Professional Documents
Culture Documents
Unit 4 (CSS) ...
Unit 4 (CSS) ...
Cryptography
RSA public key pairs can be any size. Typical sizes today are
1024 and 2048 bits.
Figure 1 shows how you can freely distribute the public key so that
only you (the owner of the private key) can read data that was
encrypted with the public key. In general, to send encrypted data
to someone, you must encrypt the data with that person's public
key, and the person receiving the data decrypts it with the
corresponding private key.
Since this is asymmetric, nobody else except browser can decrypt the data
even if a third party has public key of browser.
The idea! The idea of RSA is based on the fact that it is difficult to
factorize a large integer. The public key consists of two numbers where
one number is multiplication of two large prime numbers. And private
key is also derived from the same two prime numbers. So if somebody
can factorize the large number, the private key is compromised. Therefore
encryption strength totally lies on the key size and if we double or triple
the key size, the strength of encryption increases exponentially. RSA keys
can be typically 1024 or 2048 bits long, but experts believe that 1024 bit
keys could be broken in the near future. But till now it seems to be an
infeasible task.
Let us learn the mechanism behind RSA algorithm :
>> Generating Public Key :
• An integer.
• Not be a factor of n.
Types of Encryption
1. Symmetric Encryption– Data is encrypted using a key and the
decryption is also done using the same key.
2. Asymmetric Encryption-Asymmetric Cryptography is also
known as public-key cryptography. It uses public and private keys to
encrypt and decrypt data. One key in the pair which can be shared
with everyone is called the public key. The other key in the pair which
is kept secret and is only known by the owner is called the private key.
Either of the keys can be used to encrypt a message; the opposite key
from the one used to encrypt the message is used for decryption.
Public key– Key which is known to everyone. Ex-public key of A is 7,
this information is known to everyone.
Private key– Key which is only known to the person who’s private key it
is.
Digital Signature
Digital certificate is also sent with the digital signature and the message.
TLS encrypts data sent over the Internet to ensure that eavesdroppers and
hackers are unable to see what you transmit which is particularly useful
for private and sensitive information such as passwords, credit card
numbers, and personal correspondence. This page explains what TLS is,
how it works, and why you should deploy it.
What is TLS?
TLS evolved from Secure Socket Layers (SSL) which was originally
developed by Netscape Communications Corporation in 1994 to secure
web sessions. SSL 1.0 was never publicly released, whilst SSL 2.0 was
quickly replaced by SSL 3.0 on which TLS is based.
It should be noted that TLS does not secure data on end systems. It
simply ensures the secure delivery of data over the Internet, avoiding
possible eavesdropping and/or alteration of the content.
Data has historically been transmitted unencrypted over the Internet, and
where encryption was used, it was typically employed in a piecemeal
fashion for sensitive information such as passwords or payment details.
Whilst it was recognised back in 1996 (by RFC 1984) that the growth of
the Internet would require private data to be protected, it has become
increasingly apparent over the intervening period that the capabilities of
eavesdroppers and attackers are greater and more pervasive than
How does TLS work?
Asymmetric cryptography uses key pairs – a public key, and a private key.
The public key is mathematically related to the private key, but given
sufficient key length, it is computationally impractical to derive the
private key from the public key. This allows the public key of the
recipient to be used by the sender to encrypt the data they wish to send to
them, but that data can only be decrypted with the private key of the
recipient.
It uses two protocols to secure the traffic or data flow. These protocols
are ESP (Encapsulation Security Payload) and AH (Authentication
Header). IPSec Architecture includes protocols, algorithms, DOI, and
Key Management. All these components are very important in order to
provide the three main services:
• Confidentiality
• Authentication
• Integrity
Packet Format: