SlideShare ist ein Scribd-Unternehmen logo

(Crypto) DES And RSA Algorithms Overview

Als PPT, PDF herunterladen
EL Bachir Nouni
EL Bachir Nouni

Overview Practices Best practice

1 von 19
DES & RSA Algorithms Overview Tutorial 03/01/2013 NOUNI El Bachir 1
Comparison And Uses DES : It's a symmetric algorithm designed for encrypting data. Its advantage is that it's fast for large data size, but it present one inconvenient is that of changing keys between the tow tiers. 03/01/2013 NOUNI El Bachir 2
Comparison And Uses RSA : it's an asymmetric algorithm designed for encrypting data also. Its inconvenience is that it's too slow for large data size. It use tow keys instead of DES which uses one shared key. One of these keys is secret and the other is public. The Data that is encrypted by one is decrypted by the other but not by the same key. 03/01/2013 NOUNI El Bachir 3
Tools  Through this tutorial we will use the Openssl tool. This tool is by default integrated in Linux. For Windows users they should download this tool by following this link : http://slproweb.com/products/Win32OpenSSL.html  After the installation of openssl; whether you add the path of openssl.exe to your system path, our each time at the command prompt you use the full path of openssl.exe. 03/01/2013 NOUNI El Bachir 4
Parameters Of These Algorithms  DES : − Secret key (64 bits) − Initialization vector (64 bits)  RSA : − Secret key − Secret key length − Public key − The modulus 03/01/2013 NOUNI El Bachir 5
TP : Test Each Algorithm (DES)  The instructions thereafter were tested under Linux system.  DES : To use this algorithm we have to generate first its parameters (secret key,initialization vector). To do so we will use /dev/urandom file and head command. The synopsis of each one is : 03/01/2013 NOUNI El Bachir 6
TP : Test Each Algorithm (DES)  |> cat /dev/urandom | head -1 > random.bin  the result after using |> xxd random.bin to show file content in Hex format : 0000000: 95c3 e2d9 62c9 8d24 fa03 69e7 59aa aa11 ....b..$..i.Y...  So we choose 95C3E2D962C98D24 as secret Key and FA0369E759AAAA11 as initialization vector.  After that we can encrypt and decrypt a file. |> Openssl enc -e -des-cbc -in inputfile -out outputfile -nosalt -K 95C3E2D962C98D24 -iv FA0369E759AAAA11 -a 03/01/2013 NOUNI El Bachir 7
TP : Test Each Algorithm (DES)  -des-cbc : DES algorithm using CBC mode  -e : for encryption  -in [inputfile] : to specify input file  -out [outputfile] : to specify output file  -K XX..XX : to specify secret key 64 bits  -iv XX..XX : to specify initialization vector 64 bits  -a : encoding output file in base64 format  -nosalt : no salt will be used 03/01/2013 NOUNI El Bachir 8
TP : Test Each Algorithm (DES)  For decryption we use the same command line, we have to just change -e option by -d for decryption. 03/01/2013 NOUNI El Bachir 9
TP : Test Each Algorithm (RSA) The implementation of RSA follow three steps : Generate a encrypted secret key of 1024 or 2048 length. Generate the public key from the secret one. To do so, we will use genrsa and rsa commands. Synopsis of these commands is : 03/01/2013 NOUNI El Bachir 10
TP : Test Each Algorithm (RSA)  openssl genrsa [-out filename] [-passout arg] [-des] [-des3] [-idea] [-f4] [-3] [-rand file(s)] [-engine id] [numbits]  openssl rsa [-inform PEM|NET|DER] [-outform PEM|NET|DER] [-in filename] [-passin arg] [-out filename] [-passout arg] [-sgckey] [- des] [-des3] [-idea] [-text] [-noout] [-modulus] [-check] [-pubin] [-pubout] [-engine id] For encryption we will use rsautl command of following synopsis :  openssl rsautl [-in file] [-out file] [-inkey file] [-pubin] [- certin] [-sign] [-verify] [-encrypt] [-decrypt] [-pkcs] [d-ssl] [- raw] [-hexdump] [-asn1parse] Lets now try this algorithm : 03/01/2013 NOUNI El Bachir 11
TP : Test Each Algorithm (RSA) To generate the secret key : |> openssl genrsa -des -out sckey.pem 2048 -des : DES which will be used to encrypt the secret key. -out : to specify the output file. 2048 : key length. After Enter Key press the prompt will demand to you to enter a phrase password. 03/01/2013 NOUNI El Bachir 12
TP : Test Each Algorithm (RSA) To generate the public key : |> openssl rsa -pubout < sckey.pem > pkey.pem -pubout : to specify that wie want to generate a public key from the secret one sckey.pem. < : input flow redirection > : output flow redirection 03/01/2013 NOUNI El Bachir 13
TP : Test Each Algorithm (RSA) To encrypt data with public key : |> openssl rsautl -encrypt -in inputfile -out outputfile -inkey pkey.pem -pubin -a -encrypt : for encryption. -in : to specify input file path. -out : to specify output file. -inkey : key file to use. -pubin : specify that the key specified with -inkey is a public key. Without this options secret key is used. 03/01/2013 NOUNI El Bachir 14
Best practice RSA : to exchange shared secret key DES : to encrypt data using exchanged shared secret key. Scenario : Alice (sA,PA) and Bobe (sB,PB). Alice want send data to Bobe, but it is the first time. So they should define a shared key. 03/01/2013 NOUNI El Bachir 15
Best practice So Alice had to generate a random 64 bits key (DES) and an initialization vector (64 bits) and encrypt it using the public key of Bobe P B. Then send it to Bobe. Bobe will receive encrypted key and will decrypt it. At this moment its ok but he should send an acknowledgment to Alice to tell him that he receive the key successfully. So he should encrypt the received key using public key of Alice and send it to him. 03/01/2013 NOUNI El Bachir 16
Best practice After this handshaking it is ok to exchange encrypted that using shared secret key (64 bits). It is recommended to use Tripe DES instead of DES because it is more secure. To use this algorithm in what we have seen, you can just change -des by -des3 in RSA section and for DES section you choose -des-ede-cbc instead of -des-cbc. 03/01/2013 NOUNI El Bachir 17
Bibliography http://www.openssl.org/docs/apps/enc.html http://www.openssl.org/docs/apps/genrsa.html http://www.openssl.org/docs/apps/rsautl.html http://www.openssl.org/docs/apps/rsa.html 03/01/2013 NOUNI El Bachir 18
Thanks nouni.ebachir@gmail.com 03/01/2013 NOUNI El Bachir 19

