...Symmetric Cryptography Secret writings have been found in many civilizations dating back to thousands of years where wide spread writings were adopted. Some of these civilizations included the Egyptians with their use of hieroglyphics, the Greeks and Spartan and the use of Scytale, and the Romans with the use of the Caesar Cipher. All these encryption methods could be thought of as symmetric encryption, which uses the same key to encrypt and decrypt the ciphertext. With a more contemporary look at symmetric key encryption with computer data, we can classify it into two categories called block ciphers and stream ciphers. The data in a block cipher would be broken down into specific sizes, for example 64-bit blocks or 128-bit blocks, which then the blocks would be encrypted separately. In stream ciphers, data would be encrypted in a stream of bits as oppose to dividing the data into blocks of bits. The decryption process for these two classification of symmetric encryption, of course, would be to use the same encryption key. Differences and Similarities with Symmetric and Asymmetric The fundamental difference between symmetric and asymmetric cryptography would be that asymmetric uses two keys, a public and private key, for encryption and decryption. If a private key is used to encrypt, then a related public key would be used to decrypt. This could also work the other way around when a public key is used to encrypt, then a related private key would be used to decrypt. Unlike...
Words: 558 - Pages: 3
...THE PURPOSE OF CRYPTOGRAPHY Cryptography is the science of writing in secret code and is an ancient art; the first documented use of cryptography in writing dates back to circa 1900 B.C. when an Egyptian scribe used non-standard hieroglyphs in an inscription. Some experts argue that cryptography appeared spontaneously sometime after writing was invented, with applications ranging from diplomatic missives to war-time battle plans. It is no surprise, then, that new forms of cryptography came soon after the widespread development of computer communications. In data and telecommunications, cryptography is necessary when communicating over any untrusted medium, which includes just about any network, particularly the Internet. Within the context of any application-to-application communication, there are some specific security requirements, including: • Authentication: The process of proving one's identity. (The primary forms of host-to-host authentication on the Internet today are name-based or address-based, both of which are notoriously weak.) • Privacy/confidentiality: Ensuring that no one can read the message except the intended receiver. • Integrity: Assuring the receiver that the received message has not been altered in any way from the original. • Non-repudiation: A mechanism to prove that the sender really sent this message. Cryptography, then, not only protects data from theft or alteration, but can also be used for user authentication. There are, in general, three types...
Words: 442 - Pages: 2
...In the 20th- century cryptography was adopted by international government to protect private and sensitive information and for communication purposes. Cryptography is known as the science of secret writing that enables storage and transfer of information that is hidden from everyone, but only can read by those who are authorized. The concept of cryptography is to protect confidential information and to assure the identity of people who send electronic messages and conduct electronic transactions are who they say they are. There are also various types of cryptography for example symmetric keys or shared- secret cryptography, is when you use the same key to both encrypt and decrypt a message. The most common form of symmetric key cryptography is the data Encryption standard. The second type of cryptography is asymmetric key cryptography, two keys are needed. A message encrypted using one key can only be decrypted using the other and vice versa. One key is called public key and the other is called the private key. Cryptosystem disguises messages, allowing only selected people to see though the disguise. The mechanisms that make up a strong cryptosystem is the size and means used to protect cryptographic keys. The longer the key the harder it is to break the encryption. A cryptosystem is considered strong only until it’s cracked. Strong cryptosystems produce cipher text that always appears random to standard statistical test. They also resist all known attacks on cryptosystem. The...
Words: 349 - Pages: 2
...History of Cryptography Developments in cryptography | Period | Development | 2000 BC | In Egypt, hieroglyphics were used in inscriptions. | 500-600 BC | Hebrews used the atbash method for encryption. In this method, each letter of the alphabet mapped to a different letter to hide the true meaning of a word. | 487 BC | The Spartans used the scytale for encryption – messages were written on paper wrapped around a wooden rod. The paper was then unwrapped and sent. The recipient could read the message only by wrapping this paper on a rod of the same length and diameter. | 100-44 BC | Julius Caesar used an encryption method similar to the atbash method. He shifted each letter of the alphabet by a fixed number of places to send encrypted messages. | 1379 | Gabrieli di Lavinde developed the nomenclator. | 1466-1467 | The first polyalphabetic cipher was invented, which was much stronger than the nomenclator. | 1518 | Johannes Trithemius invented a steganographic cipher in which each letter was represented as a word taken from a succession of columns. | 1553 | Giovan Batista Belaso introduced the use of a passphrase as the key for a repeated polyalphabetic cipher. In 1563, Giovanni Battista Porta introduced the digraphic cipher and classified ciphers as transposition, substitution, and symbol substitution. | 1585 | Blaise de Vigenere developed the polyalphabetic substitution cipher. William Frederick Friedman published a book on cryptography, and is known as the...
