...practical purposes, it is impossible to crack a RSA algorithm. § PGP (Pretty Good Privacy) is probably the best implementation of RSA. It is now owned by Symantec. § Other free products (which do not tightly integrate into email, for example) are available § Understand that PKI is NOT the same thing as public key encryption Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Page 5 Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Page 6 Public Key Infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates. In cryptography, a PKI is an arrangement that binds public keys with respective user identities by means of a certificate authority (CA). The user identity must be unique within each CA domain. The binding is established through the registration and issuance process, which, depending on the level of assurance the binding has, may be carried out by software at a CA, or under human supervision. The VA (Verification Authority) checks authentication. The PKI role that assures this binding is called the Registration Authority (RA). For each user, the user identity, the public key, their binding,...
Words: 1799 - Pages: 8
...Brice Matthews Dr. Linda Harned Communication 1201-240 28 Aug 2015 Learning the Freemason's Cipher Don't be threatened by the name, this is actually one of the most simple ways of writing a secret message, or cipher, that there is. Before we get into the specifics of the certain cipher I am going to be teaching you today, the first thing you need to know is the difference between the terms code and cryptography. Code is the broader term, which most of us are familiar with, simply meaning “a system of rules to convert information”. One of the earliest examples of code being the invention of language itself, because it allowed a form of communication to convert information. Today though, we are mostly going to be focused on cryptography. All cryptography is code but not all code is cryptography; codes can be a code of law, a code of conduct, or a dress code. It is simply a way of giving information in a way that is comprehensible. Cryptography is the use of ciphers and code to protect a message or secret. A cipher is a secret/disguised way of writing code. In order to effectively decode (a term we are all familiar with) a cipher, you need to possess the knowledge of the way it was originally ciphered. Ciphers can be kept solely in your mind and then spread through word of mouth, or written on a piece of paper or even implemented into mechanical device, which is then required to break the cipher, unless you can remember that information and store it. All ciphers can technically...
Words: 1006 - Pages: 5
...Data Hiding Technique Arvind Kumar Assistant Professor Vidya College of engineering, Meerut, India Km. Pooja Vankateshwara institute of computer Science and technology, Meerut, India ABSTRACT Steganography is the art of hiding information and an effort to conceal the existence of the embedded information. It serves as a better way of securing message than cryptography which only conceals the content of the message not the existence of the message. Original message is being hidden within a carrier such that the changes so occurred in the carrier are not observable. In this paper we will discuss how digital images can be used as a carrier to hide messages. This paper also analyses the performance of some of the steganography tools. Steganography is a useful tool that allows covert transmission of information over an over the communications channel. Combining secret image with the carrier image gives the hidden image. The hidden image is difficult to detect without retrieval. This paper will take an in-depth look at this technology by introducing the reader to various concepts of Steganography, a brief history of Steganography and a look at some of the Steganographic technique. In steganography, the possible cover carriers are innocent looking carriers (images, audio, video, text, or some other digitally representative code) which will hold the hidden information. A message is the information hidden and may be plaintext, cipher text, images, or anything that can be embedded...
Words: 3246 - Pages: 13
...History of Cryptography Developments in cryptography | Period | Development | 2000 BC | In Egypt, hieroglyphics were used in inscriptions. | 500-600 BC | Hebrews used the atbash method for encryption. In this method, each letter of the alphabet mapped to a different letter to hide the true meaning of a word. | 487 BC | The Spartans used the scytale for encryption – messages were written on paper wrapped around a wooden rod. The paper was then unwrapped and sent. The recipient could read the message only by wrapping this paper on a rod of the same length and diameter. | 100-44 BC | Julius Caesar used an encryption method similar to the atbash method. He shifted each letter of the alphabet by a fixed number of places to send encrypted messages. | 1379 | Gabrieli di Lavinde developed the nomenclator. | 1466-1467 | The first polyalphabetic cipher was invented, which was much stronger than the nomenclator. | 1518 | Johannes Trithemius invented a steganographic cipher in which each letter was represented as a word taken from a succession of columns. | 1553 | Giovan Batista Belaso introduced the use of a passphrase as the key for a repeated polyalphabetic cipher. In 1563, Giovanni Battista Porta introduced the digraphic cipher and classified ciphers as transposition, substitution, and symbol substitution. | 1585 | Blaise de Vigenere developed the polyalphabetic substitution cipher. William Frederick Friedman published a book on cryptography, and is known as the...
