SlideShare una empresa de Scribd logo

Cryptography

Descargar como PPTX, PDF
Abhi Prithi
Abhi Prithi

Created By Sarayu, BCA Student

EducaciónTecnología
1 de 32
Post graduate and research department of computer application
PRESENTED BY:
CONTENT:
cryptography: Cryptography is the study of mathematical techniques related to aspects of information security such as confidentiality, data integrity, entity authentication, and data origin authentication. Cryptography is not the only means of providing information security, but rather one set of techniques. Cryptography is the process of writing,using various method(“ciphers”)to keep message secret
Crytographic goals: CONFIDENTIALITY: Confidentiality is a service used to keep the content of information from all but those authorized to have it. Secrecy is a term synonymous with confidentiality and privacy. There are numerous approaches to providing confidentiality, ranging from physical protection to mathematical algorithms which render data unintelligible. DATA INTEGRITY: Data integrity is a service which addresses the unauthorized alteration of data. To assure data integrity, one must have the ability to detect data manipulation by unauthorized parties. Data manipulation includes such things as insertion, deletion, and substitution.
AUTHENTICATION: Authentication is a service related to identification. This function applies to both entities and information itself. Two parties entering into a communication should identify each other. Information delivered over a channel should be authenticated as to origin , date of origin, data content, time sent, etc. For these reasons this aspect of cryptography is usually subdivided into two major classes: entity authentication & data origin authentication. Data origin authentication implicitly provides data integrity NON-REPUDIATION : Non-repudiation is a service which prevents an entity from denying previous commitments or actions. When disputes arise due to an entity denying that certain actions were taken, a means to resolve the situation is necessary.
History of cryptography: Cryptography was concerned solely with message confidentiality(encryption). Conversion of message from a comprehensible form into an incomprehensible one, rendering it unreadable by interceptors without secret knowledge(decryption). Encryption was used to ensure secrecy in communication , such as military leaders & diplomats. In recent days , it has expanded beyond confidentiality concern include , digital signature, identity authentication, interactive proof & secure computation.
Classic cryptography: The earliest forms of secret writing required little more than pen & paper analogs , as most people could not read. The main classical cipher types are transposition cipher , which arrange the order of letters in a message. Transposition cipher eg : hello world becomes “ehlol owrdl”. substitution ciphers, which systematical replace letters or group of letters. substitution cipher eg : fly at once becomes “gmz bu podf”
SECURITY OF ALGORITHM:  TOTAL BREAKS: A cryptanalyst finds the key k ,such that D k(c)=p. K is a key factor  GLOBAL DEDUCTION: A cryptanalyst finds the alternative algorithm , a equivalent to D k( c)  INSTANCE OR DEDUCTION: A cryptanalyst finds the plain text of an intercepted cipher text  INFORMATION DEDUCTION: A cryptanalyst gains the information about the key or plain text . this information could be a few bit of the key.
TYPES OF ATTACKS TO THE CIPHER TEXT: There are 4 attacks , namely ! Cipher text only attack !! Known plaintext attack !!!Cryptanalyst chosen cipher text A. CIPHER TEXT-ONLY ATTACK: c1=e k(p1)….c2=e k(p2)…….c i=e k(pi) reduce : c i+1=e k(pi+1) B. KNOWN PLAINTEXT ATTACK: p1,c1=e k(p1),p2,c2=e k(p2)….pi c i=e k(pi) reduce: pi+1 from ci+1=e k(pi+1) C. cryptanalyst chosen plaintext attack: pi , ci = ek (p1),pi , ci = ek (pi) reduce: pi+1 from ci+1=ek(pi+1)
PROCEDURE OF ATTACKS: DATA COMPLEXITY: The amount of data needed as input to the attack PROCESSING: The time needed to perform the attack . This is often called as work factor. STORAGE REQUIREMENT: The amount of memory needed to attack
Information security & cryptography To introduce cryptography, an understanding of issues related to information security in general is necessary. Information security manifests itself in many ways according to the situation and requirement. Regardless of who is involved, to one degree or another, all parties to a transaction must have confidence that certain objectives associated with information security have been met.
