SlideShare ist ein Scribd-Unternehmen logo

Digital signatures

n|u - The Open Security Community
n|u - The Open Security Community

Chennai November 2011 Meet

TechnologieBildung
1 von 23
Digital Signatures -Kannan Ravindran
Who am I ? I am Kannan Ravindran, A Student of Velammal Engineering College, Ambattur undertaking Bachelor of Engineering concentration on Computer Science and Engineering. I am a member of NullCon - International security conference(Chennai Chapter). I am serving H4CK3R.in as a Moderator.
Contents Introduction Symmetric Key Encryption Message Digest Birthday Attack MD5, SHA and Other Techniques Conclusion
Introduction – What is it? Cryptography is primarily used as a tool to protect national secrets and strategies. It is extensively used by the military, the diplomatic services and the banking sector. One of the landmark developments in the history of cryptography was the introduction of the revolutionary concept of public-key. A cryptographic algorithm or cipher, is a mathematical function used in the encryption and decryption process. This mathematical function works in combination with a key to encrypt the plaintext (the original message)
Introduction – How it works? A cryptographic algorithm, plus all possible keys and the protocols that make it work comprise a Cryptosystem.
Introduction - Objective  Confidentiality is used to keep the content of information secret from unauthorized Persons This is achieved through symmetric and asymmetric encryption.  Data integrity addresses the unauthorized alteration of data. This is addressed by hash functions.  Authentication is related to identification. This applies to both entity and information itself. This is achieved through digital signature certificates and digital signatures.
Symmetric Cryptography In conventional Cryptography, also called secret-key or symmetric-key encryption , the same key is used for both encryption and decryption. Caesar's Cipher: Julius Caesar didn‟t trust his messengers. So when he sent a message to his generals, he replaced every „A‟ with „D‟, every „B‟ with „E‟ and so on. Only the Caesar and the generals knew the “shift by 3” rule. So if we want to encrypt the word “NULLCON” then the cipher will be “QXOOFRQ”. While decrypting it we follow the same “shift by 3” rule, but we shift in the opposite side.
Message Digest The original text: 7391743 Operation Result Multiply 7 by 3 21 Discard first digit 1 Multiply 1 by 9 9 Multiply 9 by 1 9 Multiply 9 by 7 63 Discard first digit 3 Multiply 3 by 4 12 Discard first digit 2 Multiply 2 by 3 6 The Message Digest is 6
Message Digest Requirements: The given message should be very easy to find its corresponding message digest. Also the message digest should always be same every time.
Message Digest Requirements: The message digest should be in such a way that, it must be very difficult to find the original message by just the reverse algorithm
Birthday Attack  How many people do you need so that the probability of having two of them share the same birthday is > 50% ?  Random sample of n birthdays (input) taken from k (365, output)  kn total number of possibilities  (k)n=k(k-1)…(k-n+1) possibilities without duplicate birthday  Probability of no repetition:  p = (k)n/kn  1 - n(n-1)/2k  For k=366, minimum n = 23  n(n-1)/2 pairs, each pair has a probability 1/k of having the same output  n(n-1)/2k > 50%  n>k1/2
Birthday Attack Thus the birthday attack creates a problem in which more than one message can yield the same message digest. And this probability of this type of collision is more than 50% to prevent these birthday attacks algorithms like MD5 and SHA are used.
How many bits for hash?  m bits, takes 2m/2 to find two with the same hash  64 bits, takes 232 messages to search (doable)  Need at least 128 bits
Hash for authentication  Alice to Bob: challenge rA  Bob to Alice: MD(KAB|rA)  Bob to Alice: rB  Alice to Bob: MD(KAB|rB)  Only need to compare MD results
MD5 input Message Output 128 bits Digest • Until recently the most widely used hash algorithm – in recent times have both brute-force & cryptanalytic concerns • Specified as Internet standard RFC1321
MD5 1. Pad message so its length is 448 mod 512 2. Append a 64-bit original length value to message 3. Initialise 4-word (128-bit) MD buffer (A,B,C,D) Process message in 16-word (512-bit) blocks:  Using 4 rounds of 16 bit operations on message block & buffer  Add output to buffer input to form new buffer value 4. Output hash value is the final buffer value
SHA  Developed by NIST, specified in the Secure Hash Standard (SHS, FIPS Pub 180), 1993  SHA is specified as the hash algorithm in the Digital Signature Standard (DSS), NIST
SHA  Input message must be < 264 bits  not really a problem  Message is processed in 512-bit blocks sequentially  Message digest is 160 bits  SHA design is similar to MD5, but a lot stronger
MD5 Vs SHA  Brute force attack is harder (160 vs 128 bits for MD5)  Not vulnerable to any known cryptanalytic attacks (compared to MD4/5)  A little slower than MD5 (80 vs 64 steps)  Both work well on a 32-bit architecture  Both designed as simple and compact for implementation
Revised Secure Hash Standards  NIST have issued a revision FIPS 180-2  adds 3 additional hash algorithms  SHA-256, SHA-384, SHA-512  designed for compatibility with increased security provided by the AES cipher  structure & detail is similar to SHA-1  hence analysis should be similar
Conclusion Thus different concepts of Digital signatures are discussed and a overview of the various algorithms used are discussed
Questions??
Digital signatures