Words: 1015 - Pages: 5
...Course Title: Cryptography Section 1-1 Topic: Introduction To Cryptography Confidentiality, Integrity, Availability and Authentication How companies use cryptography How penetration testers can also use cryptography Tools, Techniques and Attacks Academics discusses history of encryption. Academics simply encrypt or hash, why aren't people using hashing more? Professional is just, encrypt or not, hash or just verify Section 1-2 Topic: Key Concepts of Cryptography: PKIS & Encryption Learning Objectives: Cryptography is one of the most underrated courses of study in the industry. Of those who do study it, issues with comprehension tend to hinder individual mastery. By taking this course, learners will finally be able to grasp all the critical concepts, theories and practices associated with Cryptography. This Cryptography presentation discusses and demonstrates the key concepts of Cryptography from attacks, PKIs and Encryption in detail. You’ll learn about the difference between public and private keys and about the similarities and differences between symmetry & asymmetry. We’ll also discuss the concept of integrity and confidentiality and their relationships to/with protocols. This Cryptography course will help you master the basics of Cryptography as you begin to develop the discipline needed to become an accomplished pen tester. Keys and Principles 1. Keys 1a. Symmetric - also referred to as same keys, private key, symmetric key - same (confidentially) ...
Words: 3749 - Pages: 15
...since long time ago. Therefore, there are a lot of methods that have been widely used since long past. This paper reviewed one of the methods for establishing hidden communication in information security and has gained attraction in recent years that is Steganography. Steganography is the art and science of hiding a secret message in a cover media such as image, text, signals or sound in such a way that no one, except the intended recipient knows the existence of the data. In this paper, the research and development of steganography from three years back starting from 2010 until recently, 2013 in Muslim world are reviewed. The future research in the field of Steganography is briefly discussed. Keywords Cover Image, Stego Image, Cryptography, Steganography, Information Hiding, Information Security, Muslim World 1 Introduction In today’s information technology era, the internet has played a vital part in the communication and information sharing. Due to the rapid development in Information Technology and Communication and the Internet, the security of the data and the information has raised concerned. Every day, confidential data has been compromised and unauthorized access of data has crossed the limits. Great measures should be taken to protect the data and information [5, 6]. Steganography combined with encryption will be a powerful and efficient tool that provides high level of security [7]. A review on steganography research and development throughout the year...
Words: 3746 - Pages: 15
...SECURITY ISSUES AND PRINCIPLES STEGANOGRAPHY [n. stə nóggrəfi] Steganography (literally meaning covered writing) dates back to ancient Greece, where common practices consisted of etching messages in wooden tablets and covering them with wax, and tattooing a shaved messenger's head, letting his hair grow back, and then shaving it again when he arrived at his contact point. Steganography comes from the Greek steganos, or "covered," and graphie, or "writing". Synonymous to abstraction, the art and science of hiding information by embedding messages within other, seemingly harmless messages. Steganography takes cryptography a step farther by hiding an encrypted message so that no one suspects it exists. Ideally, anyone scanning your data will fail to know it contains encrypted data by replacing bits of useless or unused data in regular computer files (such as graphics, sound, text, HTML, or even floppy disks ) with bits of different, invisible information. This hidden information can be plain text, cipher text, or even images. Steganography sometimes is used when encryption is not permitted or, more commonly, is used to supplement encryption. An encrypted file may still hide information using steganography, so even if the encrypted file is deciphered, the hidden message is not seen. In modern digital steganography, data is first encrypted by the usual means and then inserted, using a special algorithm, into redundant (that is, provided but unneeded) data that is part of a particular...
Words: 6118 - Pages: 25
...Public-key Encryption David Burianek Saint Leo University Network Theory & Design COM-309 Dr. Eduardo Bautista August 01, 2014 Public-key Encryption Intent The intent of this paper is to present the reader with an explanation of Public-key encryption without delving too deeply into the math behind encryption schemes to better facilitate understanding for the layperson. Introduction Cryptography is a fascinating world that predates computers. Beginning in ancient times through the revolutionary period and into modern times, there have been many schemes to protect sensitive data. Notable technics are George Washington's book-key ciphers, Thomas Jefferson’s ‘cylinder,’ (Menezes, Van Oorschot, & Vanstone, 1997, p. 243) and the Nazi Enigma Machine of World War II. (Piper & Murphy, 2002) There has always been a need to have secure communications and the ability to safeguard data that has been intercepted. Modern Cryptology is an art form that uses the science of mathematics in order to provide secrecy, authenticity, and security in the transport of data. “Cryptology also enables us to create trust relationships over open networks; more in general, cryptographic protocols allow mutually distrusting parties to achieving a common goal while protecting their own interests.” (Furnell, Katsikas, Lopez, & Patel, 2008, p. 105) The methods by which these transactions can occur are many; however, they can be broken down into two categories; symmetric key encryption and...
