Seminar on Encryption and Authenticity
-
Upload
hardik-manocha -
Category
Engineering
-
view
196 -
download
6
Transcript of Seminar on Encryption and Authenticity
AUTHENTICATED ENCRYPTION
SAMNIT DUAHARDIK MANOCHA
SEMINAR
Submitted in the requirements for the degree of
Bachelor of Technologyin
Electronics and Communication Engineering
at
G B Pant Engineering College, Delhi
ENCRYPTION What is Encryption ?
Is the conversion of data into another form called cipher data so that no one else can understand what actual data is.
most effective way to achieve data security.
widely used in communication between source and destination and is as important as communication channel.
How Encryption Started Julius Caesar
used encryption to communicate with his troops in order to send data without making enemy to know actual data.
simply shifted alphabets by some integer number.
For example, A when shifted by 1 became B and B became C and so on.
Cryptography Way to Encrypt
Use of Key.
Actual data is transformed using another string or phrase called Key.
For converting cipher data back top original data, again Key is used.
Symmetric Cryptography One Form of Cryptography
Same Key for Encryption and Decryption.
Drawback- if Hacker gets the Key, decryption becomes easy.
Used in password entries, for every access from start, password is needed.
Asymmetric Cryptography Second Form of Cryptography
Different Key for Encryption and Decryption.
Drawback- if Hacker gets the Key, changes key to another string, then decryption becomes difficult.
Used in SSL, communication between browser and website.
Used in providing Software Updates.
Which one is better Although, symmetric encryption is
fast, it is not as safe as asymmetric encryption because someone could “steal” the key and decode the messages. But because of its speed, it's commonly used for e-commerce transactions. Asymmetric encryption is more complex--
and more secure. Asymmetric encryption's added safety comes at a price: More computation is required, so the process takes longer.
Algorithms for Cryptography Data Encryption Standard, DES
Triple Data Encryption Standard, T-DES
Advanced Encryption Standard, AES
Message Digest, MD5
DES Data Encryption Standard
Takes fixed length input data, usually 64 bits.
Symmetric Cryptography
Key Length is 64 bits, but actually 56 bits are used to process data. Remaining bits represent parity bits.
Drawbacks- Weak to Brute force attacks. Can be decrypted within 22 hours, because low bit length of Key.
In 1971, IBM developed an algorithm, named LUCIFER which operates on a block of 64 bits, using a 128-bit key
Walter Tuchman, an IBM researcher, refined LUCIFER and reduced the key size to 56-bit, to fit on a chip.
History
In 1977, the results of Tuchman’s project of IBM was adopted as the Data Encryption Standard by NSA (NIST).
HOW STRONG DES IS? DES uses a 56-bit key, meaning that there are
256 possible keys under which a message can be encrypted. This is exactly 72,057,594,037,927,936, or approximately 72 quadrillion possible keys.
In cryptography, the EFF DES cracker (nicknamed "Deep Crack") is a machine built by the Electronic Frontier Foundation (EFF) in 1998, to perform a brute force search of DES cipher's key space
The EFF's US$250,000 DES cracking machine contained 1,856 custom chips and could brute force a DES key in a matter of days — the photo shows a two-sided DES Cracker circuit board fitted with 64 Deep Crack chips
EFF DES cracker
TO CRACK DESObvious attack: guess the key.
256 keysComplementation Property: 255
keys1 million per second: 1100 years
T-DES Triple Data Encryption Standard
Uses DES 3 times. Firstly, encrypts with one key. Then Decrypts with another key. Again, encrypts with previous key.
Symmetric Cryptography
Key Length is 3*64 bits, but actually 56 bits are used to process data in each block. Remaining bits represent parity bits.
Advantages- Stronger to Brute force attacks. Total Key length is 192 bits, thus brute force attack is less efficient. Till now, T-DES has not been decoded.
Researchers has stated- It is possible to decode T-DES, although in practice it hasn’t been.
ADVANTAGE OF T-DES3 Times stronger than DESHas 168 bits key (56*3)48 rounds of encryptions (16*3)Can be implemented with
software as well as hardware
Disadvantage of T-DESNeed 3 times more time than
DESNeed 3 times more memory than
DES
AES Advanced Encryption Standard
Completely different algorithm as compared to previous algorithm. Operates on 128 bits of data.
Symmetric Cryptography
3 different Key Lengths- 128, 192 and 256 bits.
Advantages- Algorithm using 256 bit length is obviously greatly secured and so as with other two key lengths.
History of AESAfter DES cracked and slow Triple-DES, what next?1997: AES announced, call for algorithmsAugust 1998: 15 candidate algorithmsAugust 1999: 5 finalistsOctober 2000: Rijndael selected
◦Two Belgians: Joan Daemen, Vincent RijmenMay 2001: Comment period endedSummer 2001: Finalized, certified
Advantage of AESVery strong algorithmCan be designed for maximum
256 bitsNot cracked till nowFaster than T-DESNeeds less memory space
Disadvantage of AESHard to implement with software AES in Counter Mode (GCM) is
challenging to implement in software in a manner i.e. both performance and secure
MD5MD5 algorithm was developed by Professor Ronald L. Rivest in 1991. According to RFC 1321, “MD5 message-digest algorithm takes as input a message of arbitrary length and produces as output a 128-bit "fingerprint" or "message digest" of the input …The MD5 algorithm is intended for digital signature applications, where a large file must be "compressed" in a secure manner before being encrypted with a private (secret) key under a public-key cryptosystem such as RSA.”
MD5 Algorithm Structure
Comparing to other digest algorithms, MD5 is simple to implement, and provides a "fingerprint" or message digest of a message of arbitrary length.
It performs very fast on 32-bit machine. MD5 is being used heavily from large
corporations, such as IBM, Cisco Systems, to individual programmers.
MD5 is considered one of the most efficient algorithms currently available.
AUTHENTICATED ENCRYPTIONAuthenticated Encryption (AE) is a
block cipher mode of operation which simultaneously provides confidentiality,integrity, and authenticity assurances on the data; decryption is combined in single step with integrity verification. These attributes are provided under a single, easy to useprogramming interface.
The need for AE emerged from the observation that securely combining a confidentiality mode with an authentication mode could be error prone and difficult.[1][2] This was confirmed by a number of practical attacks introduced into production protocols and applications by incorrect implementation, or lack, of authentication
Difference b/w encryption and Authenticated encryptionThe crucial difference between plain
encryption and authenticated encryption (AE) is that AE additionally provides authenticity, while plain encryption provides only confidentiality
we assume K to be a secret key, which is known to authorized parties, but unknown to attackers.
Applications of encryptionWeb browser encryptionEmail encryptionHard drive encryptionOperating system protection
There is no IP of any encryption algorithm is made till now
THANK
YOU