IT430 Assignment No. 2 Solution
Thursday, December 30, 2010 Posted In CS and IT Edit ThisAssignment # 2
All the students of IT430 are directed to download the 2nd assignment. Due date for submission is Monday 03 January, 2011. No assignment after due date will be accepted.
Note: Send email at it430@vu.edu.pk for any assignment related problem
...............
Question: (10)
What are the steps involved in symmetric cryptography? Also explain key management in conventional cryptography using some example.
Note: Submit .doc files only. Send email at it430@vu.edu.pk for any assignment related query.
Your work must be original. If you have to search the topic from internet then write it in your own words. No marks will be given in case of cheating or copying from the internet or from any other student.
Deadline:
Your assignment must be uploaded/submitted on or before 3rd January 2011.
What are the steps involved in symmetric cryptography? Also explain key management in conventional cryptography using some example.
Note: Submit .doc files only. Send email at it430@vu.edu.pk for any assignment related query.
Your work must be original. If you have to search the topic from internet then write it in your own words. No marks will be given in case of cheating or copying from the internet or from any other student.
Deadline:
Your assignment must be uploaded/submitted on or before 3rd January 2011.
SOLUTION:
Symmetric Cryptography
With symmetric cryptography, both the sender and recipient share a key that is used to perform both encryption and decryption. Symmetric cryptography is commonly used to perform encryption. It also provides data integrity when symmetric keys are used in conjunction with other algorithms to create Message Authentication Codes (MACs). For more information about MACs, see Data Origin Authentication in Chapter 2, "Message Protection Patterns."
Figure 1 illustrates the process of encrypting and decrypting data with a shared secret key.
With symmetric cryptography, both the sender and recipient share a key that is used to perform both encryption and decryption. Symmetric cryptography is commonly used to perform encryption. It also provides data integrity when symmetric keys are used in conjunction with other algorithms to create Message Authentication Codes (MACs). For more information about MACs, see Data Origin Authentication in Chapter 2, "Message Protection Patterns."
Figure 1 illustrates the process of encrypting and decrypting data with a shared secret key.
Figure 1. The process of symmetric encryption
As illustrated in Figure 1, symmetric encryption involves the following steps:
The sender creates a ciphertext message by encrypting the plaintext message with a symmetric encryption algorithm and a shared key.
The sender sends the ciphertext message to the recipient.
As illustrated in Figure 1, symmetric encryption involves the following steps:
The sender creates a ciphertext message by encrypting the plaintext message with a symmetric encryption algorithm and a shared key.
The sender sends the ciphertext message to the recipient.
..............
Key Management and Conventional Encryption
Conventional encryption has benefits. It is very fast. It is especially useful for encrypting data that is not going anywhere. However, conventional encryption alone as a means for transmitting secure data can be quite expensive simply due to the difficulty of secure key distribution. The expense of secure channels and key distribution relegated its use only to those who could afford it, such as governments and large banks (or small children with secret decoder rings).
Recall a character from your favorite spy movie: the person with a locked briefcase handcuffed to his or her wrist. What is in the briefcase, anyway? It's probably not the missile launch code/ biotoxin formula/ invasion plan itself. It's the key that will decrypt the secret data.
For a sender and recipient to communicate securely using conventional encryption, they must agree upon a key and keep it secret between themselves. If they are in different physical locations, they must trust a courier, the Bat Phone, or some other secure communication medium to prevent the disclosure of the secret key during transmission. Anyone who overhears or intercepts the key in transit can later read, modify, and forge all information encrypted or authenticated with that key. The persistent problem with conventional encryption is key distribution: how do you get the key to the recipient without someone intercepting it?
And the minor problem with it is the storage of keys: when you want to communicate with a lot of people and you have one key for each partner, how do you manage so many keys?
Some Examples of Conventional Cryptosystems
Captain Midnight's Secret Decoder Ring (which you may have owned when you were a kid)
Julius Caesar's cipher
DES, Data Encryption Standard
The recipient decrypts the ciphertext message back into plaintext with a shared key. Recall a character from your favorite spy movie: the person with a locked briefcase handcuffed to his or her wrist. What is in the briefcase, anyway? It's probably not the missile launch code/ biotoxin formula/ invasion plan itself. It's the key that will decrypt the secret data.
For a sender and recipient to communicate securely using conventional encryption, they must agree upon a key and keep it secret between themselves. If they are in different physical locations, they must trust a courier, the Bat Phone, or some other secure communication medium to prevent the disclosure of the secret key during transmission. Anyone who overhears or intercepts the key in transit can later read, modify, and forge all information encrypted or authenticated with that key. The persistent problem with conventional encryption is key distribution: how do you get the key to the recipient without someone intercepting it?
