Encryption Schemes

8/10/2019 Encryption Schemes

1/22

ENENCRYPTION SCHEMESCRYPTION SCHEMES


2/22

Encryption is esentially the transformation of meaningful datainto non-meaningful data for the purposes of transportationso that anyone without a secret decryption key can not readthe original meaningful data unless they are the intended

recipient of the data. Privacy is ensured by keeping the information hidden from

anyone for whom it is not intended, even those who can seethe encrypted (meaningless) data. As a simple example it ispossible to encrypt files on a hard disk to prevent intruders

from reading them. However, when the environment, where data is exchanged,

has many people transferring data within it, the risks ofintruders, be they passive (attempting to read the data) oractive (attempting to corrupt the data), increases to the

point of justifying that all data packets leaving a particularnode need to be encrypted.


3/22

Encryption allows secure communication over an insecure datacomunications channel. It works as follows:

1. The sender intends to send a message to the recipient. Thedata is not to be seen by any other person that may also beusing the same environment.

2. The sender completes writing the message which when readis meaningful. This is the plaintext.

3. He/She then encrypts the message with an encryption key.There are different types of encryption discussed below.


4/22

4. The encrypted message is sent off down the insecure

communications channel to the intended recipient. Themessage in this meaningless form is called the ciphertext.

5. On arrival of the encrypted message, the receiver decrypts

the ciphertext with the decryption key and reads the message.

6. While the ciphertext is in transit, an intruder, in order to readthe message, may try the following: - obtain the secret key (egby theft) or - recover the plaintext without using the secret key.

A secure Cryptosystem is one where the plaintext cannot berecovered from the cipherte


5/22

Secret-key cryptography is a very straightforward agreementbetween sender and receiver a message. Each party knowsand uses the same secret key.

It works very simply: 1. The sender uses the secret key toencrypt the message.

2. The receiver uses the same secret key to decrypt themessage.

This form of cryptography has one hugely insecure factor.How to keep the 'secret' key as a secret! The sender andreceiver must agree on the secret key (usually text of someform, similiar to a login password) without any other party

finding out.


6/22

If they are in separate physical locations, communication isrequired to agree on the key. They must trust a courier, the

phone system, or some other transmission system to ensurethat the secret key being communicated is not disclosed toanyone else but the two parties.Anyone who overhears orintercepts the key while in transit is capable of decrypting andthus reading all messages encrypted using that key.


7/22

This is the generation, transmission andstorage of keys. All cryptosystems have

to deal with key management issues.Secret-key cryptography often hasdifficulty providing secure keymanagement due to the insecurity of

agreeing on a secret key in the firstplace.


8/22

Diffie and Hellman solved the key

management problem in 1976 by inventing

Public-key cryptography. This cryptosystem

is based on the idea that each person gets

a pair of keys, called a public key and a

private key. Every user gets their public key

published but the private key is kept secret.So the sender and receiver need not have

to agree on, and communicate secret

information (ie a key).


9/22


10/22

All communication involves public keys only. No private key isever transmitted or shared. So trusting some communicationschannel to be secure against eavesdropping or betrayal is nolonger an issue. The most important requirement is that no partycan figure out the private key from the corresponding publickey.Any sender can send a confidential message just using theintended recipient's public key, but it can only be decrypted

with the private key solely in the possession of the receiver.Furthermore, public-key cryptography aswell as being used forprivacy (encryption), can also be used for authentication(digital signatures - discussed below).


11/22

How Public-key cryptography functions: 1. The sender wishes to senda message to the receiver

2. He/She looks up the receiver's public key in a directory

3. The public key is used to encrypt the message and it is sent off

4. The receiver uses his/her private key to decrypt the message andread it.

5. No other party listening in can decrypt the message.

6. Anyone can send an encrypted message to the receiver but onlythe receiver can read it.


12/22

RSA was invented in 1977 by Ron Rivest,Adi Shamir, and Leonard Adleman. It is a

public-key cryptosystem used for thepurposes of both encryption andauthentication.


13/22

1. Take two large primes, p and q.

2. Find their product n = pq; n is called the "modulus".

3. Choose a number, e, less than n.

4. e must also be relatively prime to (p-1)(q-1).

