By Md Emran Mazumder Ottawa University Student no: 6282845.

Slides:



Advertisements
Similar presentations
Network Security Chapter 1 - Introduction.
Advertisements

The Diffie-Hellman Algorithm
1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
Digital Signatures and Hash Functions. Digital Signatures.
IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Cryptographic Technologies
Applied Cryptography for Network Security
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Key Management and Distribution. YSLInformation Security – Mutual Trust2 Major Issues Involved in Symmetric Key Distribution For symmetric encryption.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
Computer Science Public Key Management Lecture 5.
Security Considerations for Wireless Sensor Networks Prabal Dutta (614) Security Considerations for Wireless Sensor Networks.
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
1 Cryptography and Network Security Fourth Edition by William Stallings Lecture slides by Lawrie Brown Changed by: Somesh Jha [Lecture 1]
ECE453 – Introduction to Computer Networks Lecture 18 – Network Security (I)
Part Two Network Security Applications Chapter 4 Key Distribution and User Authentication.
Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus
Cryptography and Network Security
Information Security Principles (ESGD4222)
Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY
MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.
Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.
Cryptography, Authentication and Digital Signatures
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 31 Omar Meqdadi Department of Computer Science and Software Engineering.
Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
P1. Public-Key Cryptography and RSA 5351: Introduction to Cryptography Spring 2013.
Information Security By:-H.M.Patel. Information security There are three aspects of information security Security service Security mechanism Security.
Network Security David Lazăr.
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
1 Normal executable Infected executable Sequence of program instructions Entry Original program Entry Jump Replication and payload Viruses.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
Ch 13 Trustworthiness Myungchul Kim
Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.
Network Security Celia Li Computer Science and Engineering York University.
April 20023CSG11 Electronic Commerce Authentication John Wordsworth Department of Computer Science The University of Reading Room.
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.
Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke1 Database architecture and security Workshop 4.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.
Information and Network Security
Mumtaz Ali Rajput +92 – INFORMATION SECURITY – WEEK 2 Mumtaz Ali Rajput +92 – 301-
Cryptography and Network Security
Chapter -7 CRYPTOGRAPHIC HASH FUNCTIONS
Public-Key, Digital Signatures, Management, Security
Security in SDR & cognitive radio
Cryptography and Network Security
Secure Diffie-Hellman Algorithm
Presentation transcript:

By Md Emran Mazumder Ottawa University Student no:

 Introduction  Security services  Security attacks  Cryptographic background  RSA key generation  Diffie-hellman algorithm  Secret sharing schemes  Partially distributed certificate authority  Fully distributed certificate authority  References  Questions 2Md Emran Mazumder

INTRODUCTION  Ad hoc networking is a wireless networking paradigm for self-organizing networks that until recently has mainly been associated with military battlefield networks.  Most research has been done on routing in ad hoc network but little attention was given to the security aspect of the network. 3Md Emran Mazumder

SECURITY SERVICES  Confidentiality – ensures that transmitted information can only be accessed by the intended users.  Authentication – allows the communicating parties to be assured of the others identity.  Integrity – ensures that data has not been altered during transmission.  Availability – ensures that the intended network services are available to the intended parties when required. 4Md Emran Mazumder

SECURITY ATTACKS  Passive attacks : the attacker can only eavesdrop or monitor the network traffic.  Active attacks : The attacker is not only able to listen to the transmission but is also able to actively alter or obstruct it. 5Md Emran Mazumder

Sub categories of security attacks  Eavesdropping: gain knowledge of the transmitted data. Its a passive attack.  Traffic analysis: to extract information from the characteristic of the transmission, e.g. amount of data transmitted, identity of the communicating nodes etc.  Impersonation: attacker uses the identity of another node to gain unauthorized access to a source or data.  Modification : attacker modifies the data during transmission. 6Md Emran Mazumder

Cryptographic background symmetric encryption ALICE BOB Unsecured channel (C) Secured channel (K) 7Md Emran Mazumder

Public key encryption AliceBob Unsecured channel C Authenticated channel 8Md Emran Mazumder

Digital signatures  What is a digital signature?  A digital signature is a data structure that provides proof of origin, i.e. authentication and integrity. 9Md Emran Mazumder

Alice Bob M= transfer 80$ from a/c Hash function 0x4s M= transfer 80$ from a/c Hash function 0x4s= D pk allice (S) S= E sk allice (0x4s) 10Md Emran Mazumder

