BIRLA INSTITUTE OF TECHNOLOGY, MESRA (RANCHI)
(Deemed University u/s 3 of UGC act, 1956)
B.I.T. EXTENSION CENTRE, JAIPUR
BISR Campus, 27-Malviya Industrial Area, JAIPUR-302017
Name: Sahil Nagpal
Roll No: 8BBA/4024/09 Course: BBA VI(A) Submitted to: Mr. Alok Pandey Topic:Encryption
Encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information. The reverse process, i.e., to make the encrypted information readable again, is referred to as decryption
Encryption can be used to protect data "at rest", such as files on computers and storage devices such as USB flash drives. In recent years there have been numerous reports of confidential data such as customers' personal records being exposed through loss or theft of laptops or backup drives. Encrypting such files at rest helps them protecting the information.
Encryption is also used to protect data in transit, for example data being transferred via networks such as Internet, e-commerce, mobile telephones, wireless microphones, wireless intercom systems, Bluetooth devices and bank automatic teller machines. Encrypting data in transit also helps to secure it as it is often difficult to physically secure all access to networks. Encryption, by itself, can protect the confidentiality of messages, but other techniques are available to protect the integrity and authenticity of a message; for example, verification of a message authentication code (MAC) or a digital signature.
TYPES OF ENCRYPTION
1. SYMMETRIC ENCRYPTION 2. ASYMMETRIC ENCRYPTION
1. SYMMETRIC ENCRYPTION:Symmetric encryption is a form of cryptosystem in which encryption and decryption are performed using the same key. Symmetric encryption may also be referred to as shared key or shared secret encryption. Symmetric encryption transforms plaintext into ciphertext using a secret key and an encryption algorithm. Using the same key and a decryption algorithm, the plaintext is recovered from the ciphertext. The two types of attack on an encryption algorithm are cryptanalysis, based on properties of the encryption algorithm, and brute-force, which involves trying all possible keys. Common symmetric encryption algorithms include DES, AES, RC4. DES is the most widely used algorithm. These algorithms are extremely fast and their low complexity allows for easy implementation in hardware. However, they require that all hosts participating in the encryption have already been configured with the secret key through some external means.
KEY INGREDIENTS of SYMMETRIC ENCRYPTION
A symmetric encryption scheme has five ingredients : 1. Plaintext: This is the original intelligible message or data that is fed into the algorithm as input. 2. Encryption algorithm: The encryption algorithm performs various substitutions and transformations on the plaintext. 3. Secret key: The secret key is also input to the encryption algorithm. The key is a value independent of the plaintext and of the algorithm. The algorithm will produce a different output depending on the specific
key being used at the time. The exact substitutions and transformations performed by the algorithm depend on the key. 4. Ciphertext: This is the scrambled message produced as output. It depends on the plaintext and the secret key. For a given message, two different keys will produce two different ciphertexts. The ciphertext is an apparently random stream of data and, as it stands, is unintelligible. 5. Decryption algorithm: This is essentially the encryption algorithm run in reverse. It takes the ciphertext and the secret key and produces the original plaintext.
There are two requirements for secure use of conventional encryption: 1. One needs a strong encryption algorithm. At a minimum, one would like the algorithm to be such that an opponent who knows the algorithm and has access to one or more ciphertexts would be unable to decipher the ciphertext or figure out the key. This requirement is usually stated in a stronger form: The opponent should be unable to decrypt ciphertext or discover the key even if he or she is in possession of a number of ciphertexts together with the plaintext that produced each ciphertext.
2. Sender and receiver must have obtained copies of the secret key in a secure fashion and must keep the key secure. If someone can discover the key and knows the algorithm, all communication using this key is readable.
THE DES ALGORITHM
The most widely used encryption scheme is based on the Data Encryption Standard (DES) adopted in 1977 by the National Bureau of Standards, now the National Institute of Standards and Technology (NIST). The algorithm itself is referred to as the Data Encryption Algorithm (DEA). For DES, data are encrypted in 64- bit blocks using a 56-bit key. The algorithm transforms 64-bit input in a series of steps into a 64-bit output. The same steps, with the same key, are used to reverse the encryption.
For symmetric encryption to work, the two parties to an exchange must share the same key, and that key must be protected from access by others. The strength of an encryption system is very crucial. Also it has to be noticed that frequent key changes are usually desirable to limit the amount of data compromised if an attacker learns the key. Therefore, the strength of any cryptographic system rests with the key distribution technique, a term that refers to the means of delivering a key to two parties who wish to exchange data, without allowing others to see the key. For two parties A and B, key distribution can be achieved in a number of ways, as follows: 1. A can select a key and physically deliver it to B. 2. A third party can select the key and physically deliver it to A and B.
