8/7/2019 Credit Card DatPre Encryption Sentation
1/27
Mohammed Suleiman
8/7/2019 Credit Card DatPre Encryption Sentation
2/27
` Refers to the process of transforming electronic
information.
` Credit card encryption is important in the business
world .` Credit card encryption is used to scramble
sensitive information that is stored on business
computer networks.
8/7/2019 Credit Card DatPre Encryption Sentation
3/27
` Credit card Encryption comes from thescience of cryptography.
` Some business owners make the mistake
.` The most popular use of encryption is inelectronic commerce.
` Credit card data is transmitted safely to
the merchant.
8/7/2019 Credit Card DatPre Encryption Sentation
4/27
` There are two main types of data encryption
systems.
` The firstwhich is variously known as private key,
single key, secret key, or symmetric encryption.` The second, and more commonly used, type of
data encryption system is known as a public key
system.
8/7/2019 Credit Card DatPre Encryption Sentation
5/27
` The best-known data encryption program is called
RSA.
` RSA scrambles data based on the product of two
prime numbers.` A number of other data encryption programs enjoy
wide use as well.
8/7/2019 Credit Card DatPre Encryption Sentation
6/27
` Encoding credit cards is required to make them
function correctly.
` A credit card works with a magnetic stripe .
` Credit cards are encoded based on three differenttracks.
` Each of these tracks has different standards and
data encoding.
8/7/2019 Credit Card DatPre Encryption Sentation
7/27
` The first track on the magnetic strip.
` Encoded at 210 bits per inch.
` Uses a 6-bit encryption with 64 different
alphanumeric characters.` The second track on the magnetic strip is encoded
at 75 bits per inch, using 4-bit encryption to code
10 digits.
8/7/2019 Credit Card DatPre Encryption Sentation
8/27
` The third track on the magnetic strip is encoded at
210 bits per inch, the same way the first track on
the magnetic strip is encoded.
` Knowing how the credit card is encoded will helpyou understand how it works when it is used.
When an ATM eats a card.
8/7/2019 Credit Card DatPre Encryption Sentation
9/27
Method 1
` Simple database table of clients with their credit
card numbers.
8/7/2019 Credit Card DatPre Encryption Sentation
10/27
Method 2
` Database systems like Microsoft Access have an
option to format a particular field in "password
mode
8/7/2019 Credit Card DatPre Encryption Sentation
11/27
Method 3
` Use a symmetric encryption algorithm like AES or
Triple DES.
` Using Triple DES (a.k.a. 3DES or TDEA) with the192-bit key
000102030405060708090A0B0C0D0E0F10111213
14151617
8/7/2019 Credit Card DatPre Encryption Sentation
12/27
` First encryption operation in ECB mode is:
` PT="1234-5678-9789-0124"
` PT(hex)=313233342D353637382D393738392D30313234
` PT(padded)=313233342D353637382D393738392D303132340505050505
` CT(hex)=0BDC16E6A777C535C49F67688C6D4E21D3F3608
8C206C85A
8/7/2019 Credit Card DatPre Encryption Sentation
13/27
8/7/2019 Credit Card DatPre Encryption Sentation
14/27
Method 4
` The best modes to use when encrypting are either
Cipher Block Chaining(CBC) orCountermode
(CTR).` Adding a new field to our database, IV.
8/7/2019 Credit Card DatPre Encryption Sentation
15/27
8/7/2019 Credit Card DatPre Encryption Sentation
16/27
Method 5
8/7/2019 Credit Card DatPre Encryption Sentation
17/27
` Split this into two parts, where the first 8 bytes is
the IV.
` IV=18DF733256D44E32
` CT=2874919B17EFEDFCCC0206723C26A003087D10A271449323
` Then use the IV together with the secret key to
decrypt the cipher text and obtain
` PT=313233342D353637312D393938382D373736360505050505
8/7/2019 Credit Card DatPre Encryption Sentation
18/27
8/7/2019 Credit Card DatPre Encryption Sentation
19/27
` Method 5a: Using AES-128
` Repeat method 5 but use the AES-128 block
cipher algorithm in counter (CTR) mode. Use the
128-bit key
000102030405060708090A0B0C0D0E0F
8/7/2019 Credit Card DatPre Encryption Sentation
20/27
For AES use a 16-byte IV, so generate a new value for each record
8/7/2019 Credit Card DatPre Encryption Sentation
21/27
` To encrypt the first record,
` KEY=000102030405060708090A0B0C0D0E0F
` IV =7AD3C3BF888C9E88AA5F44773FAEB42E
`
PT="1234-5678-9789-0124"` PT(hex)
=313233342D353637382D393738392D30313234
` CT(hex)=612B4B355C9874F920AC346BD0F8C5C7614165
8/7/2019 Credit Card DatPre Encryption Sentation
22/27
8/7/2019 Credit Card DatPre Encryption Sentation
23/27
AES
8/7/2019 Credit Card DatPre Encryption Sentation
24/27
` AES encryption is used to, securely stream
information continuously across an unsecured
Internet connection.
` Encrypt data on a hard drive or device to stophackers using Internet based tools to read
information on the drive, or to stop thieves of
notebooks reading the contents of the drive.
8/7/2019 Credit Card DatPre Encryption Sentation
25/27
` If a super-computer could break the DES code in
one second, it would take the same
supercomputer 149 trillion years to decode a 128-
bit AES key .` AES is a small, fast, hard to crack encryption.
` 128 bit AES offers a total of 3.4 x 10^38 individual
keys.
8/7/2019 Credit Card DatPre Encryption Sentation
26/27
` AES has three approved key length: 128 bits, 192
bits, and 256 bits.
` The four rounds are called :
` SubBytes.` ShiftRows.
` MixColumns.
` AddRoundKey.
8/7/2019 Credit Card DatPre Encryption Sentation
27/27
` Always encrypt sensitive data like credit card
numbers.
` Use a recognized block cipher algorithm like Triple
DES or AES-128.` Use CBC or CTR mode, never ECB.
` Generate a fresh random IV every time you save a
new credit card number or edit an existing one.
Top Related