crypto seminar
TRANSCRIPT
-
8/3/2019 Crypto Seminar
1/16
RESOLVING SECURITY ISSUES USING CRYPTOGRAPHY
Ankushdeep Singh 0571322808
ABSTRACT
Does increased security provide comfort to paranoid people? Or does security provide some very
basic protections that we are naive to believe that we don't need? During this time when theInternet provides essential communication between tens of millions of people and is being
increasingly used as a tool for commerce, security becomes a tremendously important issue to
deal with.
There are many aspects to security and many applications, ranging from secure commerce andpayments to private communications and protecting passwords. One essential aspect for secure
communications is that of cryptography, which is the focus of this report.
Cryptography is where security engineering meets mathematics. It provides us with the tools that
underlie most modern security protocols. It is the key enabling technology for protecting
distributed systems.
Cryptography is the science of using mathematics to encrypt and decrypt data. Cryptographyenables you to store sensitive information or transmit it across insecure networks (like the
Internet) so that it cannot be read by anyone except the intended recipient. The discussion will
start with the history of cryptography. All 3 categories of cryptography viz. public keycryptography, secret key cryptography and hash function cryptography will be explored in detail.
Emphaisi will be given on RSA, one of the public key cryptography algorithm..
-
8/3/2019 Crypto Seminar
2/16
RESOLVING SECURITY ISSUES USING CRYPTOGRAPHY
Ankushdeep Singh 0571322808
HISTORICAL BACKGROUND
Suetonius tells us that Julius Caesar enciphered his dispatches by writing D for A, E for B and soon . When Augustus Caesar ascended the throne, he changed the imperial cipher system so that C
was now written for A, D for B, and so on. In modern terminology, we would say that he
changed the key from D to C. The Arabs generalized this idea to the monoalphabeticsubstitution, in which a keyword is used to permute the cipher alphabet. We will write the
plaintext in lowercase letters, and the ciphertext in uppercase, as shown in Figure 1.
Artificial intelligence researchers have shown some interest in writing programs to solvemonoalphabetic substitutions; using letter and digraph (letter- pair) frequencies alone. They
typically succeed with about 600 letters of ciphertext, while-smarter strategies, such as guessing
probable words, can cut this to about 150 letters. A human cryptanalyst will usually require
much less.
Figure 1 Monoalphabetic substitution cipher.
PURPOSE OF CRYPTOGRAPHY
Cryptography is the science of writing in secret code and is an ancient art; the first documented
use of cryptography in writing dates back to circa 1900 B.C. when an Egyptian scribe used non-
standard hieroglyphs in an inscription. Some experts argue that cryptography appeared
spontaneously sometime after writing was invented, with applications ranging from diplomaticmissives to war-time battle plans. It is no surprise, then, that new forms of cryptography came
soon after the widespread development of computer communications. In data and
telecommunications, cryptography is necessary when communicating over any untrustedmedium, which includes just about any network, particularly the Internet.
-
8/3/2019 Crypto Seminar
3/16
RESOLVING SECURITY ISSUES USING CRYPTOGRAPHY
Ankushdeep Singh 0571322808
While cryptography is the science of securing data, cryptanalysis is the science of analyzing and
breaking secure communication. Classical cryptanalysis involves an interesting combination
of analytical reasoning, application of mathematical tools, pattern finding, patience,
determination, and luck. Cryptanalysts are also called attackers.
Cryptology embraces both cryptography and cryptanalysis.
Within the context of any application-to-application communication, there are some specific
security requirements, including:
Authentication: The process of proving one's identity. (The primary forms of host-to-
host authentication on the Internet today are name-based or address-based, both of whichare notoriously weak.)
Privacy/confidentiality: Ensuring that no one can read the message except the intendedreceiver.
Integrity: Assuring the receiver that the received message has not been altered in any
way from the original.
Non-repudiation: A mechanism to prove that the sender really sent this message.
Cryptography, then, not only protects data from theft or alteration, but can also be used for user
authentication. The initial unencrypted data is referred to as plaintext. It is encrypted into
ciphertext, which will in turn (usually) be decrypted into usable plaintext.
How does cryptography work?