Empfohlen

Hash
HashHash
HashTazo Al
 
Ch11
Ch11Ch11
Ch11Joe Christensen
 
6.hash mac
6.hash mac6.hash mac
6.hash macVirendrakumar Dhotre
 
Message Authentication: MAC, Hashes
Message Authentication: MAC, HashesMessage Authentication: MAC, Hashes
Message Authentication: MAC, HashesShafaan Khaliq Bhatti
 
Message authentication
Message authenticationMessage authentication
Message authenticationCAS
 
Cryptography and Message Authentication NS3
Cryptography and Message Authentication NS3Cryptography and Message Authentication NS3
Cryptography and Message Authentication NS3koolkampus
 
Message Authentication
Message AuthenticationMessage Authentication
Message AuthenticationRam Dutt Shukla
 
Network security cryptographic hash function
Network security cryptographic hash functionNetwork security cryptographic hash function
Network security cryptographic hash functionMijanur Rahman Milon
 

Empfohlen

Hash
HashHash
HashTazo Al
 
Ch11
Ch11Ch11
Ch11Joe Christensen
 
6.hash mac
6.hash mac6.hash mac
6.hash macVirendrakumar Dhotre
 
Message Authentication: MAC, Hashes
Message Authentication: MAC, HashesMessage Authentication: MAC, Hashes
Message Authentication: MAC, HashesShafaan Khaliq Bhatti
 
Message authentication
Message authenticationMessage authentication
Message authenticationCAS
 
Cryptography and Message Authentication NS3
Cryptography and Message Authentication NS3Cryptography and Message Authentication NS3
Cryptography and Message Authentication NS3koolkampus
 
Message Authentication
Message AuthenticationMessage Authentication
Message AuthenticationRam Dutt Shukla
 
Network security cryptographic hash function
Network security cryptographic hash functionNetwork security cryptographic hash function
Network security cryptographic hash functionMijanur Rahman Milon
 
Public Key Encryption & Hash functions
Public Key Encryption & Hash functionsPublic Key Encryption & Hash functions
Public Key Encryption & Hash functionsDr.Florence Dayana
 
Hashing
HashingHashing
HashingHossain Md Shakhawat
 
Hash Function
Hash FunctionHash Function
Hash Functionstalin rijal
 
Cryptography and Network security # Lecture 5
Cryptography and Network security # Lecture 5Cryptography and Network security # Lecture 5
Cryptography and Network security # Lecture 5Kabul Education University
 
Message digest 5
Message digest 5Message digest 5
Message digest 5Tirthika Bandi
 
MD5Algorithm
MD5AlgorithmMD5Algorithm
MD5AlgorithmMirza Tarannum
 
Cryptographic hash function md5
Cryptographic hash function md5Cryptographic hash function md5
Cryptographic hash function md5Khulna University, Khulna, Bangladesh
 
MACs based on Hash Functions, MACs based on Block Ciphers
MACs based on Hash Functions, MACs based on Block CiphersMACs based on Hash Functions, MACs based on Block Ciphers
MACs based on Hash Functions, MACs based on Block CiphersMaitree Patel
 
Message Authentication Code & HMAC
Message Authentication Code & HMACMessage Authentication Code & HMAC
Message Authentication Code & HMACKrishna Gehlot
 
