SlideShare una empresa de Scribd logo

Cryptography full report

Descargar como DOC, PDF
H
harpoo123143
EducaciónTecnología
1 de 9
Cryptography Name: T Sampathkumar Name: Sudeep Year: III/IV CSE , Year: III/IV CSE, e-mail: sampaththatikonda@rocketmail.com e-mail : sudeep4u_lp@yahoo.com ABSTRACT  This paper introduces Cryptography All these methods and means of communication Techniques. Cryptography is “The science of have protecting data” & Network Security “keeping played an important role in our lives, but in the information private and Secure from unauthorized Users”. past This paper gives the Fundamental few years, network communication, especially over Requirements for the Data Transmission, the the Internet, has emerged as one of the most security attacks like Interruption, Interception powerful and Modification of the data Transmission. Methods of communication with an overwhelming The Cryptographic Process Impact on our lives. Such rapid advances in explaining through a generalized function is Communications technology have also given rise discussed through which encryption and decryption is done by the various algorithms to like RSA algorithm, Hash Functions and Security threats to individuals and organizations. many cryptographic algorithms. Fundamental Requirements Introduction Confidential: Is the process of keeping The Cryptanalysis is the process of information attempting to discover the plain text and/ or the private and Secret so that only the intended key. recipient Applications of Various Cryptographic is able to understand the information. Technologies. Authentication: Is the process of providing proof of Why & How to Provide Network Security in the identity of the sender to the recipient, so that the Certificates issuing, The Validity & Trust for recipient can be assured that the person sending Certificate the Services, Certificate Revocation in the Internet, information is who and what he or she claims to Intranet and other Network Communications, the be. Applications of Network Security to the various Integrity: Is the method to ensure that information Data is Transfer techniques and protocols. not tampered with during its transit or its storage From the dawn of civilization, to the highly on networked societies that we live in Today the network. Any unauthorized person should not communication has always been an integral be part of our existence. able to tamper with the information or change the • Radio communication Information during transit • Network communication Non-repudiation: Is the method to ensure that • Mobile communication information cannot be disowned. Once the non- repudiation • Telephonic communication process is in place, the sender cannot
deny being the originator of the data. source destination What is Cryptography? The term cryptology has its origin in Greek Kryptós lógos , which means “hidden word.” Cryptography is the science of protecting data, which provides means and methods of converting data into Unauthorized user unreadable form, so that Valid User can access Information at the Destination. Cryptography is the science of using mathematics to encrypt and Security Attacks decrypt data. Cryptography enables you to store sensitive Interruption: In an attack where one or more of information or transmit it across insecure networks the (like the Internet) so that it cannot be read by systems of the organization become unusable due anyone to except the intended recipient. While cryptography attacks by unauthorized users. This leads to is systems the science of securing data, cryptanalysis is the being unavailable for use. science of analyzing and breaking secure communication. Cryptanalysts are also called Interception: An unauthorized individual attackers. Cryptology embraces both cryptography intercepts and cryptanalysis. the message content and changes it or uses it for malicious purposes. After this type of attack, the Cryptography Terminology message does not remain confidential. a) Plaintext: The original intelligible Modification: The content of the message is message. modified b) Cipher text: The transformed message. by a third party. This attack affects the integrity of c) Cipher: An algorithm for transforming an the message. So for maintaining the data secretly intelligible while message to unintelligible by transposition. communicating data between two persons or two d) Key: Some critical information used by the organizations data is to be converted to other cipher, format known only to the sender & receiver. and the data is to be transmitted. So now we deal e) Encipher :( Encode) the process of converting with plaintext to cipher text using a cipher and a key. the Cryptography which is process of transmitting f) Decipher :( Decode) the process of converting data securely without any interruption. Network cipher text back into plaintext using a cipher & key. security is the security of data transmission in the g) Cryptanalysis: The study of principles and communication. methods of transforming an unintelligible message
back into an intelligible message without are being built as distributed applications, the knowledge of the key. Also called code breaking physical h) Cryptology: Both cryptography and security model has lost its significance. The advent cryptanalysis of i) Code: an algorithm for transforming an the internet and the web has raised the scale and intelligible frequency of network Security threats. message into an unintelligible one using codes. j) Hash algorithm: Is an algorithm that converts Common Security Threats text string into a string of fixed length. Identity interception: It means that someone k) Secret Key Cryptography (SKC): Uses a might single steal your identity and use it as their own. key for both encryption and decryption Masquerading. If you send your username and l) Public Key Cryptography (PKC): Uses one key password in clear text form, someone might be for able to encryption and another for decryption grab it from the network and use it elsewhere with m) Pretty Good Privacy (PGP): PGP is a hybrid the cryptosystem. intention of perpetrating fraud. n) Public Key Infrastructure (PKI): PKI feature is Replay attack: They might capture your request of Certificate authority. withdrawing 1000 dollars from your Bank account and then replay that request over the network. Data interception and manipulation: If someone can read your credit card information while it is on the Network Security wire, they could cause a lot of trouble for you. Repudiation: When someone performs a For Distributed computing transaction • Logical set of services distributed and then deny it later can be a big problem in over the network ecommerce. • Physical security model does not For example, if you are manufacturer of work anymore something and you received a 1 million dollar For Internet and Web purchase request from a customer, you will want to make sure that person does not deny it after the •  Increase of security threat transaction has been completed. We all know what •  More stringent security for Ecommerce “denial of service” means. and B2B Network Security Needs Why network security? Security Needs of an Enterprise When networks were not that pervasive, that • Single sign-on Internet and intranet is when computing devices were running in their own •  Controlled access to corporate Islands, it was rather easy to deal with security. information The •  Secure business transaction over only thing they needed to do was to lock the door. Internet Now, as more and more computing devices are getting connected and more and more applications •  Centralized, easy to use security admin
tools Key Process Techniques •  Transparency of security features •  Interoperable security systems   Symmetric-Key Encryption: One •  Various PKI schemes, Kerbos Key Symmetric-key encryption, also called shared-key Common Network Security Needs encryption or secret-key cryptography, uses a single key that both the sender and recipient possess. •  Authentication (Identity verification) This key, used for both encryption and decryption, •  Access control (Authorization) is called a secret key (also referred to as a •  Data confidentiality (Privacy) symmetric •  Data integrity (Tamper-proofing) key or session key). Symmetric-key encryption is an •  Non-repudiation (Proof of transaction) efficient method for encrypting large amounts of •  Auditing data. But the drawback is to transfer the Key to Receiver Cryptographic Process Basic Process as it is prone to security risks. M is the original message K enc is encryption key   Public-Key Encryption: Two Keys M' is the scrambled message K dec is decryption key Two keys—a public key and a private key, which It is “difficult” to get M just by knowing M' are mathematically related—are used in public-key E and D are related such that encryption. To contrast it with symmetric-key E(K enc , M) = M' encryption, public-key encryption is also D(K dec , M') = M sometimes D(K dec , E(K enc , M)) = M called asymmetric-key encryption. In public-key Plaintext—M Cipher text—M' Original encryption, the public key can be passed openly Plaintext—M between the parties or published in a public Decryption function—D Encryption repository, but the related private key remains function—E private. So how does cryptographic process work? Data encrypted with the public key can be The idea is rather simple. Let's say you have decrypted plaintext only using the private key. Data encrypted with the M. By providing the encryption key and the private key can be decrypted only using the public encryption key. In Figure 1, a sender has the receiver's public function you get cipher text, M'. The cipher text key and uses it to encrypt a message, but only the can be receiver has the related private key used to decrypted using a decryption function and a decrypt decryption key and the result is the original text. In the message. cryptographic process the mathematical property is Private Key Method such that it is practically impossible to derive M Public Key Method from Encryption is done with Public Key and M' unless the key is known. Decryption with another key called Private Key. This
is called Public Key Cryptography. aside, the patent for RSA expired in September 2000 Public-key cryptography algorithms which does not appear to have affected RSA's popularity one way or the other. RSA: The first, and still most common, PKC implementation, named for the three MIT Diffie-Hellman: After the RSA algorithm mathematicians who developed it — Ronald Diffie and Hellman came up with their own Rivest, algorithm. Adi Shamir, and Leonard Adleman. RSA today is D-H is used for secret-key key exchange only, and used in hundreds of software products and can be not used for key exchange, digital signatures, or for authentication or digital signatures. encryption of small blocks of data. RSA uses a variable size encryption block and a variable size Digital Signature Algorithm (DSA): The key. algorithm specified in NIST's Digital Signature The key-pair is derived from a very large number, Standard (DSS), provides digital signature n, capability that is the product of two prime numbers chosen for the authentication of messages. according to special rules; these primes may be 100 Elliptic Curve Cryptography (ECC): A or more digits in length each, yielding an n with PKC algorithm based upon elliptic curves. ECC roughly twice as many digits as the prime factors. can The offer levels of security with small keys comparable public key information includes n and a derivative to of RSA and other PKC methods. It was designed for one of the devices with limited compute power and/or factors of n; an attacker cannot determine memory, the prime factors of n (and, therefore, the private such as smartcards and PDAs key) from this information alone and that is what makes Hash functions the An improvement on the Public Key scheme is RSA algorithm so secure. (Some descriptions of the addition of a one way hash function in the PKC process. A one-way hash function takes variable erroneously state that RSA's safety is due to the length input. In this case, a message of any length, difficulty in factoring large prime numbers. In fact, even thousands or millions of bits and produces a large prime numbers, like small prime numbers, fixed-length output; say, 160-bits. The hash only function have two factors!) The ability for computers to ensures that, if the information is changed in any factor way large numbers, and therefore attack schemes such even by just one bit an entirely different output as value RSA, is rapidly improving and systems today can is produced. find Hash functions, also called message digests the prime factors of numbers with more than 140 and one-way encryption, are algorithms that, in digits. The presumed protection of RSA, however, some is sense, use no key Instead; a fixed-length hash that users can easily increase the key size to value always is computed based upon the plaintext that makes it stay ahead of the computer processing curve. As impossible for either the contents or length of the an plaintext to be recovered. Hash algorithms are
typically used to provide a digital fingerprint of a means that it prevents the sender from claiming file's that contents often used to ensure that the file has not he or she did not actually send the information. been altered by an intruder or virus. Hash These functions features are every bit as fundamental to are also commonly employed by many operating cryptography systems so encrypt passwords. Hash functions, as privacy, if not more. then, A digital signature serves the same purpose help preserve the integrity of a file. as a handwritten signature. However, a As long as a secure hash function is used, handwritten there is no way to take someone's signature from signature is easy to counterfeit. A digital signature one is document and attach it to another, or to alter a superior to a handwritten signature in that it is signed nearly message in any way. The slightest change in a impossible to counterfeit, plus it attests to the signed contents document will cause the digital signature of the information as well as to the identity of the verification signer. process to fail. Public-Key Encryption for Digital Certificates Applications Of Cryptography Digital certificates, or cert., simplify the task of establishing whether a public key truly belongs 1. Defense Services to 2. Secure Data Manipulation the purported owner. A certificate is a form of 3. E –Commerce credential. Examples might be your birth 4. Business Transactions certificate. 5. Internet Payment Systems Each of these has some information on it 6. Pass Phrasing identifying 7. Secure Internet Comm. you and some authorization stating that someone 8. User Identification Systems else 9. Access Control has confirmed your identity. Some certificates, 10. Computational Security such 11.Secure access to Corp Data as your passport, are important enough 12.Data Security. confirmation of your identity that you would not want to lose Public-Key Encryption for Digital Signatures them, lest someone use them to impersonate you. A major benefit of public key cryptography is that it provides a method for employing digital Digital Certificate signatures. Digital signatures enable the recipient of A digital certificate is data that functions much information to verify the authenticity of the like a physical certificate. A digital certificate is information's origin, and also verify that the information included with a person's public key that information is intact. Thus, public key digital helps others verify that a key is genuine or valid. signatures provide authentication and data Digital certificates are used to thwart attempts to integrity. A substitute one person's key for another. digital signature also provides non-repudiation, which A digital certificate consists of three things:
• A public key. • Certificate information. ("Identity" Secret-key encryption algorithms (Symmetric information algorithms) about the user, such as name, user ID, and • DES (Data Encryption Standard) -- 56 bit so on.) key • One or more digital signatures. • Triple DES --112 bit key The purpose of the digital signature on a • IDEA (International Data Encryption certificate is to state that the certificate information Algorithm) --128bit key has been attested to by some other person or entity. Public-key encryption algorithms (Asymmetric The digital signature does not attest to the algorithms) authenticity of the certificate as a whole; it vouches only that Diffie-Hellman (DH): Exponentiation is easy the but computing discrete logarithms from the signed identity information goes along with, or is resulting bound to, the public key. Thus, a certificate is value is practically impossible basically a public key with one or two forms of ID attached, plus a hearty stamp of approval from some other trusted individual. Cryptographic Technologies Based on Layers RSA: Multiplication of two large prime • Link layer encryption numbers is easy but factoring the resulting product • Network layer encryption is • IPSEC, VPN, SKIP practically impossible • Transport layer • SSL, PCT(Private Communication Technology) Public Key Infrastructure (PKI) • Application layer • PEM (Privacy Enhanced Mail) Introduction • PGP (Pretty Good Privacy) • SHTTP The term public key infrastructure (PKI) is Cryptographic process can be implemented at used to describe the policies, standards, and various software layers starting from the link Layer all the way up to that regulate or manipulate certificates and public the and application layer. The most popular encryption private keys. In practice, PKI refers to a system of scheme is SSL and it is implemented at the digital certificates, certification authorities (CA), transport and layer. If the encryption is done at the transport other registration authorities that verify and layer, authenticate the validity of each party any application that is running on the top of the involved transport layer can be protected. in an electronic transaction. Standards for PKI are still evolving, even as they are being Based on Algorithms widely
implemented as a necessary element of electronic certificate is in compliance with the criteria commerce. This section will help you understand established what by the CA policy. a PKI is and what services are required to build a Certificate enrollment: The procedure that an PKI. end entity follows to request and receive a certificate PKI concepts on Certificates from a CA. The certificate request provides identity Certificate: A public key certificate is a digitally information to the CA signed statement used for authentication and Certificate Revocation: Certificates have a secure specified exchange of information on the networks. The lifetime, but CAs can reduce this lifetime by the issuer process known as certificate revocation. The CAs and signer of the certificate is known as a publishes a certificate revocation list (CRL) that certification lists authority (CA). Certificate has No, Validity, Uses of serial numbers of certificates that it considers no the Key pair (Public & Secret) longer usable. Certification Authority: A certification authority Certificate Chain Validation: In a network, when (CA) we is an entity trusted to issue certificates to a generate a request for a new certificate, the requesting information in that request is first passed from the entity. A CA verifies the requester's information requesting program to Certificate Authority (CA) according to the policy of the CA, and then uses its then private key to apply its digital signature to the passes the appropriate data to a program known certificate. as a cryptographic service provider (CSP) A CSP is an CA Policy: A CA issues certificates to requesters independent software module that performs based on a set of established criteria. The set of cryptography operations, such as secret-key criteria that a CA uses when processing certificate exchange, digital signing of data, and public-key requests is referred to as CA policy. Typically, a authentication. Chain-building mechanism CA attempts to publishes its policy in a document known as a build a certification path (a certificate chain) from Certification Practice Statement (CPS). the end-entity certificate, such as a user certificate, up Types of Certification Authorities to a CA root certificate. Self-signed CA: The public key in the certificate and Attacking Cryptography Cryptanalysis the key used to verify the certificate are the same Subordinate CA: The public key in certificate and Cryptanalysis is the process of attempting to the discover the plaintext and/ or the key. The types of key used to verify the certificates are different. Cryptanalysis attacks are Rooted CA: This is trusted unconditionally by a client Differential Cryptanalysis Attack: and is at top of a certification hierarchy. Registration: Registration is the process by which The differential cryptanalysis attack looks a specifically at certificate is issued to the subject, provided that pairs of cipher texts whose plaintext has some the
specific differences. It analyzes these differences describes the cryptographic concepts of symmetric as key the plaintext propagates through various rounds of encryption, public-key encryption, types of Data Encryption Standards (DES) when they are encryption algorithms, hash algorithms, digital encrypted with the same key. signatures, and key exchange. The Cryptography Attacking techniques like Cryptanalysis and Brute Linear Cryptanalysis Attack: Force Attack. This Paper provides information of Network Security Needs and Requirements. Linear Cryptanalys is attack was invented by Cryptography is a particularly interesting field Mitsuru Matsui in 1993. This method is based on because of the amount of work that is, by the concept that if you XOR some of the plaintext necessity, bits together, XOR some cipher text bits together, done in secret. The irony is that today, secrecy is and then XOR the results, you will get a single bit not that is the XOR of some of the key bits. A large the key to the goodness of a cryptographic number of such plain/cipher texts pairs are used algorithm. to guess the values of the key bits Regardless of the mathematical theory behind an algorithm, the best algorithms are those that are Brute Force Attack well known and well-documented because they are also The simplest attack to decipher a DES key is well-tested and well-studied! In fact, time is the the brute force attack. The brute force attack on only the true test of good cryptography; any cryptographic DES algorithm is feasible because of the relatively scheme that stays in use year after year is most small key length (56 bit) and ever-increasing likely computational power of the computers. It can a good one. The strength of cryptography lies in break the through any cipher by trying all keys that possibly choice (and management) of the keys; longer keys exist. However, in brute force attacks, the time will resist attack better than shorter keys. taken to break a cipher is directly proportional to the References: length • Cryptography and Network Security –By of the key. In a brute force attack, keys are William Stallings. randomly • Introduction to Cryptography –By Aysel generated and applied to the cipher text until the Ozgur legitimate key is generated. The Average Time • www.en.wikipedia.org. Required for Exhaustive Key Search • http://www-users.cs.umn.edu/ http:/ Conclusion Cryptography protects users by providing functionality for the encryption of data and authentication of other users. This technology lets the receiver of an electronic message verify the sender, ensures that a message can be read only by the intended person, and assures the recipient that a message has not be altered in transit. This paper

Recomendados

Cryptography
CryptographyCryptography
CryptographyRutuja Solkar
 
Cryptography ppt
Cryptography pptCryptography ppt
Cryptography pptOECLIB Odisha Electronics Control Library
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.pptkusum sharma
 
Cryptography
CryptographyCryptography
CryptographyDarshini Parikh
 
cryptography ppt free download
cryptography ppt free downloadcryptography ppt free download
cryptography ppt free downloadTwinkal Harsora
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to CryptographyMd. Afif Al Mamun
 
Cryptography
CryptographyCryptography
CryptographySagar Janagonda
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network SecurityPa Van Tanku
 

Recomendados

Cryptography
CryptographyCryptography
CryptographyRutuja Solkar
 
Cryptography ppt
Cryptography pptCryptography ppt
Cryptography pptOECLIB Odisha Electronics Control Library
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.pptkusum sharma
 
Cryptography
CryptographyCryptography
CryptographyDarshini Parikh
 
cryptography ppt free download
cryptography ppt free downloadcryptography ppt free download
cryptography ppt free downloadTwinkal Harsora
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to CryptographyMd. Afif Al Mamun
 
Cryptography
CryptographyCryptography
CryptographySagar Janagonda
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network SecurityPa Van Tanku
 
Cryptography
CryptographyCryptography
Cryptographyamiable_indian
 
Cryptography
CryptographyCryptography
Cryptographysubodh pawar
 
Cryptography
CryptographyCryptography
CryptographyEmaSushan
 
Digital signature
Digital signatureDigital signature
Digital signatureMohanasundaram Nattudurai
 
Cryptography
CryptographyCryptography
CryptographyJens Patel
 
Data encryption
Data encryptionData encryption
Data encryptionDeepam Goyal
 
Final report ethical hacking
Final report ethical hackingFinal report ethical hacking
Final report ethical hackingsamprada123
 
Network security cryptography ppt
Network security cryptography pptNetwork security cryptography ppt
Network security cryptography pptThushara92
 
Diffie Hellman Key Exchange
Diffie Hellman Key ExchangeDiffie Hellman Key Exchange
Diffie Hellman Key ExchangeSAURABHDHAGE6
 
Cryptography
CryptographyCryptography
CryptographyIGZ Software house
 
Intro to modern cryptography
Intro to modern cryptographyIntro to modern cryptography
Intro to modern cryptographyzahid-mian
 
Cryptography
CryptographyCryptography
Cryptographyherrberk
 
Encryption And Decryption
Encryption And DecryptionEncryption And Decryption
Encryption And DecryptionNA
 
Cryptography
CryptographyCryptography
Cryptographyjayashri kolekar
 
Information Security & Cryptography
Information Security & CryptographyInformation Security & Cryptography
Information Security & CryptographyArun ACE
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.pptUday Meena
 
Cryptography
CryptographyCryptography
CryptographyShivanand Arur
 
Cryptography
CryptographyCryptography
CryptographySidharth Mohapatra
 
Different types of Symmetric key Cryptography
Different types of Symmetric key CryptographyDifferent types of Symmetric key Cryptography
Different types of Symmetric key Cryptographysubhradeep mitra
 
Cryptography ppt
Cryptography pptCryptography ppt
Cryptography pptAnubhav Sokhal
 
cryptography.ppt.ppt
cryptography.ppt.pptcryptography.ppt.ppt
cryptography.ppt.pptSudhanshuKarna
 
cryptography.ppt - Copy.ppt
cryptography.ppt - Copy.pptcryptography.ppt - Copy.ppt
cryptography.ppt - Copy.pptSudhanshuKarna
 

Más contenido relacionado

La actualidad más candente

Cryptography
CryptographyCryptography
CryptographyEmaSushan
 
Final report ethical hacking
Final report ethical hackingFinal report ethical hacking
Final report ethical hackingsamprada123
 
Network security cryptography ppt
Network security cryptography pptNetwork security cryptography ppt
Network security cryptography pptThushara92
 
Diffie Hellman Key Exchange
Diffie Hellman Key ExchangeDiffie Hellman Key Exchange
Diffie Hellman Key ExchangeSAURABHDHAGE6
 
Intro to modern cryptography
Intro to modern cryptographyIntro to modern cryptography
Intro to modern cryptographyzahid-mian
 
Cryptography
CryptographyCryptography
Cryptographyherrberk
 
Encryption And Decryption
Encryption And DecryptionEncryption And Decryption
Encryption And DecryptionNA
 
Information Security & Cryptography
Information Security & CryptographyInformation Security & Cryptography
Information Security & CryptographyArun ACE
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.pptUday Meena
 
Different types of Symmetric key Cryptography
Different types of Symmetric key CryptographyDifferent types of Symmetric key Cryptography
Different types of Symmetric key Cryptographysubhradeep mitra
 

La actualidad más candente (20)

Cryptography
CryptographyCryptography
Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Cryptography
CryptographyCryptography
Cryptography
 
Data encryption
Data encryptionData encryption
Data encryption
 
Final report ethical hacking
Final report ethical hackingFinal report ethical hacking
Final report ethical hacking
 
Network security cryptography ppt
Network security cryptography pptNetwork security cryptography ppt
Network security cryptography ppt
 
Diffie Hellman Key Exchange
Diffie Hellman Key ExchangeDiffie Hellman Key Exchange
Diffie Hellman Key Exchange
 
Cryptography
CryptographyCryptography
Cryptography
 
Intro to modern cryptography
Intro to modern cryptographyIntro to modern cryptography
Intro to modern cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Encryption And Decryption
Encryption And DecryptionEncryption And Decryption
Encryption And Decryption
 
Cryptography
CryptographyCryptography
Cryptography
 
Information Security & Cryptography
Information Security & CryptographyInformation Security & Cryptography
Information Security & Cryptography
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Different types of Symmetric key Cryptography
Different types of Symmetric key CryptographyDifferent types of Symmetric key Cryptography
Different types of Symmetric key Cryptography
 
Cryptography ppt
Cryptography pptCryptography ppt
Cryptography ppt
 

Similar a Cryptography full report

cryptography.ppt - Copy.ppt
cryptography.ppt - Copy.pptcryptography.ppt - Copy.ppt
cryptography.ppt - Copy.pptSudhanshuKarna
 
A Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering TechniqueA Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering Techniqueijsrd.com
 
A NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHIC
A NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHICA NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHIC
A NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHICijsrd.com
 
Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...IOSR Journals
 
PRESENTATION ON CRYPTOGRAPHY.pptx
PRESENTATION ON CRYPTOGRAPHY.pptxPRESENTATION ON CRYPTOGRAPHY.pptx
PRESENTATION ON CRYPTOGRAPHY.pptxRiddhiGupta84
 
Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture NotesFellowBuddy.com
 
Survey Paper: Cryptography Is The Science Of Information Security
Survey Paper: Cryptography Is The Science Of Information SecuritySurvey Paper: Cryptography Is The Science Of Information Security
Survey Paper: Cryptography Is The Science Of Information SecurityCSCJournals
 
Cryptography & Network Security.pptx
Cryptography & Network Security.pptxCryptography & Network Security.pptx
Cryptography & Network Security.pptxsunil sharma
 
A Survey on Cryptographic Techniques for Network Security.pdf
A Survey on Cryptographic Techniques for Network Security.pdfA Survey on Cryptographic Techniques for Network Security.pdf
A Survey on Cryptographic Techniques for Network Security.pdfYasmine Anino
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityShitiz Upreti
 
Paper id 312201534
Paper id 312201534Paper id 312201534
Paper id 312201534IJRAT
 
Cryptography
CryptographyCryptography
CryptographyJasim Jas
 

Similar a Cryptography full report (20)

cryptography.ppt.ppt
cryptography.ppt.pptcryptography.ppt.ppt
cryptography.ppt.ppt
 
cryptography.ppt - Copy.ppt
cryptography.ppt - Copy.pptcryptography.ppt - Copy.ppt
cryptography.ppt - Copy.ppt
 
A Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering TechniqueA Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering Technique
 
A NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHIC
A NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHICA NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHIC
A NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHIC
 
Cryptography
CryptographyCryptography
Cryptography
 
Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...
 
PRESENTATION ON CRYPTOGRAPHY.pptx
PRESENTATION ON CRYPTOGRAPHY.pptxPRESENTATION ON CRYPTOGRAPHY.pptx
PRESENTATION ON CRYPTOGRAPHY.pptx
 
Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture Notes
 
Survey Paper: Cryptography Is The Science Of Information Security
Survey Paper: Cryptography Is The Science Of Information SecuritySurvey Paper: Cryptography Is The Science Of Information Security
Survey Paper: Cryptography Is The Science Of Information Security
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography & Network Security.pptx
Cryptography & Network Security.pptxCryptography & Network Security.pptx
Cryptography & Network Security.pptx
 
319 325
319 325319 325
319 325
 
A Survey on Cryptographic Techniques for Network Security.pdf
A Survey on Cryptographic Techniques for Network Security.pdfA Survey on Cryptographic Techniques for Network Security.pdf
A Survey on Cryptographic Techniques for Network Security.pdf
 
F16 cs61 cryptography
F16 cs61 cryptographyF16 cs61 cryptography
F16 cs61 cryptography
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network Security
 
Fundamentals of cryptography
Fundamentals of cryptographyFundamentals of cryptography
Fundamentals of cryptography
 
Analysis of Cryptography Techniques
Analysis of Cryptography TechniquesAnalysis of Cryptography Techniques
Analysis of Cryptography Techniques
 
Networksecurity1 1
Networksecurity1 1 Networksecurity1 1
Networksecurity1 1
 
Paper id 312201534
Paper id 312201534Paper id 312201534
Paper id 312201534
 
Cryptography
CryptographyCryptography
Cryptography
 

Último

social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajanpragatimahajan3
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhikauryashika82
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfAyushMahapatra5
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingTeacherCyreneCayanan
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfAdmir Softic
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 

Último (20)

social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajan
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 

