Vous êtes sur la page 1sur 13

Cryptology is a branch of science that deals with two areas:

1. CRYPTOGRAPHY
It is an art of creating the ciphers.
2. CRYPTANALYSIS
It is an art of braking the ciphers. (hacking)
CIPHERTEXT: It is an unintelligible form
of original text(plain text) which is
obtained after applying an encryption
algorithm to the original text.

This encryption algorithm is called a


CIPHER
Security requirements :

• Confidentiality
– assure that data can be kept secret
– method: encryption
• Integrity
– assure that received message has not been altered
– method: digital signature
• Authentication
– about verifying identities
– method: digital certificate
Encryption
Encryption key

Encryption
This is Plaintext 123@8(@0kfl30kfl

Plaintext Ciphertext

SYMMETRIC CRYPTOGRAPHY: 1. same encryption and decryption key


2. encryption and decryption algorithms are
reverse of each other
Decryption
Decryption Key

Decryption This is Plaintext


123@8(@0kfl30kfl

Ciphertext Plaintext
ASSYMETRIC CRYTOGRAPHY

Public Key Encryption


public key

This is Encryption 123@8(@0


Plaintext kfl30kfl

Plaintext Ciphertext

private key

123@8(@0 This is
kfl30kfl Decryption Plaintext

Ciphertext Plaintext
DIGITAL SIGNATURE
• A digital signature or digital signature scheme is a
mathematical scheme for demonstrating the
authenticity of a digital message or document. A
valid digital signature gives a recipient reason to
believe that the message was created by a known
sender, and that it was not altered in transit.
• Digital signatures are commonly used for software
distribution, financial transactions, and in other
cases where it is important to detect forgery and
tampering.
• Digital signatures employ a type of asymmetric
cryptography. For messages sent through an insecure
channel, a properly implemented digital signature
gives the receiver reason to believe the message was
sent by the claimed sender. Digital signatures are
equivalent to traditional handwritten signatures in
many respects; properly implemented digital
signatures are more difficult to forge than the
handwritten type.
History:

1. In 1976, Whitfield Diffie and Martin Hellman first described the


notion of a digital signature scheme, although they only
conjectured that such schemes existed.
2. Soon afterwards, Ronald Rivest, Adi Shamir, and Len Adleman
invented the RSA algorithm that could be used for primitive
digital signatures (Note that this just serves as a proof-of-
concept, and "plain" RSA signatures are not secure.)
3. The first widely marketed software package to offer digital
signature was Lotus Notes, released in 1989, which used the
RSA algorithm.
Steps in digital signature generation

Step 1 :
Compute the message
digest of the file
File

Message
Digest

Digital
Step 2 : Signature Step 3 :
Send the file and digital File + Digital Signature
Encrypt the message digest (signed file)
with sender’s private key signature
(signed file)
Steps in digital signature verification

Signed file Receiver


Sender
File Digital
Signature

Step 1a : Step 1b :
Find the message Decrypt the digital
digest of the file signature with sender’s
public key

Message Message
Digest Digest
Step 2 :
Compare the two Same
message digests Accept

Different

Reject
USES OF DIGITAL SIGNATURE
• AUTHENTICATION: Digital signatures can be used to authenticate the
source of messages. When ownership of a digital signature secret key is bound to a
specific user, a valid signature shows that the message was sent by that user. The
importance of high confidence in sender authenticity is especially obvious in a
financial context. For example, suppose a bank's branch office sends instructions
to the central office requesting a change in the balance of an account. If the
central office is not convinced that such a message is truly sent from an authorized
source, acting on such a request could be a grave mistake.
• INTEGRITY: the sender and receiver of a message may have a need for
confidence that the message has not been altered during transmission. If a
message is digitally signed, any change in the message after signature will
invalidate the signature.
• NON-REPUDIATION: Communication do occur between two persons,
thus there are chances that one of them becomes dishonest at a later
state i.e. deny of any message sent to receiver.
Digital signature prevent such cases.