Encryption Techniques

Keerthana.J
(060341039)
Topics Covered

 Types of Attacks
 Cryptography
 Traditional methods
 Symmetric and Public-Key Algorithms
 Digital Signatures
 Certificates
 Cryptography with PHP
Types of Threat in Internet

Threat is a set of circumstances that has the

potential of causing loss and harm
 Interception
 Interruption
 Modification
 Fabrication
Cryptography

 Encryption is the process of translating

information from its original form (called
plaintext) into an encoded, incomprehensible
form (called ciphertext).
 Decryption refers to the process of taking
ciphertext and translating it back into
plaintext.
What does it provide ?

Important aspects of computer security

 Confidentiality
 Integrity
 Availability
 Authenticity of data
Traditional Methods

1) Substitution Ciphers
a b c d e fghi j k l mno pqr s t u vwx y z
KEY: QWERTYUIOPASDFGHJKLZXCVBNM

Plaintext : attack
Ciphertext : QZZQEA
2)Transposition Cipher

M E G A B U C K (KEY)
7 4 51 2 8 3 6
t r an s f e r
o n em i l l I
o n t o a cc o
u n t s i x t w
w ot w o
 Plaintext : transferonemilliontoaccountsixtwotwo
 Ciphertext : nmoswsiaioelctrnnnoaetttrlowtoouwflcx
Symmetric-Key Algorithms

 Traditional Vs Symmetric-Key
 It uses the same key for encryption and
decryption
 The key is called the secret key.
 Drawback of Symmetric-key algorithms
 Examples : Data Encryption Standard

Advanced Encryption Standard

Public-Key Algorithms

 New kind of cryptosystem where the

encryption and the decryption keys are
different.
 Public Keys used by the entire world for
encrypting messages to send it to the user.
 Private Keys which the user needs for
decrypting messages.
 Examples : RSA, Knapsack algorithm
Working of Public-Key Algorithms
Drawbacks in Public-Key
Algorithm

There were some drawbacks in Public-Key

Algorithms which led to Digital Signatures.
 The receiver could not verify the identity of
the sender.
 The sender cannot later repudiate the
contents of the message.
 The receiver could possibly have concocted
the message himself.
Digital Signatures

 Symmetric-Key Signatures
It has a central authority that knows everything
and whom everyone trusts.
Drawback is everyone has to believe in the third
party and he gets to read all the signed
messages.
 Public-Key Signatures
These drawbacks are solved in this kind of
signatures.
Any public-key algorithm can be used for digital
signatures.
Working of Public-Key Signatures
Certificates

 Public key cryptography makes it possible for

people who do not share a common key to
communicate securely.
 It also makes signing messages possible
without the presence of a trusted third party.
 An organization that certifies public keys is
now called a (Certification Authority) CA.
 Used in Credit card payments
Example of Certificate

 The fundamental job of a certificate is to bind

a public key to the name of a principal
(individual, company)
Encryption in PHP

 One Way Encryption

The algorithms for one-way encryption are
called hash algorithms. PHP uses the
Message Digest (MD) hash algorithm, MD5,
for one-way encryption.
Examples: Used for storing user passwords.
<?php
$msg = " Password ";
$encrypted_text = md5 ($msg);
echo("<b>Plain Text : </b>");
echo($msg);
echo("<p><b>Encrypted Text : </b><br>");
echo($encrypted_text);
?>
Output

PlainText : Password
Encrypted Text :
3f13fa96ed14d842519897db6810aa7
 Symmetric Encryption
PHP provides several algorithms for
symmetric encryption in the mcrypt
library. It also provides the mcrypt_ecb
function to implement the algorithms of
the mcrypt library.
 Asymmetric Encryption

Complex to implement but very efficient.

<?php
echo("<h3> Symmetric Encryption </h3>");
$key_value = "KEYVALUE";
$plain_text = "PLAINTEXT";
$encrypted_text = mcrypt_ecb(MCRYPT_DES, $key_value,
$plain_text, MCRYPT_ENCRYPT);
echo ("<p><b> Text after encryption : </b>");
echo ( $encrypted_text );
$decrypted_text = mcrypt_ecb(MCRYPT_DES, $key_value,
$encrypted_text, MCRYPT_DECRYPT);
echo ("<p><b> Text after decryption : </b>");
echo ( $decrypted_text );
?>
Conclusion

 The various algorithms are selected as per

the security levels required for the data.
 It is the responsibility of the developer to
include proper encryption of the data.
 These basic cryptographic algorithms are
used to implement SSL (Secure Socket
Layer) for web security.
Thank You