Words: 1015 - Pages: 5
...Define one type of cryptography and describe the security features. Asymmetric Cryptography: Digital Signatures Most of the time when we mention cryptography, or put asymmetric in front of it we are met with just plain blank stares. In the following paragraphs I will attempt to explain what it is, and give examples on its use. First an explanation of Public Key Infrastructure, or PKI. A cryptographic system uses two keys, a public key known to everyone and a private key, the private key has full control to the key owner, and has to keep in secured environment. A unique feature to the public key system is that the public and private keys are related in such a way that only the public key can be used to encrypt messages and only the corresponding private key can be used to decrypt them. Moreover, it is virtually impossible to distinguish the private key if you know the public key. When employee A wants to send a secure message to employee B, you use the employee B’s public key to encrypt the message. Employee B, then uses their private key to decrypt it. Public Key cryptography, is also called asymmetric encryption because it uses two keys instead of one key (symmetric encryption). Next, for my example of a process that utilizes asymmetric cryptography, is Digital Signatures. I will be using employee’s A and B as my subjects to explain the digital signature process. First, from employee A’s point of view the signing process is simple. This is because few steps are enacted...
Words: 589 - Pages: 3
...Cryptograpy Exam 1. What are some threats associated with a direct digital signature scheme? a. The scheme validation is dependent on the security of the sender’s private key, which the sender can later claim lost or stolen and that the signature was forged when trying to deny sending a particular message. b. If a private key is stolen from Bob at time t, the thief can send a message signed with Bob’s signature with a time stamp equal to or less than t. c. The need for trust between 2 participants is a potential threat since there is no independent verification process. 2. How can you get physical possession of the password hashes from a MS Server 2008 running Active Directory? a. To obtain hashes from a MS Server 2008, the system has to be compromised; domain hashes are stored in Active Directory on domain controllers while local account hashes are stored in the local SAM database. For member servers and workstations, a domain account’s password hashes can only be stored on systems where the user has performed an interactive logon. When an interactive logon occurs, the domain account's password hash will be stored on disk in the form of a cached-credentials hash. b. I also need to have administrative rights on the compromised system, the tools required to retrieve domain password hashes, all require admin rights on a running systems. Some tools need to be able to elevate local SYSTEM privileges in order to access protected Registry files, while others work by injecting...
Words: 338 - Pages: 2
...secure commerce and payments to private communications and protecting passwords. One essential aspect for secure communications is that of cryptography, which is the focus of this chapter. But it is important to note that while cryptography is necessary for secure communications, it is not by itself sufficient. The reader is advised, then, that the topics covered in this chapter only describe the first of many steps necessary for better security in any number of situations. This paper has two major purposes. The first is to define some of the terms and concepts behind basic cryptographic methods, and to offer a way to compare the myriad cryptographic schemes in use today. The second is to provide some real examples of cryptography in use today. I would like to say at the outset that this paper is very focused on terms, concepts, and schemes in current use and is not a treatise of the whole field. No mention is made here about pre-computerized crypto schemes, the difference between a substitution and transposition cipher, cryptanalysis, or other history. Interested readers should check out some of the books in the references section below for detailed — and interesting! — background information. 2. THE PURPOSE OF CRYPTOGRAPHY Cryptography is the science of writing in secret code and is an ancient art; the first documented use of cryptography in writing dates back to circa 1900 B.C. when an Egyptian...
Words: 7926 - Pages: 32
...History of Cryptography AN EASY TO UNDERSTAND HISTORY OF CRYPTOGRAPHY Contents 1. Introduction 2. Classical Encryptions (Ancient Times) 3. Classical Encryptions (Middle Ages) The Cipher of Mary Queen of Scots Vigenère Ciphers Uesugi Cipher 3 4 6 6 6 7 4. Modern Ciphers: Ciphers during World War I and the Emergence of Encryption Machines German Communication Cables Disconnected by the United Kingdom Zimmermann Telegram ADFGVX Cipher The Birth of Enigma 8 8 8 8 9 5. Modern Ciphers: Encryptions in the Computer and Internet Era DES Cipher Public-Key Cryptosystem RSA Cipher Decrypting the DES Cipher Responsive Action of Cipher Enhancements for SSL 10 10 10 11 12 12 6. The Future of Encryption 7. Conclusion: Enhancing the Effectiveness of Encryptions used for SSL References 13 14 14 2 © 2013 Thawte, Inc. All rights reserved. Thawte, the thawte logo, and other trademarks, service marks, and designs are registered or unregistered trademarks of Thawte, Inc. and its subsidiaries and affi liates in the United States and in foreign countries. All other trademarks are property of their respective owners. 1. Introduction E ncryption and related technologies are widely and frequently used as a means of ensuring that information is secure, and their importance has been growing with the increasingly widespread utilization of the Internet. The use of encryption can be traced to as far back as about 3000 B.C., during the Babylonian Era. Encryption technologies...
