CIS 193A – Lesson6 CRYPTOGRAPHY RAPELCGRQ. CIS 193A – Lesson6 Focus Question Which cryptographic...

CIS 193A – Lesson6CIS 193A – Lesson6

CRYPTOGRAPHY

RAPELCGRQ

CIS 193A – Lesson6

Focus Question

Which cryptographic methods help computer users maintain confidentiality, integrity, and authenticity as they share person data with

each other?


Early Encryption• Caesar’s Cipher

– each letter of the alphabet was shift-ed to the right 3 positions, with x,y, and z wrapping back to a,b, and c.

• Rot13– each letter of the alphabet was shift-ed

to the right 13 positions, such that 2 such shifts restored the original text.

These algorithms worked on the alphabets of naturallanguage, with rot13 assuming the English alphabet.


Symmetric Encryption

• Symmetric encryption replaces a ‘rule’ with a ‘key’ – an arbitrarily long string of characters known only to the sender and receiver, and used to produce the ciphertext.

• Examples:– 3DES, CAST5, BLOWFISH, AES, TWOFISH

• Problem:– How to deliver the ‘key’ to the recipient

without it being intercepted.


Hashing Algorithms

• Hash algorithms are not true encryption because they are unidirectional: once encrypted they cannot be decrypted.

• Uses: a hash uniquely identifies an arbitrarily large source file and can verify the integrity of the file without disclosing its content. They are used in digital signatures, and as message digests, and checksums.

• Examples:– md2, md4, md5, sha, sha1, sha512, rmd160


Asymmetric Encryption

• Solves the problem of a shared key.• Two keys involve: public and private. Both

keys encrypt, but decryption must occur with the alternate key.

• The private key is kept secret, the public key is freely made available to others – often by a public keyserver.

• The public key may be derived from the private key, but not vice versa. Private keys are usually protected with a passphrase.


GNU Public Guard (GPG)

• A Free software implementation of Pretty Good Privacy (PGP) encryption.

• Supports symmetric and assymetric (PKI) encryption.

• Maintains a trusted database of public keys.


GPG Symmetric Encryption

• Encrypted files may be stored in binary or ascii format. The ascii format of choice is usually base64.

• Examples:– gpg –c file1 # creates file1.gpg– gpg –ca file2 # creates file2.asc– gpg file1.gpg # decrypts file1– gpg –-decrypt file1.asc # decrypts to

# stdout

• Encryption requires supplying a passphrase.


GPG Asymmetric Encryption

• Create your private/public keys:– gpg –-gen-key # go with the defaults

# and supply passphrase

• View the keys you just created:– gpg –-list-public-keys– gpg –-list-secret-keys

• Add a trusted public key to your keyring:– gpg –-import keyfile # use –a if ascii– gpg –-fingerprint key_id # verify– gpg –-edit-key key_id # set trust value


GPG Asymmetric Encryption

• Sharing a public key– gpg -a -–export id # sends to stdout– gpg [-a] –-output filename –-export id

• Send ASCII version through email or add to a keyserver:– gpg –-keyserver ip-addr –-send-keys id

• Pull from a keyserver:– gpg –-keyserver ip-addr –-recv-keys id– gpg –-keyserver ip-addr –-search-keys str


GPG Signing files

• Signing a text file:– gpg –-clearsign filename # Save ASCII

• Detached Signature:– gpg -–detach-sign [-a] filename

• Verifying a signed, encrypted file:– gpg –-verify filename

• Verifying a detached signature:– gpg –verify file.sign file


GPG Encrypting Files

• Simple encryption:– gpg –e [-a] –r public-key_id filename

• Sign and encrypt:– gpg –es [-a] –r public-key_id filename

• Decrypt a file signed or not:– gpg filename


Review


Focus QuestionWhich cryptographic methods help computer users maintain confidentiality, integrity, and authenticity as they share person

data with each other?

Encryption algorithms use digital keys to scramble the bits in a message so that it is unreadable. Hashing algorithms produce small, unique, digital representa-tions of arbitrarily large files which can be used to guarantee integrity. Public/Private keys along with signed certificates can verify authenticity because of the dependence of the public keys on the private keys.

CIS 193A – Lesson6 CRYPTOGRAPHY RAPELCGRQ. CIS 193A – Lesson6 Focus Question Which cryptographic...

Documents

Transcript of CIS 193A – Lesson6 CRYPTOGRAPHY RAPELCGRQ. CIS 193A – Lesson6 Focus Question Which cryptographic...