Upload File

ias chapter 2

28
Chapter two Cryptography-1 1

Upload: loay

Post on 11-Nov-2015

262 views

Category:

Documents


0 download

Report

DESCRIPTION

Internet Assurance and Security Chapter Two

TRANSCRIPT

  • Chapter twoCryptography-1

    *

  • What is Cryptography?Cryptography derived its name from a Greek word called Kryptos which means Hidden Secrets.

    Cryptography is the practice and study of hiding information. It is the Art or Science of converting a plain clear data into an unintelligible data and again retransforming that message into its original form.

    It provides Confidentiality, Integrity, Accuracy.

  • What is Encryption / DecryptionEncryption The process of converting plain text into an unintelligible format (cipher text) is called Encryption.

    Decryption The process of converting cipher text into a plain text is called Decryption.

  • Example Ceasars Cypher

    Consider the following example:If the word to encrypt is SECRET using Caesars key value of 3,Then each character change to the third character of the original character.That is,So starting withABCDEFGHIJKLMNOPQRSTUVWXYZand sliding everything up by 3, you getDEFGHIJKLMNOPQRSTUVWXYZABC

  • Example(contd.)So here, the plaintext, SECRET encrypts as VHFUHW. To allow someone else to read the cipher text(decrypt), you tell them that the key is 3.

  • AssignmentEncrypt the text SUCCESS with key value as 5.

    Ans:So starting withABCDEFGHIJKLMNOPQRSTUVWXYZand sliding everything up by 5, you getFGHIJKLMNOPQRSTUVWXYZABCDESo, SUCCESS = XZHHJXX

  • *Cipher MethodsPlaintext can be encrypted through bit stream or block cipher methodBit stream: each plaintext bit transformed into cipher bit one bit at a timeBlock cipher: message divided into blocks (e.g., sets of 8- or 16-bit blocks) and each is transformed into encrypted block of cipher bits using algorithm and key

  • *Cipher Methods (continued)Cryptosystems typically made up of algorithms, data handling techniques, and proceduresTwo major types of Cipher method:1. Substitution cipher: substitute one value for another - Monoalphabetic substitution: uses only one alphabet - Polyalphabetic substitution: more advanced; uses two or more alphabets

  • *Cipher Methods (continued)2. Transposition cipher: rearranges values within a block to create ciphertext Example: exclusive OR (XOR): function of Boolean algebra; two bits are comparedIf two bits are identical, result is binary 0If two bits not identical, result is binary 1

  • *Table 8-1 Exclusive OR OperationsPerform an XOR cipher on the following bits.

    Message 01100001 01100010 01100011Cypher Key 01111111 01111111 01111111

  • 01100001 = a 01100010 = b 01100011 = c

    Message 01100001 01100010 01100011Key 01111111 01111111 01111111 Cypher text 00011110 00011101 00011100 *

  • Transposition cipher example 2Letters of the message are rearrangedBreak patterns, e.g., columnar transpositionPlaintext: this is a testt h i si s a ttiehssiatst!e s t !Advantages: easy to implementDisadvantages: Trivially broken for known plaintext attack (brute-force)

    *

  • *Hash FunctionsMathematical algorithms that generate message summary or digest to confirm message identity and confirm no content has changedHash algorithms: publicly known functions that create hash valueUsed in password verification systems to confirm identity of user

  • *Cryptographic AlgorithmsOften grouped into two broad categories, symmetric and asymmetric; todays popular cryptosystems use hybrid combination of symmetric and asymmetric algorithmsSymmetric and asymmetric algorithms distinguished by types of keys used for encryption and decryption operations

  • *Cryptographic Algorithms (continued)Symmetric encryption: uses same secret key to encipher and decipher messageEncryption methods can be extremely efficient, requiring minimal processingBoth sender and receiver must possess encryption keyIf either copy of key is compromised, an intermediate can decrypt and read messages

  • *Figure 8-3 Symmetric Encryption Example

  • *Cryptographic Algorithms (continued)Data Encryption Standard (DES): one of most popular symmetric encryption cryptosystems64-bit block size; 56-bit keyAdopted by NIST in 1976 as federal standard for encrypting non-classified informationTriple DES (3DES): created to provide security far beyond DESAdvanced Encryption Standard (AES): developed to replace both DES and 3DES