Words: 6411 - Pages: 26
...CHAPTER 1 INTRODUCTION 1.1 CRYPTOGRAPHY In-order to get security aspects ranging from commerce and payments to the private and public communications there are number of methods proposed till now. Among them cryptography is an important aspect for securing communications in transmitting, receiving and for storage electronic data. But it is necessary to know the method of securing data transmission by Cryptographic technique. 1.2 THE PURPOSE OF CRYPTOGRAPHY Cryptography is among one of the ancient arts of writing languages in secret code. In 1900 B.C an Egyptian scribe was the first document used inscription for cryptography. Some of the experts argued that cryptography writing has appeared simultaneously after the writing has been invented,...
Words: 10253 - Pages: 42
...local computer. For the part of the assignment in which you answer questions, they should be answered in THIS document.For the Manual / CrypTool 1 component: all answers are to be entered in THIS document. | Value of each question | See each question or component | BONUS | See below | In this assignment, you will: * Encrypt (not decrypt) a message “by hand,” using techniques used from the Whitman/Mattord Principles of Information Security online pdf file and online lecture. * After doing that, you will download the Cryptool 1 software used to perform cryptography. You will then perform the same cryptographic techniques using Cryptool 1. * Before or after performing the above two parts of the assignment, you will do the Virtual Cloud Lab exercise on Cryptography. * When totally complete, you will be requested to take a survey regarding the effectiveness of performing cryptography by hand versus by software. If you take this survey, regardless of your responses, you will be...
Words: 1748 - Pages: 7
...practical purposes, it is impossible to crack a RSA algorithm. § PGP (Pretty Good Privacy) is probably the best implementation of RSA. It is now owned by Symantec. § Other free products (which do not tightly integrate into email, for example) are available § Understand that PKI is NOT the same thing as public key encryption Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Page 5 Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Page 6 Public Key Infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates. In cryptography, a PKI is an arrangement that binds public keys with respective user identities by means of a certificate authority (CA). The user identity must be unique within each CA domain. The binding is established through the registration and issuance process, which, depending on the level of assurance the binding has, may be carried out by software at a CA, or under human supervision. The VA (Verification Authority) checks authentication. The PKI role that assures this binding is called the Registration Authority (RA). For each user, the user identity, the public key, their binding,...
Words: 1799 - Pages: 8
...Course Title: Cryptography Section 1-1 Topic: Introduction To Cryptography Confidentiality, Integrity, Availability and Authentication How companies use cryptography How penetration testers can also use cryptography Tools, Techniques and Attacks Academics discusses history of encryption. Academics simply encrypt or hash, why aren't people using hashing more? Professional is just, encrypt or not, hash or just verify Section 1-2 Topic: Key Concepts of Cryptography: PKIS & Encryption Learning Objectives: Cryptography is one of the most underrated courses of study in the industry. Of those who do study it, issues with comprehension tend to hinder individual mastery. By taking this course, learners will finally be able to grasp all the critical concepts, theories and practices associated with Cryptography. This Cryptography presentation discusses and demonstrates the key concepts of Cryptography from attacks, PKIs and Encryption in detail. You’ll learn about the difference between public and private keys and about the similarities and differences between symmetry & asymmetry. We’ll also discuss the concept of integrity and confidentiality and their relationships to/with protocols. This Cryptography course will help you master the basics of Cryptography as you begin to develop the discipline needed to become an accomplished pen tester. Keys and Principles 1. Keys 1a. Symmetric - also referred to as same keys, private key, symmetric key - same (confidentially) ...