Information and data security cryptographic hash functions
Information and data security cryptographic hash functionsInformation and data security cryptographic hash functions
Information and data security cryptographic hash functionsMazin Alwaaly
 
Information and data security cryptography and network security
Information and data security cryptography and network securityInformation and data security cryptography and network security
Information and data security cryptography and network securityMazin Alwaaly
 
Message integrity protocol
Message integrity protocolMessage integrity protocol
Message integrity protocolPriyaKarnan3
 
20CS2008 Computer Networks
20CS2008 Computer Networks 20CS2008 Computer Networks
20CS2008 Computer Networks Kathirvel Ayyaswamy
 
Network Security Lec5
Network Security Lec5Network Security Lec5
Network Security Lec5Federal Urdu University
 
Digital signatures
Digital signaturesDigital signatures
Digital signaturesKannan Ravindran
 
Cryptography and Network security # Lecture 4
Cryptography and Network security # Lecture 4Cryptography and Network security # Lecture 4
Cryptography and Network security # Lecture 4Kabul Education University
 
5. message authentication and hash function
5. message authentication and hash function5. message authentication and hash function
5. message authentication and hash functionChirag Patel
 
RSA & MD5 algorithm
RSA & MD5 algorithmRSA & MD5 algorithm
RSA & MD5 algorithmSiva Rushi
 
Ch09
Ch09Ch09
Ch09Joe Christensen
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security 18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security Kathirvel Ayyaswamy
 
Cryptography
CryptographyCryptography
Cryptographyokolo chukwudumebi prince
 
Cryptography
CryptographyCryptography
CryptographyTechprahlad
 

Weitere ähnliche Inhalte

Was ist angesagt?

Public Key Encryption & Hash functions
Public Key Encryption & Hash functionsPublic Key Encryption & Hash functions
Public Key Encryption & Hash functionsDr.Florence Dayana
 
MACs based on Hash Functions, MACs based on Block Ciphers
MACs based on Hash Functions, MACs based on Block CiphersMACs based on Hash Functions, MACs based on Block Ciphers
MACs based on Hash Functions, MACs based on Block CiphersMaitree Patel
 
Message Authentication Code & HMAC
Message Authentication Code & HMACMessage Authentication Code & HMAC
Message Authentication Code & HMACKrishna Gehlot
 
Information and data security cryptographic hash functions
Information and data security cryptographic hash functionsInformation and data security cryptographic hash functions
Information and data security cryptographic hash functionsMazin Alwaaly
 
Information and data security cryptography and network security
Information and data security cryptography and network securityInformation and data security cryptography and network security
Information and data security cryptography and network securityMazin Alwaaly
 
Message integrity protocol
Message integrity protocolMessage integrity protocol
Message integrity protocolPriyaKarnan3
 
5. message authentication and hash function
5. message authentication and hash function5. message authentication and hash function
5. message authentication and hash functionChirag Patel
 
RSA & MD5 algorithm
RSA & MD5 algorithmRSA & MD5 algorithm
RSA & MD5 algorithmSiva Rushi
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security 18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security Kathirvel Ayyaswamy
 

Was ist angesagt? (20)

Public Key Encryption & Hash functions
Public Key Encryption & Hash functionsPublic Key Encryption & Hash functions
Public Key Encryption & Hash functions
 
Hashing
HashingHashing
Hashing
 
Hash Function
Hash FunctionHash Function
Hash Function
 
Cryptography and Network security # Lecture 5
Cryptography and Network security # Lecture 5Cryptography and Network security # Lecture 5
Cryptography and Network security # Lecture 5
 
Message digest 5
Message digest 5Message digest 5
Message digest 5
 
MD5Algorithm
MD5AlgorithmMD5Algorithm
MD5Algorithm
 
Cryptographic hash function md5
Cryptographic hash function md5Cryptographic hash function md5
Cryptographic hash function md5
 
MACs based on Hash Functions, MACs based on Block Ciphers
MACs based on Hash Functions, MACs based on Block CiphersMACs based on Hash Functions, MACs based on Block Ciphers
MACs based on Hash Functions, MACs based on Block Ciphers
 
Message Authentication Code & HMAC
Message Authentication Code & HMACMessage Authentication Code & HMAC
Message Authentication Code & HMAC
 
