SlideShare ist ein Scribd-Unternehmen logo

cryptography

Als PPTX, PDF herunterladen
Priyamvada Singh
Priyamvada Singh

cryptography

Ingenieurwesen
1 von 39
UNIT 1 CRYPTOGRAPHY
What is security? In the context of computers, security generally means three things: Confidentiality Access to systems or data is limited to authorized parties Integrity When you ask for data, you get the “right” data Availability The system or data is there when you want it A computing system is said to be secure if it has all three properties.
Attacks, Services, and Mechanisms Security Attack: Any action that compromises the security of information owned by an organization. Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack. Security Service: A service that enhances the security of data processing systems and information transfers of an organization. A security service makes use of one or more security mechanisms.
Security Attacks •Interruption: An asset of the system is destroyed or becomes unavailable or unusable.”This is an attack on availability.” •Example: the destruction of a piece of hardware, such as a hard disk, the cutting of a communication line, or the disabling of the file management system.
Security Attacks •Interception: An unauthorized user (party) gain access to an asset. “This is an attack on confidentiality.” The unauthorized user may be a person, computer or program. •Examples:Wiretapping to capture data in a network, and the unauthorized copying of files or programs.
Security Attacks •Modification: An unauthorized user (party) not only gains access to but tampers with an asset. “This is an attack on integrity.”. •Examples: Changing data in a data file, altering a program so that it performs differently, and modifying the content of messages being transmitted on a network.
Security Attacks •A useful categorization of the above mentioned attacks is in terms of passive and active attacks. Passive Attacks Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal of the opponent is to obtain information that is being transmitted. There are two types of passive attacks: (1) release of message contents and (2) traffic analysis. Examples(traffic analysis): Creating a customer profile of a user by using information about the sites that he or she visits.
Security Attacks Active Attacks These attacks involve some modification of the data stream or the creation of a false stream. Categories: masquerade, replay, modification of messages, denial service. A masquerade takes place when one entity pretends to be a different entity. Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.
Security Services • Confidentiality (privacy): confidentiality is the protection of transmitted data from passive attacks • Authentication: the authentication service is concerned with assuring the identity of the sender (who created or sent the data) • Integrity :integrity service is the protection of data from unauthorized modifications during the transmission •Non-repudiation : this service prevents either sender or receiver from denying transmitted message.
Security Services •Access control: in the context of network security, access control is the ability to limit and control the access to host systems and applications via communications links. To achieve this control, each entity trying to gain access must first be identified, so that access rights can be tailored to the individual. • Availability: This service is concerned with assuring the permanence of a service or data for authorized users - Denial of Service Attacks - Virus that deletes files
CSCE 522 - FarkasLecture 1 Security Mechanism Prevention Detection Tolerance/Recovery
Model for Network Security
Model for Network Security Using this model requires us to: 1. design a suitable algorithm for the security transformation 1.generate the secret information (keys) used by the algorithm 2.develop methods to distribute and share the secret information 3.specify a protocol enabling the principals to use the transformation and secret information for a security service
Model for Network Security
Model for Network Security using this model requires us to: 1.select appropriate gatekeeper functions to identify users 2.implement security controls to ensure only authorised users access designated information or resources
CSCE 522 - FarkasLecture 1 Computer Criminals Amateurs: regular users, who exploit the vulnerabilities of the computer system Motivation: easy access to vulnerable resources Crackers: attempt to access computing facilities for which they do not have the authorization Motivation: enjoy challenge, curiosity Career criminals: professionals who understand the computer system and its vulnerabilities Motivation: personal gain (e.g., financial)
