1 / 15

IST 230: Lesson 13

Modular Arithmetic with Applications to Cryptography. IST 230: Lesson 13 . Group 6. Cryptography. For the longest time, cryptography used only one key Private Key Shared by both the sender and receiver Known as symmetric – parties are both equal.

daktari
Download Presentation

IST 230: Lesson 13

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Modular Arithmetic with Applications to Cryptography IST 230: Lesson 13 Group 6

  2. Cryptography • For the longest time, cryptography used only one key • Private Key • Shared by both the sender and receiver • Known as symmetric – parties are both equal • Then came along the use of the public and private key • Two parties involved have public and private keys • Asymmetric – parties are not equal • It’s an addition to the private key

  3. Private Key • Example of Private Key • Used heavily by small parties • To provide information back and forth privately • Encryption key is kept private, as well as decryption key • No key made available to the public • Encryption key and decryption key are identical • Both parties responsible for keeping the key secure and private [Key “A“] + Text -------------> Encrypted Text -----------> Encrypted Text + [Key “A“] = Text

  4. Public Key • Example of Public Key • Purchasing merchandise online • Buyer enters credit card numbers and private information • When sent to the recipient, it is encrypted before sent • Every buyers information is encrypted using the same key • Only ONE key to decrypt, which is kept very private by the receiver • Public key cryptology involves 2 separate keys • One made available to the public for encrypting • One made ONLY available to the recipient for decrypting • Very common in today’s business world • Very Secure form of cryptology [Public Key “A“] + Text ---------> Encrypted Text -------> Encrypted Text + [Key “B“] = Text

  5. Digital Signatures in Public/Private Key Encryption for Authentication • Authentication is defined as two things: • Proof of validity • User identification • Public/Private Key Encryption: • Utilizes digital signatures for authentication • A digital signature is an unforgeable piece of data • Non-Repudiation • The author can not deny authoring the message Sender (John): Create Signature  Hash Function Creates Digest  Digest is Encrypted  Encrypted Digest is the Digital Signature (VeriSign) Receiver (Mary): When the signature is decrypted it shows that the message wasn’t altered which shows that it came from John. http://www.infosec.gov.hk/english/itpro/images/digital_signature.gif

  6. How Digital Signatures also Provide Data Integrity • Digital signatures also serve as a means of providing a layer of integrity: • Should a message’s contents get altered the signature would be invalidated • This would alert the user there’s a problem. • Encryption of the signature digest is a form of encryption. • There are many types of asymmetrical key algorithms: • RSA • ECC • El Gamal • LUC • Encrypted messages can provide: • Confidentiality • Authentication • Non-repudiation • Integrity http://adventuresinsecurity.com/images/Signature_Process.jpg

  7. Public/Private Key Encryption A type of cypher architecture that uses two keys to encrypt and decrypt data

  8. Role of Certificate Authorities in Public Key Encryption A certificate authority (CA) is an authority in a network that issues and manages security credentials and public keys for message encryption.

  9. Certificate Authorities (Cont.) A digital ID, or digital certificate, is a form of electronic credentials for the Internet. A digital certificate is issued by a trusted third party to establish the identity of the ID holder. The third party who issues certificates is known as a Certification Authority (CA).

  10. Public Key Infrastructure (PKI) A PKI (public key infrastructure) enables users of a basically unsecure public network, such as the Internet, to securely and privately exchange data and information.

  11. Public Key Infrastructure (PKI) • A Public Key Infrastructureconsists of: • A certificate authority (CA) that issues and verifies digital certificates. A certificate includes the public key or information about the public key. • A registration authority (RA) that acts as the verifier for the certificate authority before a digital certificate is issued to a requestor. • One or more directories where the certificates (with their public keys) are held. • A certificate management system

  12. Public Key Infrastructure in Network Security • An enterprise PKI uses digital certificates to protect information assets via the following ways: • Authentication—Validates the identity of machines and users • Encryption—Encodes data to ensure that information cannot be viewed by unauthorized users or machines • Digital signing—Provides the electronic equivalent of a hand-written signature; also enables enterprises to verify the integrity of data and determine whether it has been tampered with in transit • Access control—Determines which information a user or application can access and which operations it can perform once it gains access to another application; also called authorization • Non-repudiation—Ensures that communications, data exchanges, and transactions are legally valid and irrevocable

  13. Network Security (Cont.) • PKI protects applications that demand the highest level of security: • Online banking and trading • Web services-based business process automation • Digital form signing • Enterprise instant messaging • Electronic commerce

  14. Citations "8 The Public Key Infrastructure Approach to Security." Oracle. Web. 04 Dec. 2010. <http://mail.duel.ru/docs/oracle10r2/network.101/b10777/pki.htm>. Brayton, Jim. "What Is PKI? - Definition from Whatis.com - See Also: Public Key Infrastructure." Information Security: Covering Today's Security Topics. Search Security, 10 Oct. 2006. Web. 04 Dec. 2010. <http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci214299,00.html>. "Digital Certificate." SSL Certificate From Comodo™ with Free SSL Certificates and Server Certificates – Digital Certificate Authority. Instant SSL. Web. 04 Dec. 2010. <http://www.instantssl.com/code-signing/code-signing-technical.html>. Kayne, R. "What Is Public Key Encryption?" WiseGEEK: Clear Answers for Common Questions. WiseGEEK. Web. 04 Dec. 2010. <http://www.wisegeek.com/what-is-public-key-encryption.htm>. Managed Public Key Infrastructure: Securing Your Business Applications. VeriSign. PDF. "What Is Certificate Authority? - Definition from Whatis.com - See Also: CA." Information Security: Covering Today's Security Topics. Search Security, 4 June 2007. Web. 04 Dec. 2010. <http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci213831,00.html>. "Introduction to Digital Certificates." VeriSign 2010: n. pag. Web. 29 Nov 2010. <http://www.verisign.com.au/repository/tutorial/digital/intro1.shtml>. Harris, Shon. CISSP Exam Guide. 5th ed. USA: McGraw-Hill, 2010. 665-773. Print. "Digital Signature." 2010. Web. <http://en.wikipedia.org/wiki/Digital_signature>.

More Related