Professional Documents
Culture Documents
VAHELAL, AHMEDABAD.
Guided By Submitted By
1
HASMUKH GOSWAMI COLLEGE OF ENGINEERING
VAHELAL, AHMEDABAD.
Year:2010
Certificate
This is to certify that the seminar entitled “CRYPTOGRAPHY” and submiitted
by SALONI BHARGAVA having roll no 02 for the partial fullfilment of
requirements of Bachelor of Engineering(Information Technology) degree of
HASMUKH GOSWAMI COLLEGE OF ENGINEERING, VAHELAL,
AHMEDABAD, Gujarat, India embodies the bonafied work done by haer under
my supervision.
Name of guide
Place:
Date :
2
HASMUKH GOSWAMI COLLEGE OF ENGINEERING
Vahelal,Ahmedabad.
Year:2010
Acknowledgement
I would also like to thank entire computer department and faculty for helping me
in every possible manner during this course.
3
ABSTRACTION
4
INDEX
No TOPIC Page no
1. Introduction 6
2. Development of cryptography 6
3. Need of cryptography 7
4. What is cryptography? 8
5. Types of cryptography 8
6. Digital signature 15
7. Hash functions 16
8. Security Architecture 19
9. Applications 19
10. Examples 26
12. Conclusion 23
13. Bibliography 23
5
1. INTRODUCTION
2. DEVELOPMENT OF CRYPTOGRAPHY
Until the 1970s, secure cryptography was largely the preserve of governments.
Two events have since brought it squarely into the public domain: the creation of
a public encryption standard (DES), and the invention of public-key cryptography.
3. NEED OF CRYPTOGRAPHY
1) Private or confidentiality
6
2) Data integrity
3) Authentication
4) Non-repudation
1.Confidentiality is a service used to keep the content of information from all but
those authorized to posses it. Secrecy is a term synonymous with confidentiality and
privacy. There arenumerous approaches to providing confidentiality, ranging from
physical protection tomathematical algorithms which render data unintelligible.
BASICS OF CRYPTOGRAPHY
ENCRYPTION:-
7
DECRYPTION:-
4. WHAT IS CRYPTOGRAPHY?
5. TYPES OF CRYPTOGRAPHY
8
There are two main types of cryptography:
• Secret key cryptography
• Public key cryptography
In cryptographic systems, the term key refers to a numerical value used by an
algorithm to alter information, making that information secure and visible only to
individuals who have the corresponding key to recover the information.
SECRET KEY CRYPTOGRAPHY:-
Secret key cryptography is also known as symmetric key cryptography.
With this type of cryptography, both the sender and the receiver know the same
secret code, called the key. Messages are encrypted by the sender using the key
and decrypted by the receiver using the same key.
This method works well if you are communicating with only a limited number of
people, but it becomes impractical to exchange secret keys with large numbers
of people. In addition, there is also the problem of how you communicate the
secret key securely.
The figure given below shows secret key cryptography.
• STREAM CIPHERS:
Stream ciphers operate on a single bit (byte or computer word) at a time,
and implement some form of feedback mechanism so that the key is constantly
changing.
9
• BLOCK CIPHERS : The scheme encrypts one block of data at a time using the
same key on each block.
STREAM CIPHERS
Stream ciphers come in several flavors but two are worth mentioning
here :
• Self-synchronizing stream ciphers calculate each bit in the keystream as a
function of the previous n bits in the keystream.
• Synchronous stream ciphers generate the keystream in a fashion
independent of the message stream but by using the same keystream
generation function at sender and receiver.
BLOCK CIPHERS
Block ciphers can operate in one of several modes; the following four
are the most important:
• Electronic Codebook (ECB) mode :
• Cipher Block Chaining (CBC) mode :
• Cipher Feedback (CFB) mode :
• Output Feedback (OFB) mode
10
The public key can be freely distributed without compromising the private key,
which must be kept secret by its owner. Because these keys work only as a pair,
encryption initiated with the public key can be decrypted only with the
corresponding private key. The following example illustrates how public key
cryptography works:
• Ann wants to communicate secretly with Bill. Ann encrypts her message
using Bill’s public key (which Bill made available to everyone) and Ann
sends the scrambled message to Bill.
• When Bill receives the message, he uses his private key to unscramble
the message so that he can read it.
• When Bill sends a reply to Ann, he scrambles the message using Ann’s
public key.
• When Ann receives Bill’s reply, she uses her private key to unscramble his
message.
The major advantage asymmetric encryption offers over symmetric key
cryptography is that senders and receivers do not have to communicate keys up
possible using the public keys.
The figure given below shows public-key cryptography.
Public-key private-key
11
Plaintext Encryption Ciphertext Decryption Plaintext
a) RSA
b) Diffie-Hellman
c) Elliptic curve
12
Plaintext is encrypted with
Session key
Ciphertext +
encrypted session
key
13
Encrypted message encrypted session recipient’s private key
used
Key to decrypt session key
KEYS:
A key is a value that works with a cryptographic algorithm to
produce a specific ciphertext. Keys are basically really, really,
really big numbers.Key size is measured in bits; the number
representing a 2048-bit key is darn huge. In public-key
cryptography, the bigger the key, the more secure the
ciphertext.
