mort anvari introduction to encryption technology to insert your company logo on this slide from the...
TRANSCRIPT
Mort AnvariMort Anvari
Introduction toIntroduction toEncryption TechnologyEncryption Technology
2
EncryptionEncryption
What is it?- The conversion of data into a form that cannot
be easily understood by unauthorized people
- The opposite is decryption, that is, changing the difficult to read form back into the original
- It’s usually software, but can be hardware
3
CryptographyCryptography
- What does it do for me?
- Symmetric Encryption
- Asymmetric Encryption
- One Way Hash
- Example: An Encrypted E-Mail
4
What does it do for me?What does it do for me?
Confidentiality: The data can only be read by the intended recipients
Non-Repudiation: The data cannot be forged. If data is “signed” by a person, the data could only have come from them. No more “I didn’t send that!”
Data Integrity: The data cannot be modified without detection
5
Symmetric EncryptionSymmetric Encryption
- Data is encrypted and decrypted
with the same key
- Fast
- Key must be kept secret
- Key must be sent Out of Band
- DES and IDEA are symmetric
6
Asymmetric EncryptionAsymmetric Encryption
- Uses 2 keys
- Data encrypted with one key can
only be decrypted with the other
- Public key is shared with all
- Public key can be sent In Band
- Private key must be kept secret
- RSA is asymmetric
7
One Way HashOne Way Hash
- A “fingerprint” of data
- Any size data = same size hash
- Tiny changes in data produce
a very different hash
8
Example: Encrypted E-MailExample: Encrypted E-Mail
Anne wants to send e-mail to Bob. The plaintext message compressed to make it smaller and the ciphertext stronger.
Plaintext CompressionSmall
Plaintext
9
Example: Encrypted E-MailExample: Encrypted E-Mail
The plaintext message is run through a hash algorithm to generate a “fingerprint”.
Small
PlaintextHash Function Fingerprint
10
Example: Encrypted E-MailExample: Encrypted E-Mail
The fingerprint is encrypted using Anne’s private key. This makes it into a digital signature. It is then appended to the plaintext.
Anne’s PrivateKey
Small
Plaintext
Signature
Fingerprint
11
Example: Encrypted E-MailExample: Encrypted E-Mail
A Random key is generated and the e-mail is symmetrically encrypted using that.
Small
Plaintext Random Key
CiphertextEncrypted
withRandom
KeySignature
12
Example: Encrypted E-MailExample: Encrypted E-Mail
The Random Key is Encrypted using Bob’s public key. The result is called a “Strong Box”. Remember that only Bob can read the contents of the Box.
Bob’s PublicKey
Random KeyRandom Key
A Box for Bob
13
Random Key
A Box for Bob
Example: Encrypted E-MailExample: Encrypted E-Mail
The Box is attached to the ciphertext and they are sent over e-mail to Bob.
CiphertextEncrypted
withRandom
Key
To Bob Internet
14
Example: Encrypted E-MailExample: Encrypted E-Mail
Bob decrypts his Strong Box to get the Random Key. Only Bob’s private key can open the Box which was encrypted with his public key.
Bob’s PrivateKey
Random KeyRandom Key
A Box for Bob
15
Example: Encrypted E-MailExample: Encrypted E-Mail
Bob decrypts the ciphertext using the random key which he got from his Strong Box.
Random Key
CiphertextEncrypted
withRandom
Key
Small
Plaintext
Signature
16
Example: Encrypted E-MailExample: Encrypted E-Mail
Bob decrypts Anne’s signature using her public key. Since only Anne could have encrypted it with her private key, Bob knows the message had to come from her.
Anne’s PublicKeySignature Fingerprint
17
Example: Encrypted E-MailExample: Encrypted E-Mail
Bob runs the unencrypted message through the hash function. If this fingerprint is the same as the one from the signature, the message was not changed in transit.
Small
PlaintextHash Function
CalculatedFingerprint
ReceivedFingerprint
or
18
Example: Encrypted E-MailExample: Encrypted E-Mail
Finally, the message is uncompressed. Bob can read the message knowing for certain that it’s from Anne, it’s what Anne wrote and only the two of them could have read it.
Plaintext CompressionSmall
Plaintext