If A and B have previously and recently used a key, one party can transmit the new key to theother, encrypted using the old key. 3. If A and B each has an encrypted connection to a third party C, C can deliver a key on the encrypted links to A and B. 4. If A and B each has an encrypted connection to a third party C, C can deliver a key on the encrypted links to A and B.
Asymmetric encryption is a form of encryption in which encryption and decryption are performed using the different keysone a public key and one a private key. It is also known as public-key encryption. Asymmetric encryption transforms plaintext into ciphertext using a one of two keys and an encryption algorithm. Using the paired key and a decryption algorithm, the plaintext is recovered from the ciphertext. Asymmetric encryption imposes a high computational burden, so its major strength is its ability to establish a secure channel over a non secure medium. This is accomplished by the exchange of public keys, which can only be used to encrypt data. The complementary private key, which is never shared, is used to decrypt.
KEY INGREDIENTS of ASSYMETRIC ENCRYPTION:A public-key encryption scheme has six ingredients: 1. Plaintext: This is the readable message or data that is fed into the algorithm as input. 2. Encryption algorithm: The encryption algorithm performs various transformations on the plaintext. 3. Public and private keys: This is a pair of keys that have been selected so that if one is used for encryption, the other is used for decryption.
The exact transformations performed by the algorithm depend on the public or private key that is provided as input. 4. Ciphertext: This is the scrambled message produced as output. It depends on the plaintext and the key. For a given message, two different keys will produce two different ciphertexts. 5. Decryption algorithm: This algorithm accepts the ciphertext and the matching key and produces the original plaintext.
REQUIREMENTS:1. It is computationally easy for a party B to generate a pair (public key PUb, private key PRb). 2. It is computationally easy for a sender A, knowing the public key and the message to be encrypted, M, to generate the corresponding ciphertext: C = E(PUb, M) 3.It is computationally easy for the receiver B to decrypt the resulting ciphertext using the private key to recover the original message: M = D(PRb, C) = D[PRb, E(PUb, M)] 4. It is computationally infeasible for an adversary, knowing the public key, PUb, to determine the private key, PRb. 5.It is computationally infeasible for an adversary, knowing the public key, PUb, and a ciphertext, C, to recover the original message, M.
THE RSA ALGORITHM
A new approach to encryption was introduced by Diffie and Hellman in the name of pioneering paper which challenged encryption experts to come up with a encryption algorithm that met the requirements for public-key systems.
The response to the challenge was developed by Ron Rivest, Adi Shamir, and Len Adleman at MIT in 1977. The Rivest-Shamir-Adleman (RSA) scheme has since that time reigned supreme as the most widely accepted and implemented general-purpose approach to public-key encryption. The RSA scheme is a block cipher in which the plaintext and ciphertext are integers between 0 and n 1 for some n. The plaintext is encrypted in blocks, with each block having a binary value less than some number n. That is, the block size must be less than or equal to log2(n).A typical size for n is 1024 bits, or 309 decimal digits. That is, n is less than 21024.
Several techniques have been proposed for the distribution of public keys.They are grouped into the following schemes: 1. Public Announcement
On the face of it, the point of public-key encryption is that the public key is public. Under this scheme, any participant can send his or her public key to any other participant or broadcast the key to the community at large. 2. Publicly Available Directory A greater degree of security can be achieved by maintaining a publicly available dynamic directory of public keys. Maintenance and distribution of the public directory is the responsibility of some trusted entity or organization. 3. Public-Key Authority Stronger security for public-key distribution can be achieved by providing tighter control. Under this scheme, a central authority maintains a dynamic directory of public keys of all participants. Also, each participant reliably knows a public key for the authority, with only the authority knowing the corresponding private key. 4.Public-Key Certificates
It is an approach to use certificates that can be used by participants to exchange keys without contacting a public-key authority, in a way that is as reliable as if the keys were obtained directly from a public-key authority. In essence, a certificate consists of a public key plus an identifier of the key owner, with the whole block signed by a trusted third party. A user can present his or her public key to the authority in a secure manner, and obtain a certificate. The user can then publish the certificate. Anyone needed this user's public key can obtain the certificate and verify that it is valid by way of the attached trusted signature.