Guided by Mrs.

SHEENA MATHEW

VIBJAN KOLAPATI CS-B,ROLL NO:97

INTRODUCTION SECURITY APPLICATIONS CHALLENGES CONCLUSION REFERENCES

Cryptography is Art & Science of preparing coded or protected Communication intelligible only to the authorized person. Cryptography jargon: ciphertext, plaintext, keys,symmetric &asymmetric algorithms. History : from World War-I Cryptology Cryptanalysis

Cryptography: Codes and Code books Ciphers Cryptanalysis: Art of analyzing ciphertext to extract the plaintext or the key. Steganography:

SECURITY REQUIREMENTS:

Confidentiality Integrity Authentication

SECURITY THREATS: Information disclosure Integrity violation Generic threat : trojan horses Authentication threats

SECURITY MECHANISMS:

Encryption: The method of disguising plaintext in such a way as to hide its substance is called encryption. Decryption: The process of reverting ciphertext to its original plaintext is called decryption.

Digital Signatures:
Digital signatures enable the recipient of information to verify the authenticity of the informations origin, and also verify that the information is intact. Thus, public key digital signatures provide authentication and data integrity.

Hash Algorithms:
A one-way hash function takes variablelength input, in this case, a message of any length, even thousands or millions of bitsand produces a fixed-length output; say, 160bits. The hash function ensures that, if the information is changed in any wayeven by just one bitan entirely different output value is produced.

I.

Protecting ATM transactions

Smart Card Cryptography Application Block

II.

III.

IV.

Watermarking

Advantages of ATM :
>Easy to access >would not require human intervention >economical

Customer authentication:
> customers signature > customers voiceprint > customers fingerprint > a password assigned to the customer

User_ID
Janu Sonu

PAN

PIN

17894567 76654321

8974 7860

Q2=f(Q1); Q2=f(Q1)=1,000,000,000 Q1 Q2(Janu)=1,000,000,000 17,894,567 =999,982,105,433

The solution encipherment!

Q2= EK{Q1}. If the cryptographic algorithm EK{ --- } is sufciently strong, then knowledge of the pair (Q1,Q2) or even a large number of pairs ({Q1(i), Q2(i)):1< i < N} might not permit a customer easily to deduce the secret key K. A solution to permit the user to select a U-PIN((User_ID)). The PIN(User_ID), PINOffset(User_ID), and U-PIN(User_ID) in the IBM 3624 system are related by U - PIN(User ID)= Left16[EK{PAN(User ID)}]+ PINOffset(User ID). Standard Decimalization Table: 0 0 1 1 2 2 3 3 4 4 5 5 6 7 6 7 8 8 9 A 9 0 B 1 C D E F

2 3 4 5

Smart card is pocket-sized card with embedded integrated circuits which can process data. The smart card will provide proof of identity when a user is communicating with a remote server. Secure transactions involving a smart card will require cryptography. If the identication process is based on public-key cryptography, then . The key will need to be stored in the EEPROM, . The smart card will need to read-protect the key, and . The owner of the card will need to use a PIN to prove identity to the card.

TRASEC protocol

A secure cryptoprocessor is a dedicated computer or microprocessor for carrying out cryptograpic operations, embedded in a packaging with multiple physical security measures, which give it a degree of tamper resistance.

Cryptoprocessors input program instructions in encrypted form, decrypt the instructions to plain instructions which are then executed within the same cryptoprocessor chip where the decrypted instructions are inaccessibly stored. By never revealing the decrypted program instructions, the cryptoprocessor prevents tampering of programs by technicians who may have legitimate access to the sub-system data bus.

Cryptography Application Block simplifies how developers incorporate cryptographic functionality in their applications. Applications can use the application block for a variety of tasks, such as encrypting information, creating a hash from data, and comparing hash values to verify that data has not been altered. The Cryptography Application Block was designed to achieve the following goals: Encapsulate the logic that is used to perform the most common application cryptography tasks. Present a standard consistent model for common cryptography tasks. Make sure minimal or negligible performance impact compared to manually written cryptography code that accomplishes the same functionality. Provide a key protection model that can be customized to satisfy your organization's security requirements.

Watermarking is a method in computer security by which identifiers of sources or copyright owners of digital or analog signals are embedded into the respective signals themselves in order to keep track of where a signal comes from or who the copyright owners are. The characteristic security requirements on digital watermarking schemes, also called electronic copyright marking schemes (ECMS), are as follows: >unobstrusiveness: Watermarks should not degrade the quality of the cover-signal. >robustness:Watermarks should be embedded into the content, in such a way that any signal transform of reasonable strength cannot remove the watermark.

Plays role in business economics, e-commerce,banking etc., Plays role in web security SSL protocol Plays role in military agencies National Security Agency(NSA). Plays role in System Security Unix passwords, SIM cards etc.,

In the future, as telephone networks become digital, even the actual conversations may be recorded and stored. All of this amounts to a great potential loss of privacy. Cryptography is one tool that will be able to ensure more privacy. The ability to encrypt data, communications, and other information gives individuals the power to restore personal privacy.
Cryptography is important for more than just privacy, however. Cryptography protects the worlds banking systems as well. Many banks and other financial institutions conduct their business over open networks, such as the Internet.

1.Microsoft Encarta Encyclopedia 2.Cryptography Encyclopedia 3.Cryptography and Data security by Dorothy Elizabeth,Amazon.com 4.Computer-security and Cryptography by Alan konheim,ACM portal. 5.Cryptography & Data security by Denning,Amazon.com 6. Bloom, Jefrey A., Ingemar J. Cox, Ton Kalker, Jean-Paul M.G. Linnartz, Matthew L. Miller, C., andBrendan S. Traw (1999). Copy protection for DVDvideo. Proceedings of the IEEE,87 (7), 12671276. 7.Applied Cryptography and Data security by Prof. Christof Paar 8.www.msdn.microsft.com