SlideShare a Scribd company logo

Encryption techniques

Download as PPTX, PDF
M
MohitManna

The document summarizes security issues related to e-commerce and encryption techniques. It discusses concepts like confidentiality, integrity, availability, authenticity, non-repudiation and describes encryption methods like SSL, digital signatures, and message authentication codes. It also covers encryption techniques like symmetric key encryption using DES/3DES and asymmetric key encryption using RSA cryptography. The document is presented by a group consisting of 5 members and contains details of security issues, encryption standards and methods.

Internet
Related topics:
E-commerce β€’ Information Security β€’ Digital Signature Overview
1 of 40
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
SECURITY ISSUES AND ENCRYPTION GROUP 5
GROUP MEMBERS β€’ Anubha β€’ Mohit Manna β€’ Nikhil β€’ Preeti β€’ Rahul Kumar Singh
CONTENTS β€’ Security Issues β€’ SSL β€’ Digital Signature β€’ Message Authentication β€’ Encryption techniques
SECURITY ISSUES OF E-COMMERCE β€’ Confidentiality β€’ Integrity β€’ Availability β€’ Authenticity β€’ Non-Repudiability β€’ Encryption β€’ Auditability
CONFIDENTIALITY β€’ Keeping private or sensitive information from being disclosed to unauthorised individuals, entities or processes. β€’ Information should not be accessible to an unauthorized person. It should not be intercepted during the transmission.
INTEGRITY β€’ The ability to protect data from being altered or destroyed by unauthorised access or accidental manner. β€’ Information should not be altered during its transmission over the network.
AVAILABILITY β€’ Information should be available wherever and whenever required within a time limit specified.
AUTHENTICITY β€’ There should be a mechanism to authenticate a user before giving him/her an access to the required information. β€’ To Make sure that the message senders or principles are who they say they are.
NON - REPUDIABILITY β€’ It is the protection against the denial of order or denial of payment. β€’ Once a sender sends a message, the sender should not be able to deny sending the message β€’ the recipient of message should not be able to deny the receipt.
AUDITABILITY β€’ Data should be recorded in such a way that it can be audited for integrity requirements.
SSL(SECURE SOCKET LAYER) β€’SECULAR SOCKET LAYER IS A COMMUNICATION PROTOCOL IS CREATED BY NETSCAPE IN 1994 TO ENSURE SECURE TRANSACTIONS BETWEEN WEB SERVERS AND BROWSERS. β€’"HTTPS://" IS TO BE USED FOR HTTP URLS WITH SSL, WHEREAS "HTTP:/" IS TO BE USED FOR HTTP URLS WITHOUT SSL .
WHAT IS SSL USED FOR? β€’ The SSL protocol is used by millions of online business to protect their customers, ensuring their online transactions remain confidential. β€’ A web page should use encryption when it expects users to submit confidential data, including personal information, passwords, or credit card details. β€’ All web browsers have the ability to interact with secured sites so long as the site's certificate is issued by a trusted certificate authority.
WHY SSL ? SSL PROVIDES….. β€’ Confidentiality (Privacy) β€’ Data integrity (Tamper-proofing) β€’ Server authentication (Proving a server is what it claims it is) β€’ Used in typical B2C transaction β€’ Optional client authentication β€’ Would be required in B2B (or Web services environment in which program talks to program)
SSL KEY EXCHANGE
FIREWALL β€’ A firewall is a system of hardware and software components designed to restrict access between or among networks, most often between the Internet and a private Internet. β€’ The firewall is part of an overall security policy that creates a perimeter defense designed to protect the information resources of the organization.
HARDWARE V/S SOFTWARE FIREWALLS. β€’ Hardware firewalls - Protect an entire network - Implemented on router level - Usually more expensive, harder to configure. β€’ Software firewalls - protect a single computer - Usually less expensive, easier to configure.
DIGITAL SIGNATURE: β€’ Digital signature ensures the authenticity of the information. β€’ A digital signature is an e-signature authenticated through encryption and password.
ENCRYPTION : β€’ It is a very effective and practical way to safeguard the data being transmitted over the network. β€’ It is the process of converting information or data into a code, especially to prevent unauthorized access. β€’ Sender of the information encrypts the data using a encryption technique and only the specified receiver can decrypt the data using the same or a different encryption technique.
