250 likes | 283 Views
Computer Data Security & Privacy. Lecture # 3 Symmetric & A Symmetric Encryption. Some Basic Terminology. Plaintext - original message Ciphertext - coded message Cipher - algorithm for transforming plaintext to ciphertext Key - info used in cipher known only to sender/receiver
E N D
Lecture # 3 Symmetric & A Symmetric Encryption
Some Basic Terminology • Plaintext - original message • Ciphertext- coded message • Cipher - algorithm for transforming plaintext to ciphertext • Key - info used in cipher known only to sender/receiver • Encipher (encrypt)- converting plaintext to ciphertext
Some Basic Terminology cont… • Decipher (decrypt)- recovering ciphertext from plaintext • Cryptography - study of encryption principles/methods • Cryptanalysis (codebreaking)- study of principles/ methods of deciphering ciphertext without knowing key • Cryptology - field of both cryptography and cryptanalysis
Conventional Encryption Principles • In conventional cryptography, also called secret-key or symmetric-keyencryption, one key is used both for encryption and decryption. The DataEncryption Standard (DES) and Advance Encryption Standard (AES) are an example of a conventional encryption.
Conventional Encryption Principles cont… • An encryption scheme has five ingredients: • Plaintext • Encryption algorithm • Secret Key • Ciphertext • Decryption algorithm • Security depends on the secrecy of the key, not the secrecy of the algorithm
cryptosystem thatis widely employed by the Federal Government. Figure 3.1 is an illustration ofthe conventional encryption process. Conventional encryption it is very fast. However, a sender and recipient to communicate securely using conventional encryption, they must agree upon a key and keep it secret between themselves.
Requirements • Two requirements for secure use of symmetric encryption: • a strong encryption algorithm • a secret key known only to sender / receiver • Mathematically have: Y = EK(X) X = DK(Y) • Assume encryption algorithm is known • Implies a secure channel to distribute key
Public-Key Cryptography • Asymmetric crypto-systems depend on two or more entities sharing a common secret. Asymmetric crypto-systems also have to construct secret keys but they are only stored locally and doesn’t have to be transmitted to the other parties participating in the communication. However asymmetric crypto-systems have to generate other keys as well, called public-keys, which have to be transmitted authentically.
An asymmetric crypto-system is asymmetric in the sense that two opposite operations are defined; the first, which can be performed by everyone with the use of the receiver’s public key; the second, which can only be performed with the receiver’s private key (secret key). The first operation is the encryption of the message and the second operation is the decryption of the same message.
The primary benefit of public key cryptography is that it allows people who have no preexisting security arrangement to exchange messages securely. The need for sender and receiver to share secret keys via some secure channel is eliminated; all communications involve only public keys, and no private key is ever transmitted or shared Figure 3.2.
Some examples of public-key cryptosystems are Elgamal (named for its inventor, Taher Elgamal), RSA (named for its inventors, Ron Rivest, Adi Shamir, and Leonard Adleman).
Applications for Public-Key Cryptosystems • Three categories: • Encryption/decryption: The sender encrypts a message with the recipient’s public key. • Digital signature: The sender ”signs” a message with its private key. • Key exchange: Two sides cooperate two exhange a session key.
Cryptographic Attack Methods • There are six related cryptographic attack methods, including three plaintext-based methods and three ciphertext-based methods as shown in Table 3.1:
Brute Force Attacks • A brute force attack systematically attempts every possible key. In Figure 3.3 is an example of a brute force attack on a 4-bit key (24=16 times)
Class work!!! • Brute force attack on a 2-bit key • Brute force attack on a 3-bit key
Given a finite key length and sufficient time, a brute force attack is always successful. • Encryption algorithms can become susceptible to brute force attacks over time as CPU speeds increase.
Man in the Middle Attack • Makes it seem that two computers are communicating with each other. Actually sending and receiving data with computer between them (Active or passive) as shown in Figure 3.4.
END SLIDE SHOW L: Rania Tabeidi