Vous êtes sur la page 1sur 28

TechKnowXpress Cryptography

Cryptography (from Greek krypts, "hidden",


+ grphein, "to write").

Cryptography is the practice and study of


techniques for secure communication in the
presence of third parties (called adversaries).

It is about constructing and analyzing protocols


that overcome the influence of adversaries.

TechKnowXpress Cryptography 2
There are three eras in the history of Cryptography:
The Manual era
The Mechanical era
The Modern era

Manual era refers to Pen and Paper Cryptography and dates


back to 2000 B.C.eg : Scytale, Atbash , Caesar, Vigenere.

Mechanical era refers to the invention of cipher machines. E.g.:


Japanese Red and Purple Machines , German Enigma.

The modern era of cryptography refers to computers.

There are infinite permutations of cryptography available using


computers. E.g.: Lucifer, Rijndael , RSA , ElGamal.
TechKnowXpress Cryptography 3
Cipher: the algorithm that does the encryption.

Ciphertext: the encrypted (scrambled) version of


the message. Message altered to be unreadable by
anyone except the intended recipients.

Cryptanalysis: the science of breaking


cryptographic algorithms.

Cryptanalyst: a person who breaks cryptographic


codes; also referred to as the attacker.

TechKnowXpress Cryptography
Cryptosystem The combination of algorithm, key,
and key management functions used to perform
cryptographic operations.

Decryption: the process of converting ciphertext


back to the original plaintext.

Encryption: scrambling a message or data using a


specialized cryptographic algorithm.

Initialization Vector Random values used with


ciphers to ensure no patterns are created during
encryption.

TechKnowXpress Cryptography 5
Key Sequence that controls the
operation and behavior of the
cryptographic algorithm.

Keyspace Total number of possible


values of keys in a crypto algorithm.

Plaintext A message in its natural


format readable by an attacker.

TechKnowXpress Cryptography 6
Authentication
ensures that whoever supplies or
accesses sensitive data is an authorized
party.

Confidentiality
assures that only authorized parties are
able to understand the data.

TechKnowXpress Cryptography
Integrity
ensures that when a message is sent over a
network, the message that arrives is the
same as the message that was originally
sent.

Nonrepudiation
ensuring that the intended recipient actually
received the message & ensuring that the
sender actually sent the message.
TechKnowXpress Cryptography
Brute force
Trying all key values in the keyspace.

Chosen Ciphertext
Decrypt known ciphertext to discover key.

Dictionary Attack
Find plaintext based on common words.

Frequency Analysis
Guess values based on frequency of
occurrence.

TechKnowXpress Cryptography 9
Factoring Attacks
Find keys through prime factorization.

Replay Attack
Repeating previous known values.

Side channel attacks


use seemingly incidental information
that can reveal important information
about the key being used.

TechKnowXpress Cryptography
Chosen plaintext attacks
The cryptanalyst introduces the plaintext into
the system and then watches for how that
plaintext will be encrypted.

The Allies used this approach in WWII by


sending out false messages about allied troop
movements.

Often the attacker will try to feed a planned


sequence of messages that would reveal the
most about the way in which the data is being
encrypted.

TechKnowXpress Cryptography
Known plaintext attack
The attacker has both the ciphertext and the
plaintext.

The attacker knows the algorithm that was


used for the encryption.

This is difficult because there are so many


keys, but the plaintext information may
make experimentation easier than in the
previous case.

TechKnowXpress Cryptography
Differential Power Analysis
This is an attack on smart cards.

A DPA attack analyzes the power output


from a processor performing an
encryption algorithm in order to get
information about the key being used by
that algorithm.

TechKnowXpress Cryptography
There are several size of
encryption keys:
64 bit encryption
128 bit encryption
256 bit encryption
512 bit encryption
1024 bit encryption

Number indicates the size of the


key used to encrypt the message.

TechKnowXpress Cryptography
Symmetric
o Even if an attacker captures the data, the attacker will not be
able to manipulate it in any meaningful way.
o Symmetric algorithms use a single key shared by two
communicating parties.
o The same key is used for both encryption and decryption.

Asymmetric
o Mathematically related key pairs for encryption and
decryption.
o Public and private keys.

Hybrid
o Combines strengths of both methods.
Asymmetric distributes symmetric key.
o TechKnowXpress Cryptography 15
Asymmetric Cryptography

Symmetric Cryptography

TechKnowXpress Cryptography
Types of Symmetric Cryptography:
Stream-based Ciphers
Mixes plaintext with key stream.
Good for real-time services.

Block Ciphers
Substitution and transposition.
E.g.: DES, AES.

TechKnowXpress Cryptography
Public Key Cryptography

In public-key cryptosystems, the


public key may be freely distributed,
while its paired private key must
remain secret and is used for
decryption.

Public-key cryptography can be used


for implementing digital
signature schemes.

TechKnowXpress Cryptography
TechKnowXpress Cryptography
Quantum cryptography describes the use
of quantum mechanical effects (in
particular quantum communication
and quantum computation) to
perform cryptographic tasks or to break
cryptographic systems.

TechKnowXpress Cryptography
The advantage of quantum cryptography is
that it allows the completion of various
cryptographic tasks that are proven or
conjectured to be impossible using only
classical communication.

For example, quantum mechanics


guarantees that measuring quantum data
disturbs that data. This can be used to
detect eavesdropping in quantum key
distribution.

TechKnowXpress Cryptography
Digital signatures can be
permanently tied to the content of
the message being signed. They
cannot then be 'moved' from one
document to another, for any
attempt will be detectable.

RSA and DSA are two of the most


popular digital signature schemes.

TechKnowXpress Cryptography
In digital signature schemes, there are two
algorithms: one for signing, in which a secret
key is used to process the message and one for
verification, in which the matching public key is
used with the message to check the validity of
the signature.

TechKnowXpress Cryptography
Traditionally, a watermark has been
used to verify the authenticity of a
document.

TechKnowXpress Cryptography
Drivers Licenses, diplomas, official
letterhead were the primary
applications of watermarks . More
recently, used to track or prevent
redistribution of TV logos.

TechKnowXpress Cryptography
Purpose of using:
Ensure authenticity of digital goods.
Prevent unauthorized use/ensures
copyright.
Prevent copying.

Adding the watermark to the image


itself prevents removal by
changing the format.
E.g. GIF->JPEG.

TechKnowXpress Cryptography
DRM is the practice of imposing
technological restrictions that control
what users can do with digital media.

DRM is a class of controversial


technologies that are used by
hardware manufacturers,
publishers, copyright holders, and
individuals with the intent to control
the use of digital content and devices
after sale.

TechKnowXpress Cryptography
TechKnowXpress Cryptography

Vous aimerez peut-être aussi