Empfohlen

Block cipher modes of operation
Block cipher modes of operation Block cipher modes of operation
Block cipher modes of operation
harshit chavda
 
Modes of Operation
Modes of Operation Modes of Operation
Modes of Operation
Showkot Usman
 
Secure Hash Algorithm
Secure Hash AlgorithmSecure Hash Algorithm
Secure Hash Algorithm
Vishakha Agarwal
 
Unit 2
Unit 2Unit 2
Unit 2
KRAMANJANEYULU1
 
Feistel cipher
Feistel cipherFeistel cipher
Feistel cipher
MDKAWSARAHMEDSAGAR
 
block ciphers
block ciphersblock ciphers
block ciphers
Asad Ali
 
CRYPTOGRAPHY & NETWORK SECURITY - unit 1
CRYPTOGRAPHY & NETWORK SECURITY - unit 1CRYPTOGRAPHY & NETWORK SECURITY - unit 1
CRYPTOGRAPHY & NETWORK SECURITY - unit 1
RAMESHBABU311293
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
Kathirvel Ayyaswamy
 

Empfohlen

Block cipher modes of operation
Block cipher modes of operation Block cipher modes of operation
Block cipher modes of operation
harshit chavda
 
Modes of Operation
Modes of Operation Modes of Operation
Modes of Operation
Showkot Usman
 
Secure Hash Algorithm
Secure Hash AlgorithmSecure Hash Algorithm
Secure Hash Algorithm
Vishakha Agarwal
 
