international security system data threats

gacop74666 11 views 39 slides Feb 28, 2025
Slide 1
Slide 1 of 39
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8
Slide 9
9
Slide 10
10
Slide 11
11
Slide 12
12
Slide 13
13
Slide 14
14
Slide 15
15
Slide 16
16
Slide 17
17
Slide 18
18
Slide 19
19
Slide 20
20
Slide 21
21
Slide 22
22
Slide 23
23
Slide 24
24
Slide 25
25
Slide 26
26
Slide 27
27
Slide 28
28
Slide 29
29
Slide 30
30
Slide 31
31
Slide 32
32
Slide 33
33
Slide 34
34
Slide 35
35
Slide 36
36
Slide 37
37
Slide 38
38
Slide 39
39

About This Presentation

1. Principle of Least Privilege (POLP) This principle states that every user and program on the system should be granted only the specific rights and permissions needed to perform their tasks, with no more.

Size: 1.26 MB
Language: en
Added: Feb 28, 2025
Slides: 39 pages

Slide Content

UNIT-2
PUBLICKEYCRYPTOGRAPHYANDRSA
InformationSecurity
BY
KhushbuGarg
Assistant Professor
Jecrcu

Plain Text to Cipher Text Conversion
Techniques

Introduction
Encryption is the process of converting
plaintext into ciphertext to secure
information.
Importance:
• Used in communication, data security, and
cryptography.

Substitution Ciphers
Caesar Cipher:
• Each letter shifted by a fixed number.
• Example: HELLO → KHOOR (Shift = 3)
Vigenère Cipher:
• Uses a keyword for multiple shifts.
• Example (Keyword = 'KEY'): HELLO →
RIJVS

Transposition Ciphers
Rail Fence Cipher:
• Letters written diagonally, read row-wise.
• Example: HELLO WORLD →
HLOWRDELLOOL (Depth = 2)
Columnar Transposition:
• Text written in a grid and rearranged by
key order.
• Example (Key = 4312): HELLO → OHLLE

PRIVATE-KEYCRYPTOGRAPHY
??????traditionalprivate/secret/single
key cryptographyusesonekey
??????sharedbybothsenderandreceiver
??????ifthiskeyisdisclosedcommunications
are compromised
??????alsoissymmetric,partiesareequal
??????hencedoesnotprotectsenderfromreceiver
forgingamessage&claimingissentbysender

PUBLIC-KEYCRYPTOGRAPHY
??????probablymostsignificantadvanceinthe
3000 yearhistoryofcryptography
??????usestwokeys–apublic&aprivatekey
??????asymmetricsincepartiesarenotequal
??????usescleverapplicationofnumber
theoretic conceptstofunction
??????complementsratherthanreplacesprivate
key crypto

WHYPUBLIC-KEYCRYPTOGRAPHY?
??????developedtoaddresstwokeyissues:
??????keydistribution–howtohavesecure
communicationsingeneralwithouthavingto
trustaKDCwithyourkey
??????digitalsignatures–howtoverifya
message comesintactfromtheclaimed
sender
??????publicinventionduetoWhitfieldDiffie
&MartinHellmanatStanfordUniin
1976
??????knownearlierinclassifiedcommunity

PUBLIC-KEYCRYPTOGRAPHY
??????public-key/two-key/asymmetriccryptography
involves theuseoftwokeys:
??????apublic-key,whichmaybeknownbyanybody,andcan
be usedtoencryptmessages,andverifysignatures
??????aprivate-key,knownonlytotherecipient,usedto
decrypt messages,andsign(create)signatures
??????isasymmetricbecause
??????thosewhoencryptmessagesorverifysignatures
cannot decryptmessagesorcreatesignatures

PUBLIC-KEYCRYPTOGRAPHY

PUBLIC-KEYCHARACTERISTICS
??????Public-Keyalgorithmsrelyontwokeyswhere:
??????itiscomputationallyinfeasibletofinddecryption
key knowingonlyalgorithm&encryptionkey
??????itiscomputationallyeasytoen/decryptmessageswhen
the relevant(en/decrypt)keyisknown
??????eitherofthetworelatedkeyscanbeusedfor
encryption, withtheotherusedfordecryption(forsome
algorithms)

PUBLIC-KEYCRYPTOSYSTEMS

PUBLIC-KEYAPPLICATIONS
??????canclassifyusesinto3categories:
??????encryption/decryption(providesecrecy)
??????digitalsignatures(provideauthentication)
??????keyexchange(ofsessionkeys)
??????somealgorithmsaresuitableforall
uses, othersarespecifictoone

RSA
??????byRivest,Shamir&AdlemanofMITin1977
??????bestknown&widelyusedpublic-keyscheme
??????basedonexponentiationinafinite(Galois)field
over integersmoduloaprime
??????nb.exponentiationtakesO((logn)
3)operations(easy)
??????useslargeintegers(eg.1024bits)
??????securityduetocostoffactoringlargenumbers
??????nb.factorizationtakesO(e
lognloglogn)operations(hard)