Words: 3477 - Pages: 14
...Public-key Encryption Saint Leo University Network Theory & Design COM-309 Dr. Eduardo Bautista August 01, 2014 Public-key Encryption Intent The intent of this paper is to present the reader with an explanation of Public-key encryption without delving too deeply into the math behind encryption schemes to better facilitate understanding for the layperson. Introduction Cryptography is a fascinating world that predates computers. Beginning in ancient times through the revolutionary period and into modern times, there have been many schemes to protect sensitive data. Notable technics are George Washington's book-key ciphers, Thomas Jefferson’s ‘cylinder,’ (Menezes, Van Oorschot, & Vanstone, 1997, p. 243) and the Nazi Enigma Machine of World War II. (Piper & Murphy, 2002) There has always been a need to have secure communications and the ability to safeguard data that has been intercepted. Modern Cryptology is an art form that uses the science of mathematics in order to provide secrecy, authenticity, and security in the transport of data. “Cryptology also enables us to create trust relationships over open networks; more in general, cryptographic protocols allow mutually distrusting parties to achieving a common goal while protecting their own interests.” (Furnell, Katsikas, Lopez, & Patel, 2008, p. 105) The methods by which these transactions can occur are many; however, they can be broken down into two categories; symmetric key encryption and...
Words: 3473 - Pages: 14
...email messages over the internet for different purposes. However, email is not a secure method of communication. As email packets have to be routed through many networks over the internet, there grows a large number of longstanding security shortcomings of email in communication technology and email security becomes one of the most challenging areas in Internet security system. To solve this security concern, Pretty Good Privacy (PGP) protocol is used. PGP will give cryptographic privacy by confidentiality process and message integrity and authentication by creating a digital signature. 1. Aims of the Thesis • To improve email security • To study the operations of PGP protocol • To understand the role of cryptography in computer and network security areas • To propose the effectiveness of applying the hybrid encryption system (i.e., applying the two encryption systems together) 1.2 Pretty Good Privacy (PGP) PGP stands for Pretty Good Privacy protocol, which was originally developed by Philip R.Zimmermann in 1991 [13]. PGP is an electronic mail security program that gives users privacy and authentication. As PGP is based on a distributed network of individuals, it is preferable to email, one of the most widely-used messaging application of the internet services. The two main fundamental services that PGP provide are the authentication of the...
Words: 3766 - Pages: 16
...secure commerce and payments to private communications and protecting passwords. One essential aspect for secure communications is that of cryptography, which is the focus of this chapter. But it is important to note that while cryptography is necessary for secure communications, it is not by itself sufficient. The reader is advised, then, that the topics covered in this chapter only describe the first of many steps necessary for better security in any number of situations. This paper has two major purposes. The first is to define some of the terms and concepts behind basic cryptographic methods, and to offer a way to compare the myriad cryptographic schemes in use today. The second is to provide some real examples of cryptography in use today. I would like to say at the outset that this paper is very focused on terms, concepts, and schemes in current use and is not a treatise of the whole field. No mention is made here about pre-computerized crypto schemes, the difference between a substitution and transposition cipher, cryptanalysis, or other history. Interested readers should check out some of the books in the references section below for detailed — and interesting! — background information. 2. THE PURPOSE OF CRYPTOGRAPHY Cryptography is the science of writing in secret code and is an ancient art; the first documented use of cryptography in writing dates back to circa 1900 B.C. when an Egyptian...
Words: 7926 - Pages: 32
...Computer science From Wikipedia, the free encyclopedia Jump to: navigation, search Computer science or computing science (abbreviated CS) is the study of the theoretical foundations of information and computation and of practical techniques for their implementation and application in computer systems.[1][2] Computer scientists invent algorithmic processes that create, describe, and transform information and formulate suitable abstractions to model complex systems. Computer science has many sub-fields; some, such as computational complexity theory, study the fundamental properties of computational problems, while others, such as computer graphics, emphasize the computation of specific results. Still others focus on the challenges in implementing computations. For example, programming language theory studies approaches to describe computations, while computer programming applies specific programming languages to solve specific computational problems, and human-computer interaction focuses on the challenges in making computers and computations useful, usable, and universally accessible to humans. The general public sometimes confuses computer science with careers that deal with computers (such as information technology), or think that it relates to their own experience of computers, which typically involves activities such as gaming, web-browsing, and word-processing. However, the focus of computer science is more on understanding the properties of the programs used to implement...
