Guiritan, Geomari L.

#7

SFIT – 1C

1. What is Encryption?

In cryptography, encryption is the process of encoding a message or information in such a way that only
authorized parties can access it and those who are not authorized cannot. Encryption does not itself
prevent interference, but denies the intelligible content to a would-be interceptor. In an encryption
scheme, the intended information or message, referred to as plaintext, is encrypted using an encryption
algorithm – a cipher – generating ciphertext that can be read only if decrypted. For technical reasons, an
encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. It is in
principle possible to decrypt the message without possessing the key, but, for a well-designed encryption
scheme, considerable computational resources and skills are required. An authorized recipient can easily
decrypt the message with the key provided by the originator to recipients but not to unauthorized users.

2. What are the different encryption techniques?

- AES - Twofish

- 3DES - RSA

3. Explain the following encryption techniques and give examples?

The Advanced Encryption Standard, AES, is a symmetric encryption algorithm and one of the most
secure. The United States Government use it to protect classified information, and many software and
hardware products use it as well. This method uses a block cipher, which encrypts data one fixed-size
block at a time, unlike other types of encryption, such as stream ciphers, which encrypt data bit by bit.

AES Example - All Round Keys

• Round 0: 54 68 61 74 73 20 6D 79 20 4B 75 6E 67 20 46 75

• Round 1: E2 32 FC F1 91 12 91 88 B1 59 E4 E6 D6 79 A2 93

• Round 2: 56 08 20 07 C7 1A B1 8F 76 43 55 69 A0 3A F7 FA

• Round 3: D2 60 0D E7 15 7A BC 68 63 39 E9 01 C3 03 1E FB

• Round 4: A1 12 02 C9 B4 68 BE A1 D7 51 57 A0 14 52 49 5B

• Round 5: B1 29 3B 33 05 41 85 92 D2 10 D2 32 C6 42 9B 69

• Round 6: BD 3D C2 B7 B8 7C 47 15 6A 6C 95 27 AC 2E 0E 4E

• Round 7: CC 96 ED 16 74 EA AA 03 1E 86 3F 24 B2 A8 31 6A

• Round 8: 8E 51 EF 21 FA BB 45 22 E4 3D 7A 06 56 95 4B 6C

• Round 9: BF E2 BF 90 45 59 FA B2 A1 64 80 B4 F7 F1 CB D8

• Round 10: 28 FD DE F8 6D A4 24 4A CC C0 A4 FE 3B 31 6F 26
Triple Data Encryption Standard, or 3DES, is a current standard, and it is a block cipher. It’s similar to
the older method of encryption, Data Encryption Standard, which uses 56-bit keys. However, 3DES is a
symmetric-key encryption that uses three individual 56-bit keys. It encrypts data three times, meaning
your 56-bit key becomes a 168-bit key.

 Input is 168 bit key and 64 bit Plain Text

 Generate 3 keys 56 bits in length
 Encrypt Using First Key and DES
 Encrypt Using Second Key and DES*
 Encrypt Using Third Key and DES
 3DES Encrypted Cipher Text

Twofish is a symmetric block cipher based on an earlier block cipher – Blowfish. Twofish has a block size
of 128-bits to 256 bits, and it works well on smaller CPUs and hardware. Similar to AES, it implements
rounds of encryption to turn plaintext into cipher text. However, the number of rounds doesn’t vary as
with AES; no matter the key size, there are always 16 rounds.

• 128-bit block

• 128, 192, or 256-bit key

• 16 rounds

• Works in all standard modes

• Encrypts data in:

– 18 clocks/byte on a Pentium

– 16.1 clocks/byte on a Pentium Pro

RSA asymmetric algorithm is named after Ron Rivest, Adi Shamir and Len Adelman. It uses public-key
cryptography to share data over an insecure network. There are two keys: one public and one private. The
public key is just as the name suggests: public. Anyone can access it. However, the private key must be
confidential. When using RSA cryptography, you need both keys to encrypt and decrypt a message. You
use one key to encrypt your data and the other to decrypt it.

Comparable RSA key length Bits of security

- 1024 - 80

- 2048 - 112

- 3072 - 128

- 7680 - 192

- 15360 - 256

4. What is password encryption?

Password Encryption is typically used to protect it from eavesdropping. For example, when you log in to a
website which has been setup properly, your password is encrypted thanks to SSL. No eavesdropper can
snatch the password in transit. As for saving an encrypted password in a database, unless there is a very
good reason to do this and you know what you are doing, this is a bad idea. Storing a digest (e.g., sha-
256(salt+password)) is a much better idea. The reason for this is that the encryption key stored on the
server. So if a hacker can break into the machine and steal the database, surely she can steal the
encryption key and easily decrypt every password.

5. Give different hash technologies.

 Division-remainder method: The size of the number of items in the table is estimated. That
number is then used as a divisor into each original value or key to extract a quotient and a
remainder. The remainder is the hashed value. (Since this method is liable to produce a number
of collisions, any search mechanism would have to be able to recognize a collision and offer an
alternate search mechanism.)
 Folding method: This method divides the original value (digits in this case) into several parts,
adds the parts together, and then uses the last four digits (or some other arbitrary number of
digits that will work ) as the hashed value or key.
 Radix transformation method: Where the value or key is digital, the number base (or radix) can be
changed resulting in a different sequence of digits. (For example, a decimal numbered key could
be transformed into a hexadecimal numbered key.) High-order digits could be discarded to fit a
hash value of uniform length.
 Digit rearrangement method: This is simply taking part of the original value or key such as digits
in positions 3 through 6, reversing their order, and then using that sequence of digits as the hash
value or key.

6. What is Back-end Security?

Back-end Security is the portion of a website, web application, or mobile application that exists behind
the scenes. By contrast, the “frontend” of an application is everything that the user interacts with. This
includes design features in the website or application, links, transactions, images, content, and others.

The backend is often used for data storage or communication. It generally consists of a server, an
application, and a database. If your mobile app sells products, then your customers will be dealing with
the mobile app itself (not the backend applications). Browsing through your selection of products like
electronic items or clothes and making purchases all technically occur on the frontend within the mobile
app. The information about the user’s order, their account, and their personal details are all stored in the
backend. This is, of course, to ensure that their information is all in one convenient location.

The backend is sort of a repository of everything that makes your web presence and mobile apps run
smoothly. In many cases, all the information in the backend is stored on remote or even cloud-based
servers. This can lead to certain vulnerabilities, especially when the information of your customers or
employees is at risk.