Words: 3749 - Pages: 15
...Homework 1 Due September 25, 2014. The answers can be handed in person or submitted electronically on Blackboard. All problems carry 4 points. 1. The probabilities (or frequencies) of the 26 letters of the English alphabet in English text are as follows. Letter A B C D E F G H I Prob. .082 .015 .028 .043 .127 .022 .020 .061 .070 Letter J K L M N O P Q R Prob. .002 .008 .040 .024 .067 .075 .019 .001 .060 Letter S T U V W X Y Z Prob. .063 .091 .028 .010 .023 .001 .020 .001 Using this information, decrypt the following ciphertext which was encrypted using a Shift Cipher: RUNJAWNMQXFCXLJULDUJCNCQNJVXDWCXOYJYNAWNNMNMO XAJAXXVFQNWRFJBJCBLQXXUHXDVDUCRYUHCQNBZDJANOXXC JPNXOCQNFJUUBKHCQNLDKRLLXWCNWCBXOCQNOUXXAJWMLN RURWPLXVKRWNMJWMMXDKUNRCHXDCQNWJUUXFQJUOCQNCX CJUOXAXYNWRWPBBDLQJBFRWMXFBJWMMXXABCQNWHXDJU UXFCQNXCQNAQJUOOXAVJCLQRWPCQNYJCCNAWCQNWHXDMXDKU NCQNFQXUNCQRWPJPJRWCXPRENJVJAPRWXONAAXAJWMCQNWH XDXAMNACQNYJYNA 2. In a one-time pad, if a message m of length is is encrypted with a key k = 0 (i.e., k consists of all 0s) then enck (m) = m. That is why, it is sometimes suggested to prohibit this key. In other words, the keyspace is restricted to strings which are all not zeros. Is the resulting cryptosystem perfectly secure? 3. For every string s, let s be the string formed by taking the bitwise complement of the string s. For example 101 = 010 and 0010 = 1101. Suppose that G is a psuedorandom number generator (PRG) with expansion factor . Which amongst the following functions are psuedorandom...
Words: 448 - Pages: 2
...[2] C. Blundo, A. De Santis, and D.R. Stinson. On the contrast in visual cryptography schemes. J. Cryptogr., 12:261-289, 1999. [3] J. B. Feng, H. C. Wu, C. S. Tsai, Y. F. Chang, and Y. P. Chu. Visual secret sharing for multiple secrets. Pattern Recognition, 41:3572-3581, 2008. [4] A. Ross and A. A. Othman, “Visual Cryptography for Biometric privacy”, IEEE Transaction on Information Forensics and Security, vol. 6, no. 1, Mar.2011. [5] M. Naor and B A. Shamir. Visual cryptography. in: A. De San tis (Ed.), Advances in Cryptology: Eurpocrypt'94, Lecture Notes in Computer Science, 950: 1-12, 1995. [6] C.C. Wu and L.H. Chen. A study on visual cryptography, Master Thesis. PhD thesis, Institute of Computer and Information Science, National Chiao Tung University, Taiwan, R.O.C., 1998. [7] M. Naor and A. Shamir “Visual cryptography:Improving the contrast via the cover base” IACR Eprint archive, 1996. [8] C. Blundo and A. De Santis and D.R. Stinson, “On the contrast in visual cryptography schemes”, Jurnal pf cryptography, vol. 12, pp. 261-289, 1996. [9] G. Ateniese and C. Blundo and A. De Santis and D.R. Stinson,“Extended Schemes for Visual Cryptography”, Theoretical Computer Science, 1996. [10] Z. Zhouand and G. R. Arce and G. Di Crescenzo, “Halftone visual cryptography” IEEE Trans. Image Process, vol. 15, no. 8, pp. 2441-2453, Aug. 2006. [11] C. Blundo and A. De Santis and M. Naor, “Visual cryptography for grey level image”, Information Processing Letters, vol. 75, pp. 255-259...
Words: 715 - Pages: 3
...CRYPTOGRAPHY & ONLINE BANKCARD TRANSACTIONS Keller Graduate School of Management SE577ON_A – Cryptography and Security Mechanisms NOV10 Alicia Franklin Cryptography for an Extranet Table of Contents I. Online Banking Overview ………………………………………………3 II. Security Threats to Businesses…………………………………………..3 III. Cross Site Attacks ………...…………………………………………….4 IV. Mitigating Cross Site Attacks ………………………………………….5 V. Phishing ………………………………………………………………….6 VI. Cryptography .…………………………………………………………..6 VII. Secret Key Cryptography .………………………………………………7 VIII. Public Key Cryptography.………………………………………………7 IX. Hash Functions ……..…………………………………………………...7 X. Biometrics …………………………...…………………………………...8 XI. Summary ………………………………………………………………8 XII. References ……………………………………………………………….9 I. Online Banking Overview The number of malicious applications targeting online banking transactions has increased dramatically in recent years. This represents a challenge not only to the customers who use such facilities, but also to the institutions who offer them, as evidenced by an ongoing trail in the US. These malicious applications employ two kinds of attack vector – local attacks which occur on the local computer, and remote attacks, which redirect the victim to a remote site. The possibility also exists that both approaches will be combined. Some attacks may be foiled by adopting security measures such as transaction numbers (TAN). However, it is likely that the risks...
Words: 1753 - Pages: 8