secure communication informatics for economists ii jan přichystal jprich@pef.mendelu.cz
Post on 18-Dec-2015
214 Views
Preview:
TRANSCRIPT
Present-days problems
People work daily with private and secure information.
Most information are created and stored on computers and also shared on internet.
• Company or personal documents,
• E-mail communication,
• Internet banking,
• ...
Present-days problems
But computers are not bank vaults. Information could be stolen, modified or abused.
Everybody is responsible for safety of his/her documents.
How to be sure nobody could steal our data or read our e-mails?
Secure communication
Similar problems solve people during centuries.
Solution is in usage of secured systems, passwords and secure communication.
There are various ways how to secure our private data and information.
Secure communication
Secure communication
Steganography
(hidden message)
Cryptography
(unreadable message)
Substitution
Transposition
Code
(word subst.)
Cipher
(letter subst.)
Steganography
• Steganos — (from greek) means hidden
• Graphein — means to write
The aim is to hide message:
• Messages under hair on skin
• Messages on clay tables covered with wax
• Messages in microdots
• Messages hidden in pictures, audio, video ...
Cryptography
Cryptos — means secret
We don't hide message but sense
• We need to encrypt and decrypt.
• Cryptography uses various scientific disciplines (mathematics, linguistic ...).
Protection against unauthorized reading
• Cryptography — science of secret communication. Provides safety to sender and recipient of message.
• Cryptoanalysis — science of how to solve encrypted message without knowing the key.
Protection against unauthorized reading
• Encryption — protect message against unauthorized reading. Change original letters with new letters, thus result seems to be nonsense.• Decryption — restoration of origin message.
Message Message
AlgorithmAlgorithm
Key Key
Unreadable
secret
message
Encryption
• Encryption key — defines the sort of cipher alphabet. Example of key: Nancy
• Encryption algorithm — system of replacing each letter of plain text with letter of cipher alphabet.
Cryptography
Two ways how to encrypt:
• Transposition — uses the same letters but their position in text is different
hallo => laolh
• Substitution — changes letters to another
hallo => ibmmp
Caesar's cipher
a b c d e f g h i j k l m n o p q r s t u v w x y z
d e f g h i j k l m n o p q r s t u v w x y z a b c
Message:
Cypher:
veni, vidi, vici
yhql, ylgl, ylgl
Each letter in the message is shifted three places right (a = d).
Decryption −frequence analysis
With knowledge of letter frequency in common alphabet and frequency of letters in cipher alphabet is possible to identify original message.
Create the frequency table of both alphabets and compare them.
Vigener's cipher
For each letter is used different cipher alphabet.Cipher alphaber changes according to key word.
w h i t e w h i t e w h i t e w h i t e w h i
d i v e r t t r o o p s t o e a s t r i d g e
Key: Msg: Ciph:
z p d x v p a z h s l z b h i w z b k m z n m
Enigma
Cryptographic machine used by German army in WWII.
Sophisticated system with several components: a plug board, a light board, a keyboard, a set of rotors, and a reflector (half rotor). The original machine looked a lot like a typewriter.
When a key is pressed, an electrical current is sent through the machine. The current first passes through the plug board, then through the three rotors, through the reflector which reverses the current, back through the three rotors, back through the plug board and then the encrypted letter is lit on the display.
Two types of encryption
Symmetric encryption:— easy key creating;— quick;— problem with key distribution;
Asymmetric encryption:— difficult key creating;— slow;— known key length;
Symmetric encryption
All historic encryption methods mentioned above are symmetric. It is easy to use them.
Symmetric methods are still usable, but algorithms are more complicated.
One key is needed both for encryption and decryption.
Modern methods provides secure passwords, web authorization etc.
DES, 3DES, AES
Asymmetric encryption
• Two parts of key — public and private
• Usage 1 — for encryption use recipient public key, for decryption use recipient private key:Message can read ONLY authorized recipient
• Usage 2 — for encryption use sender private key, for decryption use sender public key:Recipient is sure about sender identity
Key distribution
• Certification authority — proves that certain private key is owned by certain person.Can prove sender identity
• Main functions of CA:— key generating;— key giving, evidence, resuming;— proving of key ownership.
Protection against unauthorized modification
Fingerprint — binary sequence generated by special algorithm; it is unique for each message.Fingerprint check — after message transfer, new fingerprint is calculated and compared to transfered
Electronic signature — sender private key encrypted fingerprint.
Sending safe and signed message
Message
Sym. key
c
c
c
Calculation
Recipient public key
Sender private key
Safe key
Safe message
Electronic
signatureFingerprint
top related