Information and data security cryptographic hash functions
Information and data security cryptographic hash functionsInformation and data security cryptographic hash functions
Information and data security cryptographic hash functions
 
Information and data security cryptography and network security
Information and data security cryptography and network securityInformation and data security cryptography and network security
Information and data security cryptography and network security
 
Message integrity protocol
Message integrity protocolMessage integrity protocol
Message integrity protocol
 
20CS2008 Computer Networks
20CS2008 Computer Networks 20CS2008 Computer Networks
20CS2008 Computer Networks
 
Network Security Lec5
Network Security Lec5Network Security Lec5
Network Security Lec5
 
Digital signatures
Digital signaturesDigital signatures
Digital signatures
 
Cryptography and Network security # Lecture 4
Cryptography and Network security # Lecture 4Cryptography and Network security # Lecture 4
Cryptography and Network security # Lecture 4
 
5. message authentication and hash function
5. message authentication and hash function5. message authentication and hash function
5. message authentication and hash function
 
RSA & MD5 algorithm
RSA & MD5 algorithmRSA & MD5 algorithm
RSA & MD5 algorithm
 
Ch09
Ch09Ch09
Ch09
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security 18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
 

Andere mochten auch

Birthday Paradox explained
Birthday Paradox explainedBirthday Paradox explained
Birthday Paradox explainedSajith Ekanayaka
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Digital signature
Digital signatureDigital signature
Digital signatureSadhana28
 
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Secure Socket Layer (SSL)
Secure Socket Layer (SSL)amanchaurasia
 
Introduction To Digital Signatures
Introduction To Digital SignaturesIntroduction To Digital Signatures
Introduction To Digital SignaturesRobert Talbert
 
232 md5-considered-harmful-slides
232 md5-considered-harmful-slides232 md5-considered-harmful-slides
232 md5-considered-harmful-slidesDan Kaminsky
 
Digital signature introduction
Digital signature introductionDigital signature introduction
Digital signature introductionAsim Neupane
 
Digital Signature
Digital SignatureDigital Signature
Digital Signaturesaurav5884
 
Introduction to Digital signatures
Introduction to Digital signaturesIntroduction to Digital signatures
Introduction to Digital signaturesRohit Bhat
 

Andere mochten auch (12)

Cryptography
CryptographyCryptography
Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Birthday Paradox explained
Birthday Paradox explainedBirthday Paradox explained
Birthday Paradox explained
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITY
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Secure Socket Layer (SSL)
Secure Socket Layer (SSL)
 
Introduction To Digital Signatures
Introduction To Digital SignaturesIntroduction To Digital Signatures
Introduction To Digital Signatures
 
232 md5-considered-harmful-slides
232 md5-considered-harmful-slides232 md5-considered-harmful-slides
232 md5-considered-harmful-slides
 
Digital signature introduction
Digital signature introductionDigital signature introduction
Digital signature introduction
 
Secure hashing algorithm
Secure hashing algorithmSecure hashing algorithm
Secure hashing algorithm
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
 
Introduction to Digital signatures
Introduction to Digital signaturesIntroduction to Digital signatures
Introduction to Digital signatures
 

Ähnlich wie Digital signatures

Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to CryptographySeema Goel
 
Cryptography
CryptographyCryptography
CryptographyRohan04
 
Survey of Hybrid Encryption Algorithm for Mobile Communication
Survey of Hybrid Encryption Algorithm for Mobile CommunicationSurvey of Hybrid Encryption Algorithm for Mobile Communication
Survey of Hybrid Encryption Algorithm for Mobile Communicationijsrd.com
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network securityNagendra Um
 
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...editor1knowledgecuddle
 
Seminar on Encryption and Authenticity
Seminar on Encryption and AuthenticitySeminar on Encryption and Authenticity
Seminar on Encryption and AuthenticityHardik Manocha
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_cryptoHarry Potter
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_cryptoJames Wong
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_cryptoYoung Alista
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_cryptoDavid Hoen
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_cryptoTony Nguyen
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_cryptoLuis Goldster
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_cryptoFraboni Ec
 
Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI TechnologySylvain Maret
 
DOCS ON NETWORK SECURITY
DOCS ON NETWORK SECURITYDOCS ON NETWORK SECURITY
DOCS ON NETWORK SECURITYTuhin_Das
 
Dnssec tutorial-crypto-defs
Dnssec tutorial-crypto-defsDnssec tutorial-crypto-defs
Dnssec tutorial-crypto-defsAFRINIC
 

Ähnlich wie Digital signatures (20)

Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Survey of Hybrid Encryption Algorithm for Mobile Communication
Survey of Hybrid Encryption Algorithm for Mobile CommunicationSurvey of Hybrid Encryption Algorithm for Mobile Communication
Survey of Hybrid Encryption Algorithm for Mobile Communication
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network security
 
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...
 