Unit 2
Unit 2Unit 2
Unit 2
KRAMANJANEYULU1
 
Feistel cipher
Feistel cipherFeistel cipher
Feistel cipher
MDKAWSARAHMEDSAGAR
 
block ciphers
block ciphersblock ciphers
block ciphers
Asad Ali
 
CRYPTOGRAPHY & NETWORK SECURITY - unit 1
CRYPTOGRAPHY & NETWORK SECURITY - unit 1CRYPTOGRAPHY & NETWORK SECURITY - unit 1
CRYPTOGRAPHY & NETWORK SECURITY - unit 1
RAMESHBABU311293
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
Kathirvel Ayyaswamy
 
Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...
Mazin Alwaaly
 
Parallel sorting algorithm
Parallel sorting algorithmParallel sorting algorithm
Parallel sorting algorithm
Richa Kumari
 
State Space Representation and Search
State Space Representation and SearchState Space Representation and Search
State Space Representation and Search
Hitesh Mohapatra
 
cryptography ppt free download
cryptography ppt free downloadcryptography ppt free download
cryptography ppt free download
Twinkal Harsora
 
AES-Advanced Encryption Standard
AES-Advanced Encryption StandardAES-Advanced Encryption Standard
AES-Advanced Encryption Standard
Prince Rachit
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithms
Rashmi Burugupalli
 
RSA ALGORITHM
RSA ALGORITHMRSA ALGORITHM
RSA ALGORITHM
Sathish Kumar
 
Agreement Protocols, distributed File Systems, Distributed Shared Memory
Agreement Protocols, distributed File Systems, Distributed Shared MemoryAgreement Protocols, distributed File Systems, Distributed Shared Memory
Agreement Protocols, distributed File Systems, Distributed Shared Memory
SHIKHA GAUTAM
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
Kathirvel Ayyaswamy
 
Digital signature schemes
Digital signature schemesDigital signature schemes
Digital signature schemes
ravik09783
 
DES
DESDES
DES
Naga Srimanyu Timmaraju
 
Encapsulating security payload in Cryptography and Network Security
Encapsulating security payload in Cryptography and Network SecurityEncapsulating security payload in Cryptography and Network Security
Encapsulating security payload in Cryptography and Network Security
Koushil Mankali
 
RC4&RC5
RC4&RC5RC4&RC5
RC4&RC5
Mohamed El-Serngawy
 
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level SecurityCRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
Jyothishmathi Institute of Technology and Science Karimnagar
 
Mini Project final report on " LEAKY BUCKET ALGORITHM "
Mini Project final report on " LEAKY BUCKET ALGORITHM "Mini Project final report on " LEAKY BUCKET ALGORITHM "
Mini Project final report on " LEAKY BUCKET ALGORITHM "
Nikhil Jain
 
Message Authentication Code & HMAC
Message Authentication Code & HMACMessage Authentication Code & HMAC
Message Authentication Code & HMAC
Krishna Gehlot
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and Cryptography
Adam Reagan
 
Internet Key Exchange Protocol
Internet Key Exchange ProtocolInternet Key Exchange Protocol
Internet Key Exchange Protocol
Prateek Singh Bapna
 
Idea(international data encryption algorithm)
Idea(international data encryption algorithm)Idea(international data encryption algorithm)
Idea(international data encryption algorithm)
SAurabh PRajapati
 
Cs8792 cns - unit iv
Cs8792 cns - unit ivCs8792 cns - unit iv
Cs8792 cns - unit iv
ArthyR3
 
RSA ALGORITHM
RSA ALGORITHMRSA ALGORITHM
RSA ALGORITHM
Shashank Shetty
 
The 3-D Secure Protocol
The 3-D Secure ProtocolThe 3-D Secure Protocol
The 3-D Secure Protocol
Vlad Petre
 

Weitere ähnliche Inhalte

Was ist angesagt?

Mini Project final report on " LEAKY BUCKET ALGORITHM "
Mini Project final report on " LEAKY BUCKET ALGORITHM "Mini Project final report on " LEAKY BUCKET ALGORITHM "
Mini Project final report on " LEAKY BUCKET ALGORITHM "
Nikhil Jain
 

Was ist angesagt? (20)

Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...
 
