Encryption Techniques

Keerthana.J (060341039)

Topics Covered
 Types

of Attacks  Cryptography  Traditional methods  Symmetric and Public-Key Algorithms  Digital Signatures  Certificates  Cryptography with PHP

Types of Threat in Internet
Threat is a set of circumstances that has the potential of causing loss and harm  Interception  Interruption  Modification  Fabrication

Encryption is the process of translating information from its original form (called plaintext) into an encoded, incomprehensible form (called ciphertext).  Decryption refers to the process of taking ciphertext and translating it back into plaintext.

What does it provide ?
Important aspects of computer security  Confidentiality  Integrity  Availability  Authenticity of data

Traditional Methods
1) Substitution Ciphers a b c d e fghi j k l mno pqr s t u vwx y z KEY: QWERTYUIOPASDFGHJKLZXCVBNM Plaintext : attack Ciphertext : QZZQEA

2)Transposition Cipher
M E G A B U C K (KEY) 7 4 51 2 8 3 6 t r an s f e r o n em i l l I o n t o a cc o u n t s i x t w w ot w o  Plaintext : transferonemilliontoaccountsixtwotwo  Ciphertext : nmoswsiaioelctrnnnoaetttrlowtoouwflcx

Symmetric-Key Algorithms
 Traditional

Vs Symmetric-Key  It uses the same key for encryption and decryption  The key is called the secret key.  Drawback of Symmetric-key algorithms  Examples : Data Encryption Standard Advanced Encryption Standard

Public-Key Algorithms
 New

kind of cryptosystem where the encryption and the decryption keys are different.  Public Keys used by the entire world for encrypting messages to send it to the user.  Private Keys which the user needs for decrypting messages.  Examples : RSA, Knapsack algorithm

Working of Public-Key Algorithms

Drawbacks in Public-Key Algorithm
There were some drawbacks in Public-Key Algorithms which led to Digital Signatures.  The receiver could not verify the identity of the sender.  The sender cannot later repudiate the contents of the message.  The receiver could possibly have concocted the message himself.

Digital Signatures

Symmetric-Key Signatures It has a central authority that knows everything and whom everyone trusts. Drawback is everyone has to believe in the third party and he gets to read all the signed messages. Public-Key Signatures These drawbacks are solved in this kind of signatures. Any public-key algorithm can be used for digital signatures.

Working of Public-Key Signatures

 Public

key cryptography makes it possible for people who do not share a common key to communicate securely.  It also makes signing messages possible without the presence of a trusted third party.  An organization that certifies public keys is now called a (Certification Authority) CA.  Used in Credit card payments

Example of Certificate
 The

fundamental job of a certificate is to bind a public key to the name of a principal (individual, company)

Encryption in PHP
 One

Way Encryption The algorithms for one-way encryption are called hash algorithms. PHP uses the Message Digest (MD) hash algorithm, MD5, for one-way encryption. Examples: Used for storing user passwords.

<?php $msg = " Password "; $encrypted_text = md5 ($msg); echo("<b>Plain Text : </b>"); echo($msg); echo("<p><b>Encrypted Text : </b><br>"); echo($encrypted_text); ?>

PlainText : Password Encrypted Text : 3f13fa96ed14d842519897db6810aa7

 Symmetric

Encryption PHP provides several algorithms for symmetric encryption in the mcrypt library. It also provides the mcrypt_ecb function to implement the algorithms of the mcrypt library.  Asymmetric Encryption Complex to implement but very efficient.

<?php echo("<h3> Symmetric Encryption </h3>"); $key_value = "KEYVALUE"; $plain_text = "PLAINTEXT"; $encrypted_text = mcrypt_ecb(MCRYPT_DES, $key_value, $plain_text, MCRYPT_ENCRYPT); echo ("<p><b> Text after encryption : </b>"); echo ( $encrypted_text ); $decrypted_text = mcrypt_ecb(MCRYPT_DES, $key_value, $encrypted_text, MCRYPT_DECRYPT); echo ("<p><b> Text after decryption : </b>"); echo ( $decrypted_text ); ?>

 The

various algorithms are selected as per the security levels required for the data.  It is the responsibility of the developer to include proper encryption of the data.  These basic cryptographic algorithms are used to implement SSL (Secure Socket Layer) for web security.

Thank You

Sign up to vote on this title
UsefulNot useful