Académique Documents
Professionnel Documents
Culture Documents
By
Dr. Vivek Kapoor
12. The Melissa Virus – This was a bug that hit everyone, both PC users and Mac
users. It would automatically email itself to other people without permission. It
can be extra harmful if you use a private mail server at your place of
employment. The Melissa virus has gone down in history as one of the most
common computer viruses of all time.
By
Vivek Kapoor
• The message is written out in rows of a fixed length, and then read out
again column by column.
• Columns are chosen in some scrambled order.
• Message WE ARE DISCOVERED. FLEE AT ONCE. In a regular
columnar transposition, we write this into the grid as:
• 6 3 24 1 5
• WE AR E D
• I S COV E
• RE D F L E
• EA TO N C
• EQ KJ E U
• To encrypt a message, one would break the message into digraphs (groups of 2
letters).
• Then apply the following 4 rules, in order, to each pair of letters in the plaintext:
1. If both letters are the same (or only one letter is left), add an "X" after the first
letter. Encrypt the new pair and continue. Some variants of Playfair use "Q" instead
of "X", but any uncommon monograph will do.
2. If the letters appear on the same row of your table, replace them with the letters to
their immediate right respectively (wrapping around to the left side of the row if a
letter in the original pair was on the right side of the row).
3. If the letters appear on the same column of your table, replace them with the letters
immediately below respectively (wrapping around to the top side of the column if a
letter in the original pair was on the bottom side of the column).
4. If the letters are not on the same row or column, replace them with the letters on the
same row respectively but at the other pair of corners of the rectangle defined by
the original pair. The order is important – the first encrypted letter of the pair is the
one that lies on the same row as the first plaintext letter.
Symmetric Key
K1
ENCRYPTION
Encrypted
Cipher text CT + symmetric key K1
Digital envolope
1/21/2020 Dr. Vivek Kapoor 76
Digital Envolope
• A now sends the digital envolope to B using network.
• B recives the envolope & get two things cipher text CT & one time encrypted
symmetric key K2.
• B now uses his private key K3 to decrypt symmetric key K1 which was
encrypted using B’s public key K2.
Encrypted
symmetric key K1 Symmetric key K1
Symmetric Key K1
Key Generation
Registration
Verification
Certificate Creation
Yes No
Message Digest (MD2)
1/21/2020 Dr. Vivek Kapoor Valid 110
Invalid
Accept it Reject it
Certificate Hierarchies & Self-Signed
Certificates
• Suppose Alice received Bob’s certificate & she wants to verify it. For Alice
wants to design the bob’s certificate using Bob’s CA public key.
• How will Alice know Bob’s CA public key?
• If their CA’s are same then there is no problem ? But if they are different then
the problem arises.
• To resolve this type of problem Certification Authority Hierarchy is created.
This is also called Chain of Trust. In other terms CA’s are grouped into multiple
level of CA hierarchy.
• CA hierarchy begins with the root CA.
• The root CA has one or more 2nd level CA, which in turn have one or more third
level CA’s and so on.
• This type of hierarchy relieves the root CA from having to mange all the
possible digital certificates.
3rd Level CA B1 3rd Level CA B2 3rd Level CA B10 3rd Level CA B11
….
1/21/2020 Alice Dr. Vivek Kapoor
… Bob 113
…
Certificate Hierarchies & Self-Signed
Certificates
• If Alice has obtained her certificate from a third level CA & Bob has
obtained his certificate from other third level CA, How can Alice verify
Bob’s certificate?
• Clearly Bob in addition to his own certificate Bob will send certificate of
his CA (i.e B11) to Alice. This would tell Alice the public key of B11.
• Using the public key of B11, Alice can design and verify Bob’s certificate.
• Now question arises how will Alice will trust B11 certificate.
• For this Alice will required A3 certificate since B11 certificate has
obtained certificate from A3 and this will go so on until it reaches the root
certificate.
• The root CA’s are considered to be trusted CA’s, for this Alice web
browser contains pre programmed, hard coded certificate of the root
certificate
• Root certificate is self signed certificate i.e root signs its owns certificate
1/21/2020 Dr. Vivek Kapoor 114
Certificate Hierarchies & Self-Signed
Certificates
• But in actual sequence of operations Bob will send all certificates up to the root
CA in the first message to Alice. This is called Push Model.
• Alice will verify all the certificates. This is called Pull Model.
Alice
…. …. Bob