A Simplified DES-Type Algorithm •Suppose that a message has 12 bits and is written as L0R0 , where L0 consists of the first 6 bits and R0 consists of the last 6 bits. •The key K has 9 bits. The ith round of the algorithm transforms an input Li-1Ri-1 to the output LiRi using an 8-bit key Ki derived from K. The main part of the encryption process is a function f(Ri-1,Ki) that takes a 6-bit inputRi-1 and an 8-bit input Ki and produces a 6-bit output which will be described later. •The output of the ith round is defined as: Li = Ri-1 and Ri = Li-1 XOR f(Ri-1,Ki) The decryption is the reverse of encryption. [Ln] [Rn XOR f(Ln, Kn)] = … =[Rn-1] [Ln-1]
The Operations of f Function E(Li)=E(011001)=E(01010101) (Expander) S-boxes S1 101 010 001 110 011 100 111 000 001 100 110 010 000 111 101 011 S2 100 000 110 101 111 001 011 010 101 011 000 111 110 010 001 100 The input for an S-box has 4 bits. The first bit specifies which row will be used: 0 for 1st
The other 3 bits represent a binary number that specifies the column: 000 for the 1st column, 001 for the 2nd column, … 111 for the 7th column. For example, an input 1010 for S1 box will yield the output 110. The key K consists of 9 bits. Ki is the key for the ith round starting with the ith bit of K. Let K=010011001, then K4=01100101.
Ri-1=100110 and Ki=01100101 E(Ri-1) XOR Ki =10101010 XOR 01100101 = 11001111 S1(1100)=000 S2(1111)=100 Thus, Ri = f(Ri-1,Ki)=000100, Li =Ri-1 =100110 Li-1Ri-1 = 011100100110 → (?) LiRi 100110011000
Encryption [1]
Encryption (cont.) Inversion of Initial Permutation (IP-1) Key i 64-bit plaintext (X) 32-bit Switch (SW) Initial Permutation (IP) Round (i) 64-bit ciphertext (Y) Key Generation (KeyGen) 64-bit key (K)
Encryption (cont.) •Plaintext: X •Initial Permutation: IP( ) •Roundi: 1≤ i ≤ 16 •32-bit switch: SW( ) •Inverse IP: IP-1( ) •Ciphertext: Y 1 ( ( ( ( ), )))i i Y IP SW Round IP X Key  
Encryption (IP, IP-1) Bit 0 1 2 3 4 5 6 7 1 58 50 42 34 26 18 10 2 9 60 52 44 36 28 20 12 4 17 62 54 46 38 30 22 14 6 25 64 56 48 40 32 24 16 8 33 57 49 41 33 25 17 9 1 41 59 51 43 35 27 19 11 3 49 61 53 45 37 29 21 13 5 57 63 55 47 39 31 23 15 7 IP Bit 0 1 2 3 4 5 6 7 1 40 8 48 16 56 24 64 32 9 39 7 47 15 55 23 63 31 17 38 6 46 14 54 22 62 30 25 37 5 45 13 53 21 61 29 33 36 4 44 12 52 20 60 28 41 35 3 43 11 51 19 59 27 49 34 2 42 10 50 18 58 26 57 33 1 41 9 49 17 57 25  IP-1  Note: IP(IP-1) = IP-1(IP) = I
Encryption (Round) [1] (Key Generation)
Encryption (Round) (cont.) Li Permutation (P) Expansion/permutation (E_table) Substitution/choice (S-box) XOR Ri Li-1 Ri-1 XOR Ki F
Encryption (Round) (cont.) F S-box [1]
Encryption (Round) (cont.) •Separate plaintext as L0R0 •L0: left half 32 bits of plaintext •R0: right half 32 bits of plaintext •Expansion/permutation: E( ) •Substitution/choice: S-box( ) •Permutation: P( ) 1 1( _ ( ( ) ~ ))~ ii i iR L P S box E R Key  1i iL R   F
Encryption (Round) (cont.) 32 1 2 3 4 5 4 5 6 7 8 9 8 9 10 11 12 13 12 13 14 45 16 17 16 17 18 19 20 21 20 21 22 23 24 25 24 25 26 27 28 29 28 29 30 31 32 1 16 7 20 21 29 12 28 17 1 15 23 26 5 18 31 10 2 8 24 14 32 27 3 9 9 13 30 6 22 11 4 25  E  P ExpansionExpansion
Encryption (Round) (cont.)  S-box [1]
Key Generation [1] (Encryption)
Key Generation (cont.) D0C0 Input Key Permuted Choice One (PC-1) Permuted Choice Two (PC-2) Schedule of Left Shifts Di-1Ci-1 DiCi ▪ ▪ ▪ ▪ ▪ ▪ Keyi
Key Generation (cont.) Original Key: Key0 Permuted Choice One: PC_1( ) Permuted Choice Two: PC_2( ) Schedule of Left Shift: SLS( ) 00 0( , ) _ 1( )C D PC Key 1 1( , ) ( , )i i i iC D SLS C D  1 1_ 2( ( , ))i i iKey PC SLS C D 
Decryption The same algorithm as encryption. Reversed the order of key (Key16, Key15, … Key1). For example: IP undoes IP-1 step of encryption. 1st round with SK16 undoes 16th encrypt round. [1]
Strength of DES Criticism Reduction in key size of 72 bits Too short to withstand with brute-force attack S-boxes were classified. Weak points enable NSA to decipher without key. 56-bit keys have 256 = 7.2 x 1016 values Brute force search looks hard. A machine performing one DES encryption per microsecond would take more than a thousand year to break the cipher.
Strength of DES (cont.) Avalanche effect in DES If a small change in either the plaintext or the key, the ciphertext should change markedly. DES exhibits a strong avalanche effect.
cryptography
cryptography
cryptography

