SlideShare a Scribd company logo

PRINCIPLES OF INFORMATION SYSTEM SECURITY

G
gacop74666

Introduction: Information security is more and more important every day in the workplace. If we want to improve our information security, we need a solid understanding of the principles that will help us do that. This guide explores those principles and will guide you to building a more secure environment. Information Security Principles: There are three basic principles of information security, and all other practices are based on these three: * Confidentiality: Confidentiality is the basic tenet of information security. Confidentiality means that you don't share private or confidential information with anyone who shouldn't know it. As the name implies, you don't give out confidential information. * Availability: Availability means that you can access the information you need when you need it. You may not need access to everything all the time, but when you do, you want access quickly. You may need access to your bank account when you pay a bill. This is availability. * Integrity: If you make a change to something, it should be tracked and logged in a journal or log. That way, you can verify that no unauthorized changes were made to the original information, so we know that the information is genuine. In short, integrity means you can verify that the information hasn't been altered in any way. There are four key concepts that underpin the practice of information security. These concepts, when integrated and applied appropriately, enable security managers and practitioners to defend against and recover from attacks. The four key concepts are: * Confidentiality: Confidentiality refers to protecting information from unauthorized access, use, or disclosure. This includes both internal and external threats. Data encryption or access control lists are examples of confidentiality controls. * Integrity: Integrity refers to protecting the accuracy, completeness, and validity of information. This includes protecting data from being modified without authorization. Data hashing algorithms or message authentication codes are examples of integrity controls. * Availability: Availability refers to ensuring that information and systems are accessible to authorized users when they need them. This includes measures to prevent service outages or data loss due to natural disasters or accidental or intentional malicious activity. Redundant systems, data backups, and disaster recovery plans are examples of availability controls. * Accountability: Accountability involves tracing user actions to the identity of the user. If the user's identity is associated with a group, then the actions of the user are also associated with the group. Accountability mechanisms typically involve the use of logs, audit trails, and other monitoring techniques. Accountability controls are also used to identify and fix system weaknesses that could lead to unauthorized access or changes to data and systems. By following these basic principles, we can help protect our information fro