Parallel sorting algorithm
Parallel sorting algorithmParallel sorting algorithm
Parallel sorting algorithm
 
State Space Representation and Search
State Space Representation and SearchState Space Representation and Search
State Space Representation and Search
 
cryptography ppt free download
cryptography ppt free downloadcryptography ppt free download
cryptography ppt free download
 
AES-Advanced Encryption Standard
AES-Advanced Encryption StandardAES-Advanced Encryption Standard
AES-Advanced Encryption Standard
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithms
 
RSA ALGORITHM
RSA ALGORITHMRSA ALGORITHM
RSA ALGORITHM
 
Agreement Protocols, distributed File Systems, Distributed Shared Memory
Agreement Protocols, distributed File Systems, Distributed Shared MemoryAgreement Protocols, distributed File Systems, Distributed Shared Memory
Agreement Protocols, distributed File Systems, Distributed Shared Memory
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
 
Digital signature schemes
Digital signature schemesDigital signature schemes
Digital signature schemes
 
DES
DESDES
DES
 
Encapsulating security payload in Cryptography and Network Security
Encapsulating security payload in Cryptography and Network SecurityEncapsulating security payload in Cryptography and Network Security
Encapsulating security payload in Cryptography and Network Security
 
RC4&RC5
RC4&RC5RC4&RC5
RC4&RC5
 
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level SecurityCRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
 
Mini Project final report on " LEAKY BUCKET ALGORITHM "
Mini Project final report on " LEAKY BUCKET ALGORITHM "Mini Project final report on " LEAKY BUCKET ALGORITHM "
Mini Project final report on " LEAKY BUCKET ALGORITHM "
 
Message Authentication Code & HMAC
Message Authentication Code & HMACMessage Authentication Code & HMAC
Message Authentication Code & HMAC
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and Cryptography
 
Internet Key Exchange Protocol
Internet Key Exchange ProtocolInternet Key Exchange Protocol
Internet Key Exchange Protocol
 
Idea(international data encryption algorithm)
Idea(international data encryption algorithm)Idea(international data encryption algorithm)
Idea(international data encryption algorithm)
 
Cs8792 cns - unit iv
Cs8792 cns - unit ivCs8792 cns - unit iv
Cs8792 cns - unit iv
 

Andere mochten auch

Patterns for Secure Boot and Secure Storage in Computer Systems
Patterns for Secure Boot and Secure Storage in Computer SystemsPatterns for Secure Boot and Secure Storage in Computer Systems
Patterns for Secure Boot and Secure Storage in Computer Systems
Marcel Winandy
 
Mathematics Towards Elliptic Curve Cryptography-by Dr. R.Srinivasan
Mathematics Towards Elliptic Curve Cryptography-by Dr. R.SrinivasanMathematics Towards Elliptic Curve Cryptography-by Dr. R.Srinivasan
Mathematics Towards Elliptic Curve Cryptography-by Dr. R.Srinivasan
municsaa
 
ECC vs RSA: Battle of the Crypto-Ninjas
ECC vs RSA: Battle of the Crypto-NinjasECC vs RSA: Battle of the Crypto-Ninjas
ECC vs RSA: Battle of the Crypto-Ninjas
James McGivern
 
13 asymmetric key cryptography
13 asymmetric key cryptography13 asymmetric key cryptography
13 asymmetric key cryptography
drewz lin
 
PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and Applications
Svetlin Nakov
 
SSL Secure socket layer
SSL Secure socket layerSSL Secure socket layer
SSL Secure socket layer
Ahmed Elnaggar
 

Andere mochten auch (20)

RSA ALGORITHM
RSA ALGORITHMRSA ALGORITHM
RSA ALGORITHM
 
The 3-D Secure Protocol
The 3-D Secure ProtocolThe 3-D Secure Protocol
The 3-D Secure Protocol
 
Rsa Algorithm
Rsa AlgorithmRsa Algorithm
Rsa Algorithm
 
Data encryption, Description, DES
Data encryption, Description, DESData encryption, Description, DES
Data encryption, Description, DES
 
All About Snort
All About SnortAll About Snort
All About Snort
 
rsa-1
rsa-1rsa-1
rsa-1
 
Patterns for Secure Boot and Secure Storage in Computer Systems
Patterns for Secure Boot and Secure Storage in Computer SystemsPatterns for Secure Boot and Secure Storage in Computer Systems
Patterns for Secure Boot and Secure Storage in Computer Systems
 