A cryptographic algorithm, or cipher, is a mathematical function used in the encryption and
decryption process. A cryptographic algorithm works in combination with a keya word,
number, or phraseto encrypt the plaintext. The same plaintext encrypts to different ciphertextwith different keys. The security of encrypted data is entirely dependent on two things: the
strength of the cryptographic algorithm and the secrecy of the key. A cryptographic algorithm,
plus all possible keys and all the protocols that make it work, comprise a cryptosystem. PGP is a
cryptosystem.
-
8/3/2019 Crypto Seminar
4/16
RESOLVING SECURITY ISSUES USING CRYPTOGRAPHY
Ankushdeep Singh 0571322808
TYPES OF CRYPTOGRAPHIC ALGORITHMS
There are several ways of classifying cryptographic algorithms. For purposes of this report, they
will be categorized based on the number of keys that are employed for encryption and
decryption, and further defined by their application and use.
The three types of algorithms that will be discussed are (Figure 1):
Secret Key Cryptography (SKC): Uses a single key for both encryption and decryption
Public Key Cryptography (PKC): Uses one key for encryption and another for
decryption
Hash Functions: Uses a mathematical transformation to irreversibly "encrypt"
information
-
8/3/2019 Crypto Seminar
5/16
RESOLVING SECURITY ISSUES USING CRYPTOGRAPHY
Ankushdeep Singh 0571322808
SECRET KEY CRYPTOGRAPHY
With secret key cryptography, a single key is used for both encryption and decryption. As
shown in Figure 1A, the sender uses the key (or some set of rules) to encrypt the plaintext andsends the ciphertext to the receiver. The receiver applies the same key (or ruleset) to decrypt themessage and recover the plaintext. Because a single key is used for both functions, secret key
cryptography is also called symmetric encryption.
With this form of cryptography, it is obvious that the key must be known to both the sender and
the receiver; that, in fact, is the secret. The biggest difficulty with this approach, of course, is thedistribution of the key.
Secret key cryptography schemes are generally categorized as being either stream ciphers or
block ciphers. Stream ciphers operate on a single bit (byte or computer word) at a time and
implement some form of feedback mechanism so that the key is constantly changing. A block
cipher is so-called because the scheme encrypts one block of data at a time using the same keyon each block. In general, the same plaintext block will always encrypt to the same ciphertext
when using the same key in a block cipher whereas the same plaintext will encrypt to different
ciphertext in a stream cipher.
Stream ciphers come in several flavors but two are worth mentioning here. Self-synchronizingstream ciphers calculate each bit in the keystream as a function of the previous n bits in thekeystream. It is termed "self-synchronizing" because the decryption process can stay
synchronized with the encryption process merely by knowing how far into the n-bitkeystream it is. One problem is error propagation; a garbled bit in transmission will result in n
garbled bits at the receiving side. Synchronous stream ciphers generate the keystream in a
fashion independent of the message stream but by using the same keystream generation
function at sender and receiver. While stream ciphers do not propagate transmission errors,
they are, by their nature, periodic so that the keystream will eventually repeat.
Block ciphers can operate in one of several modes; the following four are the most important:
Electronic Codebook (ECB) mode is the simplest, most obvious application: the secret
key is used to encrypt the plaintext block to form a ciphertext block. Two identical
plaintext blocks, then, will always generate the same ciphertext block. Although this is
-
8/3/2019 Crypto Seminar
6/16
RESOLVING SECURITY ISSUES USING CRYPTOGRAPHY
Ankushdeep Singh 0571322808
the most common mode of block ciphers, it is susceptible to a variety of brute-force
attacks.
Cipher Block Chaining (CBC) mode adds a feedback mechanism to the encryptionscheme. In CBC, the plaintext is exclusively-ORed (XORed) with the previous ciphertext
block prior to encryption. In this mode, two identical blocks of plaintext never encrypt to
the same ciphertext.
Cipher Feedback (CFB) mode is a block cipher implementation as a self-synchronizing
stream cipher. CFB mode allows data to be encrypted in units smaller than the block size,
which might be useful in some applications such as encrypting interactive terminal input.If we were using 1-byte CFB mode, for example, each incoming character is placed into a
shift register the same size as the block, encrypted, and the block transmitted. At the
receiving side, the ciphertext is decrypted and the extra bits in the block (i.e., everything
above and beyond the one byte) are discarded.