Over the centuries, an elaborate set of protocols and mechanisms has been created to deal with information security issues when the information is conveyed by physical documents. Often the objectives of information security cannot solely be achieved through mathematical algorithms and protocols alone, but require procedural techniques and abidance of laws to achieve the desired result.
Basic terminology and concepts: Sender and Receiver: Suppose a sender wants to send a message to a receiver. Moreover, this sender wants to send the message securely: She wants to make sure an eavesdropper cannot read the message. Messages and Encryption: A message is plaintext (sometimes called clear text). The process of disguising a message in such a way as to hide its substance is encryption. An encrypted message is cipher text. The process of turning Cipher text back into plaintext is decryption. (If you want to follow the ISO 7498-2 standard, use the terms “encipher” and “decipher.” It seems that some cultures find the terms “encrypt” and “decrypt” offensive, as they refer to dead bodies.)
The art and science of keeping messages secure is cryptography, and it is practiced by cryptographers. Cryptanalysts are practitioners of cryptanalysis, the art and science of breaking cipher text. The branch of mathematics encompassing both cryptography and cryptanalysis is cryptology and its practitioners are cryptologists. Modern cryptologists are generally trained in theoretical mathematics—they have to be.
Encryption and Decryption. Plaintext is denoted by M, for message, or P, for plaintext. It can be a stream of bits, a text file, a bitmap, a stream of digitized voice, a digital video image. As far as a computer is concerned, M is simply binary data. The plaintext can be intended for either transmission or storage. In any case, M is the message to be encrypted. Cipher text is denoted by C. It is also binary data: sometimes the same size as M, sometimes larger. (By combining encryption with compression, C may be smaller than M. However, encryption does not accomplish this.)
The encryption function E, operates on M to produce C. Or, in mathematical notation: E(M) = C In the reverse process, the decryption function D operates on C to produce M: D(C) = M Since the whole point of encrypting and then decrypting a message is to recover the original plaintext, the following identity must hold true: D(E(M)) = M
Notation: p is the plaintext. This is the original readable message(written in some standard language like english , french , hindi). c is ciphertext .this is the output of some encryption scheme , and is not readable by humans. E is the encryption function. E(P)=C EG. to mean that appling the encryption process E to the plaintext P produces the ciphertext C. D is the decryption function. Eg D(C)=P. NOTE: D(E(P))=P & E(D(C))=C
The encryption key is the piece of data that allows the computation of E. similarly we have the decryption key . These may or may not be same. they also may not be secret. To attack a cipher is to attempt unauthorized reading of plaintext , or to attempt unauthorized transmission of cipher text
Cryptography techniques: Cryptanalysis is the study of mathematical techniques for attempting to defeat cryptographic techniques, and, more generally, information security services A cryptanalyst is someone who engages in cryptanalysis Cryptology is the study of cryptography and cryptanalysis A cryptosystem is a general term referring to a set of cryptographic primitives used to provide information security services. Most often the term is used in conjunction with primitives providing confidentiality, i.e., encryption Cryptographic techniques are typically divided into two generic types: symmetric-key cryptography public-key cryptography
Symmetric key cryptography: Let a={ a,b,c………x ,y,z}, be the english alphabet , let m & c be the set of string of length five over A .the key E is chosen to be permutation A. To encrypt , an english message is broken up into groups each having five letter (appropriate padding , if the length of the message is not a multiple of five & permutation E is applied to each letter one at a time). To decrypt , the inverse permutation D=E/1,is applied to each letter of the cipher text , E is choosen to the permutation E= A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z. D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z,A,B,C
