Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
Digital Forensics - Lecture 13 - Recap of Cryptography
Transcript of Digital Forensics - Lecture 13 - Recap of Cryptography
Symmetric Key Algorithm
The primary advantage of public-key cryptography is increased security and convenience: private keys never need to be transmitted or revealed to anyone.In a secret-key system, by contrast, the secret keys must be transmitted (either manually or through a communication channel) since the same key is used for encryption and decryption.
Another major advantage of public-key systems is that they can provide digital signatures that cannot be repudiated. Authentication via secret-key systems requires the sharing of some secret and sometimes requires trust of a third party as well.
Advantages and Disadvantages of RSA
A one-way hash is a function that takes a variable-length string and a message and produces a fixed-length value called a hash value. For example, if Kevin wants to send a message to Maureen and he wants to ensure the message does not get altered in an unauthorized fashion while it is being transmitted, he would calculate a hash value for
the message and append it to the message itself. When Maureen receives the message, she performs the same hashing function Kevin used and then compare her result with the hash value sent with the message. If the two values are the same, Maureen can be sure the message was not altered during transmission. If the two values are different, Maureen knows the message was altered, either intentionally or unintentionally, and she discards the message.
Encryption is a way to enhance the security of a message or file by scrambling the contents so that it can be read only by someone who has the right encryption key to unscramble it. For example, if you purchase something from a website, the information for the transaction (such as your address, phone number, and credit card number) is usually encrypted to help keep it safe. Use encryption when you want a strong level of protection for your information.
What is Encryption?
Stream Cipher & Block Cipher
Simple and fast
Need less resource
Pros & Cons of symmetric key algorithm
But the problems are:
Key exchange on secure channel
Too many keys...
DES is the Data Encryption Standard, a United States government standard encryption algorithm for encrypting and decrypting unclassified data. DES is a block cipher that takes a plaintext string as input and creates a ciphertext string of the same length. It uses a symmetric key, which means that the same key is used to convert ciphertext back into plaintext. The DES block size is 64 bits. The key size is also 64 bits, although 8 bits of the key are used for parity (error detection), which makes the effective DES key size 56 bits. A 56-bit key length is now considered weak due to advances in computer processing power.
What would be the advantages and disadvantages of Triple DES encryption?
But still the 3DES is better then DES
Slower then DES
The specification called for a symmetric algorithm (same key for encryption and decryption) using block encryption of 128 bits in size, supporting key sizes of 128, 192 and 256 bits, as a minimum. The algorithm was required to be royalty-free for use worldwide and offer security of a sufficient level to protect data for the next 20 to 30 years. It was to be easy to implement in hardware and software, as well as in restricted environments (for example, in a smart card) and offer good defenses against various attack techniques.
Public Key Cryptography
Public Key Infrastructure
Public key cryptography is the use of an asymmetric algorithm. Thus, the terms asymmetric algorithm and public key cryptography are interchangeable and mean the same thing.
Public key infrastructure (PKI) is a different animal. It is not an algorithm, a protocol, or an application—it is an infrastructure based on public key cryptography.
Pros and Cons of Digital Signature
Imposter prevention:By using digital signatures you are actually eliminating the possibility of committing fraud by an imposter signing the document. Since the digital signature cannot be altered, this makes forging the signature impossible.
2.) Message integrity: By having a digital signature you are in fact showing and simply proving the document to be valid. You are assuring the recipient that the document is free from forgery or false information.
3.) Legal requirements: Using a digital signature satisfies some type of legal requirement for the document in question. A digital signature takes care of any formal legal aspect of executing the document.
3DES & AES
By end of this session we will be able to describe :
Private Key Encryption (Symmetric Encryption)
Public Key Encryption (Asymmetric Encryption)
DES, 3DES, Hashing
But some problems!!
4.) The Disadvantages of using digital signatures involve expensive investment.
Origin and authenticity of message cannot be guaranteed
What is Key?
Deffie-Hellman Key management
An encryption key is typically a random string of bits generated specifically to scramble and unscramble data. Encryption keys are created using algorithms designed to ensure that each key is unique and unpredictable. The longer the key constructed this way, the harder it is to break the encryption code
A block cipher is a type of symmetric-key encryption algorithm that transforms a fixed-length block of plaintext (unencrypted text) data into a block of ciphertext (encrypted text) data of the same length. This transformation takes place under the action of a user-provided secret key. Decryption is performed by applying the reverse transformation to the ciphertext block using the same secret key. The fixed length is called the block size, and for many block ciphers, the block size is 64 bits. In the coming years the block size will increase to 128 bits as processors become more sophisticated.