Output Feedback (OFB) mode is a block cipher implementation conceptually similar to a
synchronous stream cipher. OFB prevents the same plaintext block from generating thesame ciphertext block by using an internal feedback mechanism that is independent of
both the plaintext and ciphertext bitstreams.
-
8/3/2019 Crypto Seminar
7/16
RESOLVING SECURITY ISSUES USING CRYPTOGRAPHY
Ankushdeep Singh 0571322808
PUBLIC-KEY CRYPTOGRAPHY
Public-key cryptography refers to a cryptographic system requiring two separate keys, one
to lock or encrypt the plaintext, and one to unlock or decrypt the cyphertext. Neither key
will do both functions. One of these keys is published or public and the other is kept
private. If the lock/encryption key is the one published then the system enables private
communication from the public to the unlocking key's owner. If the unlock/decryption key is the
one published then the system serves as a signature verifier of documents locked by the owner of
the private key.
This cryptographic approach uses asymmetric key algorithms, hence the more general
name of "asymmetric key cryptography". Some of these algorithms have the public key /private key property, that is, neither key is derivable from knowledge of the other; not all
asymmetric key algorithms do. Those with this property are particularly useful and have been
widely deployed and are the source of the commonly used name.
HOW DOES IT WORK?
The public key is used to transform a message into an unreadable form, decryptable only byusing the (different but matching) private key. Participants in such a system must create a
mathematically linked key pair (i.e., a public and a private key). By publishing the public key,
the key producer empowers anyone who gets a copy of the public key to produce messages only
he can read -- because only the key producer has a copy of the private key (required fordecryption). When someone wants to send a secure message to the creator of those keys, the
sender encrypts it (i.e., transforms it into an unreadable form) using the intended recipient's
public key; to decrypt the message, the recipient uses the private key. No one else, including the
sender, can do so.
Thus, unlike symmetric key algorithms, a public key algorithm does not require a secure
initial exchange of one, or more, secret keys between the sender and receiver. These
algorithms work in such a way that, while it is easy for the intended recipient to generate the
public and private keys and to decrypt the message using the private key, and while it is easy for
the sender to encrypt the message using the public key, it is extremely difficult for anyone to
figure out the private key based on their knowledge of the public key. They are based onmathematical relationships (most notably the integer factorization and discrete logarithm
problems) which have no efficient solution.
The use of these algorithms also allows authenticity of a message to be checked by creating a
digital signature of a message using the private key, which can be verified using the public key.
http://en.wikipedia.org/wiki/Plaintexthttp://en.wikipedia.org/wiki/Cyphertexthttp://en.wikipedia.org/wiki/Cryptographyhttp://en.wikipedia.org/wiki/Algorithmhttp://en.wikipedia.org/wiki/Symmetric_key_algorithmshttp://en.wikipedia.org/wiki/Symmetric_key_algorithmshttp://en.wikipedia.org/wiki/Secure_channelhttp://en.wikipedia.org/wiki/Key_exchangehttp://en.wikipedia.org/wiki/Secret_keyhttp://en.wikipedia.org/wiki/Integer_factorizationhttp://en.wikipedia.org/wiki/Discrete_logarithmhttp://en.wikipedia.org/wiki/Digital_signaturehttp://en.wikipedia.org/wiki/Digital_signaturehttp://en.wikipedia.org/wiki/Discrete_logarithmhttp://en.wikipedia.org/wiki/Integer_factorizationhttp://en.wikipedia.org/wiki/Secret_keyhttp://en.wikipedia.org/wiki/Key_exchangehttp://en.wikipedia.org/wiki/Secure_channelhttp://en.wikipedia.org/wiki/Symmetric_key_algorithmshttp://en.wikipedia.org/wiki/Algorithmhttp://en.wikipedia.org/wiki/Cryptographyhttp://en.wikipedia.org/wiki/Cyphertexthttp://en.wikipedia.org/wiki/Plaintext -
8/3/2019 Crypto Seminar
8/16
RESOLVING SECURITY ISSUES USING CRYPTOGRAPHY
Ankushdeep Singh 0571322808
Public key cryptography is a fundamental and widely used technology. It is an approach which
is used by many cryptographic algorithms and cryptosystems. It underpins such Internet
standards as Transport Layer Security (TLS) (successor to SSL), PGP, and GPG.