PUBLIC KEY CRYTOGRAPHY: Each user has an encryption function & a decryption function. Alice makes her encryption function Ea publicly known , but keeps her decryption function Da secret Bob wants to send alice a message P ,so he computes C=Ea(P) and sends it to her Alice receives C and computes P=Da(C) The point is that the encryption function & a decryption function are set up so that Da is very difficult to compute only knowing Ea. Thus even if an attacker knows Ea ,he can’t compute Da and hence can’t read bob message
PROTOCOLS: A cryptographic protocol (protocol) is a distributed algorithm defined by a sequence of steps precisely specifying the actions required of two or more entities to achieve a specific security objective Remark: (protocol vs. mechanism) As opposed to a protocol, a mechanism is a more general term encompassing protocols, algorithms (specifying the steps followed by a single entity) non-cryptographic techniques (eg : hardware protection and procedural controls) to achieve specific security objectives
Protocols play a major role in cryptography and are essential in meeting cryptographic Goals Encryption schemes, digital signatures, hash functions, and random number generation are among the primitives which may be utilized to build a protocol. Secret sharing : alice,bob,carol,….yanni,&zeke each have a piece of information that is part of a commonly held secret S. If N or more of them meet and combine their knowledge,then S can be reconstructed. But if less than N get together, S cannot be reconstructed.
Example: (a simple key agreement protocol) Alice and Bob have chosen a symmetric-key encryption scheme to use in communicating over an unsecured channel. To encrypt information they require a key. The communication protocol is the following: 1. Bob constructs a public-key encryption scheme and sends his public key to Alice over the channel. 2. Alice generates a key for the symmetric-key encryption scheme. 3. Alice encrypts the key using Bob’s public key and sends the encrypted key to Bob. 4. Bob decrypts using his private key and recovers the symmetric (secret) key. 5. Alice and Bob begin communicating with privacy by using the symmetric-key system and the common secret key.
Uses of protocols: Today we use cryptography for a lot more than just sending secret message Authentication: Alice receives cipher text from bob. How can she be sure that the message originated from bob? How can she be sure that the message wasn’t corrupted? Key exchange: Over an instance channel , Alice & bob exchange two piece of data that allows them to compute a common encryption/decryption key . But any attacker who intercepts the transmissions can’t recover the key.
Remark (causes of protocol failure): Protocols and mechanisms may fail for a number of reasons, including: 1. weaknesses in a particular cryptographic primitive which may be amplified by the protocol or mechanism; 2. claimed or assumed security guarantees which are overstated or not clearly understood; 3. the oversight of some principle applicable to a broad class of primitives such as encryption.
Classes of attacks and security models: Over the years, many different types of attacks on cryptographic primitives and protocols have been identified. The roles of an active and a passive adversary were discussed. The attacks these adversaries can mount may be classified as follows:. 1. A passive attack is one where the adversary only monitors the communication channel. A passive attacker only threatens confidentiality of data. 2. An active attack is one where the adversary attempts to delete, add, or in some other way alter the transmission on the channel. An active attacker threatens data integrity and authentication as well as confidentiality.
One Application of Cryptography: ELECTRONIC MONEY:  The definition of electronic money (also called electronic cash or digital cash) is a term that is still evolving.  It includes transactions carried out electronically with a net transfer of funds from one party to another, which may be either debit or credit and can be either anonymous or identified.  There are both hardware and software implementations.  Encryption is used in electronic money schemes to protect conventional transaction data like account numbers and transaction amounts, digital signatures can replace handwritten signatures or a credit-card authorizations, and public-key encryption can provide confidentiality.
Cryptography

