Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
Do you really want to delete this prezi?
Neither you, nor the coeditors you shared it with will be able to recover it again.
Make your likes visible on Facebook?
Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.
Transcript of Encryption
Public Key Encryption
How it Works
Both the sender and recipient have a pair of keys (mathematical code or sequence of numbers to
A private key, which is secret and cannot be transferred
A public key, which can be made public
Two Types of Cipher Systems
Two Types of Cipher Systems
Revolution in Cryptography
Diffie-Hellman paper in 1976 on public key cryptography
Prior to this, it was assumed that encrypted messages could only be exchanged between mutually trusting parties
With the public key system, neither sender nor recipient needed to let their own keys leave their possession
This meant that the sender and recipient do
need to trust each other
Information to be concealed
Plaintext that has been encrypted
Operation of disguising plaintext
Set of rules used to encrypt information
Set of rules used to decrypt information
Sequence of numbers used to encrypt information
Sequence of numbers used to decrypt information
Cyber Security 7SSWM061
Two keys are often identical
Also known as conventional, secret key or one key system
Both encryption and decryption keys need to be kept secret
Practically impossible to deduce decryption key from encryption key
Also known as public key system
Only decryption key needs to be kept secret
Science of designing cipher systems
Process of deducing plaintext from the ciphertext without being given the appropriate key
Cryptology is the collective term for both cryptography and cryptanalysis
With public key systems, it is possible for someone to ensure that a message is delivered safely to the intended recipient, despite the fact that it may pass through the possession of many adversaries who would like to possess it
Public Key System
Simple and widely known encryption technique; named after Julius Caesar who used it in his private correspondence
Here, civilian and service personnel worked together at code-breaking top-secret military communiques between Hitler and his armed forces.
Hardware invented by a German and used by Britain's codebreakers as a way of deciphering German signals traffic during WWII; this machine used in post-war years for coding Swiss diplomatic traffic
Hypertext Transfer Protocol Secure (HTTPS); communications protocol for secure communication over a computer network
When a message is encrypted using a combination of the sender's private key and the recipient's public key, it can only be decrypted using the recipient's private key and the sender's public key
So if the recipient sends his public key to the sender, the sender can then encrypt the message using his private key, and send it - along with the sender's public key - to the recipient
The message is secure because it cannot be decrypted without the recipient's private key which was not transferred
Public key encryption achieves the same type of security as described in the briefcase example, although the message is not actually sent back and forth three times
Multi-pronged NSA project, started in 2000, to break encryption used in network communication technologies:
‘…. BULLRUN involves multiple sources, all of which are extremely sensitive. They include CNE, interdiction, industry relationships, collaboration with other IC entities, and advanced mathematical techniques….’
What is it?
Encryption is still safe?
Trend towards more encryption?
Google and Apple to introduce default encryption on their mobile operating systems
Governments adopting aggressive methods over concerns about increased encryption?
Apple’s iCloud Storage Service Is Aim of Attack in China
Nothing is unbreakable?
NSA developing code-breaking quantum computer
Google changed from 1024 to 2048-bit encryption
Google claims “we have now encrypted our data at rest and in transit with techniques that no one believes the NSA can break during our lifetime”
Somewhat related – Google and Apple will introduce default encryption on Android L and iOS8 (mobile operating systems) respectively. E.g. For iOS8, Apple does not have users’ passwords so it cannot unlock encrypted data. Note: The encryption works on devices, not applicable to cloud computing.
‘Secret Documents Reveal N.S.A. Campaign Against Encryption’, The New York Times, 5 September 2013
‘Revealed: The NSA’s Secret Campaign to Crack, Undermine Internet Security’, ProPublica, 5 September 2013
‘Revealed: how US and UK spy agencies defeat internet privacy and security’, The Guardian, 6 September 2013
‘Project Bullrun – classification guide to the NSA's decryption program’, The Guardian, 5 September 2013
‘N.S.A. Able to Foil Basic Safeguards of Privacy on Web’, The New York Times, 5 September 2013,
‘Apple’s iCloud Storage Service Is Aim of Attack in China’, The New York Times, 24 October 2014,
Under the BULLRUN project, NSA:
Developed capability to decrypt widely-used encryption techniques
‘…. NSA/CSS has some capabilities against the encryption in TLS/SSL, HTTPS, SSH,VPNs, VoIP, Webmail and other network communication technologies….’
Purposefully weakened international encryption standards adopted by developers worldwide
‘…. Influence policies, standards and specification for public key technologies.’
The case of Dual_EC_DRBG random number generator standard?
Worked with American and foreign companies to build back doors into commercial products
‘The SIGINT Enabling Project actively engages the US and foreign IT industries to covertly influence and/or overtly leverage their commercial products’ designs. These design changes make the systems in question exploitable through SIGINT collection (e.g. Endpoint, Midpoint, etc.) with foreknowledge of the modification. To the consumer and other adversaries, the systems’ security remains intact.’
The case of Microsoft Outlook
What is it?