The distinguishing technique used in public key cryptography is the use of asymmetric key
algorithms, where the key used to encrypt a message is not the same as the key used todecrypt it. Each user has a pair of cryptographic keysa public encryption key and a private
decryption key. The publicly available encrypting-key is widely distributed, while the private
decrypting-key is known only to the recipient. Messages are encrypted with the recipient's publickey and can only be decrypted with the corresponding private key. The keys are related
mathematically, but parameters are chosen so that determining the private key from the public
key is prohibitively expensive. The discovery of algorithms that could produce public/privatekey pairs revolutionized the practice of cryptography beginning in the middle 1970s.
In contrast, symmetric-key algorithms, variations of which have been used for thousands of
years, use a single secret keywhich must be shared and kept private by both sender and
receiverfor both encryption and decryption. To use a symmetric encryption scheme, the senderand receiver must securely share a key in advance.
The two main branches of public key cryptography are:
Public key encryption: a message encrypted with a recipient's public key cannot be
decrypted by anyone except a possessor of the matching private keypresumably, this
will be the owner of that key and the person associated with the public key used. This isused for confidentiality.
Digital signatures: a message signed with a sender's private key can be verified byanyone who has access to the sender's public key, thereby proving that the sender had
access to the private key (and therefore is likely to be the person associated with the
public key used), and the part of the message that has not been tampered with. On the
question ofauthenticity, see also message digest.
An analogy to public-key encryption is that of a locked mailbox with a mail slot. The mail
slot is exposed and accessible to the public; its location (the street address) is in essence the
public key. Anyone knowing the street address can go to the door and drop a written message
through the slot; however, only the person who possesses the key can open the mailbox and readthe message.
http://en.wikipedia.org/wiki/Cryptosystemhttp://en.wikipedia.org/wiki/Transport_Layer_Securityhttp://en.wikipedia.org/wiki/Pretty_Good_Privacyhttp://en.wikipedia.org/wiki/GNU_Privacy_Guardhttp://en.wikipedia.org/wiki/Key_%28cryptography%29http://en.wikipedia.org/wiki/Encryptionhttp://en.wikipedia.org/wiki/Decryptionhttp://en.wikipedia.org/wiki/Cryptographic_keyhttp://en.wikipedia.org/wiki/History_of_cryptographyhttp://en.wikipedia.org/wiki/Symmetric-key_algorithmhttp://en.wikipedia.org/wiki/Confidentialityhttp://en.wikipedia.org/wiki/Digital_signaturehttp://en.wikipedia.org/wiki/Authenticationhttp://en.wikipedia.org/wiki/Message_digesthttp://en.wikipedia.org/wiki/Letter_boxhttp://en.wikipedia.org/wiki/Letter_boxhttp://en.wikipedia.org/wiki/Message_digesthttp://en.wikipedia.org/wiki/Authenticationhttp://en.wikipedia.org/wiki/Digital_signaturehttp://en.wikipedia.org/wiki/Confidentialityhttp://en.wikipedia.org/wiki/Symmetric-key_algorithmhttp://en.wikipedia.org/wiki/History_of_cryptographyhttp://en.wikipedia.org/wiki/Cryptographic_keyhttp://en.wikipedia.org/wiki/Decryptionhttp://en.wikipedia.org/wiki/Encryptionhttp://en.wikipedia.org/wiki/Key_%28cryptography%29http://en.wikipedia.org/wiki/GNU_Privacy_Guardhttp://en.wikipedia.org/wiki/Pretty_Good_Privacyhttp://en.wikipedia.org/wiki/Transport_Layer_Securityhttp://en.wikipedia.org/wiki/Cryptosystem -
8/3/2019 Crypto Seminar
9/16
RESOLVING SECURITY ISSUES USING CRYPTOGRAPHY
Ankushdeep Singh 0571322808
An analogy for digital signatures is the sealing of an envelope with a personal wax seal. The
message can be opened by anyone, but the presence of the seal authenticates the sender.