Recomendados

Network security
Network securityNetwork security
Network security
Estiak Khan
 
Program security
Program securityProgram security
Program security
G Prachi
 
Monoalphabetic Substitution Cipher
Monoalphabetic Substitution CipherMonoalphabetic Substitution Cipher
Monoalphabetic Substitution Cipher
SHUBHA CHATURVEDI
 
Process synchronization in Operating Systems
Process synchronization in Operating SystemsProcess synchronization in Operating Systems
Process synchronization in Operating Systems
Ritu Ranjan Shrivastwa
 
TCP/IP 3-way Handshake
TCP/IP 3-way Handshake TCP/IP 3-way Handshake
TCP/IP 3-way Handshake
Alok Tripathi
 
Buffer overflow attacks
Buffer overflow attacksBuffer overflow attacks
Buffer overflow attacks
Joe McCarthy
 
Ethical Hacking and Network Defense
Ethical Hacking and Network Defense Ethical Hacking and Network Defense
Ethical Hacking and Network Defense
Rishab garg
 
Application Layer
Application LayerApplication Layer
Application Layer
ushabarad142
 

Recomendados

Network security
Network securityNetwork security
Network security
Estiak Khan
 
Program security
Program securityProgram security
Program security
G Prachi
 
Monoalphabetic Substitution Cipher
Monoalphabetic Substitution CipherMonoalphabetic Substitution Cipher
Monoalphabetic Substitution Cipher
SHUBHA CHATURVEDI
 
Process synchronization in Operating Systems
Process synchronization in Operating SystemsProcess synchronization in Operating Systems
Process synchronization in Operating Systems
Ritu Ranjan Shrivastwa
 
TCP/IP 3-way Handshake
TCP/IP 3-way Handshake TCP/IP 3-way Handshake
TCP/IP 3-way Handshake
Alok Tripathi
 
Buffer overflow attacks
Buffer overflow attacksBuffer overflow attacks
Buffer overflow attacks
Joe McCarthy
 
Ethical Hacking and Network Defense
Ethical Hacking and Network Defense Ethical Hacking and Network Defense
Ethical Hacking and Network Defense
Rishab garg
 
Application Layer
Application LayerApplication Layer
Application Layer
ushabarad142
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)
Haris Ahmed
 
NETWORK SECURITY
NETWORK SECURITYNETWORK SECURITY
NETWORK SECURITY
afaque jaya
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
Stephen Lahanas
 
Osi reference model
Osi reference modelOsi reference model
Osi reference model
vasanthimuniasamy
 
User authentication
User authenticationUser authentication
User authentication
CAS
 
Agreement Protocols, distributed File Systems, Distributed Shared Memory
Agreement Protocols, distributed File Systems, Distributed Shared MemoryAgreement Protocols, distributed File Systems, Distributed Shared Memory
Agreement Protocols, distributed File Systems, Distributed Shared Memory
SHIKHA GAUTAM
 
Types of attacks
Types of attacksTypes of attacks
Types of attacks
Vivek Gandhi
 
Email security
Email securityEmail security
Email security
Baliram Yadav
 
Secure Hash Algorithm
Secure Hash AlgorithmSecure Hash Algorithm
Secure Hash Algorithm
Vishakha Agarwal
 
Different types of Symmetric key Cryptography
Different types of Symmetric key CryptographyDifferent types of Symmetric key Cryptography
Different types of Symmetric key Cryptography
subhradeep mitra
 
Security in distributed systems
Security in distributed systems Security in distributed systems
Security in distributed systems
Haitham Ahmed
 
Email security
Email securityEmail security
Email security
Indrajit Sreemany
 
Network Security- Secure Socket Layer
Network Security- Secure Socket LayerNetwork Security- Secure Socket Layer
Network Security- Secure Socket Layer
Dr.Florence Dayana
 
Information security and Attacks
Information security and AttacksInformation security and Attacks
Information security and Attacks
Sachin Darekar
 
TCP and UDP
TCP and UDP TCP and UDP
TCP and UDP
Ramesh Giri
 
Attacks on Mobiles\Cell Phones
Attacks on Mobiles\Cell PhonesAttacks on Mobiles\Cell Phones
Attacks on Mobiles\Cell Phones
Faizan Shaikh
 
Architecture of operating system
Architecture of operating systemArchitecture of operating system
Architecture of operating system
Supriya Kumari
 
Security Attacks.ppt
Security Attacks.pptSecurity Attacks.ppt
Security Attacks.ppt
Zaheer720515
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithms
Rashmi Burugupalli
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
CAS
 
Fundamentals of cryptography
Fundamentals of cryptographyFundamentals of cryptography
Fundamentals of cryptography
Hossain Md Shakhawat
 
Cryptography
CryptographyCryptography
Cryptography
LaibaRehman3
 

Más contenido relacionado

La actualidad más candente

Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
Stephen Lahanas
 
Different types of Symmetric key Cryptography
Different types of Symmetric key CryptographyDifferent types of Symmetric key Cryptography
Different types of Symmetric key Cryptography
subhradeep mitra
 

La actualidad más candente (20)

Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)
 