Education
1 of 39
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
UNIT - 2 PUBLIC KEY CRYPTOGRAPHY AND RSA Information Security BY Khushbu Garg Assistant Professor Jecrcu
Plain Text to Cipher Text Conversion Techniques
Introduction Encryption is the process of converting plaintext into ciphertext to secure information. Importance: • Used in communication, data security, and cryptography.
Substitution Ciphers Caesar Cipher: • Each letter shifted by a fixed number. • Example: HELLO → KHOOR (Shift = 3) Vigenère Cipher: • Uses a keyword for multiple shifts. • Example (Keyword = 'KEY'): HELLO → RIJVS
Transposition Ciphers Rail Fence Cipher: • Letters written diagonally, read row-wise. • Example: HELLO WORLD → HLOWRDELLOOL (Depth = 2) Columnar Transposition: • Text written in a grid and rearranged by key order. • Example (Key = 4312): HELLO → OHLLE
PRIVATE-KEY CRYPTOGRAPHY 🞭 traditional private/secret/single keycryptography uses one key 🞭 shared by both sender and receiver 🞭 if this key is disclosed communications are compromised 🞭 also is symmetric, parties are equal 🞭 hence does not protect sender from receiver forging a message & claiming is sent by sender
PUBLIC-KEY CRYPTOGRAPHY 🞭 probably most significant advance in the 3000 year history of cryptography 🞭 uses two keys – a public & a private key 🞭 asymmetric since parties are not equal 🞭 uses clever application of number theoretic concepts to function 🞭 complements rather than replaces private keycrypto
WHY PUBLIC-KEY CRYPTOGRAPHY? 🞭 developed to address two key issues: 🞭 key distribution – how to have secure communications in general without having to trust a KDC with your key 🞭 digital signatures – how to verify a message comes intact from the claimed sender 🞭 public invention due to Whitfield Diffie &Martin Hellman at Stanford Uni in 1976 🞭 known earlier in classified community
PUBLIC-KEY CRYPTOGRAPHY 🞭 public-key/two-key/asymmetric cryptography involves the use of two keys: 🞭 a public-key, which may be known by anybody, and can be used to encrypt messages, and verify signatures 🞭 a private-key, known only to the recipient, used to decrypt messages, and sign (create) signatures 🞭 is asymmetric because 🞭 those who encrypt messages or verify signatures cannot decrypt messages or create signatures
PUBLIC-KEY CRYPTOGRAPHY
PUBLIC-KEY CHARACTERISTICS 🞭 Public-Key algorithms rely on two keys where: 🞭 it is computationally infeasible to find decryption keyknowing only algorithm & encryption key 🞭 it is computationally easy to en/decrypt messages when the relevant (en/decrypt) key is known 🞭 either of the two related keys can be used for encryption, with the other used for decryption (for some algorithms)
PUBLIC-KEY CRYPTOSYSTEMS
PUBLIC-KEY APPLICATIONS 🞭 can classify uses into 3 categories: 🞭 encryption/decryption (provide secrecy) 🞭 digital signatures (provide authentication) 🞭 key exchange (of session keys) 🞭 some algorithms are suitable for all uses, others are specific to one
RSA 🞭 by Rivest, Shamir & Adleman of MIT in 1977 🞭 best known & widely used public-key scheme 🞭 based on exponentiation in a finite (Galois) field over integers modulo a prime 🞭 nb. exponentiation takes O((log n)3) operations (easy) 🞭 uses large integers (eg. 1024 bits) 🞭 security due to cost of factoring large numbers 🞭 nb. factorization takes O(e log n log log n) operations (hard)
RSA KEY SETUP 🞭 each user generates a public/private key pair by: 🞭 selecting two large primes at random - p, q 🞭 computing their system modulus n=p.q 🞭 note ø(n)=(p-1)(q-1) 🞭 selecting at random the encryption key e 🞭 where 1<e<ø(n), gcd(e,ø(n))=1 🞭 solve following equation to find decryption key d 🞭 e.d=1 mod ø(n) and 0≤d≤n 🞭 publish their public encryption key: PU={e,n} 🞭 keep secret private decryption key: PR={d,n}
RSA USE 🞭 to encrypt a message M the sender: 🞭 obtains public key of recipient PU={e,n} 🞭 computes: C = Me mod n, where 0≤M<n 🞭 to decrypt the ciphertext C the owner: 🞭 uses their private key PR={d,n} 🞭 computes: M = Cd mod n 🞭 note that the message M must be smaller than the modulus n (block if needed)
WHY RSA WORKS 🞭 because of Euler's Theorem: 🞭 aø(n)mod n = 1 where gcd(a,n)=1 🞭 in RSA have: 🞭 n=p.q 🞭 ø(n)=(p-1)(q-1) 🞭 carefully chose e & d to be inverses mod ø(n) 🞭 hence e.d=1+k.ø(n) for some k 🞭 hence : Cd = Me.d = M1+k.ø(n) = M1.(Mø(n))k = M1.(1)k = M1 = M mod n
RSA EXAMPLE - KEY SETUP 1. Select primes: p=17 & q=11 2. Compute n = pq =17 x 11=187 3. Compute ø(n)=(p–1)(q-1)=16 x 10=160 4. Select e: gcd(e,160)=1; choose e=7 5. Determine d: de=1 mod 160 and d < 160 Value is d=23 since 23x7=161= 10x160+1 6. Publish public key PU={7,187} 7. Keep secret private key PR={23,187}
RSA EXAMPLE - EN/DECRYPTION 🞭 sample RSA encryption/decryption is: 🞭 given message M = 88 (nb. 88<187) 🞭 encryption: C = 887 mod 187 = 11 🞭 decryption: M = 1123 mod 187 = 88
EXPONENTIATION 🞭 can use the Square and Multiply Algorithm 🞭 a fast, efficient algorithm for exponentiation 🞭 concept is based on repeatedly squaring base 🞭 and multiplying in the ones that are needed tocompute the result 🞭 look at binary representation of exponent 🞭 only takes O(log2 n) multiples for number n 🞭 eg. 75 = 74.71 = 3.7 = 10 mod 11 = 3128.31 🞭 eg. 3129 = 5.3 = 4 mod 11
EXPONENTIATION c = 0; f = 1 for i = k downto 0 do c = 2 x c f = (f x f) mod n if bi == 1 then c = c + 1 f = (f x a) mod n return f