BENEFITS OF ENCRYPTION β€’ Confidentiality β€’ Authentication β€’ Data Integrity β€’ Non-repudiation
DRAWBACKS OF ENCRYPTION β€’ Sometimes it may be difficult to access even for a legitimate user β€’ High availability β€’ selective access control β€’ Does not guard threats that emerge from the poor design of systems β€’ Costly β€’ based on the computational difficulty of mathematical problems
MESSAGE AUTHENTICATION β€’ Threat: the user is not sure about the originator of the message β€’ Message Authentication Code Algorithm
LIMITATIONS OF MAC 1. Establishment of Shared Secret 2. Inability to Provide Non-Repudiation  Limitations of MAC can be overcome by Digital signature
ENCRYPTION TECHNIQUES MOHIT MANNA
ORIGIN β€’ Humans want to (1)share information and (2) selectively β€’ This need gives birth to art of β€œcoding messages” β€’ The art and science of concealing the messages to introduce secrecy in information security is called cryptography. β€’ β€œ Cryptography β€œ from GREEK .. KRYPTO (hidden) + GRAPHENE (writing)
HISTORY β€’ HIEROGLYPH is the oldest technique used by Egyptians 4000 years ago β€’ Around 500-600 BC mono-alphabetic substitution ciphers were used β€’ Roman method (Caesar Shift Cipher) relies on shifting of a message by an agreed number β€’ Steganography (slightly different)
EVOLUTION β€’ Started during European Renaissance β€’ Vigenere Coding came in 15th Century β€’ After 19th Century it evolved from ad hoc approach to sophisticated art and science β€’ In early 20th Century machines were invented e.g. Enigma Rotor machine β€’ During WW2 both cryptography and cryptanalysis became excessively mathematical β€’ With advances govts. , military units and corporate houses started adopting it
MODERN CRYPTOGRAPHY β€’ It is called as cornerstone of communications security. β€’ Based on number theory, computational-complexity and probability theory Classic Cryptography Modern Cryptography It manipulates traditional characters It operates on binary bit sequences Based on β€˜security through obscurity’ Relies on mathematical algorithms. Secrecy is obtained through secret key It requires entire cryptosystem for communicating confidentially Requires parties interested in secure communication to possess the secret key
CRYPTOGRAPHY PRIMITIVES
CRYPTOSYSTEMS
TYPES OF CRYPTOSYSTEMS 1. Symmetric key Encryption 2. Asymmetric Key Encryption(Public Key Encryption)
TYPES OF CRYPTOSYSTEMS [1. SYMMETRIC KEY ] Examples: Digital Encryption Standard(DES), Triple- DES(3DES), IDEA and TWOFISH
FIESTEL BLOCK CIPHER β€’ The input block to each round is divided into two halves that can be denoted as L and R for the left half and the right half β€’ In each round, the right half of the block, R, goes through unchanged. But the left half, L, goes through an operation that depends on R and the encryption key β€’ each round uses a different key, although all these subkeys are related to the original key β€’ The permutation step at the end of each round swaps the modified L and unmodified R. β€’ Above substitution and permutation steps form a β€˜round’. The number of rounds are specified by the algorithm design β€’ Once the last round is completed then the two sub blocks, β€˜R’ and β€˜L’ are concatenated in this order to form the ciphertext block β€’ difficult part of designing a Feistel Cipher is selection of round function β€˜f’
FEATURES OF SYMMETRIC KEY ENCRYPTION β€’ Persons using it must share a common key prior to exchange of information β€’ Keys are recommended to be changed regularly to prevent any attack on the system β€’ robust mechanism needs to exist to exchange the key between the communicating parties β€’ Length of Key (number of bits) in this encryption is smaller and hence, process of encryption-decryption is faster than asymmetric key encryption β€’ Processing power of computer system required to run symmetric algorithm is less
CHALLENGES OF USING SYMMETRIC KEY ENCRYPTION 1. Key Establishment 2. Trust Issue β€’ But, today we need to communicate to non-familiar parties..
