Cryptography (1–5 Levels)
Yüklə 1,44 Mb.
|
- Bu səhifədəki naviqasiya:
- Nonrepudiation.
- Cipher Modes:(Level 3)
- Block Cipher
- How they work
|
DIGITAL SIGNATURES:
Remember the rule? Well, rules are meant to be broken, what if we use our private key to encrypt the data? Then since everyone who has our public key can decrypt the data. Then what's the purpose one may ask? Well if someone can use your public key to decrypt your data then it means the data has was never tampered with, what do I mean? since no one has access to your private keys then the data must be yours since everyone is able to decrypt it using your public key which is derived from your private keys. This is called Nonrepudiation. Thus you cannot claim that the data is not yours since you signed it with your private key, what if someone steals your private key and signs the data? BAD LUCK:( PRO TIP: Cybersecurity has two problems, confidentiality and convenience, you can choose either one but not both. Symmetric vs Asymmetric Encryption: Symmetric is fast but due to that it has less security since it only used a private key or shared key. If someone steals the key then, information is compromised. It is 100–1000x faster than Asymmetric Encryption:0 Asymmetric is slower but it has two sets of keys also called PKI thus offering more security as, if the shared key(public) is stolen, then information is still safe as an only a private key can decrypt the information:) Cipher Modes:(Level 3) There are different cipher modes; most symmetric keys use a block cipher and can encrypt a large amount of data quicker than asymmetric encryption. Let’s look at these in turn: Stream Cipher: A stream cipher is a method of encrypting text (to produce ciphertext) in which a cryptographic key and algorithm are applied to each binary digit in a data stream, one bit at a time. It is normally used by asymmetric encryption. This is slow and uses XOR(Level 4,5) function to create ciphertext. Block Cipher: A block cipher is where a block of data is taken and then encrypted; for example, 128 bits of data may be encrypted at a time. This is the method used today as it is much faster than a stream cipher. It is used by symmetric encryption with the exception of RC4. Let’s say you have 1 Mb of data ie 1024 Kb thus we can break it down to 16 blocks of 64 bytes each. 16x64=1024. How they work: Modes of operation are how ciphers work to achieve encryption. Let’s look at the different modes: Initialization Vector (IV): This is a (pseudo)random value used as a secret key for data encryption. This number, also called a nonce, is employed only one time in any session. The IV length is usually comparable to the length of the encryption key or the block of the cipher in use. Sometimes, this is also known as a starter variable. Cipher Block Chaining (CBC): CBC adds XOR(LEVEL 4,5) to each plaintext block from the ciphertext block that was previously produced. The first plaintext block has an IV that you XOR, and you then encrypt that block of plaintext.The next block of plaintext is XOR’d against the last encrypted block before you encrypt this block. When decrypting a ciphertext block, you need the XOR from the previous ciphertext block. If you are missing any blocks, then decryption cannot be done. Explains it well Electronic Code Book (ECB): ECB replaces each block of the clear text with the block of ciphertext. The same plaintext will result in the same ciphertext. The blocks are independent from the other blocks. CBC is much more secure. Galois/Counter Mode (GCM): This is a block cipher mode of operation that uses universal hashing over a binary Galois field to provide authenticated encryption. It can be implemented in hardware and software to achieve high speeds with low cost and low latency. Counter Mode (CTR): CTR turns a block cipher into a stream cipher. It generates the next keystream block by encrypting successive values of a counter rather than an IV. Yüklə 1,44 Mb. Dostları ilə paylaş:
|