CIS 193A – Lesson6
-
Upload
melangell-aerona -
Category
Documents
-
view
41 -
download
0
description
Transcript of CIS 193A – Lesson6
CIS 193A – Lesson6CIS 193A – Lesson6
CRYPTOGRAPHY
RAPELCGRQ
CIS 193A – Lesson6
Focus Question
Which cryptographic methods help computer users maintain confidentiality, integrity, and authenticity as they share person data with
each other?
CIS 193A – Lesson6
Early Encryption• Caesar’s Cipher
– each letter of the alphabet was shift-ed to the right 3 positions, with x,y, and z wrapping back to a,b, and c.
• Rot13– each letter of the alphabet was shift-ed
to the right 13 positions, such that 2 such shifts restored the original text.
These algorithms worked on the alphabets of naturallanguage, with rot13 assuming the English alphabet.
CIS 193A – Lesson6
Symmetric Encryption
• Symmetric encryption replaces a ‘rule’ with a ‘key’ – an arbitrarily long string of characters known only to the sender and receiver, and used to produce the ciphertext.
• Examples:– 3DES, CAST5, BLOWFISH, AES, TWOFISH
• Problem:– How to deliver the ‘key’ to the recipient
without it being intercepted.
CIS 193A – Lesson6
Hashing Algorithms
• Hash algorithms are not true encryption because they are unidirectional: once encrypted they cannot be decrypted.
• Uses: a hash uniquely identifies an arbitrarily large source file and can verify the integrity of the file without disclosing its content. They are used in digital signatures, and as message digests, and checksums.
• Examples:– md2, md4, md5, sha, sha1, sha512, rmd160
CIS 193A – Lesson6
Asymmetric Encryption
• Solves the problem of a shared key.• Two keys involve: public and private. Both
keys encrypt, but decryption must occur with the alternate key.
• The private key is kept secret, the public key is freely made available to others – often by a public keyserver.
• The public key may be derived from the private key, but not vice versa. Private keys are usually protected with a passphrase.
CIS 193A – Lesson6
GNU Public Guard (GPG)
• A Free software implementation of Pretty Good Privacy (PGP) encryption.
• Supports symmetric and assymetric (PKI) encryption.
• Maintains a trusted database of public keys.
CIS 193A – Lesson6
GPG Symmetric Encryption
• Encrypted files may be stored in binary or ascii format. The ascii format of choice is usually base64.
• Examples:– gpg –c file1 # creates file1.gpg– gpg –ca file2 # creates file2.asc– gpg file1.gpg # decrypts file1– gpg –-decrypt file1.asc # decrypts to
# stdout
• Encryption requires supplying a passphrase.
CIS 193A – Lesson6
GPG Asymmetric Encryption
• Create your private/public keys:– gpg –-gen-key # go with the defaults
# and supply passphrase
• View the keys you just created:– gpg –-list-public-keys– gpg –-list-secret-keys
• Add a trusted public key to your keyring:– gpg –-import keyfile # use –a if ascii– gpg –-fingerprint key_id # verify– gpg –-edit-key key_id # set trust value
CIS 193A – Lesson6
GPG Asymmetric Encryption
• Sharing a public key– gpg -a -–export id # sends to stdout– gpg [-a] –-output filename –-export id
• Send ASCII version through email or add to a keyserver:– gpg –-keyserver ip-addr –-send-keys id
• Pull from a keyserver:– gpg –-keyserver ip-addr –-recv-keys id– gpg –-keyserver ip-addr –-search-keys str
CIS 193A – Lesson6
GPG Signing files
• Signing a text file:– gpg –-clearsign filename # Save ASCII
• Detached Signature:– gpg -–detach-sign [-a] filename
• Verifying a signed, encrypted file:– gpg –-verify filename
• Verifying a detached signature:– gpg –verify file.sign file
CIS 193A – Lesson6
GPG Encrypting Files
• Simple encryption:– gpg –e [-a] –r public-key_id filename
• Sign and encrypt:– gpg –es [-a] –r public-key_id filename
• Decrypt a file signed or not:– gpg filename
CIS 193A – Lesson6
Review
CIS 193A – Lesson6
Focus QuestionWhich cryptographic methods help computer users maintain confidentiality, integrity, and authenticity as they share person
data with each other?
Encryption algorithms use digital keys to scramble the bits in a message so that it is unreadable. Hashing algorithms produce small, unique, digital representa-tions of arbitrarily large files which can be used to guarantee integrity. Public/Private keys along with signed certificates can verify authenticity because of the dependence of the public keys on the private keys.