EFFICIENT ENCRYPTION 🞭 encryption uses exponentiation to power e 🞭 hence if e small, this will be faster 🞭 often choose e=65537 (216-1) 🞭 also see choices of e=3 or e=17 🞭 but if e too small (eg e=3) can attack 🞭 using Chinese remainder theorem & 3 messages with different modulii 🞭 if e fixed must ensure gcd(e,ø(n))=1 🞭 ie reject any p or q not relatively prime to e
EFFICIENT DECRYPTION 🞭 decryption uses exponentiation to power d 🞭 this is likely large, insecure if not 🞭 can use the Chinese Remainder Theorem (CRT) to compute mod p & q separately. then combine to get desired answer 🞭 approx 4 times faster than doing directly 🞭 only owner of private key who knows values ofp & q can use this technique
RSA KEY GENERATION 🞭 users of RSA must: 🞭 determine two primes at random - p, q 🞭 select either e or d and compute the other 🞭 primes p,q must not be easily derived from modulus n=p.q 🞭 means must be sufficiently large 🞭 typically guess and use probabilistic test 🞭 exponents e, d are inverses, so use Inverse algorithm to compute the other
RSA SECURITY 🞭 possible approaches to attacking RSA are: 🞭 brute force key search (infeasible given size ofnumbers) 🞭 mathematical attacks (based on difficulty ofcomputing ø(n), by factoring modulus n) 🞭 timing attacks (on running of decryption) 🞭 chosen ciphertext attacks (given properties of RSA)
Information Security Diffie – Hellman Key Exchange & Elliptic Curve Cryptography
Diffie-HellmanKey Exchange • first public-key type scheme proposed • by Diffie & Hellman in 1976 along with the exposition of public key concepts • note: now know that Williamson (UK CESG) secretly proposed the concept in 1970 • is a practical method for public exchange of a secret key • used in a number of commercial products [ Continue…]
Diffie-HellmanKey Exchange • a public-key distribution scheme • cannot be used to exchange an arbitrary message • rather it can establish a common key • known only to the two participants • value of key depends on the participants (and their private and public key information) • based on exponentiation in a finite (Galois) field (modulo a prime or a polynomial) - easy • security relies on the difficulty of computing discrete logarithms (similar to factoring) – hard [ Continue…]
Diffie-HellmanSetup • all users agree on global parameters: • large prime integer or polynomial q • a being a primitive root mod q • each user (eg. A) generates their key • chooses a secret key (number): xA < q A • compute their public key: y = a xA mod q • each user makes public that key yA [ Continue…]
Diffie-HellmanKey Exchange • shared session key for users A & B is KAB: KAB = axA.xB mod q xB B = y xA = yA mod q mod q (which B can compute) (which A can compute) • KAB is used as session key in private-key encryption scheme between Alice and Bob • if Alice and Bob subsequently communicate, they will have the same key as before, unless they choose new public-keys • attacker needs an x, must solve discrete log [ Continue…]
Diffie-Hellman Example • users Alice & Bob who wish to swap keys: • agree on prime q=353 and a=3 • select random secret keys: • A chooses xA=97, B chooses xB=233 • compute respective public keys: A • y =3 97 B • y =3 233 mod 353 = 40 mod 353 = 248 (Alice) (Bob) • compute shared session key as: AB B • K = y xA 97 AB A • K = y xB mod 353 = 248 mod 353 = 40 233 = 160 = 160 (Alice) (Bob) [ Continue…]
KeyExchangeProtocols • users could create random private/public D-H keys each time they communicate • users could create a known private/public D-H key and publish in a directory, then consulted and used to securely communicate with them • both of these are vulnerable to a meet-in-the- Middle Attack • authentication of the keys is needed
DES vs AES Encryption
Introduction to Encryption • Encryption is used to secure information by converting plaintext into ciphertext. • Symmetric encryption uses the same key for both encryption and decryption. • DES and AES are two widely known symmetric encryption algorithms.
DES (Data Encryption Standard) • Developed by IBM in the 1970s, adopted by NIST. • Uses a 56-bit key and encrypts data in 64- bit blocks. • 16 rounds of Feistel structure encryption. • Vulnerable to brute-force attacks due to small key size. • Considered obsolete and replaced by AES.
AES (Advanced Encryption Standard) • Developed by Vincent Rijmen and Joan Daemen, adopted in 2001. • Supports 128, 192, or 256-bit key sizes. • Encrypts data in 128-bit blocks. • Uses 10, 12, or 14 rounds of substitution- permutation encryption. • Highly secure and widely used in modern encryption.
DES vs AES: Key Differences • Key Size: DES (56-bit) vs AES (128, 192, 256-bit). • Block Size: DES (64-bit) vs AES (128-bit). • Rounds: DES (16 rounds) vs AES (10, 12, or 14 rounds). • Security: DES is weak against brute-force attacks; AES is highly secure. • Usage: DES is obsolete, AES is widely used in modern encryption applications.
Conclusion • DES was a pioneer in symmetric encryption but is now outdated. • AES is the modern standard due to its enhanced security and flexibility. • AES is used in secure communication, data protection, and cybersecurity. • Understanding these algorithms helps in choosing the right encryption method.
Thank You! Questions?

