Chapter 29

Compiled By : S H Abbas Mehdi Jamia Hamdard

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Figure 29.1

Cryptography components

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Figure 29.2

Encryption and decryption

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Note: In cryptography, the encryption/decryption algorithms are public; the keys are secret.

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

29.2 Symmetric-Key Cryptography

Traditional Cipher Block Cipher Operation Modes

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Figure 29.3

Symmetric-key cryptography

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Note:
In symmetric-key cryptography, the same key is used by the sender (for encryption) and the receiver (for decryption). The key is shared. In symmetric-key cryptography, the same key is used in both directions. Symmetric-key cryptography is often used for long messages.

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Figure 29.4

Caesar cipher

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Figure 29.5

Example of monoalphabetic substitution

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Note: In monoalphabetic substitution, the relationship between a character in the plaintext to the character in the ciphertext is always one-to-one.

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Figure 29.6

VIGENERE CIPHER (POLYALPHABETIC SUBSTITUTION)

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Note: In polyalphabetic substitution, the relationship between a character in the plaintext and a character in the ciphertext is one-to-many.

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Figure 29.7

Transpositional cipher

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Figure 29.8

Block cipher

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Figure 29.9

P-box

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Figure 29.12

DES

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Figure 29.13

General scheme of DES

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Figure 29.14

Iteration block

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

ONE ROUND IN DES CIPHERS

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Figure 29.15

Triple DES

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Note: The DES cipher uses the same concept as the Caesar cipher, but the encryption/decryption algorithm is much more complex due to the sixteen 48-bit keys derived from a 56-bit key.

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Figure 29.20

Public-key cryptography

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Note: Public-key algorithms are more efficient for short messages.

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

29.3 Public-Key Cryptography

RSA( Revest, Shamir and Adelman)

1. 2. 3. 4. 5. 6. CHOOSING PUBLIC AND PRIVATE KEYS Chose two large numbers p and q Compute N=p*q Choose e (less than N) Such that e and (p-1)*(q-1) having no common factor other than 1 Choose d so that (e*d) mod (p-1)*(q-1) is equal to 1 Private Key (N, d) Public Key (N, e)

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Figure 29.21

RSA

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Figure 30.1

Message security

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Figure 30.2

Privacy using symmetric-key encryption

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Figure 30.3

Privacy using public-key encryption

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Signing the Whole Document Signing the Digest

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Figure 30.4

Signing the whole document

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Note: Digital signature does not provide privacy. If there is a need for privacy, another layer of encryption/decryption must be applied.

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Figure 30.5

Signing the digest

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Figure 30.6

Sender site

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Figure 30.7

Receiver site

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

With Symmetric Key With Public Key

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Figure 30.8

Using a symmetric key only

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Figure 30.9

Using a nonce (random)

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

USI NG A NONCE ( RANDOM)

1-Aloiace send her identity, in plain text to Bob 2-Bob challeges the Alice by sending random number Rb in plaintext 3-Alice respond to the Bob by sending back the nounce and encrypting using symmetric Key

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Symmetric-Key Distribution Public-Key Certification

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Note: A symmetric key between two parties is useful if it is used only once; it must be created for one session and destroyed when the session is over.

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Figure 30.27 Diffie-Hellman idea

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Figure 30.11

Diffie-Hellman method

Choose N and G large prime numbers with restriction (N- 1)/2 is also prime)

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Note: The symmetric (shared) key in the Diffie-Hellman protocol is K = Gxy mod N.

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Example 2
Assume G = 7 and N = 23. The steps are as follows: 1. Alice chooses x = 3 and calculates R1 = 73 mod 23 = 21. 2. Alice sends the number 21 to Bob. 3. Bob chooses y = 6 and calculates R2 = 76 mod 23 = 4. 4. Bob sends the number 4 to Alice. 5. Alice calculates the symmetric key K = 43 mod 23 = 18. 6. Bob calculates the symmetric key K = 216 mod 23 = 18. The value of K is the same for both Alice and Bob; Gxy mod N = 718 mod 23 = 18.

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Figure 30.12

Man-in-the-middle attack

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Figure 30.13

First approach using KDC

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Servers Operation Using Different Servers Version 5 Realms

McGraw-Hill The McGraw-Hill Companies, Inc., 2004

Figure 30.17

Kerberos servers

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

Figure 30.18

Kerberos example

McGraw-Hill

The McGraw-Hill Companies, Inc., 2004

This document was created with Win2PDF available at http://www.win2pdf.com. The unregistered version of Win2PDF is for evaluation or non-commercial use only.