NETWORK SECURITY
NETWORK SECURITYNETWORK SECURITY
NETWORK SECURITY
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
 
Osi reference model
Osi reference modelOsi reference model
Osi reference model
 
User authentication
User authenticationUser authentication
User authentication
 
Agreement Protocols, distributed File Systems, Distributed Shared Memory
Agreement Protocols, distributed File Systems, Distributed Shared MemoryAgreement Protocols, distributed File Systems, Distributed Shared Memory
Agreement Protocols, distributed File Systems, Distributed Shared Memory
 
Types of attacks
Types of attacksTypes of attacks
Types of attacks
 
Email security
Email securityEmail security
Email security
 
Secure Hash Algorithm
Secure Hash AlgorithmSecure Hash Algorithm
Secure Hash Algorithm
 
Different types of Symmetric key Cryptography
Different types of Symmetric key CryptographyDifferent types of Symmetric key Cryptography
Different types of Symmetric key Cryptography
 
Security in distributed systems
Security in distributed systems Security in distributed systems
Security in distributed systems
 
Email security
Email securityEmail security
Email security
 
Network Security- Secure Socket Layer
Network Security- Secure Socket LayerNetwork Security- Secure Socket Layer
Network Security- Secure Socket Layer
 
Information security and Attacks
Information security and AttacksInformation security and Attacks
Information security and Attacks
 
TCP and UDP
TCP and UDP TCP and UDP
TCP and UDP
 
Attacks on Mobiles\Cell Phones
Attacks on Mobiles\Cell PhonesAttacks on Mobiles\Cell Phones
Attacks on Mobiles\Cell Phones
 
Architecture of operating system
Architecture of operating systemArchitecture of operating system
Architecture of operating system
 
Security Attacks.ppt
Security Attacks.pptSecurity Attacks.ppt
Security Attacks.ppt
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithms
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
 

Similar a Cryptography

Cryptography
CryptographyCryptography
Cryptography
LaibaRehman3
 
Computer network
Computer networkComputer network
Computer network
snegacmr
 
PresentationonCRYPTOGRAPHYppt.ppt
PresentationonCRYPTOGRAPHYppt.pptPresentationonCRYPTOGRAPHYppt.ppt
PresentationonCRYPTOGRAPHYppt.ppt
vinitajain703
 
A Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering TechniqueA Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering Technique
ijsrd.com
 
A NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHIC
A NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHICA NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHIC
A NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHIC
ijsrd.com
 
Ao318992
Ao318992Ao318992
Ao318992
IJMER
 

Similar a Cryptography (20)

Fundamentals of cryptography
Fundamentals of cryptographyFundamentals of cryptography
Fundamentals of cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Computer network
Computer networkComputer network
Computer network
 
Cryptography by Durlab Kumbhakar
Cryptography by Durlab KumbhakarCryptography by Durlab Kumbhakar
Cryptography by Durlab Kumbhakar
 
Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01
 
CRYPTOGRAPHY-PAYAL CHOPRA.ppt
CRYPTOGRAPHY-PAYAL CHOPRA.pptCRYPTOGRAPHY-PAYAL CHOPRA.ppt
CRYPTOGRAPHY-PAYAL CHOPRA.ppt
 
PresentationonCRYPTOGRAPHYppt.ppt
PresentationonCRYPTOGRAPHYppt.pptPresentationonCRYPTOGRAPHYppt.ppt
PresentationonCRYPTOGRAPHYppt.ppt
 
PresentationonCRYPTOGRAPHYppt.ppt
PresentationonCRYPTOGRAPHYppt.pptPresentationonCRYPTOGRAPHYppt.ppt
PresentationonCRYPTOGRAPHYppt.ppt
 
Presentationon ON THE TOPIC CRYPTOGRAPHY
Presentationon ON THE TOPIC CRYPTOGRAPHYPresentationon ON THE TOPIC CRYPTOGRAPHY
Presentationon ON THE TOPIC CRYPTOGRAPHY
 
cryptography ppt free download
cryptography ppt free downloadcryptography ppt free download
cryptography ppt free download
 
