Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Make your likes visible on Facebook?

Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.

No, thanks

Encryption

No description
by

Jane Lim

on 30 October 2014

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Encryption

Basic Definitions
Plaintext

Ciphertext

Encryption

Encryption Algorithm

Decryption Algorithm

Encryption Key

Decryption Key

Public Key Encryption
How it Works
Both the sender and recipient have a pair of keys (mathematical code or sequence of numbers to
encrypt/decrypt information):

A private key, which is secret and cannot be transferred

A public key, which can be made public
Two Types of Cipher Systems
Two Types of Cipher Systems
Revolution in Cryptography
Diffie-Hellman paper in 1976 on public key cryptography

Prior to this, it was assumed that encrypted messages could only be exchanged between mutually trusting parties

With the public key system, neither sender nor recipient needed to let their own keys leave their possession

This meant that the sender and recipient do
not
need to trust each other
Broad Concepts
Cryptography
Thank You!
Information to be concealed

Plaintext that has been encrypted

Operation of disguising plaintext

Set of rules used to encrypt information

Set of rules used to decrypt information

Sequence of numbers used to encrypt information

Sequence of numbers used to decrypt information


Cyber Security 7SSWM061
Symmetric
Two keys are often identical
Also known as conventional, secret key or one key system
Both encryption and decryption keys need to be kept secret


Practically impossible to deduce decryption key from encryption key
Also known as public key system
Only decryption key needs to be kept secret
Asymmetric
Symmetric
Asymmetric
Science of designing cipher systems

Process of deducing plaintext from the ciphertext without being given the appropriate key

Cryptology is the collective term for both cryptography and cryptanalysis
Cryptography


Cryptanalysis




Cryptology
With public key systems, it is possible for someone to ensure that a message is delivered safely to the intended recipient, despite the fact that it may pass through the possession of many adversaries who would like to possess it
Public Key System
Conceptual Overview
Snapshots
Simple and widely known encryption technique; named after Julius Caesar who used it in his private correspondence
Here, civilian and service personnel worked together at code-breaking top-secret military communiques between Hitler and his armed forces.
Hardware invented by a German and used by Britain's codebreakers as a way of deciphering German signals traffic during WWII; this machine used in post-war years for coding Swiss diplomatic traffic
Hypertext Transfer Protocol Secure (HTTPS); communications protocol for secure communication over a computer network
Caesar Cipher
Enigma
Bletchley Park
HTTPS
When a message is encrypted using a combination of the sender's private key and the recipient's public key, it can only be decrypted using the recipient's private key and the sender's public key

So if the recipient sends his public key to the sender, the sender can then encrypt the message using his private key, and send it - along with the sender's public key - to the recipient

The message is secure because it cannot be decrypted without the recipient's private key which was not transferred
Public key encryption achieves the same type of security as described in the briefcase example, although the message is not actually sent back and forth three times
Case Study
Project Bullrun

Multi-pronged NSA project, started in 2000, to break encryption used in network communication technologies:

‘…. BULLRUN involves multiple sources, all of which are extremely sensitive. They include CNE, interdiction, industry relationships, collaboration with other IC entities, and advanced mathematical techniques….’


What is it?
Encryption is still safe?

Trend towards more encryption?
Google and Apple to introduce default encryption on their mobile operating systems


Governments adopting aggressive methods over concerns about increased encryption?
Apple’s iCloud Storage Service Is Aim of Attack in China


Nothing is unbreakable?
NSA developing code-breaking quantum computer
So what?
Google changed from 1024 to 2048-bit encryption

Google claims “we have now encrypted our data at rest and in transit with techniques that no one believes the NSA can break during our lifetime”


Somewhat related – Google and Apple will introduce default encryption on Android L and iOS8 (mobile operating systems) respectively. E.g. For iOS8, Apple does not have users’ passwords so it cannot unlock encrypted data. Note: The encryption works on devices, not applicable to cloud computing.
Responses
‘Secret Documents Reveal N.S.A. Campaign Against Encryption’, The New York Times, 5 September 2013
http://www.nytimes.com/interactive/2013/09/05/us/documents-reveal-nsa-campaign-against-encryption.html?_r=0

‘Revealed: The NSA’s Secret Campaign to Crack, Undermine Internet Security’, ProPublica, 5 September 2013
http://www.propublica.org/article/the-nsas-secret-campaign-to-crack-undermine-internet-encryption#odni-response

‘Revealed: how US and UK spy agencies defeat internet privacy and security’, The Guardian, 6 September 2013
http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security

‘Project Bullrun – classification guide to the NSA's decryption program’, The Guardian, 5 September 2013
http://www.theguardian.com/world/interactive/2013/sep/05/nsa-project-bullrun-classification-guide

‘N.S.A. Able to Foil Basic Safeguards of Privacy on Web’, The New York Times, 5 September 2013,
http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html?pagewanted=all

‘Apple’s iCloud Storage Service Is Aim of Attack in China’, The New York Times, 24 October 2014,
http://www.nytimes.com/2014/10/22/technology/china-attack-aims-at-apple-icloud-storage-service.html
Sources
http://www.bbc.co.uk/news/technology-29276955
http://www.nytimes.com/2014/10/22/technology/china-attack-aims-at-apple-icloud-storage-service.html
http://www.bbc.co.uk/news/technology-25588605
http://www.cbc.ca/news/business/google-claims-it-installed-unbreakable-encryption-after-nsa-spying-1.2810773
http://www.bbc.co.uk/news/technology-29276955
Under the BULLRUN project, NSA:

Developed capability to decrypt widely-used encryption techniques
‘…. NSA/CSS has some capabilities against the encryption in TLS/SSL, HTTPS, SSH,VPNs, VoIP, Webmail and other network communication technologies….’

Purposefully weakened international encryption standards adopted by developers worldwide
‘…. Influence policies, standards and specification for public key technologies.’
The case of Dual_EC_DRBG random number generator standard?


Worked with American and foreign companies to build back doors into commercial products
‘The SIGINT Enabling Project actively engages the US and foreign IT industries to covertly influence and/or overtly leverage their commercial products’ designs. These design changes make the systems in question exploitable through SIGINT collection (e.g. Endpoint, Midpoint, etc.) with foreknowledge of the modification. To the consumer and other adversaries, the systems’ security remains intact.’
The case of Microsoft Outlook
What is it?
https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html
http://www.theguardian.com/world/2013/jul/11/microsoft-nsa-collaboration-user-data
Full transcript