Mathematics Towards Elliptic Curve Cryptography-by Dr. R.Srinivasan
Mathematics Towards Elliptic Curve Cryptography-by Dr. R.SrinivasanMathematics Towards Elliptic Curve Cryptography-by Dr. R.Srinivasan
Mathematics Towards Elliptic Curve Cryptography-by Dr. R.Srinivasan
 
ECC vs RSA: Battle of the Crypto-Ninjas
ECC vs RSA: Battle of the Crypto-NinjasECC vs RSA: Battle of the Crypto-Ninjas
ECC vs RSA: Battle of the Crypto-Ninjas
 
JTAG Interface (Intro)
JTAG Interface (Intro)JTAG Interface (Intro)
JTAG Interface (Intro)
 
13 asymmetric key cryptography
13 asymmetric key cryptography13 asymmetric key cryptography
13 asymmetric key cryptography
 
PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and Applications
 
Elliptic Curve Cryptography for those who are afraid of maths
Elliptic Curve Cryptography for those who are afraid of mathsElliptic Curve Cryptography for those who are afraid of maths
Elliptic Curve Cryptography for those who are afraid of maths
 
Hazards & protection
Hazards & protectionHazards & protection
Hazards & protection
 
SSL Secure socket layer
SSL Secure socket layerSSL Secure socket layer
SSL Secure socket layer
 
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Secure Socket Layer (SSL)
Secure Socket Layer (SSL)
 
Steganography using visual cryptography: Report
Steganography using visual cryptography: ReportSteganography using visual cryptography: Report
Steganography using visual cryptography: Report
 
Elliptic Curve Cryptography and Zero Knowledge Proof
Elliptic Curve Cryptography and Zero Knowledge ProofElliptic Curve Cryptography and Zero Knowledge Proof
Elliptic Curve Cryptography and Zero Knowledge Proof
 
steganography using visual cryptography_report
steganography using visual cryptography_reportsteganography using visual cryptography_report
steganography using visual cryptography_report
 
Digital Signature Recognition using RSA Algorithm
Digital Signature Recognition using RSA AlgorithmDigital Signature Recognition using RSA Algorithm
Digital Signature Recognition using RSA Algorithm
 

Ähnlich wie (Crypto) DES And RSA Algorithms Overview

From Kernel Space to User Heaven #NDH2k13
From Kernel Space to User Heaven #NDH2k13From Kernel Space to User Heaven #NDH2k13
From Kernel Space to User Heaven #NDH2k13
Jaime Sánchez
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network security
patisa
 
Cryptography for developers
Cryptography for developersCryptography for developers
Cryptography for developers
Kai Koenig
 
14 key management & exchange
14 key management & exchange14 key management & exchange
14 key management & exchange
drewz lin
 
Renas Rajab Asaad
Renas Rajab Asaad Renas Rajab Asaad
Renas Rajab Asaad
Renas Rekany
 

Ähnlich wie (Crypto) DES And RSA Algorithms Overview (20)

Computer Security Laboratory Manual .pdf
Computer Security Laboratory Manual .pdfComputer Security Laboratory Manual .pdf
Computer Security Laboratory Manual .pdf
 
Slide cipher based encryption
Slide cipher based encryptionSlide cipher based encryption
Slide cipher based encryption
 
Defeating the entropy downgrade attack
Defeating the entropy downgrade attackDefeating the entropy downgrade attack
Defeating the entropy downgrade attack
 
How does cryptography work? by Jeroen Ooms
How does cryptography work? by Jeroen OomsHow does cryptography work? by Jeroen Ooms
How does cryptography work? by Jeroen Ooms
 
RSA alogrithm
RSA alogrithmRSA alogrithm
RSA alogrithm
 
Kleptography
KleptographyKleptography
Kleptography
 
CONFidence 2015: Trust boundaries - Mateusz Kocielski
CONFidence 2015: Trust boundaries - Mateusz KocielskiCONFidence 2015: Trust boundaries - Mateusz Kocielski
CONFidence 2015: Trust boundaries - Mateusz Kocielski
 
