Scribd
Upload
27 views20 pages

Ch2 Cryptography

The document discusses cryptography and encryption algorithms. It describes symmetric and asymmetric cryptography, including algorithms like DES, RSA, and hashing functions. It also covers digital signatures, PKI components, and digital certificate elements.

Uploaded by

bautilmenlynsa
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
27 views20 pages

Ch2 Cryptography

The document discusses cryptography and encryption algorithms. It describes symmetric and asymmetric cryptography, including algorithms like DES, RSA, and hashing functions. It also covers digital signatures, PKI components, and digital certificate elements.

Uploaded by

bautilmenlynsa
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 20

2CEIT6PE7 - Ethical Hacking

Chapter 2
Cryptography

• Understand different encryption algorithms,


• Cryptography tools,
• Understand the use of Cryptography over the Internet through
PKI
Cryptography
 Cryptography is a method of protecting information and
communications through the use of codes, so that only those for
whom the information is intended can read and process it.
 The prefix "crypt-" means "hidden" or "vault" -- and the suffix "-
graphy" stands for "writing.“
 Principles of modern-day cryptography:
 Confidentiality: the information cannot be understood by anyone for
whom it was unintended
 Integrity: the information cannot be altered in storage or transit
between sender and intended receiver without the alteration being
detected
 Non-repudiation: the creator/sender of the information cannot deny at
a later stage his or her intentions in the creation or transmission of the
information
 Authentication: the sender and receiver can confirm each other's
identity and the origin/destination of the information
Types of Cryptography

 Symmetric Cryptography

 Example: Substitution/Transposition Cipher, RC4, RC5,


RC6, DES, AES
Types of Cryptography

 Symmetric Cryptography
Types of Cryptography

 Asymmetric Cryptography/Public Key Cryptography

 Example: RSA, DSA etc..


Cryptography
Understand different encryption algorithms
Cryptography Algorithms
 Symmetric Key Algorithm

 Data Encryption Standard (DES)

 Asymmetric Key Algorithm

 RSA Algorithm
Message Digest (One-way Hash) Functions
 The message digest is a cryptographic hashing technique that is
used to ensure the integrity of a message.
 Message and message digest can be sent together or separately
through a communication channel.
 Receiver recalculates the Hash of the message and compares it
with the Message digest to ensure if any changes have been
made.
 One-Way-Hash of Message digest means the hashing function
must be a one-way operation.
 The original message must not be able to recreate.
 The message digest is a unique fixed size bit string that is
calculated in a way that if a single bit is modified, it changes
50% of the message digest value.
Message Digest Algorithms
 MD5
 MD5 produces a 128-bit hash value that is used as a checksum to verify
the integrity.
 Secure Hashing Algorithm (SHA)
 Another most popular, more secure and widely used hashing algorithm
is Secure Hashing Algorithm (SHA). SHA-1 is a secure hashing algorithm
producing 160-bit hashing value
 SHA-2 is even more secure, robust and safer hashing algorithm now.
 SHA2 has the option to vary digest between 224 bits to 512 bits.
 Hashed Message Authentication Code (HMAC)
 It adds another feature of using the secret key in its operation. Both
peers only know this secret key. Therefore, in this case, only parties with
secret keys can calculate and verify hash.
Cryptography Tools
 MD5 Hash Calculators
 HashCalc
 MD5 Calculator
 HashMyFiles

 Hash calculating tools for Mobile phones are:


 MD5 Hash Calculator
 Hash Droid
 Hash Calculator
Digital Signature

 Let us now consider another scheme, as follows:


 If A is the sender of a message and B is the receiver, A encrypts the
message with A’s private key and sends the encrypted message to B.

Encrypting a message with the sender’s private key


Digital Signature

Basis for digital signature


Digital Signature
Public Key Infrastructure(PKI)
 Public Key Infrastructure (PKI) is a popular encryption and
authentication approach used by both small businesses and
large enterprises.
 public key cryptography on its own is not sufficient to ensure
the security of e−business transactions.
 E−business organizations need a framework that provides
policies to generate keys and Procedures to distribute these
keys.

 Public Key Infrastructure (PKI) provides one such framework.

 PKI is the combination of policies, procedures, hardware,


software, and people that are required to create manage
and revoke digital certificates.
Public Key Infrastructure(PKI)
Components of PKI
 Certification Authority (CA)
 Trusted third party, issue the digital certificate
 Registration Authority (RA)
 An RA is responsible for the interaction between clients and CAs.
Because of the bulk of certificate requests, it is not possible for the CA to
accept certificate requests, validate the requests, and issue the
certificates. In such cases, the RA acts as an intermediary between the CA
and the client.
 PKI clients
 Digital certificates
 Certificate Distribution System (CDS) or repository
Public Key Infrastructure(PKI)
Digital Certificate
 Subject Name - Certificate holder’s name
 Certificate issuer - Name of CA
 Serial number - this is the serial number assigned by the issuer to this
certificate. Each issuer must make sure each certificate it issues has a unique
serial number.
 Version - the X.509 version used by a given certificate.
 Validity period - The validity period defines the period over which the cert can
still be deemed trustworthy.
 Signature - digital signature of the entire digital certificate, generated using
the certificate issuer's private key
 Signature algorithm - The cryptographic signature algorithm used to generate
the digital signature (e.g. SHA-1 with RSA Encryption)
 Public key information - Information about the subject's public key. This
includes:
 The algorithm (e.g. Elliptic Curve Public Key),
 The key size (e.g. 256 bits),
 The key usage (e.g. can encrypt, verify, derive), and
 The public key itself

You might also like