Modern Algorithms
Most modern ciphers use a sequence of binary digits (bits), that is, zeros and ones such as ASCII.
This bit sequence representing the plaintext is then encrypted to give the ciphertext as a bit sequence.
This bit sequence representing the plaintext is then encrypted to give the ciphertext as a bit sequence.
The encryption algorithm may act on a bit-string in a number of ways:
Stream Ciphers where the sequence is encrypted bit-by-bit.
Block Ciphers where the sequence is divided into blocks of a predetermined size.
Block Ciphers where the sequence is divided into blocks of a predetermined size.
ASCII requires 8 bits to represent one character, and so for a block cipher that has 64-bit blocks, the encryption algorithm acts on eight characters at once.
Since most modern algorithms operate on binary strings we need to be familiar with a method of combining two bits called Exclusive OR and often written as XOR.
0 + 0 = 0, 0 + 1 =1,
1 + 0 = 1 and 1 + 1 = 0
1 + 0 = 1 and 1 + 1 = 0
Message Authentication Codes (MAC)
A MAC is a key-dependent one-way hash function. Only someone with the identical key can verify the hash. They are very useful to provide authenticity without secrecy.
MACs can be used to authenticate files between users. To determine if his files have been altered.
Digital Signatures
The digital signature for a message from a particular sender is a cryptographic value that depends on the message and the sender.
In contrast , a hand-written signature depends only on the sender and is the same for all messages.
In contrast , a hand-written signature depends only on the sender and is the same for all messages.
A digital signature provides data integrity and proof of origin (non-repudiation).
It can be kept by the receiver to settle disputes if the sender were to deny the content of the message or even to deny having sent it.
It can be kept by the receiver to settle disputes if the sender were to deny the content of the message or even to deny having sent it.
Each user has a private key that only they can use and its use is accepted as identifying them.
There is a corresponding public key.
There is a corresponding public key.
Anyone who knows this public key, can check that the corresponding private key has been used, but cannot determine the private key.This gives the receiver assurance of both the origin and content of the message.
Figure 2:Digital signature Verification process.
Attacks on Digital Signature
-----------------------------------
Suppose digital signatures are being used as a means of identification. If user A wishes to impersonate user B, then there are two different forms of attack:
**A attempts to obtain the use of B’s private key
**A tries to substitute their public key for B’s public key.
RSA
------
** by Rivest, Shamir & Adleman of MIT in 1977 .
** best known & widely used public-key scheme .
** best known & widely used public-key scheme .
RSA Use
** to encrypt a message.
** to decrypt the ciphertext.
RSA Security
There are some possible approaches to attack RSA :
** brute force key search.
**mathematical attacks (based on difficulty of computing)
**timing attacks (on running of decryption)
**chosen ciphertext attacks
** brute force key search.
**mathematical attacks (based on difficulty of computing)
**timing attacks (on running of decryption)
**chosen ciphertext attacks
Methods of Attack
---------------------
Four general attacks can be perform against encrypted information:
** Ciphertext- only attack guessing the plaintext or using frequency analysis
** Known Plaintext- guess using known pliantext.
** Chosen-plaintext
** Chosen-ciphertext attack
Okay I pen off here. I hope everybody will get some knowledges from my page.
More details, you can refer to others references or ask the expert!
=)
No comments:
Post a Comment