Chapter 7 STRENGTH OF ENCRYPTION & Public Key Infrastructure

Slides:

Advertisements

Similar presentations

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Advertisements

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.

EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.

Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.

1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.

Digital Certificates Public Key Deception Digital Certificates Certificate Authorities Public Key Infrastructures (PKIs)

How HTTPS Works J. David Giese. Hyper Text Transfer Protocol BrowserHTTP Server GET / HTTP/1.1 HOST: edge-effect.github.io HEADERS BODY HTTP/ OK.

Security. Cryptography Why Cryptography Symmetric Encryption – Key exchange Public-Key Cryptography – Key exchange – Certification.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Network Security. An Introduction to Cryptography The encryption model (for a symmetric-key cipher).

Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

Electronic Payments E-payment methods –Credit cards –Electronic funds transfer (EFT) –E-payments Smart cards Digital cash and script Digital checks E-billing.

Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.

Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.

Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.

11-Basic Cryptography Dr. John P. Abraham Professor UTPA.

Encryption. What is Encryption? Encryption is the process of converting plain text into cipher text, with the goal of making the text unreadable.

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

What is Digital Signature Building confidentiality and trust into networked transactions. Kishankant Yadav

Chapter 8 – Network Security Two main topics Cryptographic algorithms and mechanisms Firewalls Chapter may be hard to understand if you don’t have some.

1 Network Security Basics. 2 Network Security Foundations: r what is security? r cryptography r authentication r message integrity r key distribution.

Cryptography and the Web Lincoln Stein Whitehead Institute/MIT Center for Genome Research.

Encryption Basics Module 7 Section 2. History of Encryption Secret - NSA National Security Agency –has powerful computers - break codes –monitors all.

Mar 28, 2003Mårten Trolin1 This lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.

SSL: Secure Socket Layer By: Mike Weissert. Overview Definition History & Background SSL Assurances SSL Session Problems Attacks & Defenses.

The Secure Sockets Layer (SSL) Protocol

Web Security CS-431.

Digital Signatures.

Security Outline Encryption Algorithms Authentication Protocols

Symmetric and Asymmetric Encryption

Cryptography and Network Security

Cryptography Why Cryptography Symmetric Encryption

Secure Sockets Layer (SSL)

e-Health Platform End 2 End encryption

K E Y Plain text Cipher text Encryption Decryption

Cryptography and Security Technologies

S/MIME T ANANDHAN.

IS3230 Access Security Unit 9 PKI and Encryption

Using SSL – Secure Socket Layer

Cryptography and Network Security

Network Security Basics

Chapter 8 Network Security.

Lecture 4 - Cryptography

CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9

The Secure Sockets Layer (SSL) Protocol

CDK: Chapter 7 TvS: Chapter 9

Public-Key, Digital Signatures, Management, Security

Unit 8 Network Security.

Advanced Computer Networks

Electronic Payment Security Technologies

Fluency with Information Technology Lawrence Snyder

Security in Distributed Systems

Review of Cryptography: Symmetric and Asymmetric Crypto Advanced Network Security Peter Reiher August, 2014.

10/7/2019 Created by Omeed Mustafa 1 st Semester M.Sc (Computer Science department) Cyber-Security.

Presentation transcript:

Chapter 7 STRENGTH OF ENCRYPTION & Public Key Infrastructure CISSP Study Guide BIS 4113/6113

Review: Asymmetric Crytography Users make public keys available to everyone Public Key Servers Private key used for decryption held in reserve Only the user can decrypt the message Internet Encryption Decryption P C C P Receiver’s Public Key Receiver’s Private Key

Asymmetric Encryption To encrypt my personal info, credit card info, and order info, my browser retrieves Whole Foods’ ______________. public encryption key My information is converted from plain text into ______________. cipher text The order goes through the unsecure network and is received by Whole Foods. In order to convert the order back to plaintext, Whole Foods uses its ________________________. private decryption key

PKI Operations 1 B makes its public key widely available (say through the Internet) 2 message sender 3 No security hole is created by distributing the public key, since B’s private key has never been distributed. message recipient

Message Source Authentication: Digital Signatures (p.243) Enforce non-repudiation Ensure message integrity during transmission

Certificate Authority (p.244)

Transmission with Digital Signatures Signed signature Digital Signature only Authenticated signature

Which key should I use? (p.241) If you want to encrypt a message  If you want to decrypt a message sent to you  If you want to digitally sign a message  If you want to verify a message sent to you  Use recipient’s public key Use your private key Use your private signature Use the sender’s public signature

RSA Encryption (p.233-234) Used by Microsoft, Nokia, Cisco, and 90% of Fortune 500 Works using “large” prime numbers Choose two: p and q 200 digits each n = p * q Select another number (e) e is less than n e is prime e and (n-1) * (q-1) have no common factors Select another number (d) (e*d – 1) mod ((p-1)(q-1)) = 0 e and n are public keys, d is private key (1088 bit) CT = PTE mod N PT = CTD mod N

Strength of Encryption Key length (or key size) Measured in bits Key of n bits = 2n possible keys Algorithm cannot be larger than key size, but can be smaller Encryption as a weapon? Export Administration Regulations (EAR) Limits: 64 bit symmetric, 768 bits asymmetric

Breaking encryption Brute force 56 bit encryption considered insufficient RSA Secret Key Challenge (1997) 56 bit key broken in 250 days It’s time to move to a longer key length 64 bit key broken in 5 years (1000s of PCs) Some things are better left unread Distributed.net: Rc5-72 challenge Asymmetric key information in public key helps Keys with 128 bits are practically unbreakable SSL 128-256 bits (next slides) Federal minimum for top secret info: 256 bits

“P2PE”

Secure Sockets Layer (SSL) Application SSL Transport Network Data Link Physical A protocol widely used on the Web Operates between the application and transport layers Early versions were 40 bit keys Google SSL: 2048 bit Operations of SSL Negotiation for PKI Server Send its public key and encryption technique to be used (e.g., RC4, DES) Browser Generates a key for this encryption technique; and sends it to the server (by encrypting with servers public key) Communications Encrypted by using the key generated by browser

Digital Rights Management (p.252-254) Encryption used to enforce copyright standards for digital media Music Movie E-books Documents Video games Steve Jobs’ open letter against DRM (2/6/2007) “The problem, of course, is that there are many smart people in the world, some with a lot of time on their hands, who love to discover such secrets and publish a way for everyone to get free (and stolen) music. They are often successful in doing just that, so any company trying to protect content using a DRM must frequently update it with new and harder to discover secrets. It is a cat-and-mouse game.”