Image Representation Privacy/Cryptography CS 104 October 3, 2011.
-
Upload
myron-burns -
Category
Documents
-
view
215 -
download
2
Transcript of Image Representation Privacy/Cryptography CS 104 October 3, 2011.
Image RepresentationPrivacy/Cryptography
CS 104October 3, 2011
Agenda Today
Representing Images with Bits Grades will be posted on eLearning Privacy
Cryptography
Wed Quiz Hand back grades How the internet works
Needs for Privacy
What are some specific needs for privacy when using the internet?
Information Security for… Defending against external/internal hackers Defending against industrial espionage Securing E-commerce Securing bank accounts/electronic transfers Securing intellectual property Avoiding liability Pervasiveness of email/networks Online storage of sensitive information Insecure technologies (e.g. wireless) Trend towards paperless society Weak legal protection of email privacy
History 50 B.C. Julius Caesar uses cryptographic
technique 400 A.D. Kama Sutra in India mentions
cryptographic techniques 1250 British monk Roger Bacon
describes simple ciphers 1466 Leon Alberti develops a cipher
disk 1861 Union forces use a cipher during Civil
War
5
History 1937 Japanese design the Purple
machine for encryption 1942 Navajo windtalkers help with secure
communication during World War II 1948 Claude Shannon develops statistical
methods for encryption/decryption 1976 IBM develops DES 1976 Diffie – Hellman develop public key /
private key cryptography 1977 Rivest – Shamir – Adleman develop the
RSA algorithm for public key / private key
6
History 1914 World War I – British, French, and
German forces use encryptiontechnology
1917 William Friedman, Father of U.S. encryption efforts starts a school for teaching cryptanalysis in Illinois
1917 AT&T employee Gilbert Vernaminvents polyalphabetic cipher
1919 Germans develop the Engima machinefor encryption
7
Basic Terminologies
Cryptography deals with creating documents that can be shared secretly over public communication channels
Cryptographic documents are decrypted with the key associated with encryption, with the knowledge of the encryptor
The word cryptography comes from the Greek words: Krypto (secret) and graphein (write)
Cryptanalysis deals with finding the encryption key without the knowledge of the encryptor
Cryptology deals with cryptography and cryptanalysis Cryptosystems are computer systems used to
encrypt data for secure transmission and storage
8
Basic Terminologies
Plaintext is text that is in readable form Ciphertext results from plaintext by applying
the encryption key Notations:
M message, C ciphertext, E encryption, D decryption, k key
E(M) = C E(M, k) = C
Fact: D(C) = M, D(C, k) = M
9
Types of Secret Writing
Secret writing
Steganography Cryptography
Substitution Transposition
Code
Cipher
Basic Terminologies
Steganography is the method of hiding secret messages in an ordinary document
Steganography does not use encryption Steganography does not increase file size for
hidden messages Example: select the bit patterns in pixel
colors to hide the message
11
Steganography
Steganography – covered writing – is an art of hiding information
Popular contemporary steganographic technologies hide information in images
New York Times, August 3rd, 2001http://www.nytimes.com/images/2001/10/30/science/sci_STEGO_011030_00.jpg
Hiding information in pictures
Image in which to hide another image
Image to hide within the other image
http://www.cl.cam.ac.uk/~fapp2/steganography/image_downgrading/
Digital Watermarks
Source: http://www.digimarc.com
Basic Terminologies
Keys are rules used in algorithms to convert a document into a secret document
Keys are of two types: Symmetric Asymmetric
A key is symmetric if the same key is used both for encryption and decryption
A key is asymmetric if different keys are used for encryption and decryption
15
Caesar Cipher
A substitution cipher where each plaintext letters is replaced by some letter a fixed number spaces down in the alphabet
ROT13
Network data encryption / decryption using ROT13 algorithm Rotates characters by 13 places
‘A’ ‘N’, ‘M’ ‘Z’, ‘a’ ‘n’, ‘m’ ‘z’ Encryption Example:
‘Hello World’ encrypts to ‘Uryyb Jbeyq’ Decryption Example:
‘Uryyb Jbeyq’ decrypts to ‘Hello World’
Implementing ROT13
Consider the following four cases IF (ch >= ‘A’) && (ch <= ‘M’)
Rotate “Right” ch by 13 characters IF (ch >= ‘N’) && (ch <= ‘Z’)
Rotate “Left” ch by 13 characters IF (ch >= ‘a’) && (ch <= ‘m’)
Rotate “Right” ch by 13 characters IF (ch >= ‘n’) && (ch <= ‘z’)
Rotate “Left” ch by 13 characters
Public Key Cryptography
Private (symmetric, secret) key – the same key used for encryption/decryption
Problem of key distribution Public (asymmetric) key cryptography – a
public key used for encryption and private key for decryption
Key distribution problem solved Very popular technique:
Large Prime Numbers
Transmitting over an insecure channelAlice wants to send Bob a private message.
Apublic is Alice’s public key.
Aprivate is Alice’s private key.
Bpublic is Bob’s public key.
Bprivate is Bob’s private key.
Netprog: Cryptgraphy 20
Netprog: Cryptgraphy 21
Hello Bob,Wanna get together?
AliceAlice BobBob
encrypt using Bpublic decrypt using Bprivate
OK Alice,where do we meet?
Netprog: Cryptgraphy 22
AliceAlice BobBob
decrypt using Aprivate encrypt using Apublic
Bob’s Dilemma
• Nobody can read the message from Alice, but anyone could produce it.
• How does Bob know that the message was really sent from Alice?
• Bob may be comforted to know that only Alice can read his reply.
Netprog: Cryptgraphy 23
Alice can sign her message!
• Alice can create a digital signature and prove she sent the message (or someone with knowledge of her private key).
• The signature can be a message digest encrypted with Aprivate.
Netprog: Cryptgraphy 24
Digital Certificates Issued by trusted third parties known as
Certificate Authorities (CAs) Verisign is a trusted third party Used to authenticate an individual or an
organization Digital Certificates are usually given for a
period of one year They can be revoked It is given at various security levels. Higher
the security level, the CA verifies the authenticity of the certificate seeker more.
25
Digital Certificates
Digital Certificates are part of the authentication mechanism. The other part is Digital Signature.
When a user uses the digital signature, the user starts with their private key and encrypts the message and sends it. The receiver uses the sender’s public key and decrypts the message
In traditional encryption, the sender uses the public key of the receiver and encrypts the message and sends it and the receiver decrypts the message with their private key
26
Authentication and Digital Signatures
• Preventing impostor attacks• Preventing content tampering• Preventing timing modification• Preventing repudiation
By:• Encryption itself• Cryptographic checksum and hash
functions
Potential Problems with Cryptographic Technologies?
False sense of security if badly implemented
Government regulation of cryptographic technologies/export restrictions
Encryption prohibited in some countries