TYPES OF CRYPTOSYSTEMS [2. ASYMMETRIC KEY] β€’ Different keys are used for encrypting and decrypting the information οƒ˜ User have 2 dissimilar keys mathematically related called private key and public key οƒ˜ Public key –public repository Private key –well guarded secret οƒ˜ When Host1 needs to send data to Host2, he obtains the public key of Host2 from repository, encrypts the data, and transmits οƒ˜ Host2 uses his private key to extract the plaintext. o Length of keys is large so slower o Processing power of computer system required to run asymmetric algorithm is higher
CHALLENGES OF PUBLIC KEY CRYPTOSYSTEM β€’ the user needs to trust that the public key that he is using in communications with a person really is the public key of that person and has not been spoofed by a malicious third party β€’ This is usually accomplished through a Public Key Infrastructure (PKI) consisting a trusted third party
PUBLIC KEY ENCRYPTION: RSA CRYPTOSYSTEM β€’ Used even today β€’ Invented by: Ron Rivest, Adi Shamir, Len Adleman β€’ Two things are involved: (1) Generation of key pair (2) Encryption- Decryption modes
1. GENERATION OF RSA KEY PAIR β€’ The process is as follows: 1. Generate the RSA modulus(n) β€’ Select two large primes, p and q β€’ Calculate n=p*q. 2. Find Derived Number(e) β€’ Number e must be greater than 1 and less than (p βˆ’ 1)(q βˆ’ 1) β€’ There must be no common factor for e and (p βˆ’ 1)(q βˆ’ 1) except for 1 3. Form the public key β€’ The pair of numbers (n, e) form the RSA public key and is made public 4. Generate the Private Key β€’ Private Key d is calculated from p, q, and e. For given n and e, there is unique number d β€’ Number d is the inverse of e modulo (p βˆ’ 1)(q – 1) β€’ Example: 1. Generate the RSA modulus(n) β€’ P=7, q=13. Thus, n=p*q=7*13=91 2. Find Derived Number(e) β€’ Select e = 5 because , there is no number that is common factor of 5 and (p βˆ’ 1)(q βˆ’ 1) = 6 Γ— 12 = 72 3. Form the public key β€’ The pair of numbers (n, e) = (91, 5) forms the public key 4. Generate the Private Key β€’ Input p = 7, q = 13, and e = 5 to the Extended Euclidean Algorithm. The output will be d = 29 β€’ Check: de = 29 Γ— 5 = 145 = 1 mod 72 Each party has to generate a pair of keys i.e. public key and private key though n is part of the public key, difficulty in factorizing a large prime number ensures that attacker cannot find in finite time the two primes (p & q) used to obtain n
RSA ENCRYPTION β€’ Encryption: β€’ sender wish to send some text message to someone whose public key is (n, e) β€’ the sender then represents the plaintext as a series of numbers less than n β€’ To encrypt the first plaintext P, which is a number modulo n. β€’ Decryption: β€’ receiver of public-key pair (n, e) has received a ciphertext C β€’ Receiver raises C to the power of his private key d. The result modulo n will be the plaintext P β€’ Returning again to our numerical example, the ciphertext C = 82 would get decrypted to number 10 using private key 29 RSA does not directly operate on strings of bits as in case of symmetric key It operates on numbers modulo n it is necessary to represent the plaintext as a series of numbers less than n
THANK YOU

More Related Content

PPTX
Key management
Brandon Byungyong Jo
Β 
PDF
18CS2005 Cryptography and Network Security
Kathirvel Ayyaswamy
Β 
PDF
CS6004 CYBER FORENSICS
Kathirvel Ayyaswamy
Β 
PPTX
Key management
Sujata Regoti
Β 
PDF
18CS2005 Cryptography and Network Security
Kathirvel Ayyaswamy