Empfohlen

Kaizen cso002 l1
Kaizen cso002 l1Kaizen cso002 l1
Kaizen cso002 l1asslang
 
WiFi Security Explained
WiFi Security ExplainedWiFi Security Explained
WiFi Security ExplainedSomenath Mukhopadhyay
 
Data linklayer
Data linklayerData linklayer
Data linklayersheikhshakir
 
Renas Rajab Asaad
Renas Rajab AsaadRenas Rajab Asaad
Renas Rajab AsaadRenas Rekany
 
Computer organiztion2
Computer organiztion2Computer organiztion2
Computer organiztion2Umang Gupta
 
Computer organiztion3
Computer organiztion3Computer organiztion3
Computer organiztion3Umang Gupta
 
Computer architecture
Computer architectureComputer architecture
Computer architecturevishnu973656
 
DCF QNA edited
DCF QNA editedDCF QNA edited
DCF QNA editedEmmanuel Eniola Falade
 

Empfohlen

Kaizen cso002 l1
Kaizen cso002 l1Kaizen cso002 l1
Kaizen cso002 l1asslang
 
WiFi Security Explained
WiFi Security ExplainedWiFi Security Explained
WiFi Security ExplainedSomenath Mukhopadhyay
 
Data linklayer
Data linklayerData linklayer
Data linklayersheikhshakir
 
Renas Rajab Asaad
Renas Rajab AsaadRenas Rajab Asaad
Renas Rajab AsaadRenas Rekany
 
Computer organiztion2
Computer organiztion2Computer organiztion2
Computer organiztion2Umang Gupta
 
Computer organiztion3
Computer organiztion3Computer organiztion3
Computer organiztion3Umang Gupta
 
Computer architecture
Computer architectureComputer architecture
Computer architecturevishnu973656
 
DCF QNA edited
DCF QNA editedDCF QNA edited
DCF QNA editedEmmanuel Eniola Falade
 
Security in distributed systems
Security in distributed systems Security in distributed systems
Security in distributed systems Haitham Ahmed
 
Modeling and Utilizing Security Knowledge for Eliciting Security Requirements
Modeling and Utilizing Security Knowledge for Eliciting Security RequirementsModeling and Utilizing Security Knowledge for Eliciting Security Requirements
Modeling and Utilizing Security Knowledge for Eliciting Security RequirementsShinpei Hayashi
 