Cryptography ppt
Cryptography pptCryptography ppt
Cryptography ppt
 
Data encryption
Data encryptionData encryption
Data encryption
 
Cryptography
Cryptography Cryptography
Cryptography
 
PresentationonCRYPTOGRAPHYppt.ppt - Read-Only - Compatibility Mode.ppt
PresentationonCRYPTOGRAPHYppt.ppt - Read-Only - Compatibility Mode.pptPresentationonCRYPTOGRAPHYppt.ppt - Read-Only - Compatibility Mode.ppt
PresentationonCRYPTOGRAPHYppt.ppt - Read-Only - Compatibility Mode.ppt
 
A Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering TechniqueA Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering Technique
 
A NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHIC
A NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHICA NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHIC
A NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHIC
 
Ao318992
Ao318992Ao318992
Ao318992
 
Elementry Cryptography
Elementry CryptographyElementry Cryptography
Elementry Cryptography
 
Crypt
CryptCrypt
Crypt
 

Último

Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Krashi Coaching
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
discovermytutordmt
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
fonyou31
 

Último (20)

BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 

Cryptography

  • 1.
  • 2. Post graduate and research department of computer application
  • 5.
  • 6. cryptography: Cryptography is the study of mathematical techniques related to aspects of information security such as confidentiality, data integrity, entity authentication, and data origin authentication. Cryptography is not the only means of providing information security, but rather one set of techniques. Cryptography is the process of writing,using various method(“ciphers”)to keep message secret
  • 7. Crytographic goals: CONFIDENTIALITY: Confidentiality is a service used to keep the content of information from all but those authorized to have it. Secrecy is a term synonymous with confidentiality and privacy. There are numerous approaches to providing confidentiality, ranging from physical protection to mathematical algorithms which render data unintelligible. DATA INTEGRITY: Data integrity is a service which addresses the unauthorized alteration of data. To assure data integrity, one must have the ability to detect data manipulation by unauthorized parties. Data manipulation includes such things as insertion, deletion, and substitution.
  • 8. AUTHENTICATION: Authentication is a service related to identification. This function applies to both entities and information itself. Two parties entering into a communication should identify each other. Information delivered over a channel should be authenticated as to origin , date of origin, data content, time sent, etc. For these reasons this aspect of cryptography is usually subdivided into two major classes: entity authentication & data origin authentication. Data origin authentication implicitly provides data integrity NON-REPUDIATION : Non-repudiation is a service which prevents an entity from denying previous commitments or actions. When disputes arise due to an entity denying that certain actions were taken, a means to resolve the situation is necessary.
  • 9. History of cryptography: Cryptography was concerned solely with message confidentiality(encryption). Conversion of message from a comprehensible form into an incomprehensible one, rendering it unreadable by interceptors without secret knowledge(decryption). Encryption was used to ensure secrecy in communication , such as military leaders & diplomats. In recent days , it has expanded beyond confidentiality concern include , digital signature, identity authentication, interactive proof & secure computation.
  • 10. Classic cryptography: The earliest forms of secret writing required little more than pen & paper analogs , as most people could not read. The main classical cipher types are transposition cipher , which arrange the order of letters in a message. Transposition cipher eg : hello world becomes “ehlol owrdl”. substitution ciphers, which systematical replace letters or group of letters. substitution cipher eg : fly at once becomes “gmz bu podf”
  • 11. SECURITY OF ALGORITHM:  TOTAL BREAKS: A cryptanalyst finds the key k ,such that D k(c)=p. K is a key factor  GLOBAL DEDUCTION: A cryptanalyst finds the alternative algorithm , a equivalent to D k( c)  INSTANCE OR DEDUCTION: A cryptanalyst finds the plain text of an intercepted cipher text  INFORMATION DEDUCTION: A cryptanalyst gains the information about the key or plain text . this information could be a few bit of the key.
  • 12. TYPES OF ATTACKS TO THE CIPHER TEXT: There are 4 attacks , namely ! Cipher text only attack !! Known plaintext attack !!!Cryptanalyst chosen cipher text A. CIPHER TEXT-ONLY ATTACK: c1=e k(p1)….c2=e k(p2)…….c i=e k(pi) reduce : c i+1=e k(pi+1) B. KNOWN PLAINTEXT ATTACK: p1,c1=e k(p1),p2,c2=e k(p2)….pi c i=e k(pi) reduce: pi+1 from ci+1=e k(pi+1) C. cryptanalyst chosen plaintext attack: pi , ci = ek (p1),pi , ci = ek (pi) reduce: pi+1 from ci+1=ek(pi+1)