Words: 5655 - Pages: 23
...1. Basic access authentication In the context of an HTTP transaction, basic access authentication is a method for a web browser or other client program to provide a user name and password when making a request. Before transmission, the user name is appended with a colon and concatenated with the password. The resulting string is encoded with the Base64 algorithm. For example, given the user name 'Aladdin' and password 'open sesame', the string 'Aladdin:open sesame' is Base64 encoded, resulting in 'QWxhZGRpbjpvcGVuIHNlc2FtZQ=='. The Base64-encoded string is transmitted in the HTTP and decoded by the receiver, resulting in the colon-separated user name and password string. While encoding the user name and password with the Base64 algorithm makes them unreadable to the unaided eye, they are trivially decoded by software. Confidentiality is not the intent of the encoding step; HTTP in general does not provide such guarantees (see HTTPS). Rather, the intent of the encoding is to encode non-HTTP-compatible characters that may be in the user name or password into those that are HTTP-compatible. One advantage of the basic access authentication is all web browsers support it. But due to the fact that the username and password are passed in cleartext, it is rarely used by itself on publicly accessible Internet web sites. However, it is somewhat commonly found on publicly accessible sites if combined with SSL/TLS (HTTPS). One other advantage of basic authentication is that it avoids...
Words: 1600 - Pages: 7
...2. Cryptography: Overview An overview of the main goals behind using cryptography will be discussed in this section along with the common terms used in this field. Cryptography is usually referred to as "the study of secret", while nowadays is most attached to the definition of encryption. Encryption is the process of converting plain text "unhidden" to a cryptic text "hidden" to secure it against data thieves. This process has another part where cryptic text needs to be decrypted on the other end to be understood. Fig.1 shows the simple flow of commonly used encryption algorithms. Fig.1 Encryption-Decryption Flow As defined in RFC 2828 [RFC2828], cryptographic system is "a set of cryptographic algorithms together with the key management processes that support use of the algorithms in some application context." This definition defines the whole mechanism that provides the necessary level of security comprised of network protocols and data encryption algorithms. 2.1 Cryptography Goals This section explains the five main goals behind using Cryptography. Every security system must provide a bundle of security functions that can assure the secrecy of the system. These functions are usually referred to as the goals of the security system. These goals can be listed under the following five main categories[Earle2005]: Authentication: This means that before sending and receiving data using the system, the receiver and sender identity should be verified...
Words: 6825 - Pages: 28
...Some Problems in Symmetric and Asymmetric Cryptography A thesis submitted for the partial fulfillment of the degree of Doctor of Philosophy in Mathematics By SANTOSH KUMAR YADAV Under the supervision of Prof. Sunder Lal and Prof. S. C. Arora DEPARTMENT OF MATHEMATICS DR. B. R. AMBEDKAR UNIVERSITY, AGRA (FORMERLY AGRA UNIVERSITY) 2010 *Sanskrit verse dating back to the pre-Christian era Dedicated to my Teachers, Friends, Students and Family Members DECLARATION I do hereby declare that the present research work has been carried out by me under the supervision of Prof. Sunder Lal and Prof. S. C. Arora. This work has not been submitted elsewhere for any other degree, diploma, fellowship or any other similar title. Santosh Kumar Yadav Research Scholar CERTIFICATE This is to certify that the thesis entitled “Some Problems in Symmetric and Asymmetric Cryptography” submitted to Dr. B.R.Ambedkar University, Agra for the degree of Doctor of Philosophy by Mr. Santosh Kumar Yadav, is a bonafide record of research work done by him under our supervision. To the best of our knowledge, this thesis has not previously formed the basis for the award to any candidate of any degree, diploma, fellowship or any other similar title and the work has not been submitted to any university or institution, for the award of any other degree. S. C. ARORA SUNDER LAL (Co-supervisor) (Supervisor) Professor Professor of Mathematics, and Department of Mathematics Pro-Vice Chancellor ...
Words: 37424 - Pages: 150
