Professional Documents
Culture Documents
Cpe 516 Module I
Cpe 516 Module I
Cpe 516 Module I
Email: aliu.daniel@edouniversity.edu.ng
Course Content
• Classical encryption techniques/ Block Ciphers (Data Encryption Standard
(DES))
• Basics of finite field and Number theory
• Advanced Encryption Standard (AES)
• Contemporary symmetric ciphers
• Confidentiality using symmetric encryption
• Key management and public key cryptosystems
• Message Authentication / Hash functions and algorithms
• Digital signatures and authentication protocols
• Network security practice (Application, Email, IP and web security)
• System security against Intruders, Malicious software firewall
CRYPTOGRAPHY
Cryptography can reformat and transform our data, making it safer on its trip
between computers.
The technology is based on the essentials of secret codes, augmented by
modern mathematics that protects our data in powerful ways.
Security attack: Any action that compromises the security of information owned by an
organization.
Security mechanism: A mechanism that is designed to detect, prevent or recover from a
security attack.
Security service: A service that enhances the security of the data processing systems and the
information transfers of an organization. The services are intended to counter security
attacks and they make use of one or more security mechanisms to provide the service.
Basic Concepts
Cryptography The art or science encompassing the principles and methods of
transforming an intelligible message into one that is unintelligible, and then
retransforming that message back to its original form
Key Some critical information used by the cipher, known only to the sender& receiver
OR a string of data used in modifying the data during encryption and recovering the
data during decryption.
Basic Concepts
Encipher (encode) The process of converting plaintext to cipher text using a cipher and a
key
Decipher (decode) the process of converting cipher text back into plaintext using a
cipher and a key
All the encryption algorithms are based on two general principles: substitution,
in which each element in the plaintext is mapped into another element
If the sender and receiver use different keys then it is said to be public key
encryption.
The strategy used by the cryptanalysis depends on the nature of the encryption scheme and the
information available to the cryptanalyst.
There are various types of cryptanalytic attacks based on the amount of information known to
the cryptanalyst.
A stream cipher processes the input elements continuously, producing output element one at a
time, as it goes along.
Cipher text only: A copy of cipher text alone is known to the cryptanalyst.
Known plaintext: The cryptanalyst has a copy of the cipher text and the corresponding plaintext.
Cryptanalysis
Cipher text only: Copy of cipher text alone is known to the cryptanalyst.
Known plaintext: The cryptanalyst has a copy of the cipher text and the
corresponding plaintext.
Integrity: Ensures that only authorized parties are able to modify computer
system assets and transmitted information. Modification includes writing,
changing status, deleting, creating and delaying or replaying of transmitted
messages.
SECURITY SERVICES
Non repudiation: Requires that neither the sender nor the receiver of a
message be able to deny the transmission.
as the true name and the good name, or the great name and the little
name; and while the good or little name was made public, the true or
In fact, the security of any encryption scheme depends on the length of the key
and the computational work involved in breaking a cipher.
As one of the inventors of public-key encryption has put it, “the restriction of
public-key cryptography to key management and signature applications is
almost universally accepted.”
PUBLIC KEY SYSTEM
Finally, there is a feeling that key distribution is trivial when using public key
encryption, compared to the rather cumbersome handshaking involved with
key distribution centers for symmetric encryption.
In fact, some form of protocol is needed, generally involving a central agent,
and the procedures involved are not simpler nor any more efficient than
those required for symmetric encryption
In addition, some algorithms, such as RSA, also exhibit the following
characteristic.
Either of the two related keys can be used for encryption, with the other used
for decryption.
PUBLIC KEY ECOSYSTEMS
A public-key encryption scheme has six ingredients
Each user places one of the two keys in a public register or other accessible file. This is
the public key. The companion key is kept private. As Figure 2.1a suggests, each user
maintains a collection of public keys obtained from others.
If Bob wishes to send a confidential message to Alice, Bob encrypts the message using
Alice’s public key.
When Alice receives the message, she decrypts it using her private key. No other
recipient can decrypt the message because only Alice knows Alice’s private key.
PUBLIC KEY ECOSYSTEMS
Summarizes some of the important aspects of symmetric and public key encryption.
Table 1: Conventional and Public-Key Encryption
Conventional Encryption Public-Key Encryption
Needed to Work: Needed to Work:
1. The same algorithm with the same key is used for 1. One algorithm is used for encryption and a related
encryption and decryption. algorithm for decryption with a pair of keys, one for
encryption and one for decryption.
2. The sender and receiver must share the algorithm 2. The sender and receiver must each have one of the
and the key. matched pair of keys (not the same one).
Needed for Security: Needed for Security:
1. The key must be kept secret. 1. One of the two keys must be kept secret.
2. It must be impossible or at least impractical to 2. It must be impossible or at least impractical to
decipher a message if the key is kept secret. decipher a message if one of the keys is kept secret.
3. Knowledge of the algorithm plus samples of 3. Knowledge of the algorithm plus one of the keys
ciphertext must be insufficient to determine the key. plus samples of ciphertext must be insufficient to
determine the other key.
PUBLIC KEY ECOSYSTEMS
In broad terms, we can classify the use of public-key cryptosystems into three
categories
Digital signature: The sender “signs” a message with its private key. Signing is
achieved by a cryptographic algorithm applied to the message or to a small block of
data that is a function of the message.
Key exchange: Two sides cooperate to exchange a session key. Several different
approaches are possible, involving the private key(s) of one or both parties.
PUBLIC KEY ECOSYSTEMS
Summarizes some of the important aspects of symmetric and public key encryption.
Table 1: Conventional and Public-Key Encryption
Conventional Encryption Public-Key Encryption
Needed to Work: Needed to Work:
1. The same algorithm with the same key is used for 1. One algorithm is used for encryption and a related
encryption and decryption. algorithm for decryption with a pair of keys, one for
encryption and one for decryption.
2. The sender and receiver must share the algorithm 2. The sender and receiver must each have one of the
and the key. matched pair of keys (not the same one).
Needed for Security: Needed for Security:
1. The key must be kept secret. 1. One of the two keys must be kept secret.
2. It must be impossible or at least impractical to 2. It must be impossible or at least impractical to
decipher a message if the key is kept secret. decipher a message if one of the keys is kept secret.
3. Knowledge of the algorithm plus samples of 3. Knowledge of the algorithm plus one of the keys
ciphertext must be insufficient to determine the key. plus samples of ciphertext must be insufficient to
determine the other key.
Relevant Resources
Textbooks: The textbook recommended for this course is stated as
follows:
Title: Cryptography and Network Security (Principles and
Practice)
Author: William Stallings
Publisher: Pearson Education Inc
ISBN-13: 978-0-13-335469-0
Year: 2014
Edition: Sixth