Computer Introduction (Data Encryption)-Lecture05
Download as pptx, pdf0 likes71 views
The lecture covers the historical context and purpose of data encryption, emphasizing its importance for data privacy and protection against cyber threats. It explains two main types of encryption: symmetric and asymmetric, as well as challenges such as key management and the potential threats posed by quantum computing. Additionally, hashing and digital signatures are discussed, highlighting their role in ensuring data integrity and authenticity.
Computer Introduction (Data Encryption)-Lecture05
- 1. 1 Lecture No. 5: Data Encryption Lecturer: Dr. Mazin Alkathiri Department of Information Technology , College of Computers Seiyun University September , 2024
- 2. 2 1. Historical Context of Encryption • Encryption has been used for centuries as a method to protect confidential information. Ancient civilizations such as the Egyptians, Greeks, and Romans developed early encryption techniques to secure military and diplomatic communications. • One of the earliest known methods was the Caesar Cipher, used by Julius Caesar, where each letter in a message was shifted a fixed number of spaces. • The evolution of encryption technologies accelerated significantly during the 20th century with the advent of computers, allowing for the development of complex algorithms that could quickly encrypt and decrypt data.
- 3. 3 2. The Purpose of Data Encryption The primary aim of data encryption is to ensure data privacy and protect sensitive information from unauthorized access, tampering, and theft. This protection is essential in the context of modern cyber threats, as data is often transmitted over networks that can be vulnerable to interception. Encryption serves several core purposes: • Confidentiality: Ensures that data can only be read by the intended recipients. • Integrity: Helps verify that data has not been altered or tampered with. • Authentication: Confirms the identity of the parties involved in data exchange. • Non-repudiation: Ensures that the sender cannot deny sending the data, thus establishing trust.
- 4. Data Encryption •Encryption is a security method in which information is encoded in such a way that only authorized user can read it.
- 5. Encryption/Decryption plaintext encryption ciphertext decryption plaintext • Plaintext: a message in its original form • Ciphertext: a message in the transformed, unrecognized form • Encryption: the process for producing ciphertext from plaintext • Decryption: the reverse of encryption • Key: a secret value used to control encryption/decryption
- 6. • Data encryption methods are generally categorized into two main types: 1. Symmetric Encryption: This encryption method uses a single key for both encryption and decryption. The key must be kept secret and shared securely between the sender and the receiver. While symmetric encryption is fast and efficient, it presents challenges in securely sharing the key. Common algorithms include: • AES (Advanced Encryption Standard): Widely used in various applications for its strength and speed. • DES (Data Encryption Standard) and Triple DES: Older methods that have mostly been replaced by AES due to vulnerabilities. 3. Types of Encryption
- 7. •Symmetric key encryption algorithm uses same cryptographic keys for both encryption and decryption of cipher text. Symmetric Key encryption plaintext encryption ciphertext decryption plaintext key key same key
- 8. 8 2. Asymmetric Encryption: Also known as public-key encryption, this method uses a pair of keys – a public key, which is shared openly, and a private key, which is kept secret. Data encrypted with the public key can only be decrypted with the private key, and vice versa. This method is commonly used for secure communication and digital signatures. Examples include: • RSA (Rivest–Shamir–Adleman): One of the earliest and most commonly used algorithms for secure data exchange. • ECC (Elliptic Curve Cryptography): Known for providing strong security with smaller key sizes, making it more efficient than RSA in some applications.
- 9. •Public key encryption algorithm uses pair of keys, one of which is a secret key and one of which is public. These two keys are mathematically linked with each other. Public Key encryption plaintext encryption ciphertext decryption plaintext public key private key
- 10. 10 6. Challenges in Data Encryption Although encryption provides robust security, it also poses certain challenges: • Key Management: Safeguarding and distributing keys securely is critical; if keys are compromised, encrypted data becomes vulnerable. • Performance and Efficiency: Strong encryption can impact system performance, especially for large datasets or resource-constrained devices. • Compliance and Legal Issues: Organizations are often required to comply with data protection regulations that mandate specific encryption standards, such as GDPR, HIPAA, and PCI-DSS. • Quantum Computing Threat: Emerging quantum computing technology could potentially break many current encryption algorithms, leading to research in quantum-resistant encryption techniques.
- 11. In terms of security, hashing is a technique used to encrypt data and generate unpredictable hash values. It is the hash function that generates the hash code, which helps to protect the security of transmission from unauthorized users. Hashing
- 12. • provides a way to verify that the message received is the same as the message sent. It can take a plain text message as input and then computes a value based on that message. • Key Points • The length of computed value is much shorter than the original message. • It is possible that different plain text messages could generate the same value. Hashing algorithm
- 13. 13 Applications of Hashing • Data Integrity Verification • Password Storage • Digital Signatures and Certificates • Blockchain Technology
- 14. • is an electronic, encrypted, stamp of authentication on digital information such as email messages, or electronic documents. A signature confirms that the information originated from the signer and has not been altered. • Signing certificate To create a digital signature, you need a signing certificate, which proves identity. • When you send a digitally-signed macro or document, you also send your certificate and public key. • Certificates are issued by a certification authority, and like a driver’s license, can be revoked. • A certificate is usually valid for a year, after which, the signer must renew, or get a new, signing certificate to establish identity. Digital Signature
- 16. • There are several reasons to implement digital signatures to communications: • Authentication: Digital signatures help to authenticate the sources of messages. • Integrity: Once the message is signed, any change in the message would invalidate the signature. • Non-repudiation: By this property, any entity that has signed some information cannot at a later time deny having signed it. Applications
- 17. • is a barrier between Local Area Network (LAN) and the Internet. It allows keeping private resources confidential and minimizes the security risks. It controls network traffic, in both directions. • The following diagram depicts a sample firewall between LAN and the internet. The connection between the two is the point of vulnerability. Both hardware and the software can be used at this point to filter network traffic. Firewall
- 19. • Firewall management must be addressed by both system managers and the network managers. • The amount of filtering a firewall varies. For the same firewall, in different directions. Key Points to Firewall