110 likes | 257 Views
Encryption. ITIS 6201 – Computer Security and Privacy. Dr. Foley. Objectives of Part One. Learn some terms and definitions Take a look at early text encryption concepts and their progress Alpha and numeric substitutions Transpositions Complex combinations.
E N D
Encryption ITIS 6201 – Computer Security and Privacy Dr. Foley
Objectives of Part One • Learn some terms and definitions • Take a look at early text encryption concepts and their progress • Alpha and numeric substitutions • Transpositions • Complex combinations ITIS 6201 - Foley
CRYPTOGRAPHY – An Evolution • Cryptology means “hidden writing” • Comes from the Greek words “hidden” or “secret” and “writing” • A tool for • Secrecy • Integrity • Authentication • Non-repudiation ITIS 6201 - Foley
TERMINOLOGY • Encryption: the process of coding a message such that its meaning is concealed • Decryption: the process of transforming an encrypted message into the original form Encrypt – Decrypt Encode – Decode Encipher – Decipher Plaintext – Ciphertext ITIS 6201 - Foley
TERMINOLOGY, continued • Cryptosystem : A system for encryption and decryption • Plaintext : A message in its original form • Ciphertext : A message in the encrypted form • Cryptographer : invents encryption algorithms • Cryptanalyst : attempts understand, perhaps to break encryption algorithms ITIS 6201 - Foley
Substitutions • Text (alpha) substitutions • Simple a b c d e f g h i … d e f g h i j k l … • Complex a b c d e f g h i … d e f g h i j k l … or large block of text q r s t u v w x y… • Numerical substitutions(modular math) • Sample a b c d e f g h i… 12 13 14 15 16 17 18 19 20 … ITIS 6201 - Foley
Now its all about the keys ITIS 6201 - Foley A shift in encryption strategy— A move to all mathematics Instead of making the key a secret (shared or otherwise), make the key algorithms public with the odds of picking the right one very high. This “open standards” based approach ends up being a good thing. Why?
Encryption Key Types • Symmetric Keys (DES, Triple DES, AES) • 64 Bit Blocks/56 bit key for DES and 112 bit key in 3DES • 128 Bit Blocks for AES for keys of 128, 192, an 256 bits • Use of substitutions, transpositions, permutations, XOR • Asymmetric Keys (RSA and Elliptical Curve) • Related key pairs—based on prime number for RSA and elliptical curve properties in EC • Hash Algorithms (one way encryption) • Use of difficult inverse mathematical functions *RSA – Rivest, Sharmir, and Adleman ITIS 6201 - Foley
Public/Private Key Encryption Asymmetric Key (Exchanged Public Keys) Server Generate a Key Pair Secret Key (S) Browser Exchange Public Keys Public Key (S) Generate a Key Pair Public Key (B) Secret Key (B) The Critical Point of Public Key A public and private key pair is mathematically related in such a way that when one key in the pair is used for encryption, only the other key can decrypt the message. ITIS 6201 - Foley
How SSL Works SSL Handshake Steps: (SSLv2) ITIS 6201 - Foley Client Hello. SSL versions, cipher suites, and data compression methods Server Hello. Selected cipher and compression method Server sends its signed certificate and certificate chain if needed No certificate alert is sent by client ClientKeyExchange. Client uses a random number generator to generate a pre-master key. Client encrypts the master secret with the server public key creating a digital envelope which is sent to the server. ChangeCipherSpec. Verifies that both sides have the negotiated cipher and session key. Finish. Ready to send encrypted data.
Current Uses of PKI(Digital Signatures) ITIS 6201 - Foley • Authentication/Authorization • Individuals/entities • Device to device • SSL (Server and mutual) • Secure E-mail (S-MIME) • Code Signing • Transaction signing • Document signing (E-Signature)