1
EncryptionEncryptionandand
Key Distribution Key DistributionMethodsMethods
APPLIED DATA COMMUNICATION Tallinn University of Technology
Gülçin Yıldırım - Team #12
2
What is Encryption?What is Encryption?
Encryption is the process of encodingmessages or information in such a waythat only authorized parties can read it.
3
Why Encryption?Why Encryption?
ConfidentialityAuthentication
Message IntegrityAccess and Availability
4
EavesdroppingEavesdropping
Intercept messages
5
Inserting messagesInserting messages
Actively insert messages into connection
6
ImpersonationImpersonation
Can fake (spoof) source address in packet (orany field in packet)
7
HijackingHijacking
"Take over" ongoing connectionby removing sender or receiver by inserting
himself in place
8
Denial of ServiceDenial of Service
Prevent service from being used by others(e.g, by overloading resources)
9
Insecure CommunicationInsecure Communication
Sender IntendedReceiver
MITM
10
Secure ChannelSecure Channel
Sender IntendedReceiver
MITM
11
Encrypted MessageEncrypted Message
Sender IntendedReceiver
MITM
12
A Secret Message
371c79266d08ca124f3f8ea8ebb5d368
13
EncryptionEncryption
Generates a ciphertext from a plaintext using anencryption key and an encryption algorithm (cipher)
It is a two way process:an encrypted data is expected to be decrypted later.
14
A Secret Message
371c79266d08ca124f3f8ea8ebb5d368
Plaintext
Ciphertext
Cipher
Key
15
Encryption TypesEncryption Types
SymmetricKey
Encryption
PublicKey
Encryption
16
Symmetric Key EncryptionSymmetric Key Encryption
All communicating parties usethe same key Key is used both for encryptionand decryption
17
Symmetric Key Encryption Symmetric Key Encryption Faster compared to public key encryption
Key needs to be stored securely (only accessed when required)
Secure channel required to transfer the key
18
Public Key EncryptionPublic Key EncryptionRequires two keys:
Public Key: used for encryption
Private Key: used for decryption
All communicating parties exchange their public keys Sender encrypts the plaintext using receiver's public key
Receiver decrypts the ciphertext using their own private key
19
Public Key EncryptionPublic Key Encryption
Slower compared to Symmetric Key Encryption Public key & ciphertext can be sent over aninsecure channel More secure because there is no need to shareprivate keys with anyone
20
Public Key EncryptionPublic Key Encryption
Public Key(share with pink)
Private Key (keep it secret)
Public Key(share with blue)
Private Key(keep it secret)
21
Public Key EncryptionPublic Key Encryption
22
Logic Behind the KeysLogic Behind the Keys
Trying to find a prize behind a series of number of doors
23
Public & Symmetric Key Mix Public & Symmetric Key Mix
Performance ? Security ?
Public key encryption used to exchange keysSymmetric key encryption used to encrypt data
24
Encryption AlgorithmsEncryption Algorithms
Block Cipher and Stream Cipher
25
Encryption AlgorithmsEncryption Algorithms
An encryption algorithm is called "cipher" There are two types of ciphers:
Block cipherStream cipher
Two concepts are very important for both of them:Prime numbersEntropy for random number generation
26
Block CipherBlock CipherOperates on fixed-size blocks (N bits) and uses fixed-size keys (K bits)
1. Reads N-bits of data from the plaintext2. Uses the key and applies the encryption algorithm3. Produces ciphertext in size of N-bits4. Repeats steps 1-4 until all plaintext is processed
27
Block Cipher - AESBlock Cipher - AESOne of the most popular block ciphers is the AES algorithm.
Some other examples are: DES, Blowfish, RC5, ...
AES stands for Advanced Encryption StandardWorks on 128 bits (16 bytes) of blocksUses 128, 192 or 256 bits of keysOperates on a 4x4 matrix of bytes
There are four stages in the algorithm:
1. KeyExpansions: Keys are derived from the provided key
2. InitialRound: AddRoundKey
3. Rounds: SubBytes, ShiftRows, MixColumns, AddRoundKey
4. FinalRound: SubBytes, ShiftRows, AddRoundKey
28
Block Cipher - AESBlock Cipher - AES
29
Stream CipherStream CipherOperates on variable-size blocks (N bits) and uses random-size keys
1. Generates a random number N2. Reads N-bits of data from the plaintext3. Uses the key and applies the encryption algorithm4. Produces ciphertext in size of N-bits5. Repeats steps 1-5 until all plaintext is processed
A popular stream cipher algorithm is RC4.
However, it is replaced by RC5, a block cipher algorithm.
30
Key Distribution MethodsKey Distribution Methods
The main concern of a key distribution method is how to securelysupply keys between all communicating parties
There are some important security questions we must consider:
Symmetric Key Encryption
Is the shared key stored securely? Is it compromised?Is the communication channel secure?
Public Key EncryptionAm I encrypting for the intended receiver?
A key distribution method helps us with those concerns.
31
Key Distribution MethodsKey Distribution Methods
There are various different key distribution methods for differentencryption types:
In symmetric key encryption, trusted key distributioncenter (KDC) is acting as intermediary between parties In public key encryption, public key servers are used for bothuploading and downloading public keys One another method is using a public key infrastructure (PKI)to share SSL certificates. A Certificate Authority (CA) providespublic keys and also validates SSL certificates
32
Use-Case: GPGUse-Case: GPG
GPG (GNU Privacy Guard) is a very popular applicationthat uses public key encryption Most commonly used for encryption / decryption offiles & email messages Available for many platforms: Linux, Mac OS X,Microsoft Windows, BSD, etc... There are very large key servers to distribute publickeys (e.g., MIT PGP Public Key Server)
33
Demo - SenderDemo - Sender
34
Demo - ReceiverDemo - Receiver
35
ReferencesReferenceshttps://dribbble.com/shots/2295470-Encryption-Key-Zoom
https://dribbble.com/shots/2321171-Secure-Area
https://pixabay.com/p-369540/?no_redirect
https://www.istockphoto.com/illustrations/one+burglar
https://dribbble.com/shots/1708900-Encryption-Keys-Animation
https://dribbble.com/shots/1883333-Lock-and-Key
https://dribbble.com/shots/2028614-Cripto
https://dribbble.com/shots/1512967-The-Key
https://dribbble.com/shots/1386297-Gold-Key-GIF
https://www.cs.rit.edu/~ark/lectures/https02/https.shtml
https://en.wikipedia.org/wiki/Advanced_Encryption_Standard
http://people.ee.duke.edu/~romit/courses/f07/material/7-security.pdf
https://www.youtube.com/watch?v=ERp8420ucGs
36
Thank you!Thank you!
Top Related