Β 
PPTX
Key distribution code.ppt
Prabhat Kumar
Β 
PPTX
Key Distribution Problem in advanced operating system
Merlin Florrence
Β 
PPTX
Cryptography and Encryptions,Network Security,Caesar Cipher
Gopal Sakarkar
Β 
Key management
Brandon Byungyong Jo
Β 
18CS2005 Cryptography and Network Security
Kathirvel Ayyaswamy
Β 
CS6004 CYBER FORENSICS
Kathirvel Ayyaswamy
Β 
Key management
Sujata Regoti
Β 
18CS2005 Cryptography and Network Security
Kathirvel Ayyaswamy
Β 
Key distribution code.ppt
Prabhat Kumar
Β 
Key Distribution Problem in advanced operating system
Merlin Florrence
Β 
Cryptography and Encryptions,Network Security,Caesar Cipher
Gopal Sakarkar
Β 

What's hot (20)

PDF
Encryption and Key Distribution Methods
Gulcin Yildirim Jelinek
Β 
PDF
Essential Guide to Protect Your Data [Key Management Techniques]
SISA Information Security Pvt.Ltd
Β 
PPT
Cryptography
JohnsonDaniel JohnsonDaniel
Β 
PPTX
Key Management and Distribution
Syed Bahadur Shah
Β 
PPT
key distribution in network security
babak danyal
Β 
PPTX
Network security
ABHISHEK KUMAR
Β 
PPTX
Cryptographic tools
CAS
Β 
PPTX
Introduction to Cryptography Training – Level 1
Bryan Len
Β 
PPTX
Introduction to cryptography part1-final
Taymoor Nazmy
Β 
PPTX
key management
VIRAJRATHOD8
Β 
ODP
CISSP Week 20
jemtallon
Β 
PPTX
Enhancing lan using cryptography and other modules
Murali Krishna
Β 
PPTX
Key management and distribution
Riya Choudhary
Β 
PPT
Info security & crypto
Shehrevar Davierwala
Β 
PDF
Ch14
Francis Alamina
Β 
PDF
Sw2 b12
Irvine_ps
Β 
PDF
CS6004 CYBER FORENSICS
Kathirvel Ayyaswamy
Β 
PPTX
Basic concept of pki
Prabhat Goel
Β 
PPT
Information and data security key management and distribution
Mazin Alwaaly
Β 
PDF
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
Kathirvel Ayyaswamy
Β 
Encryption and Key Distribution Methods
Gulcin Yildirim Jelinek
Β 
Essential Guide to Protect Your Data [Key Management Techniques]
SISA Information Security Pvt.Ltd
Β 
Cryptography
JohnsonDaniel JohnsonDaniel
Β 
Key Management and Distribution
Syed Bahadur Shah
Β 
key distribution in network security
babak danyal
Β 
Network security
ABHISHEK KUMAR
Β 
Cryptographic tools
CAS
Β 
Introduction to Cryptography Training – Level 1
Bryan Len
Β 
Introduction to cryptography part1-final
Taymoor Nazmy
Β 
key management
VIRAJRATHOD8
Β 
CISSP Week 20
jemtallon
Β 
Enhancing lan using cryptography and other modules
Murali Krishna
Β 
Key management and distribution
Riya Choudhary
Β 
Info security & crypto
Shehrevar Davierwala
Β 
Ch14
Francis Alamina
Β 
Sw2 b12
Irvine_ps
Β 
CS6004 CYBER FORENSICS
Kathirvel Ayyaswamy
Β 
Basic concept of pki
Prabhat Goel
Β 
Information and data security key management and distribution
Mazin Alwaaly
Β 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
Kathirvel Ayyaswamy
Β 
Ad

Similar to Encryption techniques (20)

PPTX
Encryption in Cryptography
Uttara University
Β 
PPT
6. cryptography
7wounders
Β 
PPTX
Computer Introduction (Data Encryption)-Lecture05
Dr. Mazin Mohamed alkathiri
Β 
PPT
Cryptography
amiable_indian
Β 
PPTX
Cryptography and Network Security Principles.pptx
AbrahamThompson3
Β 
PDF
Introduction to Cryptography
Seema Goel
Β 
PPTX
Fundamental Concept of Cryptography in Computer Security
Uttara University
Β 
PPT
Crypt
Mir Majid
Β 
PPT
What is Encryption
Israel Marcus
Β 
PPT
CS553 ST7 Ch21 Network Security chapter 21
KhaledMohammadSoradi
Β 
PPT
CS553_ST7_Ch21-NetworkSecurityhhhhggg.ppt
BinyamBekeleMoges
Β 
PPT
Network Security Presentation Stallings.
