Slide 1Cipher MethodsCipher Methods (continued)Slide 4Deciphering using the Vigenere SquareSlide 6Table 8-1 Exclusive OR OperationsSlide 8Hash FunctionsCryptographic AlgorithmsCryptographic Algorithms (continued)Figure 8-3 Symmetric Encryption ExampleSlide 13Slide 14Figure 8-4 Using Public KeysEncryption Key SizeSlide 17Cryptographic ToolsCryptography Tools (continued)Digital SignaturesDigital CertificatesFigure 8-5 Digital SignaturesSlide 23Hybrid Cryptography SystemsFigure 8-7 Hybrid Encryption ExampleSteganographyProtocols for Secure CommunicationsProtocols for Secure Communications (continued)Slide 29Slide 30Slide 31Slide 32Slide 33Slide 34Attacks on CryptosystemsMan-in-the-Middle AttackCorrelation AttacksTiming AttacksDefending Against AttacksEnd Ch. 8Principles of Information Security, 3rd edition 2Cipher MethodsPlaintext can be encrypted through bit stream or block cipher methodBit stream: each plaintext bit transformed into cipher bit one bit at a timeBlock cipher: message divided into blocks (e.g., sets of 8- or 16-bit blocks) and each is transformed into encrypted block of cipher bits using algorithm and keyPrinciples of Information Security, 3rd edition 3Cipher Methods (continued)Cryptosystems typically made up of algorithms, data handling techniques, and proceduresSubstitution cipher: substitute one value for anotherMonoalphabetic substitution: uses only one alphabetPolyalphabetic substitution: more advanced; uses two or more alphabetsVigenère cipher: advanced cipher type that uses simple polyalphabetic code; made up of 26 distinct cipher alphabetsPrinciples of Information Security, 3rd edition 4Deciphering using the Vigenere SquareUsing the VS, decipher the following message:HQ UEDYHint: Use the most basic approach presented in the text.Q: Is the VS cipher monoalphabetic or polyalphabetic?Q: VS is an example of a _______________ cipher.Transposition CipherCreate cyphertext for the message “Accountants”, using a transposition cipher based a four letter displacement.Principles of Information Security, 3rd edition 5Principles of Information Security, 3rd edition 6Cipher Methods (continued)Transposition cipher: rearranges values within a block to create ciphertextExclusive OR (XOR): function of Boolean algebra; two bits are comparedIf two bits are identical, result is binary 0If two bits not identical, result is binary 1Principles of Information Security, 3rd edition 7Table 8-1 Exclusive OR OperationsPerform an XOR cipher on the following bits.Message 01100001 01100010 01100011Cypher Key 01111111 01111111 0111111101100001 = a 01100010 = b 01100011 = cMessage 01100001 01100010 01100011Key 01111111 01111111 01111111 Cypher text 00011110 00011101 00011100 Principles of Information Security, 3rd edition 8Principles of Information Security, 3rd edition 9Hash FunctionsMathematical algorithms that generate message summary/digest to confirm message identity and confirm no content has changedHash algorithms: publicly known functions that create hash valueUse of keys not required; message authentication code (MAC), however, may be attached to a messageUsed in password verification systems to confirm identity of userPrinciples of Information Security, 3rd edition 10Cryptographic AlgorithmsOften grouped into two broad categories, symmetric and asymmetric; today’s popular cryptosystems use hybrid combination of symmetric and asymmetric algorithmsSymmetric and asymmetric algorithms distinguished by types of keys used for encryption and decryption operationsPrinciples of Information Security, 3rd edition 11Cryptographic Algorithms (continued)Symmetric encryption: uses same “secret key” to encipher and decipher messageEncryption methods can be extremely efficient, requiring minimal processingBoth sender and receiver must possess encryption keyIf either copy of key is compromised, an intermediate can decrypt and read messagesPrinciples of Information Security, 3rd edition 12Figure 8-3 Symmetric Encryption ExamplePrinciples of Information Security, 3rd edition 13Cryptographic Algorithms (continued)Data Encryption Standard (DES): one of most popular symmetric encryption cryptosystems64-bit block size; 56-bit keyAdopted by NIST in 1976 as federal standard for encrypting non-classified informationTriple DES (3DES): created to provide security far beyond DESAdvanced Encryption Standard (AES): developed to replace both DES and 3DESPrinciples of Information Security, 3rd edition 14Cryptographic Algorithms (continued)Asymmetric encryption (public-key encryption)Uses two different but related keys; either key can encrypt or decrypt messageIf Key A encrypts message, only Key B can decryptHighest value when one key serves as private key and the other serves as public keyPrinciples of Information Security, 3rd edition 15Figure 8-4 Using Public KeysPrinciples of Information Security, 3rd edition 16Encryption Key SizeWhen using ciphers, size of cryptovariable or key is very importantStrength of many encryption applications and cryptosystems measured by key sizeFor cryptosystems, security of encrypted data is not dependent on keeping encrypting algorithm secretCryptosystem security depends on keeping some or all of elements of cryptovariable(s) or key(s) secretPrinciples of Information Security, 3rd edition 17Principles of Information Security, 3rd edition 18Cryptographic ToolsPublic Key Infrastructure (PKI): integrated system of software, encryption methodologies, protocols, legal agreements, and third-party services enabling users to communicate securelyPKI systems based on public-key cryptosystems; include digital certificates and certificate authorities (CAs)Principles of Information Security, 3rd edition 19Cryptography Tools (continued)PKI protects information assets in several ways: AuthenticationIntegrityPrivacyAuthorizationNonrepudiationPrinciples of Information Security, 3rd edition 20Digital SignaturesEncrypted messages that can be mathematically proven to be authenticCreated in response to rising need to verify information transferred using electronic systemsAsymmetric encryption processes used to create digital signaturesPrinciples of Information Security, 3rd edition 21Digital CertificatesElectronic document containing key value and identifying information about entity that controls