Professional Documents
Culture Documents
It is not the strongest of the species that survive, nor the most intelligent, but the one most responsive to change Charles Darwin
If youre not changing faster than your environment, you are falling behind
Jack Welsh, CEO of GE
Electronic Business MS114 Ms. Surabhi Deshpande
Basic Terminologies
Cryptography deals with creating documents that can be shared secretly over public communication channels Cryptographic documents are decrypted with the key associated with encryption, with the knowledge of the encryptor The word cryptography comes from the Greek words: Krypto (secret) and graphein (write) Cryptanalysis deals with finding the encryption key without the knowledge of the encryptor Cryptology deals with cryptography and cryptanalysis Cryptosystems are computer systems used to encrypt data for secure transmission and storage
UNIT-II
Encryption
In cryptography, encryption is the process of transforming information (referred to as plaintext) using an algorithm (called cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information (in cryptography, referred to as ciphertext). Julius Cesar used alphabetical code to communicate with his commanders.
UNIT-II
UNIT-II
UNIT-II
UNIT-II
Trusted connection
UNIT-II
Untrusted connection
UNIT-II
Basic Terminologies Keys are rules used in algorithms to convert a document into a secret document Keys are of two types:
Symmetric Asymmetric
A key is symmetric if the same key is used both for encryption and decryption A key is asymmetric if different keys are used for encryption and decryption
Electronic Business MS114 UNIT-II
Alice and Bob agree on an encryption method and a shared key. Alice uses the key and the encryption method to encrypt (or encipher) a message and sends it to Bob. Bob uses the same key and the related decryption method to decrypt (or decipher) the message.
UNIT-II
UNIT-II
Advantages
There are some very fast classical encryption (and decryption) algorithms Since the speed of a method varies with the length of the key, faster algorithms allow one to use longer key values. Larger key values make it harder to guess the key value -- and break the code -- by brute force.
UNIT-II
value
Requires a separate key for each group of people that wishes to exchange encrypted messages (readable by any group member)
For example, to have a separate key for each pair of people, 100 people would need 4950 different keys. [n*(n-1)/2]
UNIT-II
Public-Key or Asymmetric Cryptography Alice generates a key value (usually a number or pair of related numbers) which she makes public. Alice uses her public key (and some additional information) to determine a second key (her private key). Alice keeps her private key (and the additional information she used to construct it) secret.
UNIT-II
Bob (or Carol, or anyone else) can use Alices public key to encrypt a message for Alice. Alice can use her private key to decrypt this message. No-one without access to Alices private key (or the information used to construct it) can easily decrypt the message.
UNIT-II
UNIT-II
An Example: Internet Commerce Bob wants to use his credit card to buy some brownies from Alice over the Internet. Alice sends her public key to Bob. Bob uses this key to encrypt his credit-card number and sends the encrypted number to Alice. Alice uses her private key to decrypt this message (and get Bobs credit-card number).
UNIT-II
Two uses of Asymmetric approach To provide message confidentiality: To prove the authenticity of the message originator.
UNIT-II
UNIT-II
Internet Commerce
Bob wants to order brownies from Alice and keep the entire transaction private. Bob sends Alice his public key. Alice generates a session key, encrypts it using Bobs public key, and sends it to Bob. Bob uses the session key (and an agreedupon symmetric encryption algorithm) to encrypt his order, and sends it to Alice.
UNIT-II
7,000 years 1018 years 70 years 7 years 1016 years 1015 years
UNIT-II
UNIT-II
UNIT-II
UNIT-II
UNIT-II
Cryptanalysis
Cryptanalysis (from the Greek krypts, "hidden", and analein, "to loosen" or "to untie") is the study of methods for obtaining the meaning of encrypted information, without access to the secret information that is normally required to do so. Typically, this involves knowing how the system works and finding a secret key. In non-technical language, this is the practice of codebreaking or cracking the code, although these phrases also have a specialized technical meaning.
UNIT-II
Essentially, the practical importance of an attack is dependent on the answers to the following four questions:
What knowledge and capabilities does the attacker need? How much additional secret information is deduced? How much computation is required? (What is the computational complexity?) Does the attack break the full cryptosystem, or only a weakened version?
UNIT-II
Algorithmic attacks are in some ways much more difficult to perform because they generally require an extremely high degree of knowledge in mathematics. Rather than going after the entire key space, the code breaker will try and find flaws in the algorithm that causes it to be reduced to a problem of decreased complexity.
UNIT-II
An attack where the cryptanalyst may choose the ciphertext to be decrypted. The attacker can obtain the plaintexts corresponding to an arbitrary set of ciphertexts of his own choosing.
A form of cryptanalysis where the cryptanalyst may choose the plaintext to be encrypted. The attacker can obtain the ciphertexts corresponding to an arbitrary set of plaintexts of his own choosing
UNIT-II
In this technique the attacker knows the plaintext for part (s) of the ciphertext. They uses this information to decrypt the rest of the ciphertext.
Dictionary attack
A brute force attack that tries passwords and or keys from a precompiled list of values. This is often done as a precomputation attack.
UNIT-II
Alice then uses her private key to encrypt the digest. She can then send, or even broadcast, the document with the encrypted digest.
UNIT-II
UNIT-II
UNIT-II
Digital Signature
Alice Plain text
B public Key
Hash fn
digest Internet
B private Key
A private Key
Digital signature
ciphertext
Hash fn
plaintext
ciphertext
A public Key
digest Bob
digest
UNIT-II
Digital Certificate An electronic document issued by a certifying authority to establish a merchants identity. Certificate authority:
A trusted entity that issues and revokes public key certificates and manages key pairs Authorities like verisgn, cybertrust, US Postal Services.
UNIT-II
Holders Name Name of certifying authority Public key for cryptographic use The duration of the certificate The class of certificate Certificate ID number.
UNIT-II
Class2:
Checks for information like real name, SSN and DOB. They require proof of physical address, locale and email id. Can be compared with a credit card.
UNIT-II
Class4:
UNIT-II