Session # 5: Cybersecurity Issues Debate & Cryptography
Justin Pineda CISSP, CISM
March 29, 2025
Technological Institute of the Philippines
Cybersecuirty Issues & Cryptography © 2025
1
Agenda for today
Cybersecuirty Issues & Cryptography © 2025
2
Cybersecurity Topics
Issue # 1:
Issue # 2
Issue # 3
Topic: Internet Censorship
Motion: The Philippines should adapt the Internet Censorship being enforced by China.
Issue # 4
Topic: Cybersex
Motion: Cybersex with consent should be legal.
Cybersecuirty Issues & Cryptography © 2025
3
After presentation…
Cybersecuirty Issues & Cryptography © 2025
4
15-minute break
Cybersecuirty Issues & Cryptography © 2025
5
Current Issue now:�Do AI-generated ‘artworks’ violate copyright? �Ex: Studio Ghibli
Cybersecuirty Issues & Cryptography © 2025
6
Cryptographic concepts
1 of 3
Cybersecuirty Issues & Cryptography © 2025
7
Important Terms
Cybersecuirty Issues & Cryptography © 2025
8
(CISSP Guide by Eric Conrad et al, 2010)
Cryptography provides…
Cybersecuirty Issues & Cryptography © 2025
9
More important terms…
From Claude Shannon:
Cybersecuirty Issues & Cryptography © 2025
10
(CISSP Guide by Eric Conrad et al, 2010)
Cryptographic Strength
Cybersecuirty Issues & Cryptography © 2025
11
History of Cryptography
Cybersecuirty Issues & Cryptography © 2025
12
Cryptography Laws
Cybersecuirty Issues & Cryptography © 2025
13
Encryption algorithms
2 of 3
Cybersecuirty Issues & Cryptography © 2025
14
Questions
Cybersecuirty Issues & Cryptography © 2025
15
Questions
Cybersecuirty Issues & Cryptography © 2025
16
Symmetric Encryption
Cybersecuirty Issues & Cryptography © 2025
17
(The Basics of Information Security A Practical Handbook, 2010)
Stream vs. Block Ciphers
Cybersecuirty Issues & Cryptography © 2025
18
Initialization Vector and Chaining
Cybersecuirty Issues & Cryptography © 2025
19
(CISSP Guide by Eric Conrad et al, 2010)
Data Encryption Standard
Cybersecuirty Issues & Cryptography © 2025
20
(CISSP Guide by Eric Conrad et al, 2010)
Bitmap encrypted using DES
Cybersecuirty Issues & Cryptography © 2025
21
(CISSP Guide by Eric Conrad et al, 2010)
Other Symmetric Algorithms…
Cybersecuirty Issues & Cryptography © 2025
22
Asymmetric Encryption
Cybersecuirty Issues & Cryptography © 2025
23
(The Basics of Information Security A Practical Handbook, 2010)
Questions
Cybersecuirty Issues & Cryptography © 2025
24
Asymmetric Methods
Cybersecuirty Issues & Cryptography © 2025
25
RSA (Ron Rivest, AdiShamir, and Leonard Adleman)
Cybersecuirty Issues & Cryptography © 2025
26
n |
|
e |
|
d |
|
(Pantola, 2015)
RSA Example
Cybersecuirty Issues & Cryptography © 2025
27
n |
|
e |
|
d |
|
RSA Example
Cybersecuirty Issues & Cryptography © 2025
28
n |
|
e |
|
d |
|
(Mitra, 2016)
RSA Example
Cybersecuirty Issues & Cryptography © 2025
29
n |
|
e |
|
d |
|
(Mitra, 2016)
RSA Example
Cybersecuirty Issues & Cryptography © 2025
30
n |
|
e |
|
d |
|
(Mitra, 2016)
RSA Example
Cybersecuirty Issues & Cryptography © 2025
31
(Mitra, 2016)
For more info on RSA, visit: https://www.cs.utexas.edu/~mitra/honors/soln.html
Asymmetric Encryption
Cybersecuirty Issues & Cryptography © 2025
32
Name | Private Key | Public Key |
Arnel | AKpr | AKpu |
Benjie | BKpr | BKpu |
If Arnel wants to send an encrypted message that only Benjie can open, what should he do?
Asymmetric Encryption
Cybersecuirty Issues & Cryptography © 2025
33
Name | Private Key | Public Key |
Arnel | AKpr | AKpu |
Benjie | BKpr | BKpu |
If Arnel wants to send an encrypted message that only Benjie can open, what should he do?
Use BKpu to encrypt the message and Benjamin can decrypt it using BKpr.
Asymmetric Encryption
Cybersecuirty Issues & Cryptography © 2025
34
Name | Private Key | Public Key |
Arnel | AKpr | AKpu |
Benjie | BKpr | BKpu |
What is the purpose if Arnel encrypts his message using his private key (AKpr)?
Asymmetric Encryption
Cybersecuirty Issues & Cryptography © 2025
35
Name | Private Key | Public Key |
Arnel | AKpr | AKpu |
Benjie | BKpr | BKpu |
What is the purpose if Arnel encrypts his message using his private key (AKpr)?
For Authentication purposes.
What should we use? �Symmetric or Asymmetric?
