Page 123 - DCAP309_INFORMATION_SECURITY_AND_PRIVACY
P. 123

Unit 8: Cryptography and Encryption




          Block ciphers can operate in one of several modes; the following four are the most important:  Notes
          1.   Electronic Codebook (ECB) mode is the simplest, most obvious application: the shared
               key is used to encrypt the plaintext block to form a ciphertext block. Two identical plaintext
               blocks, then, will always generate the same ciphertext block. Although this is the most
               common mode of block ciphers, it is susceptible to a variety of brute-force attacks.

          2.   Cipher Block Chaining (CBC) mode adds a feedback mechanism to the encryption scheme.
               In CBC, the plaintext is exclusively-ORed (XORed) with the previous ciphertext block
               prior to encryption. In this mode, two identical blocks of plaintext never encrypt to the
               same ciphertext.
          3.   Cipher Feedback (CFB) mode is a block cipher implementation as a self-synchronizing
               stream cipher. CFB mode allows data to be encrypted in units smaller than the block size,
               which might be useful in some applications such as encrypting interactive terminal input.
               If we were using 1-byte CFB mode.


                Example: Each incoming character is placed into a shift register the same size as the block,
          encrypted,  and  the  block  transmitted.  At  the  receiving  side,  the  ciphertext  is
          decrypted and the extra bits in the block (i.e., everything above and beyond the one byte) are
          discarded.
          4.   Output Feedback (OFB) mode is a block cipher implementation conceptually similar to a
               synchronous stream cipher. OFB prevents the same plaintext block from generating the
               same ciphertext block by using an internal feedback mechanism that is independent of
               both the plaintext and ciphertext bitstreams.





              Task  Explain the function of Stream ciphers.
          8.5.2 Public Key Cryptography


          Public-key  cryptography  has  been  said  to  be  the  most  significant  new  development  in
          cryptography in the last 300-400 years. Modern PKC was first described publicly by Stanford
          University professor Martin Hellman and graduate student Whitfield Diffie in 1976. Their paper
          described a two-key crypto system in which two parties could engage in a secure communication
          over a non-secure communications channel without having to share a secret key.
          Public-key cryptography, also known as asymmetric cryptography, is a form of cryptography
          in which a user has a pair of cryptographic keys — a public key and a private key.

          The keys are related mathematically, but the private key cannot be practically derived from the
          public key.  A  message  encrypted  with  the  public  key  can  be  decrypted  only  with  the
          corresponding private key.
          The two main branches of public key cryptography are:
          1.   Public Key Encryption: A message encrypted  with a recipient’s  public key cannot be
               decrypted by anyone except the recipient possessing the corresponding private key. This
               is used to ensure confidentiality.
          2.   Digital Signatures:  A message signed with a sender’s private key  can  be verified by
               anyone who has access to the sender’s public key, thereby proving that the sender signed
               it and that the message has not been tampered with. This is used to ensure authenticity.





                                           LOVELY PROFESSIONAL UNIVERSITY                                   117
   118   119   120   121   122   123   124   125   126   127   128