RSAKEYSETUP
??????eachusergeneratesapublic/privatekeypair
by:
??????selectingtwolargeprimesatrandom-p,q
??????computingtheirsystemmodulusn=p.q
??????note ø(n)=(p-1)(q-1)
??????selectingatrandomtheencryptionkeye
??????where1<e<ø(n),gcd(e,ø(n))=1
??????solvefollowingequationtofinddecryptionkey
d
??????e.d=1modø(n)and0≤d≤n
??????publishtheirpublicencryptionkey:PU={e,n}
??????keepsecretprivatedecryptionkey:PR={d,n}

RSAUSE
??????toencryptamessageMthesender:
??????obtainspublickeyofrecipientPU={e,n}
??????computes:C=M
e
modn,where0≤M<n
??????todecrypttheciphertextCtheowner:
??????usestheirprivatekeyPR={d,n}
??????computes:M=C
d
modn
??????notethatthemessageMmustbesmaller
than themodulusn(blockifneeded)

WHYRSAWORKS
??????becauseofEuler'sTheorem:
??????a
ø(n)modn=1wheregcd(a,n)=1
??????inRSAhave:
??????n=p.q
??????ø(n)=(p-1)(q-1)
??????carefullychosee&dtobeinversesmodø(n)
??????hencee.d=1+k.ø(n)forsomek
??????hence:
C
d=M
e.d=M
1+k.ø(n)=M
1.(M
ø(n))
k
=M
1
.(1)
k
= M
1
= Mmodn

RSAEXAMPLE-KEYSETUP
1.Selectprimes:p=17&q=11
2.Computen= pq=17x11=187
3.Computeø(n)=(p–1)(q-1)=16x10=160
4.Selecte:gcd(e,160)=1;choosee=7
5.Determined:de=1mod160and d<160Value
isd=23since23x7=161=10x160+1
6.PublishpublickeyPU={7,187}
7.KeepsecretprivatekeyPR={23,187}

RSAEXAMPLE-EN/DECRYPTION
??????sampleRSAencryption/decryption
is:
??????givenmessageM=88(nb.
88<187)
??????encryption:
C=88
7
mod187=11
??????decryption:
M=11
23
mod187=88

EXPONENTIATION
??????canusetheSquareandMultiplyAlgorithm
??????afast,efficientalgorithmforexponentiation
??????conceptisbasedonrepeatedly squaring
base
??????andmultiplyingintheonesthatareneeded
to computetheresult
??????lookatbinaryrepresentationofexponent
??????onlytakesO(log
2n)multiplesfornumbern
??????eg.7
5 =7
4.7
1 =3.7=10
mod11
=3
128.3
1
??????eg.3
129 =5.3=4mod11

EXPONENTIATION
c=0;f=1
fori=kdownto0
doc=2xc
f=(fxf)modn
ifb
i==1then
c=c+1
f=(fxa)modn
returnf

EFFICIENTENCRYPTION
??????encryptionusesexponentiationtopowere
??????henceifesmall,thiswillbefaster
??????oftenchoosee=65537(2
16
-1)
??????alsoseechoicesofe=3ore=17
??????butifetoosmall(ege=3)canattack
??????usingChineseremaindertheorem&3
messages withdifferentmodulii
??????ifefixedmustensuregcd(e,ø(n))=1
??????ierejectanyporqnotrelativelyprimetoe

EFFICIENTDECRYPTION
??????decryptionusesexponentiationtopowerd
??????thisislikelylarge,insecureifnot
??????canusetheChineseRemainderTheorem
(CRT) tocomputemodp&qseparately.then
combinetogetdesiredanswer
??????approx4timesfasterthandoingdirectly
??????onlyownerofprivatekeywhoknowsvalues
of p&qcanusethistechnique

RSAKEYGENERATION
??????usersofRSAmust:
??????determinetwoprimesatrandom-p,q
??????selecteithereordandcomputetheother
??????primesp,qmustnotbeeasilyderived
from modulusn=p.q
??????meansmustbesufficientlylarge
??????typicallyguessanduseprobabilistictest
??????exponentse,dareinverses,souse
Inverse algorithmtocomputetheother

RSASECURITY
??????possibleapproachestoattackingRSAare:
??????bruteforcekeysearch(infeasiblegivensize
of numbers)
??????mathematicalattacks(basedondifficulty
of computingø(n),byfactoringmodulusn)
??????timingattacks(onrunningofdecryption)
??????chosenciphertextattacks(givenpropertiesof
RSA)