G05114043
G05114043G05114043
G05114043IOSR-JEN
 
Information System Security.pptx
Information System Security.pptxInformation System Security.pptx
Information System Security.pptxGIT
 
Net
NetNet
NetRaviteja
 
Overview on Cryptography and Network Security
Overview on Cryptography and Network SecurityOverview on Cryptography and Network Security
Overview on Cryptography and Network SecurityDr. Rupa Ch
 
Cyber-Security Enhancements of Networked Control Systems Using Homomorphic En...
Cyber-Security Enhancements of Networked Control Systems Using Homomorphic En...Cyber-Security Enhancements of Networked Control Systems Using Homomorphic En...
Cyber-Security Enhancements of Networked Control Systems Using Homomorphic En...Kiminao Kogiso
 
Controller encryption using RSA public-key encryption scheme (Asian Control C...
Controller encryption using RSA public-key encryption scheme (Asian Control C...Controller encryption using RSA public-key encryption scheme (Asian Control C...
Controller encryption using RSA public-key encryption scheme (Asian Control C...Kiminao Kogiso
 
Implementation Secure Authentication Using Elliptic Curve Cryptography
Implementation Secure Authentication Using Elliptic Curve CryptographyImplementation Secure Authentication Using Elliptic Curve Cryptography
Implementation Secure Authentication Using Elliptic Curve CryptographyAM Publications
 
Basic Introduction to hacking
Basic Introduction to hackingBasic Introduction to hacking
Basic Introduction to hackingSainath Volam
 
15
1515
15NARAYANASWAMY CHANDRAMOWLISWARAN
 
15
1515
15Chandramowliswaran NARAYANASWAMY
 
A Survey on Various Lightweight Cryptographic Algorithms on FPGA
A Survey on Various Lightweight Cryptographic Algorithms on FPGAA Survey on Various Lightweight Cryptographic Algorithms on FPGA
A Survey on Various Lightweight Cryptographic Algorithms on FPGAIOSRJECE
 
The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?Raffael Marty
 
Partitioned Data Security on Outsourced Sensitive and Non-sensitive Data -- I...
Partitioned Data Security on Outsourced Sensitive and Non-sensitive Data -- I...Partitioned Data Security on Outsourced Sensitive and Non-sensitive Data -- I...
Partitioned Data Security on Outsourced Sensitive and Non-sensitive Data -- I...Shantanu Sharma
 
Notes On N + N
Notes On N + NNotes On N + N
Notes On N + NValerie Burroughs
 
MULTI-STAGE ENCRYPTION USING SEEDED SDES
MULTI-STAGE ENCRYPTION USING SEEDED SDES MULTI-STAGE ENCRYPTION USING SEEDED SDES
MULTI-STAGE ENCRYPTION USING SEEDED SDESEswar Publications
 
Intrusion Response through Optimal Stopping
Intrusion Response through Optimal StoppingIntrusion Response through Optimal Stopping
Intrusion Response through Optimal StoppingKim Hammar
 
Cybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesCybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesWAJAHAT IQBAL
 
Proposing an Encryption Algorithm based on DES
Proposing an Encryption Algorithm based on DESProposing an Encryption Algorithm based on DES
Proposing an Encryption Algorithm based on DESInternational Journal of Science and Research (IJSR)
 
Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxupamatechverse
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Call Girls in Nagpur High Profile
 

Weitere ähnliche Inhalte

Ähnlich wie cryptography

Security in distributed systems
Security in distributed systems Security in distributed systems
Security in distributed systems Haitham Ahmed
 
Modeling and Utilizing Security Knowledge for Eliciting Security Requirements
Modeling and Utilizing Security Knowledge for Eliciting Security RequirementsModeling and Utilizing Security Knowledge for Eliciting Security Requirements
Modeling and Utilizing Security Knowledge for Eliciting Security RequirementsShinpei Hayashi
 
Information System Security.pptx
Information System Security.pptxInformation System Security.pptx
Information System Security.pptxGIT
 