Cryptography full report

  • 1. Cryptography Name: T Sampathkumar Name: Sudeep Year: III/IV CSE , Year: III/IV CSE, e-mail: sampaththatikonda@rocketmail.com e-mail : sudeep4u_lp@yahoo.com ABSTRACT  This paper introduces Cryptography All these methods and means of communication Techniques. Cryptography is “The science of have protecting data” & Network Security “keeping played an important role in our lives, but in the information private and Secure from unauthorized Users”. past This paper gives the Fundamental few years, network communication, especially over Requirements for the Data Transmission, the the Internet, has emerged as one of the most security attacks like Interruption, Interception powerful and Modification of the data Transmission. Methods of communication with an overwhelming The Cryptographic Process Impact on our lives. Such rapid advances in explaining through a generalized function is Communications technology have also given rise discussed through which encryption and decryption is done by the various algorithms to like RSA algorithm, Hash Functions and Security threats to individuals and organizations. many cryptographic algorithms. Fundamental Requirements Introduction Confidential: Is the process of keeping The Cryptanalysis is the process of information attempting to discover the plain text and/ or the private and Secret so that only the intended key. recipient Applications of Various Cryptographic is able to understand the information. Technologies. Authentication: Is the process of providing proof of Why & How to Provide Network Security in the identity of the sender to the recipient, so that the Certificates issuing, The Validity & Trust for recipient can be assured that the person sending Certificate the Services, Certificate Revocation in the Internet, information is who and what he or she claims to Intranet and other Network Communications, the be. Applications of Network Security to the various Integrity: Is the method to ensure that information Data is Transfer techniques and protocols. not tampered with during its transit or its storage From the dawn of civilization, to the highly on networked societies that we live in Today the network. Any unauthorized person should not communication has always been an integral be part of our existence. able to tamper with the information or change the • Radio communication Information during transit • Network communication Non-repudiation: Is the method to ensure that • Mobile communication information cannot be disowned. Once the non- repudiation • Telephonic communication process is in place, the sender cannot
  • 2. deny being the originator of the data. source destination What is Cryptography? The term cryptology has its origin in Greek Kryptós lógos , which means “hidden word.” Cryptography is the science of protecting data, which provides means and methods of converting data into Unauthorized user unreadable form, so that Valid User can access Information at the Destination. Cryptography is the science of using mathematics to encrypt and Security Attacks decrypt data. Cryptography enables you to store sensitive Interruption: In an attack where one or more of information or transmit it across insecure networks the (like the Internet) so that it cannot be read by systems of the organization become unusable due anyone to except the intended recipient. While cryptography attacks by unauthorized users. This leads to is systems the science of securing data, cryptanalysis is the being unavailable for use. science of analyzing and breaking secure communication. Cryptanalysts are also called Interception: An unauthorized individual attackers. Cryptology embraces both cryptography intercepts and cryptanalysis. the message content and changes it or uses it for malicious purposes. After this type of attack, the Cryptography Terminology message does not remain confidential. a) Plaintext: The original intelligible Modification: The content of the message is message. modified b) Cipher text: The transformed message. by a third party. This attack affects the integrity of c) Cipher: An algorithm for transforming an the message. So for maintaining the data secretly intelligible while message to unintelligible by transposition. communicating data between two persons or two d) Key: Some critical information used by the organizations data is to be converted to other cipher, format known only to the sender & receiver. and the data is to be transmitted. So now we deal e) Encipher :( Encode) the process of converting with plaintext to cipher text using a cipher and a key. the Cryptography which is process of transmitting f) Decipher :( Decode) the process of converting data securely without any interruption. Network cipher text back into plaintext using a cipher & key. security is the security of data transmission in the g) Cryptanalysis: The study of principles and communication. methods of transforming an unintelligible message
  • 3. back into an intelligible message without are being built as distributed applications, the knowledge of the key. Also called code breaking physical h) Cryptology: Both cryptography and security model has lost its significance. The advent cryptanalysis of i) Code: an algorithm for transforming an the internet and the web has raised the scale and intelligible frequency of network Security threats. message into an unintelligible one using codes. j) Hash algorithm: Is an algorithm that converts Common Security Threats text string into a string of fixed length. Identity interception: It means that someone k) Secret Key Cryptography (SKC): Uses a might single steal your identity and use it as their own. key for both encryption and decryption Masquerading. If you send your username and l) Public Key Cryptography (PKC): Uses one key password in clear text form, someone might be for able to encryption and another for decryption grab it from the network and use it elsewhere with m) Pretty Good Privacy (PGP): PGP is a hybrid the cryptosystem. intention of perpetrating fraud. n) Public Key Infrastructure (PKI): PKI feature is Replay attack: They might capture your request of Certificate authority. withdrawing 1000 dollars from your Bank account and then replay that request over the network. Data interception and manipulation: If someone can read your credit card information while it is on the Network Security wire, they could cause a lot of trouble for you. Repudiation: When someone performs a For Distributed computing transaction • Logical set of services distributed and then deny it later can be a big problem in over the network ecommerce. • Physical security model does not For example, if you are manufacturer of work anymore something and you received a 1 million dollar For Internet and Web purchase request from a customer, you will want to make sure that person does not deny it after the •  Increase of security threat transaction has been completed. We all know what •  More stringent security for Ecommerce “denial of service” means. and B2B Network Security Needs Why network security? Security Needs of an Enterprise When networks were not that pervasive, that • Single sign-on Internet and intranet is when computing devices were running in their own •  Controlled access to corporate Islands, it was rather easy to deal with security. information The •  Secure business transaction over only thing they needed to do was to lock the door. Internet Now, as more and more computing devices are getting connected and more and more applications •  Centralized, easy to use security admin