Seminar on Encryption and Authenticity
Seminar on Encryption and AuthenticitySeminar on Encryption and Authenticity
Seminar on Encryption and Authenticity
 
Encryption
EncryptionEncryption
Encryption
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
 
Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI Technology
 
DOCS ON NETWORK SECURITY
DOCS ON NETWORK SECURITYDOCS ON NETWORK SECURITY
DOCS ON NETWORK SECURITY
 
Unit-2-IS (1).pdf
Unit-2-IS (1).pdfUnit-2-IS (1).pdf
Unit-2-IS (1).pdf
 
Encryption algorithms
Encryption algorithmsEncryption algorithms
Encryption algorithms
 
Introduction to cryptography
Introduction to cryptographyIntroduction to cryptography
Introduction to cryptography
 
Dnssec tutorial-crypto-defs
Dnssec tutorial-crypto-defsDnssec tutorial-crypto-defs
Dnssec tutorial-crypto-defs
 

Mehr von n|u - The Open Security Community

Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...n|u - The Open Security Community
 

Mehr von n|u - The Open Security Community (20)

Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)
 
Osint primer
Osint primerOsint primer
Osint primer
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationship
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
Metasploit primary
Metasploit primaryMetasploit primary
Metasploit primary
 
Api security-testing
Api security-testingApi security-testing
Api security-testing
 
Introduction to TLS 1.3
Introduction to TLS 1.3Introduction to TLS 1.3
Introduction to TLS 1.3
 
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLF
 
Building active directory lab for red teaming
Building active directory lab for red teamingBuilding active directory lab for red teaming
Building active directory lab for red teaming
 
Owning a company through their logs
Owning a company through their logsOwning a company through their logs
Owning a company through their logs
 
Introduction to shodan
Introduction to shodanIntroduction to shodan
Introduction to shodan
 
Cloud security
Cloud security Cloud security
Cloud security
 
Detecting persistence in windows
Detecting persistence in windowsDetecting persistence in windows
Detecting persistence in windows
 
Frida - Objection Tool Usage
Frida - Objection Tool UsageFrida - Objection Tool Usage
Frida - Objection Tool Usage
 
OSQuery - Monitoring System Process
OSQuery - Monitoring System ProcessOSQuery - Monitoring System Process
OSQuery - Monitoring System Process
 
DevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -SecurityDevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -Security
 
Extensible markup language attacks
Extensible markup language attacksExtensible markup language attacks
Extensible markup language attacks
 
Linux for hackers
Linux for hackersLinux for hackers
Linux for hackers
 
Android Pentesting
Android PentestingAndroid Pentesting
Android Pentesting
 

Kürzlich hochgeladen

Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 

Kürzlich hochgeladen (20)

Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 

Digital signatures

  • 1. Digital Signatures -Kannan Ravindran
  • 2. Who am I ? I am Kannan Ravindran, A Student of Velammal Engineering College, Ambattur undertaking Bachelor of Engineering concentration on Computer Science and Engineering. I am a member of NullCon - International security conference(Chennai Chapter). I am serving H4CK3R.in as a Moderator.
  • 3. Contents Introduction Symmetric Key Encryption Message Digest Birthday Attack MD5, SHA and Other Techniques Conclusion
  • 4. Introduction – What is it? Cryptography is primarily used as a tool to protect national secrets and strategies. It is extensively used by the military, the diplomatic services and the banking sector. One of the landmark developments in the history of cryptography was the introduction of the revolutionary concept of public-key. A cryptographic algorithm or cipher, is a mathematical function used in the encryption and decryption process. This mathematical function works in combination with a key to encrypt the plaintext (the original message)
  • 5. Introduction – How it works? A cryptographic algorithm, plus all possible keys and the protocols that make it work comprise a Cryptosystem.
  • 6. Introduction - Objective  Confidentiality is used to keep the content of information secret from unauthorized Persons This is achieved through symmetric and asymmetric encryption.  Data integrity addresses the unauthorized alteration of data. This is addressed by hash functions.  Authentication is related to identification. This applies to both entity and information itself. This is achieved through digital signature certificates and digital signatures.
  • 7. Symmetric Cryptography In conventional Cryptography, also called secret-key or symmetric-key encryption , the same key is used for both encryption and decryption. Caesar's Cipher: Julius Caesar didn‟t trust his messengers. So when he sent a message to his generals, he replaced every „A‟ with „D‟, every „B‟ with „E‟ and so on. Only the Caesar and the generals knew the “shift by 3” rule. So if we want to encrypt the word “NULLCON” then the cipher will be “QXOOFRQ”. While decrypting it we follow the same “shift by 3” rule, but we shift in the opposite side.
  • 8. Message Digest The original text: 7391743 Operation Result Multiply 7 by 3 21 Discard first digit 1 Multiply 1 by 9 9 Multiply 9 by 1 9 Multiply 9 by 7 63 Discard first digit 3 Multiply 3 by 4 12 Discard first digit 2 Multiply 2 by 3 6 The Message Digest is 6
  • 9. Message Digest Requirements: The given message should be very easy to find its corresponding message digest. Also the message digest should always be same every time.
  • 10. Message Digest Requirements: The message digest should be in such a way that, it must be very difficult to find the original message by just the reverse algorithm
  • 11. Birthday Attack  How many people do you need so that the probability of having two of them share the same birthday is > 50% ?  Random sample of n birthdays (input) taken from k (365, output)  kn total number of possibilities  (k)n=k(k-1)…(k-n+1) possibilities without duplicate birthday  Probability of no repetition:  p = (k)n/kn  1 - n(n-1)/2k  For k=366, minimum n = 23  n(n-1)/2 pairs, each pair has a probability 1/k of having the same output  n(n-1)/2k > 50%  n>k1/2
  • 12. Birthday Attack Thus the birthday attack creates a problem in which more than one message can yield the same message digest. And this probability of this type of collision is more than 50% to prevent these birthday attacks algorithms like MD5 and SHA are used.
  • 13. How many bits for hash?  m bits, takes 2m/2 to find two with the same hash  64 bits, takes 232 messages to search (doable)  Need at least 128 bits
  • 14. Hash for authentication  Alice to Bob: challenge rA  Bob to Alice: MD(KAB|rA)  Bob to Alice: rB  Alice to Bob: MD(KAB|rB)  Only need to compare MD results
  • 15. MD5 input Message Output 128 bits Digest • Until recently the most widely used hash algorithm – in recent times have both brute-force & cryptanalytic concerns • Specified as Internet standard RFC1321
  • 16. MD5 1. Pad message so its length is 448 mod 512 2. Append a 64-bit original length value to message 3. Initialise 4-word (128-bit) MD buffer (A,B,C,D) Process message in 16-word (512-bit) blocks:  Using 4 rounds of 16 bit operations on message block & buffer  Add output to buffer input to form new buffer value 4. Output hash value is the final buffer value
  • 17. SHA  Developed by NIST, specified in the Secure Hash Standard (SHS, FIPS Pub 180), 1993  SHA is specified as the hash algorithm in the Digital Signature Standard (DSS), NIST
  • 18. SHA  Input message must be < 264 bits  not really a problem  Message is processed in 512-bit blocks sequentially  Message digest is 160 bits  SHA design is similar to MD5, but a lot stronger
  • 19. MD5 Vs SHA  Brute force attack is harder (160 vs 128 bits for MD5)  Not vulnerable to any known cryptanalytic attacks (compared to MD4/5)  A little slower than MD5 (80 vs 64 steps)  Both work well on a 32-bit architecture  Both designed as simple and compact for implementation
  • 20. Revised Secure Hash Standards  NIST have issued a revision FIPS 180-2  adds 3 additional hash algorithms  SHA-256, SHA-384, SHA-512  designed for compatibility with increased security provided by the AES cipher  structure & detail is similar to SHA-1  hence analysis should be similar
  • 21. Conclusion Thus different concepts of Digital signatures are discussed and a overview of the various algorithms used are discussed