More Related Content

Similar to PRINCIPLES OF INFORMATION SYSTEM SECURITY (20)

PPTX
UNIT-IV.pptx
SunnyAnchews
 
PPT
ch09_rsa_nemo.ppt
ChandraB15
 
PPT
session6Mdjdjjskskskxkckjdjddddkfjjfjjjj
a7349061
 
PPT
PUBLIC KEY & RSA.ppt
RizwanBasha12
 
PPTX
CNS 3RD UNIT PPT.pptx
pjeraids
 
PPTX
Unit-III_3R-CRYPTO_2021-22_VSM.pptx
VishwanathMahalle
 
PPT
Rsa
Navneet Sharma
 
PPTX
Ch9
Mahender Kumar
 
PPTX
Public key algorithm
Prateek Pandey
 
PPT
Public key cryptography and RSA
Shafaan Khaliq Bhatti
 
PDF
18CS2005 Cryptography and Network Security
Kathirvel Ayyaswamy
 
PPT
RSA
bansidhar11
 
PPTX
3 pkc+rsa
Shashank Mishra
 
PDF
CNS - Unit - 4 - Public Key Cryptosystem
Gyanmanjari Institute Of Technology
 
PPT
CNS.ppt
GopinathSamydurai
 
PPT
Public key cryptography and RSA algorithm
Nitin Birari
 
PPTX
information security(Public key encryption its characteristics and weakness, ...
Zara Nawaz
 
PPT
The RSA (Rivest, Shamir & Adleman ) Algorithm
devarahul1
 
PPTX
Ch9_Cryptokkkllllllllllllllllllllk6e.pptx
LaxmanBhandari22
 
PDF
Chapter 8 cryptography lanjutan
newbie2019
 
UNIT-IV.pptx
SunnyAnchews
 
ch09_rsa_nemo.ppt
ChandraB15
 
session6Mdjdjjskskskxkckjdjddddkfjjfjjjj
a7349061
 
PUBLIC KEY & RSA.ppt
RizwanBasha12
 
CNS 3RD UNIT PPT.pptx
pjeraids
 
Unit-III_3R-CRYPTO_2021-22_VSM.pptx
VishwanathMahalle
 
Rsa
Navneet Sharma
 
Ch9
Mahender Kumar
 
Public key algorithm
Prateek Pandey
 
Public key cryptography and RSA
Shafaan Khaliq Bhatti
 
18CS2005 Cryptography and Network Security
Kathirvel Ayyaswamy
 
RSA
bansidhar11
 
3 pkc+rsa
Shashank Mishra
 
CNS - Unit - 4 - Public Key Cryptosystem
Gyanmanjari Institute Of Technology
 
CNS.ppt
GopinathSamydurai
 
Public key cryptography and RSA algorithm
Nitin Birari
 
information security(Public key encryption its characteristics and weakness, ...
Zara Nawaz
 