AratiKothari2
Β 
PDF
Fundamentals of Cryptography: Securing Data in the Digital Age
avengersimran16
Β 
PPTX
Cryptography
Pratiksha Patil
Β 
PPTX
Introduction to Cryptography and digital signatures
anupama12369
Β 
PPTX
Unit 7 : Network Security
Chandan Gupta Bhagat
Β 
PDF
Security
Sri Manakula Vinayagar Engineering College
Β 
PPT
Lecture 7 - CRYPTOGRAPHYpptof my presentation.ppt
FarooqKhurshid1
Β 
PPT
Cryptography
Learn 2 Be
Β 
PPT
Encryption
Naiyan Noor
Β 
Encryption in Cryptography
Uttara University
Β 
6. cryptography
7wounders
Β 
Computer Introduction (Data Encryption)-Lecture05
Dr. Mazin Mohamed alkathiri
Β 
Cryptography
amiable_indian
Β 
Cryptography and Network Security Principles.pptx
AbrahamThompson3
Β 
Introduction to Cryptography
Seema Goel
Β 
Fundamental Concept of Cryptography in Computer Security
Uttara University
Β 
Crypt
Mir Majid
Β 
What is Encryption
Israel Marcus
Β 
CS553 ST7 Ch21 Network Security chapter 21
KhaledMohammadSoradi
Β 
CS553_ST7_Ch21-NetworkSecurityhhhhggg.ppt
BinyamBekeleMoges
Β 
Network Security Presentation Stallings.
AratiKothari2
Β 
Fundamentals of Cryptography: Securing Data in the Digital Age
avengersimran16
Β 
Cryptography
Pratiksha Patil
Β 
Introduction to Cryptography and digital signatures
anupama12369
Β 
Unit 7 : Network Security
Chandan Gupta Bhagat
Β 
Security
Sri Manakula Vinayagar Engineering College
Β 
Lecture 7 - CRYPTOGRAPHYpptof my presentation.ppt
FarooqKhurshid1
Β 
Cryptography
Learn 2 Be
Β 
Encryption
Naiyan Noor
Β 
Ad

Recently uploaded (20)

DOCX
Unit-3 cyber security network security of internet system
shivangisharma636228
Β 
PDF
Vigrab.top – Online Tool for Downloading and Converting Social Media Videos a...
Vigrab Top
Β 
PPTX
CHE NAA, , b,mn,mblblblbljb jb jlb ,j , ,C PPT.pptx
sumodmjohn3
Β 
PPT
tcp ip networks nd ip layering assotred slides
pakadamfdp
Β 
PPTX
innovation process that make everything different.pptx
SoumyadipPaul18
Β 
PDF
The Internet -By the Numbers, Sri Lanka Edition
APNIC
Β 
PPTX
QR Codes Qr codecodecodecodecocodedecodecode
SRMediaZone
Β 
PDF
Decoding a Decade: 10 Years of Applied CTI Discipline
Andreas Sfakianakis
Β 
PPTX
Introduction about ICD -10 and ICD11 on 5.8.25.pptx
naveenithkrishnan
Β 
PPTX
June-4-Sermon-Powerpoint.pptx USE THIS FOR YOUR MOTIVATION
KuyaRogie
Β 
PPTX
Job_Card_System_Styled_lorem_ipsum_.pptx
Jeffkigen
Β 
PPTX
introduction about ICD -10 & ICD-11 ppt.pptx
naveenithkrishnan
Β 
PDF
Slides PDF The World Game (s) Eco Economic Epochs.pdf
Steven McGee
Β 
PDF
Paper PDF World Game (s) Great Redesign.pdf
Steven McGee
Β 
PDF
Cloud-Scale Log Monitoring _ Datadog.pdf
MuhammadDhomanhuriMa
Β 
PDF
An introduction to the IFRS (ISSB) Stndards.pdf
farhankhan13694
Β 
PDF
SASE Traffic Flow - ZTNA Connector-1.pdf
mackwell7777
Β 
PDF
πŸ’° π”πŠπ“πˆ πŠπ„πŒπ„ππ€ππ†π€π πŠπˆππ„π‘πŸ’πƒ π‡π€π‘πˆ 𝐈𝐍𝐈 πŸπŸŽπŸπŸ“ πŸ’°
GRAB
Β 
PPTX
SAP Ariba Sourcing PPT for learning material
NKKumar16
Β 
PDF
The New Creative Director: How AI Tools for Social Media Content Creation Are...
SageTitans
Β 
Unit-3 cyber security network security of internet system
shivangisharma636228
Β 
Vigrab.top – Online Tool for Downloading and Converting Social Media Videos a...
