Professional Documents
Culture Documents
What is Cryptography?
Cryptography is the science of using mathematics to encrypt and decrypt data. It enables you to store sensitive information or transmit it across insecure networks (like the Internet) so that it cannot be read by anyone except the intended receiver. It is used in applications present in technological advanced societies e.g. Security of ATM cards, computer passwords and e-commerce.
Netprog: Cryptgraphy
Why Cryptography?
The main use of cryptography is to provide the following :
Disadvantage
If a user has n trading partners, then n secret keys must be maintained, one for each trading partner Authenticity of origin or receipt cannot be proved because the secret key is shared Management of the symmetric keys becomes problematic
13
Using Keys
Private keys are used for decrypting. Public keys are used for encrypting. plaintext encryption public key ciphertext decryption plaintext ciphertext
private key
14
disadvantage
software encryption using DES (symmetric key algorithm) is 100 times faster than software encryption using RSA (asymmetric key algorithm) - estimate provided by RSA Data Securities hardware encryption using DES (symmetric key algorithm) is anywhere from 1,000 to 10,000 times faster than hardware encryption using RSA (asymmetric key algorithm)
Digital Signature
Public key cryptography is also used to provide digital signatures. signing signed message
plaintext
private key
signed message verification plaintext
public key
18
Apublic is Alices public key. Aprivate is Alices private key. Bpublic is Bobs public key. Bprivate is Bobs private key.
19
20
21
Revised Scheme
Alice Bob
22
Speed
Secret key encryption/decryption algorithms are much faster than public key algorithms. Many times a combination is used:
use public key cryptography to share a
secret key. use the secret key to encrypt the bulk of the communication.
23
Secure Protocols
electronic voting
homework submission
24
Secure Protocols
Many application protocols include the use of cryptography as part of the application level protocol.
The cryptographic scheme employed is part
of the protocol. If stronger cryptographic tools become available we need to change the protocol.
25
Secure Sockets Layer (SSL) is a different approach - a new layer is added that provides a secure channel over a TCP only link. TLS is Transport Layer Security (IETF standard based on SSL).
26
Transport Layer Security (TLS) Protocol and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols that provide security and data integrity for communications over TCP/IP networks such as the Internet
27
SSL layer
Application SSL TCP IP Application SSL TCP IP
28
Advantages of SSL/TLS
Independent of application layer Includes support for negotiated encryption techniques.
easy to add new techniques.
applications like web browsing, electronic mail, Internet faxing, instant messaging and voice-over-IP (VoIP
29
HTTPS Usage
30
Netprog: Cryptgraphy
32
Netprog: Cryptgraphy
34
Netprog: Cryptgraphy
35
Netprog: Cryptgraphy
36