Slide 1Cipher MethodsCipher Methods (continued)Slide 4Deciphering using the Vigenere SquareSlide 6Table 8-1 Exclusive OR OperationsSlide 8Hash FunctionsCryptographic AlgorithmsCryptographic Algorithms (continued)Figure 8-3 Symmetric Encryption ExampleSlide 13Slide 14Figure 8-4 Using Public KeysEncryption Key SizeSlide 17Cryptographic ToolsCryptography Tools (continued)Digital SignaturesDigital CertificatesFigure 8-5 Digital SignaturesSlide 23Hybrid Cryptography SystemsFigure 8-7 Hybrid Encryption ExampleSteganographyProtocols for Secure CommunicationsProtocols for Secure Communications (continued)Slide 29Slide 30Slide 31Slide 32Slide 33Slide 34Attacks on CryptosystemsMan-in-the-Middle AttackCorrelation AttacksTiming AttacksDefending Against AttacksEnd Ch. 8Principles of Information Security, 3rd edition 2Cipher MethodsPlaintext can be encrypted through bit stream or block cipher methodBit stream: each plaintext bit transformed into cipher bit one bit at a timeBlock cipher: message divided into blocks (e.g., sets of 8- or 16-bit blocks) and each is transformed into encrypted block of cipher bits using algorithm and keyPrinciples of Information Security, 3rd edition 3Cipher Methods (continued)Cryptosystems typically made up of algorithms, data handling techniques, and proceduresSubstitution cipher: substitute one value for anotherMonoalphabetic substitution: uses only one alphabetPolyalphabetic substitution: more advanced; uses two or more alphabetsVigenère cipher: advanced cipher type that uses simple polyalphabetic code; made up of 26 distinct cipher alphabetsPrinciples of Information Security, 3rd edition 4Deciphering using the Vigenere SquareUsing the VS, decipher the following message:HQ UEDYHint: Use the most basic approach presented in the text.Q: Is the VS cipher monoalphabetic or polyalphabetic?Q: VS is an example of a _______________ cipher.Transposition CipherCreate cyphertext for the message “Accountants”, using a transposition cipher based a four letter displacement.Principles of Information Security, 3rd edition 5Principles of Information Security, 3rd edition 6Cipher Methods (continued)Transposition cipher: rearranges values within a block to create ciphertextExclusive OR (XOR): function of Boolean algebra; two bits are comparedIf two bits are identical, result is binary 0If two bits not identical, result is binary 1Principles of Information Security, 3rd edition 7Table 8-1 Exclusive OR OperationsPerform an XOR cipher on the following bits.Message 01100001 01100010 01100011Cypher Key 01111111 01111111 0111111101100001 = a 01100010 = b 01100011 = cMessage 01100001 01100010 01100011Key 01111111 01111111 01111111 Cypher text 00011110 00011101 00011100 Principles of Information Security, 3rd edition 8Principles of Information Security, 3rd edition 9Hash FunctionsMathematical algorithms that generate message summary/digest to confirm message identity and confirm no content has changedHash algorithms: publicly known functions that create hash valueUse of keys not required; message authentication code (MAC), however, may be attached to a messageUsed in password verification systems to confirm identity of userPrinciples of Information Security, 3rd edition 10Cryptographic AlgorithmsOften grouped into two broad categories, symmetric and asymmetric; today’s popular cryptosystems use hybrid combination of symmetric and asymmetric algorithmsSymmetric and asymmetric algorithms distinguished by types of keys used for encryption and decryption operationsPrinciples of Information Security, 3rd edition 11Cryptographic Algorithms (continued)Symmetric encryption: uses same “secret key” to encipher and decipher messageEncryption methods can be extremely efficient, requiring minimal processingBoth sender and receiver must possess encryption keyIf either copy of key is compromised, an intermediate can decrypt and read messagesPrinciples of Information Security, 3rd edition 12Figure 8-3 Symmetric Encryption ExamplePrinciples of Information Security, 3rd edition 13Cryptographic Algorithms (continued)Data Encryption Standard (DES): one of most popular symmetric encryption cryptosystems64-bit block size; 56-bit keyAdopted by NIST in 1976 as federal standard for encrypting non-classified informationTriple DES (3DES): created to provide security far beyond DESAdvanced Encryption Standard (AES): developed to replace both DES and 3DESPrinciples of Information Security, 3rd edition 14Cryptographic Algorithms (continued)Asymmetric encryption (public-key encryption)Uses two different but related keys; either key can encrypt or decrypt messageIf Key A encrypts message, only Key B can decryptHighest value when one key serves as private key and the other serves as public keyPrinciples of Information Security, 3rd edition 15Figure 8-4 Using Public KeysPrinciples of Information Security, 3rd edition 16Encryption Key SizeWhen using ciphers, size of cryptovariable or key is very importantStrength of many encryption applications and cryptosystems measured by key sizeFor cryptosystems, security of encrypted data is not dependent on keeping encrypting algorithm secretCryptosystem security depends on keeping some or all of elements of cryptovariable(s) or key(s) secretPrinciples of Information Security, 3rd edition 17Principles of Information Security, 3rd edition 18Cryptographic ToolsPublic Key Infrastructure (PKI): integrated system of software, encryption methodologies, protocols, legal agreements, and third-party services enabling users to communicate securelyPKI systems based on public-key cryptosystems; include digital certificates and certificate authorities (CAs)Principles of Information Security, 3rd edition 19Cryptography Tools (continued)PKI protects information assets in several ways: AuthenticationIntegrityPrivacyAuthorizationNonrepudiationPrinciples of Information Security, 3rd edition 20Digital SignaturesEncrypted messages that can be mathematically proven to be authenticCreated in response to rising need to verify information transferred using electronic systemsAsymmetric encryption processes used to create digital signaturesPrinciples of Information Security, 3rd edition 21Digital CertificatesElectronic document containing key value and identifying information about entity that controls
View Full Document