Scribd
Upload
114 views

Cryptography: Principles of Information Security, 2nd Edition 1

This document discusses cryptography and encryption. It describes different cipher methods like bit stream ciphers, block ciphers, substitution ciphers, and transposition ciphers. It also explains symmetric and asymmetric cryptographic algorithms, including DES, 3DES, AES, and public key encryption. Additionally, it covers cryptography tools like PKI, digital signatures, digital certificates, and protocols for secure communication such as SSL, S-HTTP, S/MIME, and SET.

Uploaded by

Nishanth Krishnamurthy
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
114 views

Cryptography: Principles of Information Security, 2nd Edition 1

This document discusses cryptography and encryption. It describes different cipher methods like bit stream ciphers, block ciphers, substitution ciphers, and transposition ciphers. It also explains symmetric and asymmetric cryptographic algorithms, including DES, 3DES, AES, and public key encryption. Additionally, it covers cryptography tools like PKI, digital signatures, digital certificates, and protocols for secure communication such as SSL, S-HTTP, S/MIME, and SET.

Uploaded by

Nishanth Krishnamurthy
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 20

Cryptography

Principles of Information Security, 2nd edition 1


Learning Objectives
Upon completion of this material, you should be able to:

 Understand the basic cipher methods and cryptographic


algorithms
 List and explain the major protocols used for secure
communications

Principles of Information Security, 2nd edition 2


Introduction
 Cryptography: process of making and using codes to
secure transmission of information

 Encryption: converting original message into a form


unreadable by unauthorized individuals

Principles of Information Security, 2nd edition 3


Cipher Methods
 Plaintext can be encrypted through bit stream or block
cipher method

 Bit stream: each plaintext bit transformed into cipher bit


one bit at a time

 Block cipher: message divided into blocks (e.g., sets of


8- or 16-bit blocks) and each is transformed into
encrypted block of cipher bits using algorithm and key

Principles of Information Security, 2nd edition 4


Cipher Methods (continued)
 Substitution cipher: substitute one value for another
 Monoalphabetic substitution: uses only one alphabet
 Polyalphabetic substitution: more advanced; uses two or more
alphabets

 Transposition cipher: rearranges values within a block to create


ciphertext

 Exclusive OR (XOR): function of Boolean algebra; two bits are


compared
 If two bits are identical, result is binary 0

 If two bits not identical, result is binary 1

Principles of Information Security, 2nd edition 5


Table 8-1 Exclusive OR Operations

Principles of Information Security, 2nd edition 6


Cryptographic Algorithms
 Often grouped into two broad categories, symmetric and
asymmetric; today’s popular cryptosystems use hybrid
combination of symmetric and asymmetric algorithms

 Symmetric and asymmetric algorithms distinguished by


types of keys used for encryption and decryption
operations

Principles of Information Security, 2nd edition 7


Cryptographic Algorithms (continued)
 Symmetric encryption: uses same “secret key” to
encipher and decipher message

 Encryption methods can be extremely efficient, requiring


minimal processing

 Both sender and receiver must possess encryption key

 If either copy of key is compromised, an intermediate can


decrypt and read messages

Principles of Information Security, 2nd edition 8


Figure 8-3 Symmetric Encryption Example

Principles of Information Security, 2nd edition 9


Cryptographic Algorithms (continued)

 Data Encryption Standard (DES): one of most popular


symmetric encryption cryptosystems
 64-bit block size; 56-bit key
 Adopted by NIST in 1976 as federal standard for
encrypting non-classified information
 Triple DES (3DES): created to provide security far
beyond DES
 Advanced Encryption Standard (AES): developed to
replace both DES and 3DES

Principles of Information Security, 2nd edition 10


Cryptographic Algorithms (continued)
 Asymmetric Encryption (public key encryption)

 Uses two different but related keys; either key can encrypt
or decrypt message

 If Key A encrypts message, only Key B can decrypt

 Highest value when one key serves as private key and the
other serves as public key

Principles of Information Security, 2nd edition 11


Figure 8-4 Using Public Keys

Principles of Information Security, 2nd edition 12


Cryptography Tools

 Public Key Infrastructure (PKI): integrated system of


software, encryption methodologies, protocols, legal
agreements, and third-party services enabling users to
communicate securely

 PKI systems based on public key cryptosystems; include


digital certificates and certificate authorities (CAs)

Principles of Information Security, 2nd edition 13


Digital Signatures

 Encrypted messages that can be mathematically proven


to be authentic

 Created in response to rising need to verify information


transferred using electronic systems

 Asymmetric encryption processes used to create digital


signatures

Principles of Information Security, 2nd edition 14


Digital Certificates

 Electronic document containing key value and identifying


information about entity that controls key

 Digital signature attached to certificate’s container file to


certify file is from entity it claims to be from

Principles of Information Security, 2nd edition 15


Figure 8-5 Digital Signatures

Principles of Information Security, 2nd edition 16


Protocols for Secure Communications

 Secure Socket Layer (SSL) protocol: uses public key


encryption to secure channel over public Internet

 Secure Hypertext Transfer Protocol (S-HTTP): extended


version of Hypertext Transfer Protocol; provides for
encryption of individual messages between client and
server across Internet

 S-HTTP is the application of SSL over HTTP; allows


encryption of information passing between computers
through protected and secure virtual connection

Principles of Information Security, 2nd edition 17


Protocols for Secure Communications (continued)

 Securing E-mail with S/MIME, PEM, and PGP

 Secure Multipurpose Internet Mail Extensions (S/MIME):


builds on Multipurpose Internet Mail Extensions (MIME)
encoding format by adding encryption and authentication

 Privacy Enhanced Mail (PEM): proposed as standard to


function with public key cryptosystems; uses 3DES
symmetric key encryption

 Pretty Good Privacy (PGP): uses IDEA Cipher for


message encoding

Principles of Information Security, 2nd edition 18


Protocols for Secure Communications (continued)
 Securing Web transactions with SET, SSL, and S-HTTP

 Secure Electronic Transactions (SET): developed by


MasterCard and VISA in 1997 to provide protection from
electronic payment fraud

 Uses DES to encrypt credit card information transfers

 Provides security for both Internet-based credit card


transactions and credit card swipe systems in retail stores

Principles of Information Security, 2nd edition 19


Summary
 Cryptography and encryption provide sophisticated
approach to security
 Many security-related tools use embedded encryption
technologies

 Encryption converts a message into a form that is


unreadable by the unauthorized

 Many tools are available and can be classified as


symmetric or asymmetric, each having advantages and
special capabilities

Principles of Information Security, 2nd edition 20

You might also like