The RSA (Rivest, Shamir & Adleman ) Algorithm
devarahul1
 
Ch9_Cryptokkkllllllllllllllllllllk6e.pptx
LaxmanBhandari22
 
Chapter 8 cryptography lanjutan
newbie2019
 

Recently uploaded (20)

PPTX
Introduction to pediatric nursing in 5th Sem..pptx
AneetaSharma15
 
PDF
Tips for Writing the Research Title with Examples
Thelma Villaflores
 
PDF
John Keats introduction and list of his important works
vatsalacpr
 
PDF
TOP 10 AI TOOLS YOU MUST LEARN TO SURVIVE IN 2025 AND ABOVE
digilearnings.com
 
PDF
Module 2: Public Health History [Tutorial Slides]
JonathanHallett4
 
PPTX
YSPH VMOC Special Report - Measles Outbreak Southwest US 7-20-2025.pptx
Yale School of Public Health - The Virtual Medical Operations Center (VMOC)
 
PPTX
LDP-2 UNIT 4 Presentation for practical.pptx
abhaypanchal2525
 
PPTX
CONCEPT OF CHILD CARE. pptx
AneetaSharma15
 
PPTX
Top 10 AI Tools, Like ChatGPT. You Must Learn In 2025
Digilearnings
 
PPTX
Basics and rules of probability with real-life uses
ravatkaran694
 
PPTX
Rules and Regulations of Madhya Pradesh Library Part-I
SantoshKumarKori2
 
PPTX
How to Track Skills & Contracts Using Odoo 18 Employee
Celine George
 
PPTX
Sonnet 130_ My Mistress’ Eyes Are Nothing Like the Sun By William Shakespear...
DhatriParmar
 
PDF
EXCRETION-STRUCTURE OF NEPHRON,URINE FORMATION
raviralanaresh2
 
PDF
Antianginal agents, Definition, Classification, MOA.pdf
Prerana Jadhav
 
DOCX
Unit 5: Speech-language and swallowing disorders
JELLA VISHNU DURGA PRASAD
 
PDF
Virat Kohli- the Pride of Indian cricket
kushpar147
 
PPTX
PROTIEN ENERGY MALNUTRITION: NURSING MANAGEMENT.pptx
PRADEEP ABOTHU
 
PPTX
Command Palatte in Odoo 18.1 Spreadsheet - Odoo Slides
Celine George
 
PPTX
Continental Accounting in Odoo 18 - Odoo Slides
Celine George
 
Introduction to pediatric nursing in 5th Sem..pptx
AneetaSharma15
 
Tips for Writing the Research Title with Examples
Thelma Villaflores
 
John Keats introduction and list of his important works
vatsalacpr
 
TOP 10 AI TOOLS YOU MUST LEARN TO SURVIVE IN 2025 AND ABOVE
digilearnings.com
 
Module 2: Public Health History [Tutorial Slides]
JonathanHallett4
 
YSPH VMOC Special Report - Measles Outbreak Southwest US 7-20-2025.pptx
Yale School of Public Health - The Virtual Medical Operations Center (VMOC)
 
LDP-2 UNIT 4 Presentation for practical.pptx
abhaypanchal2525
 
CONCEPT OF CHILD CARE. pptx
AneetaSharma15
 
Top 10 AI Tools, Like ChatGPT. You Must Learn In 2025
Digilearnings
 
Basics and rules of probability with real-life uses
ravatkaran694
 
Rules and Regulations of Madhya Pradesh Library Part-I
SantoshKumarKori2
 
How to Track Skills & Contracts Using Odoo 18 Employee
Celine George
 
Sonnet 130_ My Mistress’ Eyes Are Nothing Like the Sun By William Shakespear...
DhatriParmar
 