Overview on Cryptography and Network Security
Overview on Cryptography and Network SecurityOverview on Cryptography and Network Security
Overview on Cryptography and Network SecurityDr. Rupa Ch
 
Cyber-Security Enhancements of Networked Control Systems Using Homomorphic En...
Cyber-Security Enhancements of Networked Control Systems Using Homomorphic En...Cyber-Security Enhancements of Networked Control Systems Using Homomorphic En...
Cyber-Security Enhancements of Networked Control Systems Using Homomorphic En...Kiminao Kogiso
 
Controller encryption using RSA public-key encryption scheme (Asian Control C...
Controller encryption using RSA public-key encryption scheme (Asian Control C...Controller encryption using RSA public-key encryption scheme (Asian Control C...
Controller encryption using RSA public-key encryption scheme (Asian Control C...Kiminao Kogiso
 
Implementation Secure Authentication Using Elliptic Curve Cryptography
Implementation Secure Authentication Using Elliptic Curve CryptographyImplementation Secure Authentication Using Elliptic Curve Cryptography
Implementation Secure Authentication Using Elliptic Curve CryptographyAM Publications
 
Basic Introduction to hacking
Basic Introduction to hackingBasic Introduction to hacking
Basic Introduction to hackingSainath Volam
 
A Survey on Various Lightweight Cryptographic Algorithms on FPGA
A Survey on Various Lightweight Cryptographic Algorithms on FPGAA Survey on Various Lightweight Cryptographic Algorithms on FPGA
A Survey on Various Lightweight Cryptographic Algorithms on FPGAIOSRJECE
 
The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?Raffael Marty
 
Partitioned Data Security on Outsourced Sensitive and Non-sensitive Data -- I...
Partitioned Data Security on Outsourced Sensitive and Non-sensitive Data -- I...Partitioned Data Security on Outsourced Sensitive and Non-sensitive Data -- I...
Partitioned Data Security on Outsourced Sensitive and Non-sensitive Data -- I...Shantanu Sharma
 
MULTI-STAGE ENCRYPTION USING SEEDED SDES
MULTI-STAGE ENCRYPTION USING SEEDED SDES MULTI-STAGE ENCRYPTION USING SEEDED SDES
MULTI-STAGE ENCRYPTION USING SEEDED SDESEswar Publications
 
Intrusion Response through Optimal Stopping
Intrusion Response through Optimal StoppingIntrusion Response through Optimal Stopping
Intrusion Response through Optimal StoppingKim Hammar
 
Cybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesCybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesWAJAHAT IQBAL
 

Ähnlich wie cryptography (20)

Security in distributed systems
Security in distributed systems Security in distributed systems
Security in distributed systems
 
Modeling and Utilizing Security Knowledge for Eliciting Security Requirements
Modeling and Utilizing Security Knowledge for Eliciting Security RequirementsModeling and Utilizing Security Knowledge for Eliciting Security Requirements
Modeling and Utilizing Security Knowledge for Eliciting Security Requirements
 
G05114043
G05114043G05114043
G05114043
 
Information System Security.pptx
Information System Security.pptxInformation System Security.pptx
Information System Security.pptx
 
Net
NetNet
Net
 
Overview on Cryptography and Network Security
Overview on Cryptography and Network SecurityOverview on Cryptography and Network Security
Overview on Cryptography and Network Security
 
Cyber-Security Enhancements of Networked Control Systems Using Homomorphic En...
Cyber-Security Enhancements of Networked Control Systems Using Homomorphic En...Cyber-Security Enhancements of Networked Control Systems Using Homomorphic En...
Cyber-Security Enhancements of Networked Control Systems Using Homomorphic En...
 
Controller encryption using RSA public-key encryption scheme (Asian Control C...
Controller encryption using RSA public-key encryption scheme (Asian Control C...Controller encryption using RSA public-key encryption scheme (Asian Control C...
Controller encryption using RSA public-key encryption scheme (Asian Control C...
 