14
the key, the more secure, but the algorithms used for each type
of cryptography are very different and thus comparison is like
that of apples to oranges.
While the public and private keys are mathematically related, it’s
very difficult to derive the private key given only the public key;
however, deriving the private key is always possible given
enough time and computing power. This makes it very important
to pick keys of the right size; large enough to be secure, but
small enough to be applied fairly quickly. Additionally, you need
to consider who might be trying to read your files, how
determined they are,how much time they have, and what their
resources might be.
Keys are stored in encrypted form. PGP stores the keys in two
files on
your hard disk; one for public keys and one for private keys.
These files are called keyrings. As you use PGP, you will typically
add the public keys of your recipients to your public keyring.
Your private keys are stored on your private keyring. If you lose
your private keyring you will be unable to decrypt any
15
information encrypted to keys on that ring. Consequently, it’s a
good idea to keep good backups.
6. DIGITAL SIGNATURES:
16
private key public
key
7. HASH FUNCTIONS
17
Then PGP uses the digest and the private key to create the
“signature.” PGP transmits the signature and the plaintext
together. Upon receipt of the message, the recipient uses PGP to
recompute the digest, thus verifying the signature. PGP can
encrypt the plaintext or not; signing plaintext is useful if some of
the recipients are not interested in or capable of verifying the
signature.
18
The Advantages of Public-Key Cryptography Compared with Secret-Key
Cryptography is as follow:-
19
• In some situations, public-key cryptography is not necessary and secret-
key cryptography alone is sufficient. This includes environments where
secure secret-key agreement can take place, for example by users
meeting in private. It also includes environments where a single authority
knows and manages all the keys, e.g., a closed banking system. Since the
authority knows everyone's keys already, there is not much advantage for
some to be "public" and others "private." Also, public-key cryptography is
usually not necessary in a single-user environment. For example, if you
want to keep your personal files encrypted, you can do so with any secret-
key encryption algorithm using, say, your personal password as the secret
key. In general, public-key cryptography is best suited for an open multi-
user environment.
Security mechanism
1. Specific security Mechanism
2. Pervasive Security Mechanism
20
Security attacks
1. Passive Attacks
a. Release of message contents
b. Traffic analysis
2.Active Attacks
a. Masquerade
b. Replay
c. Modification of messages
d. Denial of services
9. APPLICATIONS
Computer password.
ATM security.
Military security
Electronic commerce.
Authentication of messages.
Digital signatures.
Interactive proofs
Secure compututers
10. EXAMPLES:
21
information is received by ABC, the private key is used to unscramble the
information, allowing the processing department to process the payroll.
• Using symmetric cryptography the ABC company would have to deliver, through
some secure means (such as a courier), a copy of its one and only private key.
Since the same key is used to both encrypt and decrypt the information, both
sender and receiver must have a copy. So if XYZ is a new client for ABC, ABC
must send XYZ a copy of the secret key so that XYZ can then encrypt its payroll
information and transmit it to ABC. ABC, using the same key, decrypts XYZ’s
information and processes the payroll data. Since a system is only as strong as its
weakest link, key security during transmission becomes as important for XYZ as
encrypting the data.
• As mentioned earlier that for large documents, use of public key cryptography is
prohibitive because transmission speeds are so slow. By using something called a
digital envelope, the best of both symmetric (transmission speed) and public key
(security) cryptography can be used. Here is an example of how a digital envelope
works. Mary wants to send a very large document to her main office overseas.
Because of its sensitivity, Mary believes it should be sent using public key
22
cryptography but knows she can’t because it’s too large. She decides to use a
digital envelope.
• Mary first creates a special session key and uses this key to symmetrically encrypt
her document. That is, she uses a symmetric cryptographic algorithm. She then
encrypts the session key with her organization’s public key. So now the document
is encrypted using symmetric cryptography and the key that encrypted it is
encrypted using public key cryptography. The encrypted key is called the digital
envelope. She then transmits both the key and the document to the main office.
• At the main office, the company’s private key is used to decrypt the session key.
Then the session key is used to decrypt the document. Transmission was fast and
just as secure as using public key cryptography exclusively [1:24]. Digital
envelops offer the benefits of both approaches without sacrificing security..
FUTURE ASPECTS:
DNA Cryptography:
• DNA cryptography is a new born cryptographic field emerged with the research
of DNA computing, in which DNA is used as information carrier and the modern
biological technology is used as implementation tool.
23
• The vast parallelism and extraordinary information density inherent in DNA
molecules are explored for cryptographic purposes such as encryption,
authentication, signature, and so on.
QUANTUM Cryptography:
12. CONCLUSION:
With the introduction of computer, the need for automated tools for protecting files &
other information stored on the computer, to protect these type of files & our network we
use cryptography.
13. BIBLIOGRAPHY:
• www.cryptography.com
• www.wikipedia.com
• www.io.com/~hcexres/power_tools/hyperweb/website1.PDF
• www.abo.fi/~ipetre/crypto
• www.google.com
• www.howstuffworks.com
24