  • 13. PROCEDURE OF ATTACKS: DATA COMPLEXITY: The amount of data needed as input to the attack PROCESSING: The time needed to perform the attack . This is often called as work factor. STORAGE REQUIREMENT: The amount of memory needed to attack
  • 14. Information security & cryptography To introduce cryptography, an understanding of issues related to information security in general is necessary. Information security manifests itself in many ways according to the situation and requirement. Regardless of who is involved, to one degree or another, all parties to a transaction must have confidence that certain objectives associated with information security have been met.
  • 15. Over the centuries, an elaborate set of protocols and mechanisms has been created to deal with information security issues when the information is conveyed by physical documents. Often the objectives of information security cannot solely be achieved through mathematical algorithms and protocols alone, but require procedural techniques and abidance of laws to achieve the desired result.
  • 16. Basic terminology and concepts: Sender and Receiver: Suppose a sender wants to send a message to a receiver. Moreover, this sender wants to send the message securely: She wants to make sure an eavesdropper cannot read the message. Messages and Encryption: A message is plaintext (sometimes called clear text). The process of disguising a message in such a way as to hide its substance is encryption. An encrypted message is cipher text. The process of turning Cipher text back into plaintext is decryption. (If you want to follow the ISO 7498-2 standard, use the terms “encipher” and “decipher.” It seems that some cultures find the terms “encrypt” and “decrypt” offensive, as they refer to dead bodies.)
  • 17. The art and science of keeping messages secure is cryptography, and it is practiced by cryptographers. Cryptanalysts are practitioners of cryptanalysis, the art and science of breaking cipher text. The branch of mathematics encompassing both cryptography and cryptanalysis is cryptology and its practitioners are cryptologists. Modern cryptologists are generally trained in theoretical mathematics—they have to be.
  • 18. Encryption and Decryption. Plaintext is denoted by M, for message, or P, for plaintext. It can be a stream of bits, a text file, a bitmap, a stream of digitized voice, a digital video image. As far as a computer is concerned, M is simply binary data. The plaintext can be intended for either transmission or storage. In any case, M is the message to be encrypted. Cipher text is denoted by C. It is also binary data: sometimes the same size as M, sometimes larger. (By combining encryption with compression, C may be smaller than M. However, encryption does not accomplish this.)
  • 19. The encryption function E, operates on M to produce C. Or, in mathematical notation: E(M) = C In the reverse process, the decryption function D operates on C to produce M: D(C) = M Since the whole point of encrypting and then decrypting a message is to recover the original plaintext, the following identity must hold true: D(E(M)) = M
  • 20. Notation: p is the plaintext. This is the original readable message(written in some standard language like english , french , hindi). c is ciphertext .this is the output of some encryption scheme , and is not readable by humans. E is the encryption function. E(P)=C EG. to mean that appling the encryption process E to the plaintext P produces the ciphertext C. D is the decryption function. Eg D(C)=P. NOTE: D(E(P))=P & E(D(C))=C
  • 21. The encryption key is the piece of data that allows the computation of E. similarly we have the decryption key . These may or may not be same. they also may not be secret. To attack a cipher is to attempt unauthorized reading of plaintext , or to attempt unauthorized transmission of cipher text
  • 22. Cryptography techniques: Cryptanalysis is the study of mathematical techniques for attempting to defeat cryptographic techniques, and, more generally, information security services A cryptanalyst is someone who engages in cryptanalysis Cryptology is the study of cryptography and cryptanalysis A cryptosystem is a general term referring to a set of cryptographic primitives used to provide information security services. Most often the term is used in conjunction with primitives providing confidentiality, i.e., encryption Cryptographic techniques are typically divided into two generic types: symmetric-key cryptography public-key cryptography