A stream cipher is a type of symmetric encryption algorithm. Stream ciphers can be designed to be exceptionally fast, much faster than any block cipher. While block ciphers operate on large blocks of data, stream ciphers typically operate on smaller units of plaintext, usually bits. The encryption of any particular plaintext with a block cipher will result in the same ciphertext when the same key is used. With a stream cipher, the transformation of these smaller plaintext units will vary, depending on when they are encountered during the encryption process.
A secret key, which can be a number, a word, or just a string of random letters, is applied to the text of a message to change the content in a particular way. This might be as simple as shifting each letter by a number of places in the alphabet. As long as both sender and recipient know the secret key, they can encrypt and decrypt all messages that use this key.
The problem with secret keys is exchanging them over the Internet or a large network while preventing them from falling into the wrong hands. Anyone who knows the secret key can decrypt the message. One answer is asymmetric encryption, in which there are two related keys--a key pair. A public key is made freely available to anyone who might want to send you a message. A second, private key is kept secret, so that only you know it.
Any message (text, binary files, or documents) that are encrypted by using the public key can only be decrypted by applying the same algorithm, but by using the matching private key. Any message that is encrypted by using the private key can only be decrypted by using the matching public key.
This means that you do not have to worry about passing public keys over the Internet (the keys are supposed to be public). A problem with asymmetric encryption, however, is that it is slower than symmetric encryption. It requires far more processing power to both encrypt and decrypt the content of the message.
Diffie–Hellman key exchange (D-H)is a specific method of exchanging cryptographic keys. It is one of the earliest practical examples of key exchange implemented within the field of cryptography. The Diffie–Hellman key exchange method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt subsequent communications using a symmetric key cipher.
How this algorithm works?
Solves the key distribution problem
Detection of tampering by the receiver
Provide for non-repudiation
Provides for message authentication
Slow in processing and uses up more computer resources
Public keys should/must be authenticated
Widespread security compromise is possible
Triple DES or 3DES involves repeating the DES algorithm three times on the plaintext, using two or three different keys to produce the ciphertext. 3DES can work in different modes, and the mode chosen dictates the number of keys used and what functions are carried out:
DES-EEE3 Uses three different keys for encryption, and the data are encrypted, encrypted, encrypted.
DES-EDE3 Uses three different keys for encryption, and the data are encrypted, decrypted, and encrypted.
DES-EEE2 The same as DES-EEE3 but uses only two keys, and the first and third encryption processes use the same key.
DES-EDE2 The same as DES-EDE3 but uses only two keys, and the first and third encryption processes use the same key.
EDE may seem a little odd at first. How much protection could be provided by encrypting something, decrypting it, and encrypting it again? The decrypting portion here is decrypted with a different key. When data are encrypted with one symmetric key and decrypted with a different symmetric key, it is jumbled even more. So the data are not actually decrypted in the middle function, they are just run through a decryption process with a different key. Pretty tricky.
Need more resources
Advanced Encryption Standard
Some important encryption algorithms
MARS Developed by the IBM team that created Lucifer
RC6 Developed by RSA Laboratories
Serpent Developed by Ross Anderson, Eli Biham, and Lars Knudsen
Twofish Developed by Counterpane Systems
Rijndael Developed by Joan Daemen and Vincent Rijmen
RSA Algorithm is one of the most popular algorithm used in asymmetric cryptography
The hashing one-way function takes place without the use of any keys. This means, for example, that if Cheryl writes a message, calculates a message digest, appends the digest to the message, and sends it on to Scott, Bruce can intercept this message, alter Cheryl’s message, recalculate another message digest, append it to the message, and
send it on to Scott. When Scott receives it, he verifies the message digest, but never knows the message was actually altered by Bruce. Scott thinks the message came straight from Cheryl and it was never modified, because the two message digest values are the same.
The hashing algorithm is not a secret—it is publicly known. The secrecy of the oneway hashing function is its “one-wayness.” The function is run in only one direction, not the other direction.
Different Hashing Algorithms?
Advantages and Disadvantages of Hashing...
The hashing function ensures the integrity of the message, and the signing of the hash value provides authentication and nonrepudiation. The act of signing just means the value was encrypted with a private key.
A digital signature is a hash value that has been encrypted with the sender’s private key. The act of signing means encrypting the message’s hash value with a private key.
Who am I?
Question? Please ask
NO QUESTION IS
What will we be doing in this semester
OSX, iOS, Linux
Windows OS and File Systems
Evidence collection and handling process
Risk analysis for different OSs