Implementation Secure Authentication Using Elliptic Curve Cryptography
Implementation Secure Authentication Using Elliptic Curve CryptographyImplementation Secure Authentication Using Elliptic Curve Cryptography
Implementation Secure Authentication Using Elliptic Curve Cryptography
 
Basic Introduction to hacking
Basic Introduction to hackingBasic Introduction to hacking
Basic Introduction to hacking
 
15
1515
15
 
15
1515
15
 
A Survey on Various Lightweight Cryptographic Algorithms on FPGA
A Survey on Various Lightweight Cryptographic Algorithms on FPGAA Survey on Various Lightweight Cryptographic Algorithms on FPGA
A Survey on Various Lightweight Cryptographic Algorithms on FPGA
 
The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?
 
Partitioned Data Security on Outsourced Sensitive and Non-sensitive Data -- I...
Partitioned Data Security on Outsourced Sensitive and Non-sensitive Data -- I...Partitioned Data Security on Outsourced Sensitive and Non-sensitive Data -- I...
Partitioned Data Security on Outsourced Sensitive and Non-sensitive Data -- I...
 
Notes On N + N
Notes On N + NNotes On N + N
Notes On N + N
 
MULTI-STAGE ENCRYPTION USING SEEDED SDES
MULTI-STAGE ENCRYPTION USING SEEDED SDES MULTI-STAGE ENCRYPTION USING SEEDED SDES
MULTI-STAGE ENCRYPTION USING SEEDED SDES
 
Intrusion Response through Optimal Stopping
Intrusion Response through Optimal StoppingIntrusion Response through Optimal Stopping
Intrusion Response through Optimal Stopping
 
Cybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesCybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practises
 
Proposing an Encryption Algorithm based on DES
Proposing an Encryption Algorithm based on DESProposing an Encryption Algorithm based on DES
Proposing an Encryption Algorithm based on DES
 

Kürzlich hochgeladen

Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxupamatechverse
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Call Girls in Nagpur High Profile
 
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Serviceranjana rawat
 
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...Soham Mondal
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingrakeshbaidya232001
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSSIVASHANKAR N
 
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...ranjana rawat
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINESIVASHANKAR N
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISrknatarajan
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...roncy bisnoi
 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations120cr0395
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escortsranjana rawat
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Dr.Costas Sachpazis
 
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).pptssuser5c9d4b1
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxupamatechverse
 

Kürzlich hochgeladen (20)

Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptx
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
 
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
 
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
 
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
 
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINEDJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writing
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
 
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
 
Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSIS
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
 