  • *Cryptographic Algorithms (continued)Asymmetric encryption (public-key encryption)Uses two different but related keys; either key can encrypt or decrypt messageIf Key A encrypts message, only Key B can decryptHighest value when one key serves as private key and the other serves as public key

  • *Figure 8-4 Using Public Keys

  • *Data Encryption Standards DES

  • *DES Multiple EncryptionDouble DES

  • *DES Multiple EncryptionTriple DES

  • *Triple DESCan be broken in 2^56 operations if one has 2^56 chosen plaintext blocks.Could use distinct K1,K2,K3 to avoid this attack -- 2^112 bit key

  • Digital SignatureThe main application of hash function is the digital signature.A digital signature is similar to a handwritten signature and verifies the author, date, and time of signature. The signature should also be able to authenticate the content at the time of the signature. The main requirements of a digital signature are: It is unique to the sender. It should be recognizable and verifiable.

  • Digital signatureThe private-key signs (create) signatures, and the public-key verifies signatures Only the owner can create the digital signature, hence it can be used to verify who created a message.The whole message is not signed, but just a digest or hash of the message is signed.

  • *Digital CertificatesA digital certificate is an electronic "passport" that allows a person, computer or organization to exchange information securely over the Internet using the public key infrastructure (PKI). A digital certificate may also be referred to as a public key certificate.

  • Principles of Information Security, 3rd edition*Hybrid Cryptography SystemsExcept with digital certificates, pure asymmetric key encryption not widely used Asymmetric encryption more often used with symmetric key encryption, creating hybrid systemDiffie-Hellman Key Exchange method: most common hybrid system; provided foundation for subsequent developments in public-key encryption

    Principles of Information Security, 3rd edition

  • Principles of Information Security, 3rd edition*Figure 8-7 Hybrid Encryption Example

    Principles of Information Security, 3rd edition

    **Cryptography and Encryption-Based SolutionsThe notation used to describe the encryption process differs depending on the source. The first uses the letters M to represent the original message, C to represent the ending ciphertext, and E to represent the encryption process: E(M) = C. This formula represents the application of encryption to a message to create ciphertext. D represents the decryption or deciphering process, thus D[E(M)]=M. K is used to represent the key, thus E(M, K) = C, or encrypting the message with the key results in the ciphertext.Now look at a simple form of encryption based on two concepts: the block cipher and the exclusive OR operation. With the block cipher method, the message is divided into blocks, i.e., 8- or 16-bit blocks, and then each block is transformed using the algorithm and key. The exclusive OR operation (XOR) is a function of Boolean algebra whereby two bits are compared, and if the two bits are identical, the result is a binary 0. If the two bits are NOT the same, the result is a binary 1.

    *Encryption OperationsIn encryption, the most commonly used algorithms include two functions: substitution and transposition. In a substitution cipher, you substitute one value for another. This is a simple enough method by itself but very powerful if combined with other operations. This type of substitution is based on a monoalphabetic substitution, since it only uses one alphabet. More advanced substitution ciphers use two or more alphabets and are referred to as polyalphabetic substitutions. Caesar reportedly used a three-value shift to the right, giving that particular substitution cipher his namethe Caesar Cipher.Just like the substitution operation, the transposition cipher is simple to understand but can be complex to decipher if properly used. Unlike the substitution cipher, the transposition cipher (or permutation cipher) simply rearranges the values within a block to create the ciphertext. This can be done at the bit level or at the byte (character) level. Transposition ciphers move these bits or bytes to another location in the block, so that bit 1 becomes bit 4, bit 2 becomes bit 7, etc.

    *Transposition Cipher MethodThe transposition cipher (or permutation cipher) simply rearranges the values within a block to create the ciphertextThis can be done at the bit level or at the byte (character) level. Transposition ciphers move these bits or bytes to another location in the block, so that bit 1 becomes bit 4, bit 2 becomes bit, 7 etc.

