IT IS 6200/8200.

Slides:



Advertisements
Similar presentations
1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.
Advertisements

CMSC 414 Computer (and Network) Security Lecture 22 Jonathan Katz.
Lecture 10: Mediated Authentication
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
CSC 474 Information Systems Security
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
1 CCSDS Security Architecture Key Management 13 th April 2005 Athens.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
1 Security Handshake Pitfalls. 2 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: –Authenticate.
 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.
CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
Chap 3: Key exchange protocols In most systems, we distinguish the short term keys from the long term ones: –A short term key (session key) is used to.
Slide 1 Vitaly Shmatikov CS 378 Key Establishment Pitfalls.
Chapter 3: Basic Protocols Dulal C. Kar. Key Exchange with Symmetric Cryptography Session key –A separate key for one particular communication session.
Security protocols  Authentication protocols (this lecture)  Electronic voting protocols  Fair exchange protocols  Digital cash protocols.
Security protocols and their verification Mark Ryan University of Birmingham Midlands Graduate School University of Birmingham April 2005 Steve Kremer.
Using Cryptography for Network Security Common problems: –Authentication - A and B want to prove their identities to one another –Key-distribution - A.
Week 4 - Wednesday.  What did we talk about last time?  RSA algorithm.
Fall 2010/Lecture 321 CS 426 (Fall 2010) Key Distribution & Agreement.
1 Needham-Schroeder A --> S: A,B, N A S --> A: {N A,B,K AB,{K AB,A} KBS } KAS A --> B:{K AB,A} KBS B --> A:{N B } KAB A --> B:{N B -1} KAB.
Using Cryptography for Network Security Common problems: –Authentication - A and B want to prove their identities to one another –Key-distribution - A.
1 Chapter 10: Key Management in Public key cryptosystems Fourth Edition by William Stallings Lecture slides by Lawrie Brown (Modified by Prof. M. Singhal,
The School of Electrical Engineering and Computer Science (EECS) CS/ECE Network Security Dr. Attila Altay Yavuz Authentication Protocols (I): Secure Handshake.
Key Management Network Systems Security Mort Anvari.
Csci5233 Computer Security1 Bishop: Chapter 10 Key Management.
1 Authenticated Key Exchange Rocky K. C. Chang 20 March 2007.
Dr. Nermi hamza.  A user may gain access to a particular workstation and pretend to be another user operating from that workstation.  A user may eavesdrop.
Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Security Handshake Pitfalls. Client Server Hello (K)
Contents Introduction. 9.1 Session and Interchange Keys.
Chapter 9. Key management
Key Management Session and Interchange Key Key Exchange
Digital Signatures Cryptographic technique analogous to hand-written signatures. sender (Bob) digitally signs document, establishing he is document owner/creator.
Outline Designing secure protocols Key exchange protocols
CS480 Cryptography and Information Security
Authenticated Key Exchange
Authentication Protocols
Basic Network Encryption
Outline Designing secure protocols Basic protocols Key exchange
Security Protocols Computer Security Peter Reiher April 14, 2016
Digital Signatures Cryptographic technique analogous to hand-written signatures. sender (Bob) digitally signs document, establishing he is document owner/creator.
Message Security, User Authentication, and Key Management
Man in the Middle Attacks
Public Key Infrastructure (PKI)
Practical Aspects of Modern Cryptography
پروتكلهاي توزيع كليد دوسويه Two-Parti Key Distribution Protocols
CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9
Key Management Network Systems Security
Digital Signatures Cryptographic technique analogous to hand-written signatures. sender (Bob) digitally signs document, establishing he is document owner/creator.
Key Establishment Protocols ~
KERBEROS.
CDK: Chapter 7 TvS: Chapter 9
Digital Signatures Cryptographic technique analogous to hand-written signatures. sender (Bob) digitally signs document, establishing he is document owner/creator.
Lecture 6.1: Protocols - Authentication and Key Exchange I
Chapter 9: Key Management
Chapter 8.5 AUTHENTICATION AND KEY DISTRIBUTION
Basic Network Encryption
Digital Signatures Cryptographic technique analogous to hand-written signatures. sender (Bob) digitally signs document, establishing he is document owner/creator.
Key Distribution/Management and Authentication
Diffie/Hellman Key Exchange
Formal Methods for Security Protocols
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
Digital Signatures Cryptographic technique analogous to hand-written signatures. sender (Bob) digitally signs document, establishing he is document owner/creator.
Outline Designing secure protocols Basic protocols Key exchange
AIT 682: Network and Systems Security
Key Exchange With Public Key Cryptography
Lecture 6.2: Protocols - Authentication and Key Exchange II
“You have zero privacy anyway, get over it”
Presentation transcript:

IT IS 6200/8200

Authentication & key exchange Try to merge the previous two steps: Establish the session key and persuade Alice that you are Bob Tens of protocols have been developed: some good, some bad Lesson we learn: Do not try to be smart Do not make messages too similar to each other

Protocol 1: Wide-Mouth Frog Two-step protocol through TTP Problems: Why we need the timestamp: resend attack With timestamp: still not safe Message 1 and 2 too similar to each other M keeps the timestamp fresh until it crashes the key Is the key generated by Alice secure enough

Protocol 2: Needham-Schroeder 5 step protocol The freshness is protected by random numbers and it seems that A has assured it. What about B: K is for A and B, is it fresh? Is the other side A? (we can only verify that the other side knows K) Problem: old key matters (B is not involved until step 3) Solution: add a timestamp

Protocol 3: Otway-Rees ( a very good protocol) 4 steps The freshness is protected by the random numbers Both parties get involved from the very beginning

The Protocol n || Alice || Bob || { r1 || n || Alice || Bob } kA Alice { r2 || n || Alice || Bob } kB Cathy Bob n || { r1 || ks } kA || { r2 || ks } kB Cathy Bob n || { r1 || ks } kA Alice Bob

Protocol 4: Neuman-Stubblebine 4 step protocol Good point: Only timestamp from one party is involved, so avoid synchronization Even M cracks K, he cannot conduct the attack and impersonate A since the timestamp would have expired. Problem: Type-flaw attack: an attacker can pretend to be Alice (it needs to control the path between B and T)

Protocol 5: Denning-Sacco (an unsafe protocol) 3 step protocol Using public-private key Still not safe: B can impersonate A to talk to anyone else Fix for this: Identify communication parties that use the key

Lessons we learn: Identify the communication parties Protect the freshness of the key Get both parties involved early Do not make packets similar to each other Do not try to outsmart other researchers or hackers

Secret splitting: Secret sharing: All parties are required to recover the secret Solution: XOR Secret sharing: Only a threshold number of parties are required to recover the secret The example using polynomial

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.