple
encryption and decryption. Asymmetric encryption is slower
connection channels
It is a modern encryption technique. in terms of speed.
Internet Protocol Security (IPsec) and VPN
Two keys separately made for encryption
OpenSSL and decryption that removes the need to
share a key.
Secure Shell Protocol (SSH)
Data/File Encryption*
2022 Cryptography 17
REFERENCES
20XX Cryptography 18
THANK YOU
Jhon Zylvin M. Ramos
ramosjhonzylvin@gmail.com
2022 Cryptography 19