Cybersecuirty Issues & Cryptography © 2025
36
Hash Functions
Cybersecuirty Issues & Cryptography © 2025
37
(The Basics of Information Security A Practical Handbook, 2010)
Hash Algorithms
Cybersecuirty Issues & Cryptography © 2025
38
Diffie-Hellman Algorithm
Cybersecuirty Issues & Cryptography © 2025
39
Diffie-Hellman Algorithm
Cybersecuirty Issues & Cryptography © 2025
40
Rody | Mar (Eavesdropper) | Miriam |
g, p | g, p | g, p |
a | | b |
A = ga mod p | | B = gb mod p |
B | B, A | A |
Y = Ba mod p | | Z = Ab mod p |
Y and Z are the same.
(Pantola, 2015)
Diffie-Hellman Algorithm
Cybersecuirty Issues & Cryptography © 2025
41
Rody | Mar (Eavesdropper) | Miriam |
g = 2; p = 3 | g = 2; p = 3 | g = 2; p = 3 |
Diffie-Hellman Algorithm
Cybersecuirty Issues & Cryptography © 2025
42
Rody | Mar (Eavesdropper) | Miriam |
g = 2; p = 3 | g = 2; p = 3 | g = 2; p = 3 |
a = 5 | | b = 4 |
Diffie-Hellman Algorithm
Cybersecuirty Issues & Cryptography © 2025
43
Rody | Mar (Eavesdropper) | Miriam |
g = 2; p = 3 | g = 2; p = 3 | g = 2; p = 3 |
a = 5 | | b = 4 |
A = ga mod p A= 25 mod 3 A = 2 | | B = gb mod p B = 24 mod 3 B = 1 |
Diffie-Hellman Algorithm
Cybersecuirty Issues & Cryptography © 2025
44
Rody | Mar (Eavesdropper) | Miriam |
g = 2; p = 3 | g = 2; p = 3 | g = 2; p = 3 |
a = 5 | | b = 4 |
A = ga mod p A= 25 mod 3 A = 2 | | B = gb mod p B = 24 mod 3 B = 1 |
B = 1 | B = 1, A = 2 | A = 2 |
Diffie-Hellman Algorithm
Cybersecuirty Issues & Cryptography © 2025
45
Rody | Mar (Eavesdropper) | Miriam |
g = 2; p = 3 | g = 2; p = 3 | g = 2; p = 3 |
a = 5 | | b = 4 |
A = ga mod p A= 25 mod 3 A = 2 | | B = gb mod p B = 24 mod 3 B = 1 |
B = 1 | B = 1, A = 2 | A = 2 |
Y = Ba mod p Y =15 mod 3 Y = 1 | | Z = Ab mod p Z = 24 mod 3 Z = 1 |
Cryptographic Attacks
Cybersecuirty Issues & Cryptography © 2025
46
Exercise: simulating rsa and diffie hellman
Cybersecuirty Issues & Cryptography © 2025
47
About the exercise
This Exercise is divided into 2 parts:
Cybersecuirty Issues & Cryptography © 2025
48
Part 1: RSA (30 points)
Cybersecuirty Issues & Cryptography © 2025
49
n | Product of two prime numbers, p and q published together with the public key |
e | Public key (Kpu) Less than and relatively prime to (p-1)(q-1) |
d | Private key (Kpr) Equal to (e-1) mode ((p-1)(q-1)) |
Solution
Cybersecuirty Issues & Cryptography © 2025
50
p |
|
q |
|
n |
|
e |
|
Part 2: Diffie-Hellman
Cybersecuirty Issues & Cryptography © 2025
51
Solution
Cybersecuirty Issues & Cryptography © 2025
52
g |
|
p |
|
A |
|
B |
|
a |
|
b |
|
Y |
|
Z |
|
Implementing cryptography
3 of 3
Cybersecuirty Issues & Cryptography © 2025
53
Digital Signatures
Cybersecuirty Issues & Cryptography © 2025
54
(The Basics of Information Security A Practical Handbook, 2010)
Hashed Message Authentication Code (HMAC)
Cybersecuirty Issues & Cryptography © 2025
55
Public Key Infrastructure (PKI)
Cybersecuirty Issues & Cryptography © 2025
56
(The Basics of Information Security A Practical Handbook, 2010)
Terms to remember:
Registration Authority (RA)
Certification Authority (CA)
Validation Authority (VA)
Certificate Revocation List (CRL)
Key Escrow
Public Key Infrastructure (PKI)
Cybersecuirty Issues & Cryptography © 2025
57
Remember, the web browser does not
believe the website but the CA!!!
(The Basics of Information Security A Practical Handbook, 2010)
Other encryption protocols that will be discussed in later lessons:
Cybersecuirty Issues & Cryptography © 2025
58
Other concepts
Cybersecuirty Issues & Cryptography © 2025
59
Exercise: Wireshark (Cryptography)
Cybersecuirty Issues & Cryptography © 2025
60
Introduction
Cybersecuirty Issues & Cryptography © 2025
61
Instructions�
Cybersecuirty Issues & Cryptography © 2025
62
Part 1: Theoretical (30 points/ 6 points each)
Cybersecuirty Issues & Cryptography © 2025
63
Part 2: Application and Proving (70 points)
Cybersecuirty Issues & Cryptography © 2025
64
Cybersecuirty Issues & Cryptography © 2025
65
Sniffing traffic in clear text (10 points)
Cybersecuirty Issues & Cryptography © 2025
66
Filtering 1 (15 points)�
Cybersecuirty Issues & Cryptography © 2025
67
Filtering 2 (20 points)
Cybersecuirty Issues & Cryptography © 2025
68