Vigrab Top
Β 
CHE NAA, , b,mn,mblblblbljb jb jlb ,j , ,C PPT.pptx
sumodmjohn3
Β 
tcp ip networks nd ip layering assotred slides
pakadamfdp
Β 
innovation process that make everything different.pptx
SoumyadipPaul18
Β 
The Internet -By the Numbers, Sri Lanka Edition
APNIC
Β 
QR Codes Qr codecodecodecodecocodedecodecode
SRMediaZone
Β 
Decoding a Decade: 10 Years of Applied CTI Discipline
Andreas Sfakianakis
Β 
Introduction about ICD -10 and ICD11 on 5.8.25.pptx
naveenithkrishnan
Β 
June-4-Sermon-Powerpoint.pptx USE THIS FOR YOUR MOTIVATION
KuyaRogie
Β 
Job_Card_System_Styled_lorem_ipsum_.pptx
Jeffkigen
Β 
introduction about ICD -10 & ICD-11 ppt.pptx
naveenithkrishnan
Β 
Slides PDF The World Game (s) Eco Economic Epochs.pdf
Steven McGee
Β 
Paper PDF World Game (s) Great Redesign.pdf
Steven McGee
Β 
Cloud-Scale Log Monitoring _ Datadog.pdf
MuhammadDhomanhuriMa
Β 
An introduction to the IFRS (ISSB) Stndards.pdf
farhankhan13694
Β 
SASE Traffic Flow - ZTNA Connector-1.pdf
mackwell7777
Β 
πŸ’° π”πŠπ“πˆ πŠπ„πŒπ„ππ€ππ†π€π πŠπˆππ„π‘πŸ’πƒ π‡π€π‘πˆ 𝐈𝐍𝐈 πŸπŸŽπŸπŸ“ πŸ’°
GRAB
Β 
SAP Ariba Sourcing PPT for learning material
NKKumar16
Β 
The New Creative Director: How AI Tools for Social Media Content Creation Are...
SageTitans
Β 

Encryption techniques

  • 2. GROUP MEMBERS β€’ Anubha β€’ Mohit Manna β€’ Nikhil β€’ Preeti β€’ Rahul Kumar Singh
  • 3. CONTENTS β€’ Security Issues β€’ SSL β€’ Digital Signature β€’ Message Authentication β€’ Encryption techniques
  • 4. SECURITY ISSUES OF E-COMMERCE β€’ Confidentiality β€’ Integrity β€’ Availability β€’ Authenticity β€’ Non-Repudiability β€’ Encryption β€’ Auditability
  • 5. CONFIDENTIALITY β€’ Keeping private or sensitive information from being disclosed to unauthorised individuals, entities or processes. β€’ Information should not be accessible to an unauthorized person. It should not be intercepted during the transmission.
  • 6. INTEGRITY β€’ The ability to protect data from being altered or destroyed by unauthorised access or accidental manner. β€’ Information should not be altered during its transmission over the network.
  • 7. AVAILABILITY β€’ Information should be available wherever and whenever required within a time limit specified.
  • 8. AUTHENTICITY β€’ There should be a mechanism to authenticate a user before giving him/her an access to the required information. β€’ To Make sure that the message senders or principles are who they say they are.
  • 9. NON - REPUDIABILITY β€’ It is the protection against the denial of order or denial of payment. β€’ Once a sender sends a message, the sender should not be able to deny sending the message β€’ the recipient of message should not be able to deny the receipt.
  • 10. AUDITABILITY β€’ Data should be recorded in such a way that it can be audited for integrity requirements.
  • 11. SSL(SECURE SOCKET LAYER) β€’SECULAR SOCKET LAYER IS A COMMUNICATION PROTOCOL IS CREATED BY NETSCAPE IN 1994 TO ENSURE SECURE TRANSACTIONS BETWEEN WEB SERVERS AND BROWSERS. β€’"HTTPS://" IS TO BE USED FOR HTTP URLS WITH SSL, WHEREAS "HTTP:/" IS TO BE USED FOR HTTP URLS WITHOUT SSL .
  • 12. WHAT IS SSL USED FOR? β€’ The SSL protocol is used by millions of online business to protect their customers, ensuring their online transactions remain confidential. β€’ A web page should use encryption when it expects users to submit confidential data, including personal information, passwords, or credit card details. β€’ All web browsers have the ability to interact with secured sites so long as the site's certificate is issued by a trusted certificate authority.