  • 23. Symmetric key cryptography: Let a={ a,b,c………x ,y,z}, be the english alphabet , let m & c be the set of string of length five over A .the key E is chosen to be permutation A. To encrypt , an english message is broken up into groups each having five letter (appropriate padding , if the length of the message is not a multiple of five & permutation E is applied to each letter one at a time). To decrypt , the inverse permutation D=E/1,is applied to each letter of the cipher text , E is choosen to the permutation E= A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z. D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z,A,B,C
  • 24. PUBLIC KEY CRYTOGRAPHY: Each user has an encryption function & a decryption function. Alice makes her encryption function Ea publicly known , but keeps her decryption function Da secret Bob wants to send alice a message P ,so he computes C=Ea(P) and sends it to her Alice receives C and computes P=Da(C) The point is that the encryption function & a decryption function are set up so that Da is very difficult to compute only knowing Ea. Thus even if an attacker knows Ea ,he can’t compute Da and hence can’t read bob message
  • 25. PROTOCOLS: A cryptographic protocol (protocol) is a distributed algorithm defined by a sequence of steps precisely specifying the actions required of two or more entities to achieve a specific security objective Remark: (protocol vs. mechanism) As opposed to a protocol, a mechanism is a more general term encompassing protocols, algorithms (specifying the steps followed by a single entity) non-cryptographic techniques (eg : hardware protection and procedural controls) to achieve specific security objectives
  • 26. Protocols play a major role in cryptography and are essential in meeting cryptographic Goals Encryption schemes, digital signatures, hash functions, and random number generation are among the primitives which may be utilized to build a protocol. Secret sharing : alice,bob,carol,….yanni,&zeke each have a piece of information that is part of a commonly held secret S. If N or more of them meet and combine their knowledge,then S can be reconstructed. But if less than N get together, S cannot be reconstructed.
  • 27. Example: (a simple key agreement protocol) Alice and Bob have chosen a symmetric-key encryption scheme to use in communicating over an unsecured channel. To encrypt information they require a key. The communication protocol is the following: 1. Bob constructs a public-key encryption scheme and sends his public key to Alice over the channel. 2. Alice generates a key for the symmetric-key encryption scheme. 3. Alice encrypts the key using Bob’s public key and sends the encrypted key to Bob. 4. Bob decrypts using his private key and recovers the symmetric (secret) key. 5. Alice and Bob begin communicating with privacy by using the symmetric-key system and the common secret key.
  • 28. Uses of protocols: Today we use cryptography for a lot more than just sending secret message Authentication: Alice receives cipher text from bob. How can she be sure that the message originated from bob? How can she be sure that the message wasn’t corrupted? Key exchange: Over an instance channel , Alice & bob exchange two piece of data that allows them to compute a common encryption/decryption key . But any attacker who intercepts the transmissions can’t recover the key.
  • 29. Remark (causes of protocol failure): Protocols and mechanisms may fail for a number of reasons, including: 1. weaknesses in a particular cryptographic primitive which may be amplified by the protocol or mechanism; 2. claimed or assumed security guarantees which are overstated or not clearly understood; 3. the oversight of some principle applicable to a broad class of primitives such as encryption.
  • 30. Classes of attacks and security models: Over the years, many different types of attacks on cryptographic primitives and protocols have been identified. The roles of an active and a passive adversary were discussed. The attacks these adversaries can mount may be classified as follows:. 1. A passive attack is one where the adversary only monitors the communication channel. A passive attacker only threatens confidentiality of data. 2. An active attack is one where the adversary attempts to delete, add, or in some other way alter the transmission on the channel. An active attacker threatens data integrity and authentication as well as confidentiality.
  • 31. One Application of Cryptography: ELECTRONIC MONEY:  The definition of electronic money (also called electronic cash or digital cash) is a term that is still evolving.  It includes transactions carried out electronically with a net transfer of funds from one party to another, which may be either debit or credit and can be either anonymous or identified.  There are both hardware and software implementations.  Encryption is used in electronic money schemes to protect conventional transaction data like account numbers and transaction amounts, digital signatures can replace handwritten signatures or a credit-card authorizations, and public-key encryption can provide confidentiality.