An Overview of Cryptography Ying Wang-Suorsa Helsinki University of Technology

advertisement
An Overview of Cryptography
Ying Wang-Suorsa
Helsinki University of Technology
Objectives
"
"
"
"
To provide you with an introduction to cryptology
Some terms and concepts behind basic
cryptographic methods
Some basic cryptographic algorithms
Trust models
Cryptography : the art of providing secure
communication over insecure channels.
/ Encode text and provide a method for decoding
/ Not hide message!
Confidentiality : Ensuring that no one can read
the message except intended receiver.
Authentication : The process of proving one's
identity.
Integrity : Ensuring the received messages has not
been altered in any way from the original.
Non-repudiation : A mechanism to prove that the
sender really sent this message.
Levels of Cryptographic
Action – In today's internet, most Syst. are split
between application level and transport level.
7 – Application
6 – Presentation
5 – Session
S-HTTP
4 – Transport
SSL
3 – Network
IPSEC
2 – Data Link
PPTP
1 – Physical
Importance of Cryptography
Military applications : command and control
Diplomatic applications : information gathering, spy
Economic applications :
/ Information protection
/ Banking transaction
/ Authentication and signatures
/ Modern e-commerce
How can the public use cryptography quickly and safely?
Importance of Cryptography
Modern methods of communication are inherently
insecure
"
"
"
Internet is very insecure
Ethernet networks liable to having sniffers
Cable modems pass through other people's homes
Pre-computerized Crypto schemes
Transposition Ciphers
"
Reverse pairs of letters
/
HELLO WORLD
EHLL OOWLRD
"
Remover every second letter and put it at the end
/
/
HELLO WORLD
HLOWRDEL OL
"
Reverse the letters
/
/
HELLO WORLD
DLROW OLLEH
"
Many trickers...
/
Pre-computerized Crypto schemes
Substitution Ciphers
ABCDEFGHIJKLMNOPQRSTUVWXYZ
BADCFEHGJILKNMPORQTSVUXWZY
HELLO WORLD
1 GFKKPXPQKC
Types of Cryptographic Algorithms
Why Three Encryption Techniques?
The answer lies in that each scheme is
optimized for some specific applications
Trust Models
PGP Web of Trust
Kerberos
Public Key Certificates and Certificate
Authorities
Kerberos Architecture
Download