    **Hash FunctionsHash algorithms are publicly known functions that create a hash value, also known as a message digest, by converting variable-length messages into a single fixed-length value.The message digest is a fingerprint of the authors message that is to be compared with the receivers locally calculated hash of the same message. Hashing functions do not require the use of keys, but a message authentication code (MAC), which is essentially a one-way hash value that is encrypted with a symmetric key. The recipients must possess the key to access the message digest and to confirm message integrity.

    *Cryptographic AlgorithmsIn general, cryptographic algorithms are often grouped into two broad categoriessymmetric and asymmetricbut in practice, todays popular cryptosystems use a hybrid combination of symmetric and asymmetric algorithms. Symmetric and asymmetric algorithms can be distinguished by the types of keys they use for encryption and decryption operations.

    *Symmetric EncryptionSymmetric encryption indicates that the same key, also known as a secret key, is used to conduct both the encryption and decryption of the message. Symmetric encryption methods can be extremely efficient, requiring minimal processing to either encrypt or decrypt the message. The problem is that both the sender and the receiver must own the encryption key. If either copy of the key is compromised, an intermediate can decrypt and read the messages. One of the challenges of symmetric key encryption is getting a copy of the key to the receiver, a process that must be conducted out-of-band to avoid interception.

    **There are a number of popular symmetric encryption cryptosystems. One of the most familiar is Data Encryption Standard (DES), developed in 1977 by IBM and based on the Data Encryption Algorithm (DEA).DEA uses a 64-bit block size and a 56-bit key. The algorithm begins by adding parity bits to the key (resulting in 64 bits) and then apples the key in 16 rounds of XOR, substitution, and transposition operations. With a 56-bit key, the algorithm has 256 possible keys to choose from (over 72 quadrillion).DES is a federally approved standard for non-classified data. DES was cracked in 1997 when Rivest-Shamir-Aldeman (RSA) put a bounty on the algorithm. RSA offered a $10,000 reward for the first person or team to crack the algorithm. Fourteen thousand users collaborated over the Internet to finally break the encryption. *Asymmetric EncryptionAnother category of encryption techniques is asymmetric encryption, also known as public-key encryption. Whereas the symmetric encryption systems are based on a single key to both encrypt and decrypt a message, asymmetric encryption uses two different keys. Either key can be used to encrypt or decrypt the message. However, if Key A is used to encrypt the message, only Key B can decrypt, and if Key B is used to encrypt a message, only Key A can decrypt it. The public key is stored in a public location, where anyone can use it. The private key, as its name suggests, is a secret known only to the owner of the key pair. The problem with asymmetric encryption is that it requires four keys to hold a single conversation between two parties. Asymmetric encryption is not as efficient as symmetric encryptions in terms of CPU computations. As a result, the hybrid system described in the section on Public Key Infrastructure is more commonly used, instead of a pure asymmetric system.

    **Digital Certificates and Certificate AuthoritiesAs alluded to earlier, a digital certificate is an electronic document, similar to a digital signature, attached to a file certifying that this file is from the organization it claims to be from and has not been modified from the originating format. A certificate authority is an agency that manages the issuance of certificates and serves as the electronic notary public to verify their worth and integrity.

    *Hybrid SystemsIn practice, asymmetric key encryption is not widely used except in the area of certificates. Instead, it is more often used in conjunction with symmetric key encryption creating a hybrid system. The current process is based on the Diffie-Hellman Key Exchange method, which is a way to exchange private keys without exposure to any third parties using public key encryption. With this method, asymmetric encryption is used as a method to exchange symmetric keys so that two organizations can conduct quick, efficient, secure communications based on symmetric encryption. Diffie-Hellman provided the foundation for subsequent developments in public key encryption.

