2_Information Protection Methods_methodical_presentation_2_v

Information Protection Methods

10.6.2.2 evaluate the necessity of data encryption

1

Encryption And Decryption

Encryption Terminology
Encryption: Transform representation so it is no longer understandable
Decryption: Reversing encryption process

2

Encryption And Decryption

To ensure the privacy of messages sent over a network between a source and destination, the text can be encrypted.
Cryptography - study of methods to encrypt text.
Cryptanalysis - study of how to decode an encypted text.





Conventional or single key encryption - a simple algorithm is used to transform the text
substitution cipher - each letter of the alphabet is substituted with a different letter or symbol.
Ceasar's method - replace every letter in the alphabet with the letter 3 away
A - > D
B - > E
C - > F
. . .
X - > A
Y - > B
Z - > C

3

Encryption And Decryption

Other substitution ciphers assign random substitutions, so they are a bit harder to crack.
The sender uses the encryption to encrypt the message
The sender transmits the message to the receiver
The receiver decodes the message

How does the receiver decode the message? The sender needs to send the key to the receiver.
How can this be done securely so that no one else can decode the message?
To secure e-commerce transactions on the Web, the buyer’s machine must encrypt the data before it sends it over the Internet to the merchant’s Web server

4

Encryption And Decryption

Most encryption algorithms use mathematical formulas and an encryption key to encode the data
The encryption key is a very large number used to encrypt and decrypt the data
The length of the key (the number of digits it contains) determines how secure the data will be – the longer the key the more secure the message
Most encryption algorithms use key length between 40 and 128 bit or more
Most Web browsers support these length keys

5

Encryption And Decryption

Symmetric/ Private Key Encryption
Uses a single number key to encode and decode the data. Both the sender and receiver must know the key
DES (Data Encryption Standard) is the most widely used standard for symmetric encryption
Because each sender and receiver would require a different key, this type of encryption is basically used by government entities
It is rarely used for e-commerce transactions over the Internet
Requires a secure way to get the key to both parties

6

Encryption And Decryption

Asymmetric / Public Key Encryption
Uses two numeric keys
The public key is available to anyone wishing to communicate securely with the key’s owner
The private key is available only to the owner
Both keys are able to encrypt and decrypt each other’s messages
It is computationally infeasible to deduce the private key from the public key. Anyone who has a public key can encrypt information but cannot decrypt it. Only the person who has the corresponding private key can decrypt the information.
Example: encode by raising to 5th power and moding result with 91
Decode by raising to 29th power mod 91
325= 2 (mod 91) and 229=32 (mod 91)

7

Digital Certificates

Digital Certificates
Use assymetric encryption to create digital signatures
Used on the Internet to authenticate both users and vendors
A digital certificate is a unique identifier assigned to a user/vendor by a certification authority to verify the identity of the user/vendor
A certification authority (such as VeriSign) is a private company that certifies the user or vendor is who s/he claims to be
Work together with credit card verification companies or other financial institutions in order to verify the identity of the certificate’s requesters
Digital signature is an encrypted attachment added to the electronic message to verify the sender’s identity
The digital certificate received by the user includes a copy of its public key
This digital certificate’s owner makes its public key available to anyone wanting to send encryped documents to the certificate’s owner

8

Digital Signatures

Instead of encrypting information using someone else's public key, you encrypt it with your private key. If the information can be decrypted with your public key, then it must have originated with you.

9