EXCRETION-STRUCTURE OF NEPHRON,URINE FORMATION
raviralanaresh2
 
Antianginal agents, Definition, Classification, MOA.pdf
Prerana Jadhav
 
Unit 5: Speech-language and swallowing disorders
JELLA VISHNU DURGA PRASAD
 
Virat Kohli- the Pride of Indian cricket
kushpar147
 
PROTIEN ENERGY MALNUTRITION: NURSING MANAGEMENT.pptx
PRADEEP ABOTHU
 
Command Palatte in Odoo 18.1 Spreadsheet - Odoo Slides
Celine George
 
Continental Accounting in Odoo 18 - Odoo Slides
Celine George
 
Ad

PRINCIPLES OF INFORMATION SYSTEM SECURITY

  • 1. UNIT - 2 PUBLIC KEY CRYPTOGRAPHY AND RSA Information Security BY Khushbu Garg Assistant Professor Jecrcu
  • 2. Plain Text to Cipher Text Conversion Techniques
  • 3. Introduction Encryption is the process of converting plaintext into ciphertext to secure information. Importance: • Used in communication, data security, and cryptography.
  • 4. Substitution Ciphers Caesar Cipher: • Each letter shifted by a fixed number. • Example: HELLO → KHOOR (Shift = 3) Vigenère Cipher: • Uses a keyword for multiple shifts. • Example (Keyword = 'KEY'): HELLO → RIJVS
  • 5. Transposition Ciphers Rail Fence Cipher: • Letters written diagonally, read row-wise. • Example: HELLO WORLD → HLOWRDELLOOL (Depth = 2) Columnar Transposition: • Text written in a grid and rearranged by key order. • Example (Key = 4312): HELLO → OHLLE
  • 6. PRIVATE-KEY CRYPTOGRAPHY 🞭 traditional private/secret/single keycryptography uses one key 🞭 shared by both sender and receiver 🞭 if this key is disclosed communications are compromised 🞭 also is symmetric, parties are equal 🞭 hence does not protect sender from receiver forging a message & claiming is sent by sender
  • 7. PUBLIC-KEY CRYPTOGRAPHY 🞭 probably most significant advance in the 3000 year history of cryptography 🞭 uses two keys – a public & a private key 🞭 asymmetric since parties are not equal 🞭 uses clever application of number theoretic concepts to function 🞭 complements rather than replaces private keycrypto
  • 8. WHY PUBLIC-KEY CRYPTOGRAPHY? 🞭 developed to address two key issues: 🞭 key distribution – how to have secure communications in general without having to trust a KDC with your key 🞭 digital signatures – how to verify a message comes intact from the claimed sender 🞭 public invention due to Whitfield Diffie &Martin Hellman at Stanford Uni in 1976 🞭 known earlier in classified community
  • 9. PUBLIC-KEY CRYPTOGRAPHY 🞭 public-key/two-key/asymmetric cryptography involves the use of two keys: 🞭 a public-key, which may be known by anybody, and can be used to encrypt messages, and verify signatures 🞭 a private-key, known only to the recipient, used to decrypt messages, and sign (create) signatures 🞭 is asymmetric because 🞭 those who encrypt messages or verify signatures cannot decrypt messages or create signatures
  • 11. PUBLIC-KEY CHARACTERISTICS 🞭 Public-Key algorithms rely on two keys where: 🞭 it is computationally infeasible to find decryption keyknowing only algorithm & encryption key 🞭 it is computationally easy to en/decrypt messages when the relevant (en/decrypt) key is known 🞭 either of the two related keys can be used for encryption, with the other used for decryption (for some algorithms)
  • 13. PUBLIC-KEY APPLICATIONS 🞭 can classify uses into 3 categories: 🞭 encryption/decryption (provide secrecy) 🞭 digital signatures (provide authentication) 🞭 key exchange (of session keys) 🞭 some algorithms are suitable for all uses, others are specific to one
  • 14. RSA 🞭 by Rivest, Shamir & Adleman of MIT in 1977 🞭 best known & widely used public-key scheme 🞭 based on exponentiation in a finite (Galois) field over integers modulo a prime 🞭 nb. exponentiation takes O((log n)3) operations (easy) 🞭 uses large integers (eg. 1024 bits) 🞭 security due to cost of factoring large numbers 🞭 nb. factorization takes O(e log n log log n) operations (hard)