    *


Inventories: IAS 2

Application of ias 1 & ias 2 financial reporting system

Inventory(ias 2)

III modulo Il gruppo IAS 27 IAS 28 IAS 31. Page 2 [email protected]

FIŞA DISCIPLINEI - spiruharet.ro · Editura CECCAR, Bucureşti, 2009 - Cadrul general pentru întocmirea şi prezentarea situaţiilor financiare, IAS 1, IAS 2, IAS 7, IAS 16, IAS

Agriculture: IAS 41 Wiecek and Young IFRS Primer Chapter 9

CHAPTER I - Indore Kautilya Academy UPSC MPPSC SSC IAS IPS

ias prelims general studies paper-2 2014 · 2020. 3. 28. · Title: ias prelims general studies paper-2 2014 Author: ias himalai Subject: ias prelims previous year question papers,

2 IAS 2021

CURRENT AFFAIRS MAY 20171 ©Vision IAS . 2 ©Vision IAS

IAS 2 Proiect Final

2 IAS 2022

IAS 2 Inventory

IAS 2 - Rimanenze - economia.uniparthenope.iteconomia.uniparthenope.it/isa/coronella/IAS 2 - Rimanenze.pdf · a) lavori in corso derivanti da commesse a lungo termine (IAS 11, Commesse

III modulo Il gruppo IAS 27 IAS 28 IAS 31. Page 2 Sommario Analisi dei seguenti principi contabili internazionali - IAS 27- Consolidated and separate

Wiecek and Young IFRS Primer Chapter 24 Leases: IAS 17

GATE, IES & IAS 20 Years Question Answers … · S K Mondal’s Machine Design GATE, IES & IAS 20 Years Question Answers Contents Chapter – 1: Design of Joint Chapter - 2 : Design

Paper 2 Answerkey by Akash IAS Academy, - tnpscnews · PDF filePaper 2 Answerkey by Akash IAS Academy, - tnpscnews ... ias

Ias 1 Presentation of Financial Statement Under Ifrs (Ias (2)

Ias 2 inventory valuation

Chapter 19 CONSTRUCTION CONTRACTS (IAS –11)€¦ · Page 1 of 23 Chapter 19 CONSTRUCTION CONTRACTS (IAS –11) Objective This objective of this IAS is to provide accounting treatment

KPMG Training Academy• IAS 2 Inventories • Accounting for non-current assets (IAS 16 Property, Plant and Equipment, IAS 38 IntangibleAssets, IAS 40 Investment Property , IAS 20

Ias 2 Le rimanenze

Basic Financial Instruments: IAS 32, IAS 39 and IFRS 7 Wiecek and Young IFRS Primer Chapter 17

Chapter 13 IAS 7 Statement of Cash flows

VERORDNUNG (EU) 2017/ 1986 DER KOMMISSION - ifrs … · b) ias 1, ias 2, ias 7, ias 12, ias 16, ias 21, ias 23, ias 32, ias 37, ias 38, ias 39, ias 40, ias 41, ifrs 1, ifrs 3, ifrs

Germany Section IAS/PELS/IES Chapter Meeting, Verl-Bielefeld, 11 … · 2019-05-19 · 20 Jahre „German Chapter“ Germany Section IAS/PELS/IES Chapter Meeting, Verl-Bielefeld,

IAS 2 Made Easy.pdf

Inventories: IAS 2 Wiecek and Young IFRS Primer Chapter 7

Tema Ias 2 - Stocuri

IAS 16 Varanlegir rekstrarfjármunir - Ritgerð... · 2018. 10. 15. · IAS 1 Framsetning reikningsskila IAS 31 Hlutdeild í samrekstri IAS 2 Birgðir IAS 32 Fjármálagerningar :

IAS 2- Inventories

Insights IAS | InsightsonIndia IAS | InsightsonIndia 3 – 2018 Source: Source: NCERT Indian Constitution at work Chapter-2 Constitution: Rights in the Indian Constitution 4. Which

(IAS Academy by IAS Officers) TEST-4 Q&A€¦ · OFFICERS IAS ACADEMY (IAS Academy by IAS Officers) 2 Plot No: 935,6th Avenue, Anna Nagar, Chennai-40 Ph: 044-40483555,9677120226,9677174226

Chapter 2 Taxation - · PDF fileGripping IFRS Taxation Chapter 2 58 Chapter 2 . Taxation . Reference: IAS 12 . Contents: Page 1. Definitions 60 2. Different types of taxation 60