EP47 - AskDeveloper Podcast - Cryptography - Part 2 - Encryption


Manage episode 163272688 series 26781
بواسطة Mohamed Elsherif, Amr Eldib, Yasser Makram, Tamer Zaki & Ahmed Elmalt, Mohamed Elsherif , Amr Eldib , Yasser Makram , Tamer Zaki, and Ahmed Elmalt، اكتشفه Player FM ومجتمعنا ـ حقوق الطبع والنشر مملوكة للناشر وليس لـPlayer FM، والصوت يبث مباشرة من خوادمه. اضغط زر الاشتراك لمتابعة التحديثات في Player FM، أو ألصق رابط التغذية الراجعة في أي تطبيق بودكاست آخر.
الحلقة السابقة https://soundcloud.com/askdeveloper/ep46-askdeveloper-podcast-cryptography-part-1-introduction-and-hashing ○ Encryption (Two Ways) § Symmetric Encryption □ Same key both encrypts and decrypts the data. □ Very fast, yet exchanging key is tricky □ Very Algorithmic □ Examples ® DES Data Encryption Standard (BROKEN) ◊ Uses key of 56 bit length ® Triple DES (3DES) ◊ Uses three keys (or two unique keys) of 56 bit each ® AES Advanced Encryption Standard ◊ Uses keys of 128, 192 or 256 bits long □ Attacks ® Brute force ◊ Usually mitigated via increasing key length, as difficulty increases exponentially as key size increases, for example time to crack given a modern super computer. Key Size Time To Crack 56 bits 399 seconds 128 bits 1.02 * 1018 years 192 bits 1.87 * 1037 years 256 bits 3.31 * 1056 years ◊ Side-Channel Attacks § Asymmetric Encryption □ Key pairs have mathematical relationship □ Each one can decrypt messages encrypted by the other. □ Slow, but exchanging key is trivial □ Very Mathematical □ Anyone can know the Public Key ® The Public key can only be used to encrypt data □ The Private key is kept secret, and never leaves the recipient's side. ® The Private key can only be used to decrypt data □ Examples ® RSA (Rivest, Shamir and Adelman) ® The de-facto standard in the industry ® Public and Private keys are based on large Prime Numbers § Hybrid Encryption □ Uses both Symmetric and Asymmetric encryption at the same time. □ Goals: ® Use the performance of Symmetric Crypto ® Convenience of sharing keys using Asymmetric Crypto ® HMAC for authentication. □ Steps: (Order is very important) ® Party 1 (Alice) 1. Generates a random AES Session Key (32 bytes / 256 bits) 2. Generates a random Initialization Vector (IV) (16 bytes / 128 bits) 3. Encrypt the message to be sent using the AES Session Key & IV 4. Calculate an HMAC of the encrypted message using the AES Session key 5. Encrypt the AES Session Key using the Public Key of Party 2 (Bob) The recipient. 6. Sends a packet of (Encrypted Message, Encrypted Session Key, Initialization Vector, and HMAC) to Bob ® Party 2 (Bob) 1. Decrypts Session key using his Private Key 2. Recalculates the HMAC of the encrypted message (Validates message integrity) } If HMAC check pass – Decrypts the message using the decrypted AES Session Key and Initialization Vector } Otherwise, rejects the message because of integrity check failure. Our facebook Page http://facebook.com/askdeveloper On Sound Cloud http://soundcloud.com/askdeveloper Please Like & Subscribe

67 حلقات