  • 15. RSA KEY SETUP 🞭 each user generates a public/private key pair by: 🞭 selecting two large primes at random - p, q 🞭 computing their system modulus n=p.q 🞭 note ø(n)=(p-1)(q-1) 🞭 selecting at random the encryption key e 🞭 where 1<e<ø(n), gcd(e,ø(n))=1 🞭 solve following equation to find decryption key d 🞭 e.d=1 mod ø(n) and 0≤d≤n 🞭 publish their public encryption key: PU={e,n} 🞭 keep secret private decryption key: PR={d,n}
  • 16. RSA USE 🞭 to encrypt a message M the sender: 🞭 obtains public key of recipient PU={e,n} 🞭 computes: C = Me mod n, where 0≤M<n 🞭 to decrypt the ciphertext C the owner: 🞭 uses their private key PR={d,n} 🞭 computes: M = Cd mod n 🞭 note that the message M must be smaller than the modulus n (block if needed)
  • 17. WHY RSA WORKS 🞭 because of Euler's Theorem: 🞭 aø(n)mod n = 1 where gcd(a,n)=1 🞭 in RSA have: 🞭 n=p.q 🞭 ø(n)=(p-1)(q-1) 🞭 carefully chose e & d to be inverses mod ø(n) 🞭 hence e.d=1+k.ø(n) for some k 🞭 hence : Cd = Me.d = M1+k.ø(n) = M1.(Mø(n))k = M1.(1)k = M1 = M mod n
  • 18. RSA EXAMPLE - KEY SETUP 1. Select primes: p=17 & q=11 2. Compute n = pq =17 x 11=187 3. Compute ø(n)=(p–1)(q-1)=16 x 10=160 4. Select e: gcd(e,160)=1; choose e=7 5. Determine d: de=1 mod 160 and d < 160 Value is d=23 since 23x7=161= 10x160+1 6. Publish public key PU={7,187} 7. Keep secret private key PR={23,187}
  • 19. RSA EXAMPLE - EN/DECRYPTION 🞭 sample RSA encryption/decryption is: 🞭 given message M = 88 (nb. 88<187) 🞭 encryption: C = 887 mod 187 = 11 🞭 decryption: M = 1123 mod 187 = 88
  • 20. EXPONENTIATION 🞭 can use the Square and Multiply Algorithm 🞭 a fast, efficient algorithm for exponentiation 🞭 concept is based on repeatedly squaring base 🞭 and multiplying in the ones that are needed tocompute the result 🞭 look at binary representation of exponent 🞭 only takes O(log2 n) multiples for number n 🞭 eg. 75 = 74.71 = 3.7 = 10 mod 11 = 3128.31 🞭 eg. 3129 = 5.3 = 4 mod 11
  • 21. EXPONENTIATION c = 0; f = 1 for i = k downto 0 do c = 2 x c f = (f x f) mod n if bi == 1 then c = c + 1 f = (f x a) mod n return f
  • 22. EFFICIENT ENCRYPTION 🞭 encryption uses exponentiation to power e 🞭 hence if e small, this will be faster 🞭 often choose e=65537 (216-1) 🞭 also see choices of e=3 or e=17 🞭 but if e too small (eg e=3) can attack 🞭 using Chinese remainder theorem & 3 messages with different modulii 🞭 if e fixed must ensure gcd(e,ø(n))=1 🞭 ie reject any p or q not relatively prime to e
  • 23. EFFICIENT DECRYPTION 🞭 decryption uses exponentiation to power d 🞭 this is likely large, insecure if not 🞭 can use the Chinese Remainder Theorem (CRT) to compute mod p & q separately. then combine to get desired answer 🞭 approx 4 times faster than doing directly 🞭 only owner of private key who knows values ofp & q can use this technique
  • 24. RSA KEY GENERATION 🞭 users of RSA must: 🞭 determine two primes at random - p, q 🞭 select either e or d and compute the other 🞭 primes p,q must not be easily derived from modulus n=p.q 🞭 means must be sufficiently large 🞭 typically guess and use probabilistic test 🞭 exponents e, d are inverses, so use Inverse algorithm to compute the other
  • 25. RSA SECURITY 🞭 possible approaches to attacking RSA are: 🞭 brute force key search (infeasible given size ofnumbers) 🞭 mathematical attacks (based on difficulty ofcomputing ø(n), by factoring modulus n) 🞭 timing attacks (on running of decryption) 🞭 chosen ciphertext attacks (given properties of RSA)
  • 26. Information Security Diffie – Hellman Key Exchange & Elliptic Curve Cryptography