  • 13. WHY SSL ? SSL PROVIDES….. β€’ Confidentiality (Privacy) β€’ Data integrity (Tamper-proofing) β€’ Server authentication (Proving a server is what it claims it is) β€’ Used in typical B2C transaction β€’ Optional client authentication β€’ Would be required in B2B (or Web services environment in which program talks to program)
  • 15. FIREWALL β€’ A firewall is a system of hardware and software components designed to restrict access between or among networks, most often between the Internet and a private Internet. β€’ The firewall is part of an overall security policy that creates a perimeter defense designed to protect the information resources of the organization.
  • 16. HARDWARE V/S SOFTWARE FIREWALLS. β€’ Hardware firewalls - Protect an entire network - Implemented on router level - Usually more expensive, harder to configure. β€’ Software firewalls - protect a single computer - Usually less expensive, easier to configure.
  • 17. DIGITAL SIGNATURE: β€’ Digital signature ensures the authenticity of the information. β€’ A digital signature is an e-signature authenticated through encryption and password.
  • 18. ENCRYPTION : β€’ It is a very effective and practical way to safeguard the data being transmitted over the network. β€’ It is the process of converting information or data into a code, especially to prevent unauthorized access. β€’ Sender of the information encrypts the data using a encryption technique and only the specified receiver can decrypt the data using the same or a different encryption technique.
  • 19. BENEFITS OF ENCRYPTION β€’ Confidentiality β€’ Authentication β€’ Data Integrity β€’ Non-repudiation
  • 20. DRAWBACKS OF ENCRYPTION β€’ Sometimes it may be difficult to access even for a legitimate user β€’ High availability β€’ selective access control β€’ Does not guard threats that emerge from the poor design of systems β€’ Costly β€’ based on the computational difficulty of mathematical problems
  • 21. MESSAGE AUTHENTICATION β€’ Threat: the user is not sure about the originator of the message β€’ Message Authentication Code Algorithm
  • 22. LIMITATIONS OF MAC 1. Establishment of Shared Secret 2. Inability to Provide Non-Repudiation  Limitations of MAC can be overcome by Digital signature
  • 24. ORIGIN β€’ Humans want to (1)share information and (2) selectively β€’ This need gives birth to art of β€œcoding messages” β€’ The art and science of concealing the messages to introduce secrecy in information security is called cryptography. β€’ β€œ Cryptography β€œ from GREEK .. KRYPTO (hidden) + GRAPHENE (writing)
  • 25. HISTORY β€’ HIEROGLYPH is the oldest technique used by Egyptians 4000 years ago β€’ Around 500-600 BC mono-alphabetic substitution ciphers were used β€’ Roman method (Caesar Shift Cipher) relies on shifting of a message by an agreed number β€’ Steganography (slightly different)
  • 26. EVOLUTION β€’ Started during European Renaissance β€’ Vigenere Coding came in 15th Century β€’ After 19th Century it evolved from ad hoc approach to sophisticated art and science β€’ In early 20th Century machines were invented e.g. Enigma Rotor machine β€’ During WW2 both cryptography and cryptanalysis became excessively mathematical β€’ With advances govts. , military units and corporate houses started adopting it
  • 27. MODERN CRYPTOGRAPHY β€’ It is called as cornerstone of communications security. β€’ Based on number theory, computational-complexity and probability theory Classic Cryptography Modern Cryptography It manipulates traditional characters It operates on binary bit sequences Based on β€˜security through obscurity’ Relies on mathematical algorithms. Secrecy is obtained through secret key It requires entire cryptosystem for communicating confidentially Requires parties interested in secure communication to possess the secret key
  • 30. TYPES OF CRYPTOSYSTEMS 1. Symmetric key Encryption 2. Asymmetric Key Encryption(Public Key Encryption)
  • 31. TYPES OF CRYPTOSYSTEMS [1. SYMMETRIC KEY ] Examples: Digital Encryption Standard(DES), Triple- DES(3DES), IDEA and TWOFISH
  • 32. FIESTEL BLOCK CIPHER β€’ The input block to each round is divided into two halves that can be denoted as L and R for the left half and the right half β€’ In each round, the right half of the block, R, goes through unchanged. But the left half, L, goes through an operation that depends on R and the encryption key β€’ each round uses a different key, although all these subkeys are related to the original key β€’ The permutation step at the end of each round swaps the modified L and unmodified R. β€’ Above substitution and permutation steps form a β€˜round’. The number of rounds are specified by the algorithm design β€’ Once the last round is completed then the two sub blocks, β€˜R’ and β€˜L’ are concatenated in this order to form the ciphertext block β€’ difficult part of designing a Feistel Cipher is selection of round function β€˜f’
  • 33. FEATURES OF SYMMETRIC KEY ENCRYPTION β€’ Persons using it must share a common key prior to exchange of information β€’ Keys are recommended to be changed regularly to prevent any attack on the system β€’ robust mechanism needs to exist to exchange the key between the communicating parties β€’ Length of Key (number of bits) in this encryption is smaller and hence, process of encryption-decryption is faster than asymmetric key encryption β€’ Processing power of computer system required to run symmetric algorithm is less
  • 34. CHALLENGES OF USING SYMMETRIC KEY ENCRYPTION 1. Key Establishment 2. Trust Issue β€’ But, today we need to communicate to non-familiar parties..