Trust boundaries - Confidence 2015
Trust boundaries - Confidence 2015Trust boundaries - Confidence 2015
Trust boundaries - Confidence 2015
 
From Kernel Space to User Heaven #NDH2k13
From Kernel Space to User Heaven #NDH2k13From Kernel Space to User Heaven #NDH2k13
From Kernel Space to User Heaven #NDH2k13
 
comp security lab.ppsx
comp security lab.ppsxcomp security lab.ppsx
comp security lab.ppsx
 
Ransomware for fun and non-profit
Ransomware for fun and non-profitRansomware for fun and non-profit
Ransomware for fun and non-profit
 
[Ruxcon Monthly Sydney 2011] Proprietary Protocols Reverse Engineering : Rese...
[Ruxcon Monthly Sydney 2011] Proprietary Protocols Reverse Engineering : Rese...[Ruxcon Monthly Sydney 2011] Proprietary Protocols Reverse Engineering : Rese...
[Ruxcon Monthly Sydney 2011] Proprietary Protocols Reverse Engineering : Rese...
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network security
 
Cryptography for developers
Cryptography for developersCryptography for developers
Cryptography for developers
 
Securing the tunnel with Raccoon
Securing the tunnel with RaccoonSecuring the tunnel with Raccoon
Securing the tunnel with Raccoon
 
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
 
14 key management & exchange
14 key management & exchange14 key management & exchange
14 key management & exchange
 
Applying Security Algorithms Using openSSL crypto library
Applying Security Algorithms Using openSSL crypto libraryApplying Security Algorithms Using openSSL crypto library
Applying Security Algorithms Using openSSL crypto library
 
Renas Rajab Asaad
Renas Rajab Asaad Renas Rajab Asaad
Renas Rajab Asaad
 
Data encryption algorithm(edit)
Data encryption algorithm(edit)Data encryption algorithm(edit)
Data encryption algorithm(edit)
 