InformationSecurity
Diffie–HellmanKeyExchange&
EllipticCurveCryptography

Diffie-HellmanKeyExchange
•firstpublic-keytypeschemeproposed
•byDiffie&Hellmanin1976alongwiththe
expositionofpublickeyconcepts
•note:nowknowthatWilliamson(UKCESG)
secretlyproposedtheconceptin1970
•isapracticalmethodforpublicexchangeofa
secretkey
•usedinanumberofcommercialproducts
[Continue…]

Diffie-HellmanKeyExchange
•apublic-keydistributionscheme
•cannotbeusedtoexchangeanarbitrarymessage
•ratheritcanestablishacommonkey
•knownonlytothetwoparticipants
•valueofkeydependsontheparticipants(and
theirprivateandpublickeyinformation)
•basedonexponentiation inafinite(Galois)field
(moduloaprimeorapolynomial)-easy
•securityreliesonthedifficultyofcomputing
discretelogarithms(similartofactoring)–hard
[Continue…]

Diffie-HellmanSetup
•allusersagreeonglobalparameters:
•largeprimeintegerorpolynomialq
•abeingaprimitiverootmodq
•eachuser(eg.A)generatestheirkey
•choosesasecretkey(number):x
A<q
A
•computetheirpublickey:y=a
x
A
modq
•eachusermakespublicthatkeyy
A
[Continue…]

Diffie-HellmanKeyExchange
•sharedsessionkeyforusersA&BisK
AB:
K
AB
=a
x
A.
x
B
mod q
xB
B
= y
x
A
= y
Amodq
modq
(whichBcancompute)
(whichAcancompute)
•K
ABisusedassessionkeyinprivate-key
encryptionschemebetweenAliceandBob
•ifAliceandBobsubsequentlycommunicate,
theywillhavethesamekeyasbefore,unless
theychoosenewpublic-keys
•attackerneedsanx,mustsolvediscretelog
[Continue…]

Diffie-HellmanExample
•usersAlice&Bobwhowishtoswapkeys:
•agreeonprimeq=353anda=3
•selectrandomsecretkeys:
•Achoosesx
A=97,Bchoosesx
B=233
•computerespectivepublickeys:
A
•y=3
97
B
•y=3
233
mod353=40
mod353=248
(Alice)
(Bob)
•computesharedsessionkeyas:
AB B
•K=y
x
A
97
AB A
•K=y
x
B
mod353=248
mod353=40
233
=160
=160
(Alice)
(Bob)
[Continue…]

KeyExchangeProtocols
•userscouldcreaterandomprivate/publicD-H
keyseachtimetheycommunicate
•userscouldcreateaknownprivate/publicD-H
keyandpublishinadirectory,thenconsulted
andusedtosecurelycommunicatewiththem
•bothofthesearevulnerabletoameet-in-the-
MiddleAttack
•authenticationofthekeysisneeded

DES vs AES Encryption

Introduction to Encryption
• Encryption is used to secure information by
converting plaintext into ciphertext.
• Symmetric encryption uses the same key
for both encryption and decryption.
• DES and AES are two widely known
symmetric encryption algorithms.

DES (Data Encryption Standard)
• Developed by IBM in the 1970s, adopted
by NIST.
• Uses a 56-bit key and encrypts data in 64-
bit blocks.
• 16 rounds of Feistel structure encryption.
• Vulnerable to brute-force attacks due to
small key size.
• Considered obsolete and replaced by AES.

AES (Advanced Encryption Standard)
• Developed by Vincent Rijmen and Joan
Daemen, adopted in 2001.
• Supports 128, 192, or 256-bit key sizes.
• Encrypts data in 128-bit blocks.
• Uses 10, 12, or 14 rounds of substitution-
permutation encryption.
• Highly secure and widely used in modern
encryption.

DES vs AES: Key Differences
• Key Size: DES (56-bit) vs AES (128, 192,
256-bit).
• Block Size: DES (64-bit) vs AES (128-bit).
• Rounds: DES (16 rounds) vs AES (10, 12,
or 14 rounds).
• Security: DES is weak against brute-force
attacks; AES is highly secure.
• Usage: DES is obsolete, AES is widely used
in modern encryption applications.

Conclusion
• DES was a pioneer in symmetric
encryption but is now outdated.
• AES is the modern standard due to its
enhanced security and flexibility.
• AES is used in secure communication, data
protection, and cybersecurity.
• Understanding these algorithms helps in
choosing the right encryption method.

Thank You!
Questions?
Tags
Categories
General
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 11
  • Slides 39
  • Age 276 days
Related Slideshows
Pray For The Peace Of Jerusalem and You Will Prosper 22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
30 views
Don_t_Waste_Your_Life_God.....powerpoint 26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
32 views
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf 31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
30 views
Fertility awareness methods for women in the society 14
Fertility awareness methods for women in the society
Isaiah47
29 views
Chapter 5 Arithmetic Functions Computer Organisation and Architecture 35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
26 views
syakira bhasa inggris (1) (1).pptx....... 5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
28 views
View More in This Category