  • 35. TYPES OF CRYPTOSYSTEMS [2. ASYMMETRIC KEY] β€’ Different keys are used for encrypting and decrypting the information οƒ˜ User have 2 dissimilar keys mathematically related called private key and public key οƒ˜ Public key –public repository Private key –well guarded secret οƒ˜ When Host1 needs to send data to Host2, he obtains the public key of Host2 from repository, encrypts the data, and transmits οƒ˜ Host2 uses his private key to extract the plaintext. o Length of keys is large so slower o Processing power of computer system required to run asymmetric algorithm is higher
  • 36. CHALLENGES OF PUBLIC KEY CRYPTOSYSTEM β€’ the user needs to trust that the public key that he is using in communications with a person really is the public key of that person and has not been spoofed by a malicious third party β€’ This is usually accomplished through a Public Key Infrastructure (PKI) consisting a trusted third party
  • 37. PUBLIC KEY ENCRYPTION: RSA CRYPTOSYSTEM β€’ Used even today β€’ Invented by: Ron Rivest, Adi Shamir, Len Adleman β€’ Two things are involved: (1) Generation of key pair (2) Encryption- Decryption modes
  • 38. 1. GENERATION OF RSA KEY PAIR β€’ The process is as follows: 1. Generate the RSA modulus(n) β€’ Select two large primes, p and q β€’ Calculate n=p*q. 2. Find Derived Number(e) β€’ Number e must be greater than 1 and less than (p βˆ’ 1)(q βˆ’ 1) β€’ There must be no common factor for e and (p βˆ’ 1)(q βˆ’ 1) except for 1 3. Form the public key β€’ The pair of numbers (n, e) form the RSA public key and is made public 4. Generate the Private Key β€’ Private Key d is calculated from p, q, and e. For given n and e, there is unique number d β€’ Number d is the inverse of e modulo (p βˆ’ 1)(q – 1) β€’ Example: 1. Generate the RSA modulus(n) β€’ P=7, q=13. Thus, n=p*q=7*13=91 2. Find Derived Number(e) β€’ Select e = 5 because , there is no number that is common factor of 5 and (p βˆ’ 1)(q βˆ’ 1) = 6 Γ— 12 = 72 3. Form the public key β€’ The pair of numbers (n, e) = (91, 5) forms the public key 4. Generate the Private Key β€’ Input p = 7, q = 13, and e = 5 to the Extended Euclidean Algorithm. The output will be d = 29 β€’ Check: de = 29 Γ— 5 = 145 = 1 mod 72 Each party has to generate a pair of keys i.e. public key and private key though n is part of the public key, difficulty in factorizing a large prime number ensures that attacker cannot find in finite time the two primes (p & q) used to obtain n
  • 39. RSA ENCRYPTION β€’ Encryption: β€’ sender wish to send some text message to someone whose public key is (n, e) β€’ the sender then represents the plaintext as a series of numbers less than n β€’ To encrypt the first plaintext P, which is a number modulo n. β€’ Decryption: β€’ receiver of public-key pair (n, e) has received a ciphertext C β€’ Receiver raises C to the power of his private key d. The result modulo n will be the plaintext P β€’ Returning again to our numerical example, the ciphertext C = 82 would get decrypted to number 10 using private key 29 RSA does not directly operate on strings of bits as in case of symmetric key It operates on numbers modulo n it is necessary to represent the plaintext as a series of numbers less than n