public key encryption. introduction the problem network security encryption/decryption public key...

Public Key Encryption

IntroductionIntroduction

The Problem Network security

Encryption/Decryption

Public Key Encryption How is data transmitted? Secure Socket Language

Conclusion Questions and Comments

The ProblemThe Problem

Trough the Internet, people can:

Buy products onlineBuy services onlineDo bank transactions online


Threats to network security include: Data diddling Salami attack Piggybacking Denial of Service (DoS) Distributed Denial of Service (DDoS)


Several network security schemes have been developed and used throughout the years

Network SecurityNetwork Security

Protection alternatives include:

Use of passwordsUse of security modemsEncryption/decryption methods


The most secure protection methods are those which use

Encryption / DecryptionEncryption / Decryption

Network SecurityNetwork SecurityHistory

Used since Roman Empire

Used by governments for military purposes

Nowadays it is being performed by computers

History

Network SecurityNetwork SecurityWhat is encryption/decryption?

"Enryption is the translation of data into a secret code."

Encryption / Decryption


Transposition AlgorithmTransposition Algorithm

An exampleAn example


Key = PUBLICPUBLIC

What is encryption/decryption?

P U B L I C

5 6 1 4 3 2


Message to send:

Public key encryption is secure now


5 6 1 4 3 2

P U B L I C

K E Y E N CR Y P T I O

N I S S E C

U R E N O W

B Y P


The message will now be …

BYPSE CCOCF INIEF LETSF PKRNU UEYIR

Unauthorised users who do not have the key will not be able to convert it back to the original message


Decryption is the changing back of encrypted code (or cipher text) to plain text.

A key or password is necessary for encryption and decryption.


There are two main types of encryption / decryption security measures:

Public Key Encryption (Asymmetric)

Symmetric Key Encryption

What is encryption/decryption?

Network SecurityNetwork SecurityPublic Key (Asymmetric) EncryptionPublic Key (Asymmetric) Encryption

Uses two keys:

Public

Private A popular implementation is the

SSL (Secure Socket Layer)

Public Key Encryption

Network SecurityNetwork SecuritySymmetric Key Encryption

Uses only one key

Key must be known only by the

sender and receiver

Faster encryption/decryption

Symmetric Key

Public Key EncryptionPublic Key Encryption

First invented in early 1970s by Clifford Cocks.

Reinvented by Rivest, Shamir and Adleman in 1976 and was called RSA. It was published.

In 1984 ElGamal created his algorithm. In 1989 Koblitz created his hyperelliptic curve

cryptography algorithm

History


Sender encrypts the message

using its private key

Sender encrypts its private key

using the receiver’s public key

How is data sent How is data sent using public key using public key

encryption?encryption?

Receiver uses its private key to

decrypt the sender’s private key

Receiver uses the sender’s private

key to decrypt the message.

How is data sent?


Authentication is also done using digital signatures.

Digital signatures are sent to the receiving computer to make sure that the sender is who it says it is.

Digital signatures


Digital certificates are used.

Before communication starts the certificate authority confirms that every computer is who it says it is.

A large scale


Hashing algorithms are used to create keys.

A simple example:

Hashing algorithms

Input number

Hashing Algorithm

HashValue

32,569 Input # x 138 4,494,522


If the algorithm is not known, it is very difficult to determine the input number.

In reality more complex numbers are used, usually 40-bit or 128-bit

Hashing algorithms


Checks for data corruption

Two popular algorithms:ChecksumCyclic Redundancy check (CRC)

Validation and Verification of data


An implementation of Public key encryption

Developed by Netscape

Used extensively by Netscape and Internet explorer

Secure Socket Layer (SSL)


URL of an SSL-enabled website starts with https://

An example is the Go Mobile page for topping up your mobile credit



It has become part of the transport layer in the OSI Model

Is known as the TLS (Transport Layer Security)



Sender creates a private key

Sender sends it to the receiving computer using the receiver’s public key

What happens in an SSL?


Communication is then encrypted/decrypted using the private key

After communication between the two computers ends the key is discarded

What happens in an SSL?

ConclusionConclusion

The most common protection alternatives used are those that use the encryption/decryption methods.

Encryption is the translation of data into a code that is not understandable without the key.

Decryption is the changing back of code from cipher text to plain text.

A key or password is necessary.


There are two types:Public key encryptionPrivate / Symmetric key

Private key encryption uses only one key, which is private.

Public key encryption uses two keys: Public keyPrivate key


How is data sent using public key encryption?


Authentication is done using digital signatures Digital certificates are used in a large scale

communication Hashing algorithms are used to create keys

and passwords. Checksum and CRC are used to check for

data corruption


SSL is an implementation of public key encryption.

Private keys are created before every communication session, and deleted afterwards

Visit www.geocities.com/publickeyencryption

For notes and references for further reading

public key encryption. introduction the problem network security encryption/decryption public key...

Documents