A central problem for use of public-key cryptography is confidence (ideally proof) that a
public key is correct, belongs to the person or entity claimed (i.e., is 'authentic'), and has
not been tampered with or replaced by a malicious third party. The usual approach to thisproblem is to use a public-key infrastructure (PKI), in which one or more third parties, known as
certificate authorities, certify ownership of key pairs. PGP, in addition to a certificate authority
structure, has used a scheme generally called the "web of trust", which decentralizes suchauthentication of public keys by a central mechanism, substituting individual endorsements of
the link between user and public key. No fully satisfactory solution to the public key
authentication problem is known.
.
http://en.wikipedia.org/wiki/Seal_%28device%29http://en.wikipedia.org/wiki/Public_key_infrastructurehttp://en.wikipedia.org/wiki/Certificate_authorityhttp://en.wikipedia.org/wiki/Pretty_Good_Privacyhttp://en.wikipedia.org/wiki/Web_of_trusthttp://en.wikipedia.org/wiki/Web_of_trusthttp://en.wikipedia.org/wiki/Pretty_Good_Privacyhttp://en.wikipedia.org/wiki/Certificate_authorityhttp://en.wikipedia.org/wiki/Public_key_infrastructurehttp://en.wikipedia.org/wiki/Seal_%28device%29 -
8/3/2019 Crypto Seminar
10/16
RESOLVING SECURITY ISSUES USING CRYPTOGRAPHY
Ankushdeep Singh 0571322808
HASH FUNCTION CRYPTOGRAPHY
Hash functions, also called message digests and one-way encryption, are algorithms that, in
some sense, use no key . Instead, a fixed-length hash value is computed based upon the
plaintext that makes it impossible for either the contents or length of the plaintext to be
recovered. Hash algorithms are typically used to provide a digital fingerprint of a file's contents,often used to ensure that the file has not been altered by an intruder or virus. Hash functions are
also commonly employed by many operating systems to encrypt passwords. Hash functions,then, provide a measure of the integrity of a file.
One way hash function
A one-way hash function takes variable-length inputin this case, a message of any length,
even thousands or millions of bitsand produces a fixed-length output; say, 160 bits. The hashfunction ensures that, if the information is changed in any wayeven by just one bit
an entirely different output value is produced. PGP uses a cryptographically strong hash function
on the plaintext the user is signing. This generates a fixed-length data item known as a messagedigest. Then PGP uses the digest and the private key to create the signature. PGP transmits the
signature and the plaintext together. Upon receipt of the message, the recipient uses PGP to
recompute the digest, thus verifying the signature. PGP can encrypt the plaintext or not; signing
plaintext is useful if some of the recipients are not interested in or capable of verifying thesignature. As long as a secure hash function is used, there is no way to take someones signature
from one document and attach it to another, or to alter a signed message in any way. The
slightest change to a signed document will cause the digital signature verification process to fail.
-
8/3/2019 Crypto Seminar
11/16
RESOLVING SECURITY ISSUES USING CRYPTOGRAPHY
Ankushdeep Singh 0571322808
CHARACTERISTICS OF HASH FUNCTION
A hash function is a function that takes some message of any length as input and transforms it
into a fixed-length output called a hash value, a message digest, a checksum, or a digital
fingerprint.
A hash function is a function f : D ->R, where the domain D = f0; which means that the
elements of the domain consist of binary string of variable length; and the range R = f0; 1gn for
some n _ 1, which means that the elements of the range are binary string of fixed-length. So, f isa function which takes as input a message M of any size and produces a fixed-length hash result
h of size n. A hash function f is referred to as compression function when its domain D is finite,
in other word, when the function f takes as input a fixed-length message and produces a shorter
fixed-length output.
A cryptographic hash function H is a hash function with additional security properties:
1. H should accept a block of data of any size as input.
2. H should produce a fixed-length output no matter what the length of the input data is.
3. H should behave like random function while being deterministic and efi ciently
reproducible. H should accept an input of any length, and outputs a random string of fixed
length. H should be deterministic and efficiently reproducible in that whenever the same
input is given, H should always produce the same output.
4. Given a message M, it is easy to compute its corresponding digest h; meaning that h can
be computed in polynomial time O(n) where n is the length of the input message, thismakes hardware and software implementations cheap and practical.
5. Given a message digest h, it is computationally difficult to find M such that H(M) = h.
This is called the one-way or pre-image resistance property. It simply means that one
should not be capable of recovering the original message from its hash value.