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptx
 

cryptography

  • 2. What is security? In the context of computers, security generally means three things: Confidentiality Access to systems or data is limited to authorized parties Integrity When you ask for data, you get the “right” data Availability The system or data is there when you want it A computing system is said to be secure if it has all three properties.
  • 3. Attacks, Services, and Mechanisms Security Attack: Any action that compromises the security of information owned by an organization. Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack. Security Service: A service that enhances the security of data processing systems and information transfers of an organization. A security service makes use of one or more security mechanisms.
  • 4. Security Attacks •Interruption: An asset of the system is destroyed or becomes unavailable or unusable.”This is an attack on availability.” •Example: the destruction of a piece of hardware, such as a hard disk, the cutting of a communication line, or the disabling of the file management system.
  • 5. Security Attacks •Interception: An unauthorized user (party) gain access to an asset. “This is an attack on confidentiality.” The unauthorized user may be a person, computer or program. •Examples:Wiretapping to capture data in a network, and the unauthorized copying of files or programs.
  • 6. Security Attacks •Modification: An unauthorized user (party) not only gains access to but tampers with an asset. “This is an attack on integrity.”. •Examples: Changing data in a data file, altering a program so that it performs differently, and modifying the content of messages being transmitted on a network.
  • 7. Security Attacks •A useful categorization of the above mentioned attacks is in terms of passive and active attacks. Passive Attacks Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal of the opponent is to obtain information that is being transmitted. There are two types of passive attacks: (1) release of message contents and (2) traffic analysis. Examples(traffic analysis): Creating a customer profile of a user by using information about the sites that he or she visits.
  • 8. Security Attacks Active Attacks These attacks involve some modification of the data stream or the creation of a false stream. Categories: masquerade, replay, modification of messages, denial service. A masquerade takes place when one entity pretends to be a different entity. Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.
  • 9. Security Services • Confidentiality (privacy): confidentiality is the protection of transmitted data from passive attacks • Authentication: the authentication service is concerned with assuring the identity of the sender (who created or sent the data) • Integrity :integrity service is the protection of data from unauthorized modifications during the transmission •Non-repudiation : this service prevents either sender or receiver from denying transmitted message.
  • 10. Security Services •Access control: in the context of network security, access control is the ability to limit and control the access to host systems and applications via communications links. To achieve this control, each entity trying to gain access must first be identified, so that access rights can be tailored to the individual. • Availability: This service is concerned with assuring the permanence of a service or data for authorized users - Denial of Service Attacks - Virus that deletes files
  • 11. CSCE 522 - FarkasLecture 1 Security Mechanism Prevention Detection Tolerance/Recovery
  • 12. Model for Network Security
  • 13. Model for Network Security Using this model requires us to: 1. design a suitable algorithm for the security transformation 1.generate the secret information (keys) used by the algorithm 2.develop methods to distribute and share the secret information 3.specify a protocol enabling the principals to use the transformation and secret information for a security service
  • 14. Model for Network Security
  • 15. Model for Network Security using this model requires us to: 1.select appropriate gatekeeper functions to identify users 2.implement security controls to ensure only authorised users access designated information or resources