  • 27. Diffie-HellmanKey Exchange • first public-key type scheme proposed • by Diffie & Hellman in 1976 along with the exposition of public key concepts • note: now know that Williamson (UK CESG) secretly proposed the concept in 1970 • is a practical method for public exchange of a secret key • used in a number of commercial products [ Continue…]
  • 28. Diffie-HellmanKey Exchange • a public-key distribution scheme • cannot be used to exchange an arbitrary message • rather it can establish a common key • known only to the two participants • value of key depends on the participants (and their private and public key information) • based on exponentiation in a finite (Galois) field (modulo a prime or a polynomial) - easy • security relies on the difficulty of computing discrete logarithms (similar to factoring) – hard [ Continue…]
  • 29. Diffie-HellmanSetup • all users agree on global parameters: • large prime integer or polynomial q • a being a primitive root mod q • each user (eg. A) generates their key • chooses a secret key (number): xA < q A • compute their public key: y = a xA mod q • each user makes public that key yA [ Continue…]
  • 30. Diffie-HellmanKey Exchange • shared session key for users A & B is KAB: KAB = axA.xB mod q xB B = y xA = yA mod q mod q (which B can compute) (which A can compute) • KAB is used as session key in private-key encryption scheme between Alice and Bob • if Alice and Bob subsequently communicate, they will have the same key as before, unless they choose new public-keys • attacker needs an x, must solve discrete log [ Continue…]
  • 31. Diffie-Hellman Example • users Alice & Bob who wish to swap keys: • agree on prime q=353 and a=3 • select random secret keys: • A chooses xA=97, B chooses xB=233 • compute respective public keys: A • y =3 97 B • y =3 233 mod 353 = 40 mod 353 = 248 (Alice) (Bob) • compute shared session key as: AB B • K = y xA 97 AB A • K = y xB mod 353 = 248 mod 353 = 40 233 = 160 = 160 (Alice) (Bob) [ Continue…]
  • 32. KeyExchangeProtocols • users could create random private/public D-H keys each time they communicate • users could create a known private/public D-H key and publish in a directory, then consulted and used to securely communicate with them • both of these are vulnerable to a meet-in-the- Middle Attack • authentication of the keys is needed
  • 33. DES vs AES Encryption
  • 34. Introduction to Encryption • Encryption is used to secure information by converting plaintext into ciphertext. • Symmetric encryption uses the same key for both encryption and decryption. • DES and AES are two widely known symmetric encryption algorithms.
  • 35. DES (Data Encryption Standard) • Developed by IBM in the 1970s, adopted by NIST. • Uses a 56-bit key and encrypts data in 64- bit blocks. • 16 rounds of Feistel structure encryption. • Vulnerable to brute-force attacks due to small key size. • Considered obsolete and replaced by AES.
  • 36. AES (Advanced Encryption Standard) • Developed by Vincent Rijmen and Joan Daemen, adopted in 2001. • Supports 128, 192, or 256-bit key sizes. • Encrypts data in 128-bit blocks. • Uses 10, 12, or 14 rounds of substitution- permutation encryption. • Highly secure and widely used in modern encryption.
  • 37. DES vs AES: Key Differences • Key Size: DES (56-bit) vs AES (128, 192, 256-bit). • Block Size: DES (64-bit) vs AES (128-bit). • Rounds: DES (16 rounds) vs AES (10, 12, or 14 rounds). • Security: DES is weak against brute-force attacks; AES is highly secure. • Usage: DES is obsolete, AES is widely used in modern encryption applications.
  • 38. Conclusion • DES was a pioneer in symmetric encryption but is now outdated. • AES is the modern standard due to its enhanced security and flexibility. • AES is used in secure communication, data protection, and cybersecurity. • Understanding these algorithms helps in choosing the right encryption method.