These properties are required in order to prevent or withstand certain types of attacks which may
render a cryptographic hash function useless and insecure. In addition to producing a \digital
_ngerprint" of a message M that is unique and to providing strong collision resistance, a
cryptographic hash function should also be highly sensitive to the smallest change in the input
message. Such that a change, as small as a single digit, in the input message should produce alarge change in the hash value of the message. Note that a message in this context can be a
binary text file, audio file, or executable program. The security of the hash function does notoriginate in keeping the hash function itself secret but comes from its ability to produce one-way
hash values alongside with the property of being collision-free.
-
8/3/2019 Crypto Seminar
12/16
RESOLVING SECURITY ISSUES USING CRYPTOGRAPHY
Ankushdeep Singh 0571322808
Certain extensions of hash functions are used for a variety of information security and digital
forensics applications, such as:
Hash libraries are sets of hash values corresponding to known files. A hash library ofknown good files, for example, might be a set of files known to be a part of an operating
system, while a hash library of known bad files might be of a set of known child
pornographic images.
Rolling hashes refer to a set of hash values that are computed based upon a fixed-length
"sliding window" through the input. As an example, a hash value might be computed onbytes 1-10 of a file, then on bytes 2-11, 3-12, 4-13, etc.
Fuzzy hashes are an area of intense research and represent hash values that represent two
inputs that are similar. Fuzzy hashes are used to detect documents, images, or other filesthat are close to each other with respect to content. See "Fuzzy Hashing" (PDF | PPT) by
Jesse Kornblum for a good treatment of this topic.
http://www.dfrws.org/2006/proceedings/12-Kornblum-pres.pdfhttp://jessekornblum.com/research/fuzzy-hashing-cdfsl-2007.ppthttp://jessekornblum.com/research/fuzzy-hashing-cdfsl-2007.ppthttp://www.dfrws.org/2006/proceedings/12-Kornblum-pres.pdf -
8/3/2019 Crypto Seminar
13/16
RESOLVING SECURITY ISSUES USING CRYPTOGRAPHY
Ankushdeep Singh 0571322808
WHY THREE ENCRYPTION TECHNIQUES?
So, why are there so many different types of cryptographic schemes? Why can't we do
everything we need with just one?
The answer is that each scheme is optimized for some specific application(s). Hash functions, forexample, are well-suited for ensuring data integrity because any change made to the contents of amessage will result in the receiver calculating a different hash value than the one placed in the
transmission by the sender. Since it is highly unlikely that two different messages will yield the
same hash value, data integrity is ensured to a high degree of confidence.
Secret key cryptography, on the other hand, is ideally suited to encrypting messages, thus
providing privacy and confidentiality. The sender can generate a session key on a per-message
basis to encrypt the message; the receiver, of course, needs the same session key to decrypt themessage.
Key exchange, of course, is a key application of public-key cryptography (no pun intended).Asymmetric schemes can also be used for non-repudiation and user authentication; if the
receiver can obtain the session key encrypted with the sender's private key, then only this sender
could have sent the message. Public-key cryptography could, theoretically, also be used toencrypt messages although this is rarely done because secret-key cryptography operates about
1000 times faster than public-key cryptography.
Figure 2 puts all of this together and shows how a hybrid cryptographic scheme combines all of
these functions to form a secure transmission comprising digital signature and digital envelope.
In this example, the sender of the message is Alice and the receiver is Bob.
-
8/3/2019 Crypto Seminar
14/16
RESOLVING SECURITY ISSUES USING CRYPTOGRAPHY
Ankushdeep Singh 0571322808
A digital envelope comprises an encrypted message and an encrypted session key. Alice uses
secret key cryptography to encrypt her message using the session key, which she generates at
random with each session. Alice then encrypts the session key using Bob's public key. Theencrypted message and encrypted session key together form the digital envelope. Upon receipt,
Bob recovers the session secret key using his private key and then decrypts the encrypted
message.
The digital signature is formed in two steps. First, Alice computes the hash value of her message;
next, she encrypts the hash value with her private key. Upon receipt of the digital signature, Bobrecovers the hash value calculated by Alice by decrypting the digital signature with Alice's
public key. Bob can then apply the hash function to Alice's original message, which he has
already decrypted (see previous paragraph). If the resultant hash value is not the same as thevalue supplied by Alice, then Bob knows that the message has been altered; if the hash values are
the same, Bob should believe that the message he received is identical to the one that Alice sent.