5. Find its inverse, d, mod (p-1)(q-1).


14/22

6. This means that ed = 1 mod (p-1)(q-1).

7. e and d are called the public and private exponents,

respectively.

8. The public key is the pair (n,e) and the private key is d.

9. The factors p and q must be kept secret, or destroyed.

It is presumed to be too difficult to obtain the private keyd from the public key (n,e). This is the fundamental ironyof RSA. We could call this both a flaw and an adequately

good enough security measure. If an intruder couldfactor n into p and q, then he could obtain the privatekey d


15/22

1. The sender wants to send a private message, m, to the receiver.

2. The sender creates the ciphertext c by exponentiating: c = m^e modn, where e and n are the receiver's public key.

3. To decrypt, the receiver performs the exponentiation: m = c^d mod n,and recovers the original message m.

4. The relationship between e and d ensures that the receiver correctlyrecovers m.

5. Since only the receiver knows d, only he/she can decrypt themessage.


16/22

While encryption dates back to the times of Caesar,digital signatures are more recent. This is due to theproliferation of digital communications and in this contextthe exponential growth of the Web.

Authentication is the use of digital signatures and holds thesame function and meaning for digital documents ashandwritten signatures do for printed documents. In paperand ink terms, a signature is an unforgeable piece ofinformation unique to a particular person who has writtenor has agreed with the contents of the document wheretheir signature is attached.

The recipient (as well as a third party) can verify that thedocument did originate from the person whose signatureis attached and also that the document has not beentampered with since it was signed and dispatched.


17/22

The same concepts hold for electronic messages. Authentication in thecontext of Web Security is where the receiver of a digital data messagecan be confident of the identity of the sender and of the validity of themessage.

Popular examples of authentication protocols in use today are: secret-key cryptosystem: DES, public-key system: RSA (detailed below)Authentication in public-key systems uses digital signatures.All secure cryptosystems consist of two parts: The method of signing the

document at the senders end, making forgery an impossibility, and themethod of verifying that the signature was actually generated by thereal sender, at the receivers end.


18/22

The advantages and disadvantages: The obviousadvantage of public-key cryptography is increasedsecurity in that the private keys need not ever becommunicated, transmitted or revealed to anyone.

This, in contrast, is the insecurity of a secret-key system.There is always the possiblility that another rogue partycould discover the secret key while it is being transmittedfor agreement purposes.

From the authentication point of view public-key systemsare a major advantage in that they can provide amethod for digital signatures.

".


19/22

Authentication via a secret-key system would require the sharing of somesecret key and sometimes requires trust of a third party as well. A sendercould then deny any association with a previously signed message by

claiming that the shared secret was somehow compromised by one ofthe parties sharing the secret.

However this conflict would never arrive using public-key authenticationbecause each user is responsible for protecting his/her private key. Thisproperty of public-key authentication is called "non-repudiation".

From the judicial point of view, digitally signed messages can be provedauthentic to a third party, such as a judge, thus allowing such messagesto be legally binding.


20/22

The major disadvantage of using public-key cryptography for

encryption is speed of encrypting a message before dispatchingit. Most popular Secret-key encryption methods are significantlyfaster than any public- key encryption methods currentlyavailable. So obviously the trade-off involves secure keymanagement against speed.

A compromise is achieved where public-key cryptography canshare the burden with secret-key cryptography to get the best ofboth worlds.


21/22

In order to utilise both the security advantages ofpublic-key systems, and the speed advantages ofsecret-key systems, the solution is to combine public-and secret-key systems.

Initially the public-key system can be used to encrypta secret key. The secret is probably small in size, sospeed of encryption is not important. Once such akey has been securely communicated betweenpatries, it is then used to encrypt a complete file ormessage. This may be large in size, but the senderand receiver have the assurance that it is beingencrypted as quickly as possibly and that the secret-key has been shared using a sound secure method.This is indeed the case in RSA


22/22

Public-key cryptography is not meant toreplace secret-key cryptography, but

rather to supplement it, to make it moresecure. The first use of public- keytechniques is for secure key exchange inan (otherwise) speedy secret-key system.

Hence secret-key cryptography is stillextremely important

Encryption Schemes

Documents

Transcript of Encryption Schemes