And the minor problem with it is the storage of keys: when you want to communicate with a lot of people and you have one key for each partner, how do you manage so many keys?
Some Examples of Conventional Cryptosystems
Captain Midnight's Secret Decoder Ring (which you may have owned when you were a kid)
Julius Caesar's cipher
DES, Data Encryption Standard
Numerous symmetric algorithms are currently in use. Some of the more common algorithms include Rijndael (AES) and Triple DES (3DES). These algorithms are designed to perform efficiently on common hardware architectures.
Symmetric cryptography is comparatively simple in nature, because the secret key that is used for both encryption and decryption is shared between the sender and the recipient. However, before communication can occur, the sender and the recipient must exchange a shared secret key. In some cases (such as SSL), asymmetric cryptography can be used to ensure that the initial key exchange occurs over a secure channel.
..........
A:
Answer
1) Symmetric Cryptography
When one party wishes to communicate secured data with another and they both share
the same key for encrypting and decrypting the data, the process is known as symmetric
Cryptography.
The shared key is referred to as a symmetric key.
Because the same key is used to encrypt and decrypt the data with symmetric
cryptography, the decryption process is essentially a reversal of the encryption process.
STEPS INVOLVED IN SYMMETRIC CRYPTOGRAPHY:
Symmetric encryption involves the following steps:
1. The sender creates an encoded text message by encrypting the plaintext message
with a symmetric encryption algorithm and a shared key.
2. The sender sends the encoded text message to the recipient.
3. The recipient decrypts the encoded text message back into plaintext with a shared
key.
2) Conventional cryptography
In conventional cryptography, (also called secret-key or symmetric-key encryption),
one key is used both for encryption and decryption.
Key management in conventional cryptography:
Conventional encryption is very fast. It is especially useful for encrypting data that is not going anywhere. However, conventional encryption alone as a means for transmitting secure data can be
quite expensive simply due to the difficulty of secure key distribution.
The expense of secure channels and key distribution relegated its use only to those who could afford it, such as governments and large banks.
EXAMPLES:
Following are the examples of key management in conventional cryptography
1-The Data Encryption Standard (DES): is an example of a conventional crypto system that is widely employed by the Federal
Government.
2-Captain Midnight's Secret Decoder Ring: (which
is an "encoder" ring as well) is also an example of conventional
cryptography which allows you to do a simple substitution encryption. It
usually has two concentric wheels of letters, A through Z.
3-Julius Caesar's cipher : The Caesar cipher is named for Julius Caesar who used an alphabet with a left shift of three is also an example of conventional cryptography.
..............
Following all are the examples of 2nd part IT assignment:
1- 3-Way
2- CMEA
3- DES
4- FEAL
5- GOST
6- LOKI
7- Lucifer
8- MMB
9- REDOC
10- Safer
..........
What are the steps involved in symmetric cryptography? Also explain key management in conventional cryptography using some example.
Answer
1) Symmetric Cryptography
When one party wishes to communicate secured data with another and they both share
the same key for encrypting and decrypting the data, the process is known as symmetric
Cryptography.
The shared key is referred to as a symmetric key.
Because the same key is used to encrypt and decrypt the data with symmetric
cryptography, the decryption process is essentially a reversal of the encryption process.
STEPS INVOLVED IN SYMMETRIC CRYPTOGRAPHY:
Symmetric encryption involves the following steps:
1. The sender creates an encoded text message by encrypting the plaintext message
with a symmetric encryption algorithm and a shared key.
2. The sender sends the encoded text message to the recipient.
3. The recipient decrypts the encoded text message back into plaintext with a shared
key.
2) Conventional cryptography
In conventional cryptography, (also called secret-key or symmetric-key encryption),
one key is used both for encryption and decryption.
Key management in conventional cryptography:
Conventional encryption is very fast. It is especially useful for encrypting data that is not going anywhere. However, conventional encryption alone as a means for transmitting secure data can be quite expensive simply due to the difficulty of secure key distribution.
The expense of secure channels and key distribution relegated its use only to those who could afford it, such as governments and large banks.
EXAMPLES:
Following are the examples of key management in conventional cryptography
1-The Data Encryption Standard (DES): is an example of a conventional crypto system that is widely employed by the Federal Government.
2-Captain Midnight's Secret Decoder Ring: (which is an "encoder" ring as well) is also an example of conventional cryptography which allows you to do a simple substitution encryption. It usually has two concentric wheels of letters, A through Z.
3-Julius Caesar's cipher : The Caesar cipher is named for Julius Caesar who used an alphabet with a left shift of three is also an example of conventional cryptography.
