1 / 38

Introduction to Cryptography: Securing Communication Online

Discover the fundamentals of modern cryptography, encryption techniques, and cryptosystems while learning about the art of concealing messages for enhanced information security.

staciep
Download Presentation

Introduction to Cryptography: Securing Communication Online

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cryptography & Steganography Min-Shiang Hwang (黃明祥) Department of Computer Science & Information Engineering Asia University Email: mshwang@asia.edu.tw http://isrc.ccs.asia.edu.tw/ Room: I-420 Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  2. Workshop: Cryptography and Steganography Agenda Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  3. Outline Cryptography • Introduction to Cryptography • My Research Topics • Call For Authors (Writers) Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  4. Introduction to Cryptography Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  5. Introduction to Cryptography Wikipedia Definition Cryptography is the practice and study of techniques for secure communication in the presence of third parties called adversaries (or attackers). Cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages. Various aspects in information security such as data confidentiality, data integrity, authentication, and non-repudiation are central to modern cryptography. Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  6. Introduction to Cryptography Modern cryptography exists at the intersection of the disciplines of mathematics, computer science, electrical engineering, communication science, and physics. Applications of cryptography include electronic commerce, chip-based payment cards, digital currencies, computer passwords, and military communications. https://en.wikipedia.org/wiki/Cryptography Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  7. Introduction to Cryptography The art and science of concealing the messages to introduce secrecy in information security is recognized as Cryptography. https://www.tutorialspoint.com/cryptography/cryptosystems.htm Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  8. Introduction to Cryptography A cryptosystem is an implementation of cryptographic techniques and their accompanying infrastructure to provide information security services. Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  9. Introduction to Cryptography Components of a Cryptosystem Plaintext. It is the data to be protected during transmission. Encryption Algorithm. It is a mathematical process that produces a ciphertext for any given plaintext and encryption key. It is a cryptographic algorithm that takes plaintext and an encryption key as input and produces a ciphertext. Ciphertext. It is the scrambled version of the plaintext produced by the encryption algorithm using a specific the encryption key. The ciphertext is not guarded. It flows on public channel. It can be intercepted or compromised by anyone who has access to the communication channel. Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  10. Introduction to Cryptography Decryption Algorithm. It is a mathematical process, that produces a unique plaintext for any given ciphertext and decryption key. It is a cryptographic algorithm that takes a ciphertext and a decryption key as input, and outputs a plaintext. Encryption Key. It is a value that is known to the sender. The sender inputs the encryption key into the encryption algorithm along with the plaintext in order to compute the ciphertext. Decryption Key. It is a value that is known to the receiver. The decryption key is related to the encryption key, but is not always identical to it. The receiver inputs the decryption key into the decryption algorithm along with the ciphertext in order to compute the plaintext. Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  11. Introduction to Cryptography • Types of Cryptosystems • Fundamentally, there are two types of cryptosystems based on the manner in which encryption-decryption is carried out in the system: • Symmetric Cryptosystems • Asymmetric Cryptosystems Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  12. Introduction to Cryptography Symmetric Cryptosystems (Secret-Key or One-Key Cryptosystems) The encryption process where same keys are used for encrypting and decrypting the information. A few well-known examples of symmetric key encryption methods are − AES, DES, etc. Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  13. Introduction to Cryptography Symmetric Cryptosystems Secret Keys (Shared by Sender and Receiver) Send Encrypt Decrypt Plaintext Ciphertext Ciphertext Plaintext Send Decrypt Encrypt Ciphertext Plaintext Ciphertext Plaintext Sender Alice Receiver Bob Public Channel Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  14. Introduction to Cryptography Asymmetric Cryptosystems (Public Key or Two-Key Cryptosystems) The encryption process where different keys are used for encrypting and decrypting the information. A few well-known examples of asymmetric cryptosystems are − RSA, ElGamal, ECC, etc. Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  15. Introduction to Cryptography Asymmetric Cryptosystems CA Keys Bob’s Privacy Key Bob’s Public Key Send Encrypt Decrypt Plaintext Ciphertext Ciphertext Plaintext Send Decrypt Encrypt Ciphertext Plaintext Ciphertext Plaintext Sender Alice Receiver Bob Public Channel Alice’s Privacy Key Alice’s Public Key Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  16. My Research Topics Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  17. Research Topics • Cryptosystems and Its Applications • Security in Cloud Computing • Security in Sensor Networks (IOT) • Security in RFID • Security in P2P Networks • Security in Mobile Communications • Steganography • Others: Blockchain, Security in Big Data, AI, VR, … Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  18. Cryptosystems and Its Applications Please download Cryptosystems slides from the following dropbox: https://www.dropbox.com/s/j51d5abiqgfrqkh/KeyHierarchy.ppt?dl=0 Please download Applications slides from the following dropbox: https://www.dropbox.com/s/g2912hrtlmnu5ek/Applications.ppt?dl=0 Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  19. Security in Cloud Computing Please download slides from the following dropbox: https://www.dropbox.com/s/03ojxor5kh2u2jn/CloudComputing.pptx?dl=0 Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  20. Design and Implementation of Privacy Cloud Storages Please download slides from the following dropbox: https://www.dropbox.com/s/tpoi3dp8thi8qgs/Privacy_Cloud_Storages.pptx?dl=0 Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  21. Security in Sensors Networks (IOT) Please download slides from the following dropbox: https://www.dropbox.com/s/27qwgjff26fo2e9/SensorNetworks.pptx?dl=0 Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  22. Security in RFID Please download slides from the following dropbox: https://www.dropbox.com/s/yhs7x3vkjfc8xy7/RFID.ppt?dl=0 Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  23. Security in P2P Networks Please download slides from the following dropbox: https://www.dropbox.com/s/r1k58253x3surjp/P2P-Security.ppt?dl=0 Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  24. Security in Mobile Communications Please download slides from the following dropbox: https://www.dropbox.com/s/82kftxxkl1ejwjt/MobileCommunications.pptx?dl=0 Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  25. Steganography Please download slides from the following dropbox: https://www.dropbox.com/s/wkyx2ttk7oafsy4/Steganography.ppt?dl=0 Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  26. Call For Authors (Writers) Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  27. An Improvement of Hou-Wang’s Remote User Authentication Scheme Guifa Hou, Zhijie Wang, “A Robust and Efficient Remote Authentication Scheme from Elliptic Curve Cryptosystem”, International Journal of Network Security, Vol. 19, No. 6, 2017, pp. 904-911 Department of Computer Science & Information Engineering Asia University Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  28. Outline • Introduction • Review of Hou-Wang’s Scheme • Weaknesses of Hou-Wang’s Scheme • The Proposed Scheme • Conclusion Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  29. Introduction User Authentication ID, PW ID, PW User Internet Server Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  30. Review of Hou-Wang’s Scheme Notations Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  31. Review of Hou-Wang’s Scheme The Registration Phase Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  32. Review of Hou-Wang’s Scheme The Login Phase Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  33. The Authentication and Session Key Exchange Phase Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  34. Review of Hou-Wang’s Scheme Registration Phase: Smart Card: {Bi, H(), G, Ek()/Dk()} Bi = EAi(H(x||ni), niG) Ai = H(IDi||PWi) Login Phase: Authentication Phase: Ui Server: {Ci, Di} Server  Ui: {Ei, Fi} Input IDi, PWi Ai = H(IDi||PWi) DAi(Bi) Bi = EAi(H(x||ni), niG) Ci = t G Ki=t Pubs Di=EKi(IDi,H(x||ni)) Ki = x Ci (IDi,H(x||ni) =DKi(Di) Check Database (IDi and ni) Check H(x||ni) Ei = s G Fi = s Ci +ni G Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  35. Weakness of Hou-Wang’s Scheme Login Phase: Authentication Phase: Ui Server: {Ci, Di} Server  Ui: {Ei, Fi} Input IDi, PWi Ai = H(IDi||PWi) DAi(Bi) Bi = EAi(H(x||ni), niG) Ci = t G Ki=t Pubs Di=EKi(IDi,H(x||ni)) Ki = x Ci (IDi,H(x||ni) =DKi(Di) Check Database (IDi and ni) Check H(x||ni) Ei = s G Fi = s Ci +ni G {C’i, D’i} Smart Card + Guessing Attack: Guess PW’i and get H’(x||ni), n’iG C’i = t’ G K’i=t’ Pubs D’i=EK’i(IDi,H’(x||ni)) Server {Ei, Fi} Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  36. An Improved User Authentication Scheme Login Phase: Authentication Phase: Ui Server: {Ci, Di} Server  Ui: {Ei, Fi} Input IDi, PWi Ai = H(IDi||PWi) DAi(Bi) Bi = EAi(H(x||ni), niG) Ci = t G Ki=t Pubs Di=EKi(IDi,H(x||ni)) Ki = x Ci (IDi,H(x||ni) =DKi(Di) Check Database (IDi and ni) Check H(x||ni) Ei = s G Fi = s Ci +ni G {C’i, D’i} Smart Card + Guessing Attack: Guess PW’i and get H’(x||ni), n’iG C’i = t’ G K’i=t’ Pubs D’i=EK’i(IDi,H’(x||ni)) Server {Ei, Fi} Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  37. The International Conference on Information and Communications Technology 2018 (ICOIACT 2018) will be held on 6 – 8 March 2018 in Grand Zuri Malioboro Hotel, Yogyakarta, Indonesia. http://icoiact.org/ If you are interesting to submit a paper for presentation in ICOIACT2018 or other international conference, please contact us. Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

  38. Welcome to join our research team & Thanks you for your listening! Min-Shiang Hwang ( http://isrc.ccs.asia.edu.tw/ )

More Related