This scheme also provides nonrepudiation since it proves that Alice sent the message; if the hash
value recovered by Bob using Alice's public key proves that the message has not been altered,then only Alice could have created the digital signature. Bob also has proof that he is the
intended receiver; if he can correctly decrypt the message, then he must have correctly decryptedthe session key meaning that his is the correct private key.
-
8/3/2019 Crypto Seminar
15/16
RESOLVING SECURITY ISSUES USING CRYPTOGRAPHY
Ankushdeep Singh 0571322808
FUTURE SCOPE
From e-mail to cellular communications, from secure Web access to digital cash, cryptography
is an essential part of today's information systems. Cryptography helps provide
accountability, fairness, accuracy, and confidentiality. It can prevent fraud in electronic
commerce and assure the validity of financial transactions. It can protect your anonymity
or prove your identity. It can keep vandals from altering your Web page and prevent industrial
competitors from reading your confidential documents. And in the future, as commerce and
communications continue to move to computer networks, cryptography will become more andmore vital.
But the cryptography now on the market doesn't provide the level of security it advertises.
Most systems are not designed and implemented by cryptographers, but by engineers who
think cryptography is like any other computer technology. It's not. You can't make systems
secure by tacking on cryptography as an afterthought. You have to know what you are doingevery step of the way, from conception through installation.
Billions of dollars are spent on computer security, and most of it is wasted on insecure products.After all, weak cryptography looks the same on the shelf as strong cryptography. Two e-mail
encryption products may have almost the same user interface, yet one is secure while the other
permits eavesdropping. A comparison chart may suggest that two programs have similar
features, although one has gaping security holes that the other doesn't. An experiencedcryptographer can tell the difference. So can a thief.
Present-day computer security is a house of cards; it may stand for now, but it can't last. Manyinsecure products have not yet been broken because they are still in their infancy. But when these
products are widely used, they will become tempting targets for criminals. The press will
publicize the attacks, undermining public confidence in these systems. Ultimately, products willwin or lose in the marketplace depending on the strength of their security.
No one can guarantee 100% security. But we can work toward 100% risk acceptance. Fraudexists in current commerce systems: cash can be counterfeited, checks altered, credit card
numbers stolen. Yet these systems are still successful because the benefits and conveniences
outweigh the losses. Privacy systems -- wall safes, door locks, curtains -- are not perfect, butthey're often good enough. A good cryptographic system strikes a balance between what is
possible and what is acceptable.
Strong cryptography can withstand targeted attacks up to a point -- the point at which it becomes
easier to get the information some other way. A computer encryption program, no matter howgood, will not prevent an attacker from going through someone's garbage. But it can prevent
data-harvesting attacks absolutely; no attacker can go through enough trash to find every AZTuser in the country.
-
8/3/2019 Crypto Seminar
16/16
RESOLVING SECURITY ISSUES USING CRYPTOGRAPHY
Ankushdeep Singh 0571322808
REFERENCES
1) IEEE Survey, 2010
Implementation of RSA Security Protocol for Sensor Network Security: Design and
Network Lifetime Analysis
Authors: Avijit Sahanaa ,Iti Saha Misrab
2) Intl Conf. on Computer & Communication Technology 2010 IEEE
Energy Efficient Sensor Network Security Using Stream Cipher Mode of Operation
Authors: Shish Ahmad, CSE Dept, Integral UniversityMohd. Rizwan beg, CSE Dept,Integral University
Qamar Abbas
3) Environmental and Computer Science, 2009. ICECS '09. Second International Conference
Limitations of Quantum & the Versatility of Classical Cryptography: A Comparative
Study
Authors: Vignesh, R.S.; Sudharssun, S.; Kumar, K.J.J.;
Electron. & Commun., SSN Coll. of Eng., Chennai, India
4) Wireless Information Network and systems(WINSYS) , Proceedings of International
Conference
Chaotic Cryptography: An Ultimate Solution for Network security
Authors: Kartalopoulos, Stamatios;
University of Oklahoma, U.S.A.