  • 16. CSCE 522 - FarkasLecture 1 Computer Criminals Amateurs: regular users, who exploit the vulnerabilities of the computer system Motivation: easy access to vulnerable resources Crackers: attempt to access computing facilities for which they do not have the authorization Motivation: enjoy challenge, curiosity Career criminals: professionals who understand the computer system and its vulnerabilities Motivation: personal gain (e.g., financial)
  • 17. A Simplified DES-Type Algorithm •Suppose that a message has 12 bits and is written as L0R0 , where L0 consists of the first 6 bits and R0 consists of the last 6 bits. •The key K has 9 bits. The ith round of the algorithm transforms an input Li-1Ri-1 to the output LiRi using an 8-bit key Ki derived from K. The main part of the encryption process is a function f(Ri-1,Ki) that takes a 6-bit inputRi-1 and an 8-bit input Ki and produces a 6-bit output which will be described later. •The output of the ith round is defined as: Li = Ri-1 and Ri = Li-1 XOR f(Ri-1,Ki) The decryption is the reverse of encryption. [Ln] [Rn XOR f(Ln, Kn)] = … =[Rn-1] [Ln-1]
  • 18. The Operations of f Function E(Li)=E(011001)=E(01010101) (Expander) S-boxes S1 101 010 001 110 011 100 111 000 001 100 110 010 000 111 101 011 S2 100 000 110 101 111 001 011 010 101 011 000 111 110 010 001 100 The input for an S-box has 4 bits. The first bit specifies which row will be used: 0 for 1st
  • 19. The other 3 bits represent a binary number that specifies the column: 000 for the 1st column, 001 for the 2nd column, … 111 for the 7th column. For example, an input 1010 for S1 box will yield the output 110. The key K consists of 9 bits. Ki is the key for the ith round starting with the ith bit of K. Let K=010011001, then K4=01100101.
  • 20. Ri-1=100110 and Ki=01100101 E(Ri-1) XOR Ki =10101010 XOR 01100101 = 11001111 S1(1100)=000 S2(1111)=100 Thus, Ri = f(Ri-1,Ki)=000100, Li =Ri-1 =100110 Li-1Ri-1 = 011100100110 → (?) LiRi 100110011000
  • 22. Encryption (cont.) Inversion of Initial Permutation (IP-1) Key i 64-bit plaintext (X) 32-bit Switch (SW) Initial Permutation (IP) Round (i) 64-bit ciphertext (Y) Key Generation (KeyGen) 64-bit key (K)
  • 23. Encryption (cont.) •Plaintext: X •Initial Permutation: IP( ) •Roundi: 1≤ i ≤ 16 •32-bit switch: SW( ) •Inverse IP: IP-1( ) •Ciphertext: Y 1 ( ( ( ( ), )))i i Y IP SW Round IP X Key  
  • 24. Encryption (IP, IP-1) Bit 0 1 2 3 4 5 6 7 1 58 50 42 34 26 18 10 2 9 60 52 44 36 28 20 12 4 17 62 54 46 38 30 22 14 6 25 64 56 48 40 32 24 16 8 33 57 49 41 33 25 17 9 1 41 59 51 43 35 27 19 11 3 49 61 53 45 37 29 21 13 5 57 63 55 47 39 31 23 15 7 IP Bit 0 1 2 3 4 5 6 7 1 40 8 48 16 56 24 64 32 9 39 7 47 15 55 23 63 31 17 38 6 46 14 54 22 62 30 25 37 5 45 13 53 21 61 29 33 36 4 44 12 52 20 60 28 41 35 3 43 11 51 19 59 27 49 34 2 42 10 50 18 58 26 57 33 1 41 9 49 17 57 25  IP-1  Note: IP(IP-1) = IP-1(IP) = I
  • 26. Encryption (Round) (cont.) Li Permutation (P) Expansion/permutation (E_table) Substitution/choice (S-box) XOR Ri Li-1 Ri-1 XOR Ki F
  • 28. Encryption (Round) (cont.) •Separate plaintext as L0R0 •L0: left half 32 bits of plaintext •R0: right half 32 bits of plaintext •Expansion/permutation: E( ) •Substitution/choice: S-box( ) •Permutation: P( ) 1 1( _ ( ( ) ~ ))~ ii i iR L P S box E R Key  1i iL R   F
  • 29. Encryption (Round) (cont.) 32 1 2 3 4 5 4 5 6 7 8 9 8 9 10 11 12 13 12 13 14 45 16 17 16 17 18 19 20 21 20 21 22 23 24 25 24 25 26 27 28 29 28 29 30 31 32 1 16 7 20 21 29 12 28 17 1 15 23 26 5 18 31 10 2 8 24 14 32 27 3 9 9 13 30 6 22 11 4 25  E  P ExpansionExpansion
  • 32. Key Generation (cont.) D0C0 Input Key Permuted Choice One (PC-1) Permuted Choice Two (PC-2) Schedule of Left Shifts Di-1Ci-1 DiCi ▪ ▪ ▪ ▪ ▪ ▪ Keyi
  • 33. Key Generation (cont.) Original Key: Key0 Permuted Choice One: PC_1( ) Permuted Choice Two: PC_2( ) Schedule of Left Shift: SLS( ) 00 0( , ) _ 1( )C D PC Key 1 1( , ) ( , )i i i iC D SLS C D  1 1_ 2( ( , ))i i iKey PC SLS C D 
  • 34. Decryption The same algorithm as encryption. Reversed the order of key (Key16, Key15, … Key1). For example: IP undoes IP-1 step of encryption. 1st round with SK16 undoes 16th encrypt round. [1]
  • 35. Strength of DES Criticism Reduction in key size of 72 bits Too short to withstand with brute-force attack S-boxes were classified. Weak points enable NSA to decipher without key. 56-bit keys have 256 = 7.2 x 1016 values Brute force search looks hard. A machine performing one DES encryption per microsecond would take more than a thousand year to break the cipher.
  • 36. Strength of DES (cont.) Avalanche effect in DES If a small change in either the plaintext or the key, the ciphertext should change markedly. DES exhibits a strong avalanche effect.