  • 4. tools Key Process Techniques •  Transparency of security features •  Interoperable security systems   Symmetric-Key Encryption: One •  Various PKI schemes, Kerbos Key Symmetric-key encryption, also called shared-key Common Network Security Needs encryption or secret-key cryptography, uses a single key that both the sender and recipient possess. •  Authentication (Identity verification) This key, used for both encryption and decryption, •  Access control (Authorization) is called a secret key (also referred to as a •  Data confidentiality (Privacy) symmetric •  Data integrity (Tamper-proofing) key or session key). Symmetric-key encryption is an •  Non-repudiation (Proof of transaction) efficient method for encrypting large amounts of •  Auditing data. But the drawback is to transfer the Key to Receiver Cryptographic Process Basic Process as it is prone to security risks. M is the original message K enc is encryption key   Public-Key Encryption: Two Keys M' is the scrambled message K dec is decryption key Two keys—a public key and a private key, which It is “difficult” to get M just by knowing M' are mathematically related—are used in public-key E and D are related such that encryption. To contrast it with symmetric-key E(K enc , M) = M' encryption, public-key encryption is also D(K dec , M') = M sometimes D(K dec , E(K enc , M)) = M called asymmetric-key encryption. In public-key Plaintext—M Cipher text—M' Original encryption, the public key can be passed openly Plaintext—M between the parties or published in a public Decryption function—D Encryption repository, but the related private key remains function—E private. So how does cryptographic process work? Data encrypted with the public key can be The idea is rather simple. Let's say you have decrypted plaintext only using the private key. Data encrypted with the M. By providing the encryption key and the private key can be decrypted only using the public encryption key. In Figure 1, a sender has the receiver's public function you get cipher text, M'. The cipher text key and uses it to encrypt a message, but only the can be receiver has the related private key used to decrypted using a decryption function and a decrypt decryption key and the result is the original text. In the message. cryptographic process the mathematical property is Private Key Method such that it is practically impossible to derive M Public Key Method from Encryption is done with Public Key and M' unless the key is known. Decryption with another key called Private Key. This
  • 5. is called Public Key Cryptography. aside, the patent for RSA expired in September 2000 Public-key cryptography algorithms which does not appear to have affected RSA's popularity one way or the other. RSA: The first, and still most common, PKC implementation, named for the three MIT Diffie-Hellman: After the RSA algorithm mathematicians who developed it — Ronald Diffie and Hellman came up with their own Rivest, algorithm. Adi Shamir, and Leonard Adleman. RSA today is D-H is used for secret-key key exchange only, and used in hundreds of software products and can be not used for key exchange, digital signatures, or for authentication or digital signatures. encryption of small blocks of data. RSA uses a variable size encryption block and a variable size Digital Signature Algorithm (DSA): The key. algorithm specified in NIST's Digital Signature The key-pair is derived from a very large number, Standard (DSS), provides digital signature n, capability that is the product of two prime numbers chosen for the authentication of messages. according to special rules; these primes may be 100 Elliptic Curve Cryptography (ECC): A or more digits in length each, yielding an n with PKC algorithm based upon elliptic curves. ECC roughly twice as many digits as the prime factors. can The offer levels of security with small keys comparable public key information includes n and a derivative to of RSA and other PKC methods. It was designed for one of the devices with limited compute power and/or factors of n; an attacker cannot determine memory, the prime factors of n (and, therefore, the private such as smartcards and PDAs key) from this information alone and that is what makes Hash functions the An improvement on the Public Key scheme is RSA algorithm so secure. (Some descriptions of the addition of a one way hash function in the PKC process. A one-way hash function takes variable erroneously state that RSA's safety is due to the length input. In this case, a message of any length, difficulty in factoring large prime numbers. In fact, even thousands or millions of bits and produces a large prime numbers, like small prime numbers, fixed-length output; say, 160-bits. The hash only function have two factors!) The ability for computers to ensures that, if the information is changed in any factor way large numbers, and therefore attack schemes such even by just one bit an entirely different output as value RSA, is rapidly improving and systems today can is produced. find Hash functions, also called message digests the prime factors of numbers with more than 140 and one-way encryption, are algorithms that, in digits. The presumed protection of RSA, however, some is sense, use no key Instead; a fixed-length hash that users can easily increase the key size to value always is computed based upon the plaintext that makes it stay ahead of the computer processing curve. As impossible for either the contents or length of the an plaintext to be recovered. Hash algorithms are
  • 6. typically used to provide a digital fingerprint of a means that it prevents the sender from claiming file's that contents often used to ensure that the file has not he or she did not actually send the information. been altered by an intruder or virus. Hash These functions features are every bit as fundamental to are also commonly employed by many operating cryptography systems so encrypt passwords. Hash functions, as privacy, if not more. then, A digital signature serves the same purpose help preserve the integrity of a file. as a handwritten signature. However, a As long as a secure hash function is used, handwritten there is no way to take someone's signature from signature is easy to counterfeit. A digital signature one is document and attach it to another, or to alter a superior to a handwritten signature in that it is signed nearly message in any way. The slightest change in a impossible to counterfeit, plus it attests to the signed contents document will cause the digital signature of the information as well as to the identity of the verification signer. process to fail. Public-Key Encryption for Digital Certificates Applications Of Cryptography Digital certificates, or cert., simplify the task of establishing whether a public key truly belongs 1. Defense Services to 2. Secure Data Manipulation the purported owner. A certificate is a form of 3. E –Commerce credential. Examples might be your birth 4. Business Transactions certificate. 5. Internet Payment Systems Each of these has some information on it 6. Pass Phrasing identifying 7. Secure Internet Comm. you and some authorization stating that someone 8. User Identification Systems else 9. Access Control has confirmed your identity. Some certificates, 10. Computational Security such 11.Secure access to Corp Data as your passport, are important enough 12.Data Security. confirmation of your identity that you would not want to lose Public-Key Encryption for Digital Signatures them, lest someone use them to impersonate you. A major benefit of public key cryptography is that it provides a method for employing digital Digital Certificate signatures. Digital signatures enable the recipient of A digital certificate is data that functions much information to verify the authenticity of the like a physical certificate. A digital certificate is information's origin, and also verify that the information included with a person's public key that information is intact. Thus, public key digital helps others verify that a key is genuine or valid. signatures provide authentication and data Digital certificates are used to thwart attempts to integrity. A substitute one person's key for another. digital signature also provides non-repudiation, which A digital certificate consists of three things:
  • 7. A public key. • Certificate information. ("Identity" Secret-key encryption algorithms (Symmetric information algorithms) about the user, such as name, user ID, and • DES (Data Encryption Standard) -- 56 bit so on.) key • One or more digital signatures. • Triple DES --112 bit key The purpose of the digital signature on a • IDEA (International Data Encryption certificate is to state that the certificate information Algorithm) --128bit key has been attested to by some other person or entity. Public-key encryption algorithms (Asymmetric The digital signature does not attest to the algorithms) authenticity of the certificate as a whole; it vouches only that Diffie-Hellman (DH): Exponentiation is easy the but computing discrete logarithms from the signed identity information goes along with, or is resulting bound to, the public key. Thus, a certificate is value is practically impossible basically a public key with one or two forms of ID attached, plus a hearty stamp of approval from some other trusted individual. Cryptographic Technologies Based on Layers RSA: Multiplication of two large prime • Link layer encryption numbers is easy but factoring the resulting product • Network layer encryption is • IPSEC, VPN, SKIP practically impossible • Transport layer • SSL, PCT(Private Communication Technology) Public Key Infrastructure (PKI) • Application layer • PEM (Privacy Enhanced Mail) Introduction • PGP (Pretty Good Privacy) • SHTTP The term public key infrastructure (PKI) is Cryptographic process can be implemented at used to describe the policies, standards, and various software layers starting from the link Layer all the way up to that regulate or manipulate certificates and public the and application layer. The most popular encryption private keys. In practice, PKI refers to a system of scheme is SSL and it is implemented at the digital certificates, certification authorities (CA), transport and layer. If the encryption is done at the transport other registration authorities that verify and layer, authenticate the validity of each party any application that is running on the top of the involved transport layer can be protected. in an electronic transaction. Standards for PKI are still evolving, even as they are being Based on Algorithms widely
  • 8. implemented as a necessary element of electronic certificate is in compliance with the criteria commerce. This section will help you understand established what by the CA policy. a PKI is and what services are required to build a Certificate enrollment: The procedure that an PKI. end entity follows to request and receive a certificate PKI concepts on Certificates from a CA. The certificate request provides identity Certificate: A public key certificate is a digitally information to the CA signed statement used for authentication and Certificate Revocation: Certificates have a secure specified exchange of information on the networks. The lifetime, but CAs can reduce this lifetime by the issuer process known as certificate revocation. The CAs and signer of the certificate is known as a publishes a certificate revocation list (CRL) that certification lists authority (CA). Certificate has No, Validity, Uses of serial numbers of certificates that it considers no the Key pair (Public & Secret) longer usable. Certification Authority: A certification authority Certificate Chain Validation: In a network, when (CA) we is an entity trusted to issue certificates to a generate a request for a new certificate, the requesting information in that request is first passed from the entity. A CA verifies the requester's information requesting program to Certificate Authority (CA) according to the policy of the CA, and then uses its then private key to apply its digital signature to the passes the appropriate data to a program known certificate. as a cryptographic service provider (CSP) A CSP is an CA Policy: A CA issues certificates to requesters independent software module that performs based on a set of established criteria. The set of cryptography operations, such as secret-key criteria that a CA uses when processing certificate exchange, digital signing of data, and public-key requests is referred to as CA policy. Typically, a authentication. Chain-building mechanism CA attempts to publishes its policy in a document known as a build a certification path (a certificate chain) from Certification Practice Statement (CPS). the end-entity certificate, such as a user certificate, up Types of Certification Authorities to a CA root certificate. Self-signed CA: The public key in the certificate and Attacking Cryptography Cryptanalysis the key used to verify the certificate are the same Subordinate CA: The public key in certificate and Cryptanalysis is the process of attempting to the discover the plaintext and/ or the key. The types of key used to verify the certificates are different. Cryptanalysis attacks are Rooted CA: This is trusted unconditionally by a client Differential Cryptanalysis Attack: and is at top of a certification hierarchy. Registration: Registration is the process by which The differential cryptanalysis attack looks a specifically at certificate is issued to the subject, provided that pairs of cipher texts whose plaintext has some the
  • 9. specific differences. It analyzes these differences describes the cryptographic concepts of symmetric as key the plaintext propagates through various rounds of encryption, public-key encryption, types of Data Encryption Standards (DES) when they are encryption algorithms, hash algorithms, digital encrypted with the same key. signatures, and key exchange. The Cryptography Attacking techniques like Cryptanalysis and Brute Linear Cryptanalysis Attack: Force Attack. This Paper provides information of Network Security Needs and Requirements. Linear Cryptanalys is attack was invented by Cryptography is a particularly interesting field Mitsuru Matsui in 1993. This method is based on because of the amount of work that is, by the concept that if you XOR some of the plaintext necessity, bits together, XOR some cipher text bits together, done in secret. The irony is that today, secrecy is and then XOR the results, you will get a single bit not that is the XOR of some of the key bits. A large the key to the goodness of a cryptographic number of such plain/cipher texts pairs are used algorithm. to guess the values of the key bits Regardless of the mathematical theory behind an algorithm, the best algorithms are those that are Brute Force Attack well known and well-documented because they are also The simplest attack to decipher a DES key is well-tested and well-studied! In fact, time is the the brute force attack. The brute force attack on only the true test of good cryptography; any cryptographic DES algorithm is feasible because of the relatively scheme that stays in use year after year is most small key length (56 bit) and ever-increasing likely computational power of the computers. It can a good one. The strength of cryptography lies in break the through any cipher by trying all keys that possibly choice (and management) of the keys; longer keys exist. However, in brute force attacks, the time will resist attack better than shorter keys. taken to break a cipher is directly proportional to the References: length • Cryptography and Network Security –By of the key. In a brute force attack, keys are William Stallings. randomly • Introduction to Cryptography –By Aysel generated and applied to the cipher text until the Ozgur legitimate key is generated. The Average Time • www.en.wikipedia.org. Required for Exhaustive Key Search • http://www-users.cs.umn.edu/ http:/ Conclusion Cryptography protects users by providing functionality for the encryption of data and authentication of other users. This technology lets the receiver of an electronic message verify the sender, ensures that a message can be read only by the intended person, and assures the recipient that a message has not be altered in transit. This paper