(Crypto) DES And RSA Algorithms Overview

  • 1. DES & RSA Algorithms Overview Tutorial 03/01/2013 NOUNI El Bachir 1
  • 2. Comparison And Uses DES : It's a symmetric algorithm designed for encrypting data. Its advantage is that it's fast for large data size, but it present one inconvenient is that of changing keys between the tow tiers. 03/01/2013 NOUNI El Bachir 2
  • 3. Comparison And Uses RSA : it's an asymmetric algorithm designed for encrypting data also. Its inconvenience is that it's too slow for large data size. It use tow keys instead of DES which uses one shared key. One of these keys is secret and the other is public. The Data that is encrypted by one is decrypted by the other but not by the same key. 03/01/2013 NOUNI El Bachir 3
  • 4. Tools  Through this tutorial we will use the Openssl tool. This tool is by default integrated in Linux. For Windows users they should download this tool by following this link : http://slproweb.com/products/Win32OpenSSL.html  After the installation of openssl; whether you add the path of openssl.exe to your system path, our each time at the command prompt you use the full path of openssl.exe. 03/01/2013 NOUNI El Bachir 4
  • 5. Parameters Of These Algorithms  DES : − Secret key (64 bits) − Initialization vector (64 bits)  RSA : − Secret key − Secret key length − Public key − The modulus 03/01/2013 NOUNI El Bachir 5
  • 6. TP : Test Each Algorithm (DES)  The instructions thereafter were tested under Linux system.  DES : To use this algorithm we have to generate first its parameters (secret key,initialization vector). To do so we will use /dev/urandom file and head command. The synopsis of each one is : 03/01/2013 NOUNI El Bachir 6
  • 7. TP : Test Each Algorithm (DES)  |> cat /dev/urandom | head -1 > random.bin  the result after using |> xxd random.bin to show file content in Hex format : 0000000: 95c3 e2d9 62c9 8d24 fa03 69e7 59aa aa11 ....b..$..i.Y...  So we choose 95C3E2D962C98D24 as secret Key and FA0369E759AAAA11 as initialization vector.  After that we can encrypt and decrypt a file. |> Openssl enc -e -des-cbc -in inputfile -out outputfile -nosalt -K 95C3E2D962C98D24 -iv FA0369E759AAAA11 -a 03/01/2013 NOUNI El Bachir 7
  • 8. TP : Test Each Algorithm (DES)  -des-cbc : DES algorithm using CBC mode  -e : for encryption  -in [inputfile] : to specify input file  -out [outputfile] : to specify output file  -K XX..XX : to specify secret key 64 bits  -iv XX..XX : to specify initialization vector 64 bits  -a : encoding output file in base64 format  -nosalt : no salt will be used 03/01/2013 NOUNI El Bachir 8
  • 9. TP : Test Each Algorithm (DES)  For decryption we use the same command line, we have to just change -e option by -d for decryption. 03/01/2013 NOUNI El Bachir 9
  • 10. TP : Test Each Algorithm (RSA) The implementation of RSA follow three steps : Generate a encrypted secret key of 1024 or 2048 length. Generate the public key from the secret one. To do so, we will use genrsa and rsa commands. Synopsis of these commands is : 03/01/2013 NOUNI El Bachir 10
  • 11. TP : Test Each Algorithm (RSA)  openssl genrsa [-out filename] [-passout arg] [-des] [-des3] [-idea] [-f4] [-3] [-rand file(s)] [-engine id] [numbits]  openssl rsa [-inform PEM|NET|DER] [-outform PEM|NET|DER] [-in filename] [-passin arg] [-out filename] [-passout arg] [-sgckey] [- des] [-des3] [-idea] [-text] [-noout] [-modulus] [-check] [-pubin] [-pubout] [-engine id] For encryption we will use rsautl command of following synopsis :  openssl rsautl [-in file] [-out file] [-inkey file] [-pubin] [- certin] [-sign] [-verify] [-encrypt] [-decrypt] [-pkcs] [d-ssl] [- raw] [-hexdump] [-asn1parse] Lets now try this algorithm : 03/01/2013 NOUNI El Bachir 11
  • 12. TP : Test Each Algorithm (RSA) To generate the secret key : |> openssl genrsa -des -out sckey.pem 2048 -des : DES which will be used to encrypt the secret key. -out : to specify the output file. 2048 : key length. After Enter Key press the prompt will demand to you to enter a phrase password. 03/01/2013 NOUNI El Bachir 12
  • 13. TP : Test Each Algorithm (RSA) To generate the public key : |> openssl rsa -pubout < sckey.pem > pkey.pem -pubout : to specify that wie want to generate a public key from the secret one sckey.pem. < : input flow redirection > : output flow redirection 03/01/2013 NOUNI El Bachir 13
  • 14. TP : Test Each Algorithm (RSA) To encrypt data with public key : |> openssl rsautl -encrypt -in inputfile -out outputfile -inkey pkey.pem -pubin -a -encrypt : for encryption. -in : to specify input file path. -out : to specify output file. -inkey : key file to use. -pubin : specify that the key specified with -inkey is a public key. Without this options secret key is used. 03/01/2013 NOUNI El Bachir 14
  • 15. Best practice RSA : to exchange shared secret key DES : to encrypt data using exchanged shared secret key. Scenario : Alice (sA,PA) and Bobe (sB,PB). Alice want send data to Bobe, but it is the first time. So they should define a shared key. 03/01/2013 NOUNI El Bachir 15
  • 16. Best practice So Alice had to generate a random 64 bits key (DES) and an initialization vector (64 bits) and encrypt it using the public key of Bobe P B. Then send it to Bobe. Bobe will receive encrypted key and will decrypt it. At this moment its ok but he should send an acknowledgment to Alice to tell him that he receive the key successfully. So he should encrypt the received key using public key of Alice and send it to him. 03/01/2013 NOUNI El Bachir 16
  • 17. Best practice After this handshaking it is ok to exchange encrypted that using shared secret key (64 bits). It is recommended to use Tripe DES instead of DES because it is more secure. To use this algorithm in what we have seen, you can just change -des by -des3 in RSA section and for DES section you choose -des-ede-cbc instead of -des-cbc. 03/01/2013 NOUNI El Bachir 17
  • 19. Thanks nouni.ebachir@gmail.com 03/01/2013 NOUNI El Bachir 19