Digital certificate  In the presence of an active attacker problem arises.  If Alice wants to send a message to Bob, then the public key that is obtained from the server could be from an attacker.  So digital certificate is issued to prevent this kind of attack by a trusted third party.  Anyone with authentic public key can verify the certificate. 11Md Emran Mazumder

RSA Key generation  Select p & q (p & q both prime numbers).  Calculate n= p*q.  Calculate (n)=(p-1)*(q-1).  Select integer e gcd((n),e)=1; 1<e<(n)  Calculate d d= e ˄ -1 mod (n)  Public key Pk= {e,n}  Private key Sk= {d,n} ((n) is the number of positive number less than n and relatively prime to n (called Euler totient) 12Md Emran Mazumder

RSA : Encryption  Plaintext M<n  Cipher text C=M ˄ e (mod n) RSA : Decryption  Cipher text C  Plaintext M=C ˄ d (mod n) 13Md Emran Mazumder

Diffie- Hellman algorithm  Allows a group of users to agree on secret key over insecure channel.  Cannot be used to encrypt or decrypt messages.  A and B want to agree on a secret key.  They agree on two large numbers n and g, such that 1<g<n.  A choose random x, computes X=g^x mod n, and send X to B.  B chooses random y, computes Y=g^y mod n, and sends y to A  A computes k1=Y^x mod n  B computes k2=X^y mod n   note: k1=k2=g^(yx) mod n. 14Md Emran Mazumder

Choose x choose y Security depends on the difficulty of calculating the value of x ( discrete logarithmic algorithm problem) X=g^x mod n Y=g^y mod n Compute Y^x mod nCompute X^y mod n 15Md Emran Mazumder

Secret sharing  Secret sharing allows a secret to be shared among a group of users called share holders in such a way that no single user can deduce the secret from his share alone.  The secret can be constructed only by combining the shares of all the users.  A secret sharing scheme where k out of N share holders are required to reconstruct a secret is referred to as (K,N) threshold scheme. 16Md Emran Mazumder

Types of secret sharing  Shamir’s secret sharing:- it is important that no shareholder gains knowledge of any share other than its own. Otherwise he could potentially gain knowledge of K shares and then be able to reconstruct the secret himself.  The shareholders provide their shares to the trusted third party who performs the action requiring the secret e.g. the signing of certificates.  Proactive secret sharing:- the secret is protected by distributing it among several shareholders.  However given sufficiently long time an attacker could compromise k shareholders and obtain their shares, thereby allowing him to reconstruct the secret. 17Md Emran Mazumder

 To defend against such attackers the proactive secret sharing scheme updates the shares of the nodes on regular basis.  Verifiable secret sharing scheme: if any share holder wants to prevents the reconstruction then he can provide an invalid share, e.g. a random value, to be used for reconstruction. 18Md Emran Mazumder

Partially Distributed certificate authority  There are three types of nodes in the network client, server and the combiner nodes.  The client nodes are the normal users of the network.  The server nodes are responsible for generating “partial certificate” & storing certificates in a directory structure hence allowing client nodes to have access to the certificates of other nodes.  Combiner nodes are responsible for combining the partial certificate into a valid certificate.  One of the node acts as dealer that has knowledge of the complete certificate signing key. 19Md Emran Mazumder

 Every node has a public/private key pair, & it is the responsibility of the dealer to issue the initial certificate for the nodes. (CA).  The certificate authority as a whole has a public/private key pair pKca/sKca of which the public key is known to all network nodes. The private key is shared among the server nodes according to Shamir's secret sharing scheme. 20Md Emran Mazumder

Certificate renewal  When a node wishes to renew its certificate it must request a certificate renewal from a minimum of ‘K’ server nodes.  If a request is granted than each of the K server nodes generates a partial certificate with a new expiration date.  The partial certificates are then sent to a combiner which could be one of the K servers, which combines the partial certificates. 21Md Emran Mazumder

Certificate retrieval  Every node must register their certificates to the servers when they initially join the network so that the servers may synchronize their certificate directories in the case of updates & renewal. 22Md Emran Mazumder

Fully distributed certificate authority  (k,n) threshold scheme to distribute an RSA certificate signing key to all nodes in the network.  The private key is distributed by using Shamir's secret sharing scheme by embedding the sKca as the root of a polynomial  Each share holder with unique non zero identity receives a share 23Md Emran Mazumder

 With knowledge of at least K shares the polynomial can be evaluated by calculating  Lagrange coefficient can be calculated by  The secret sKca can be recovered by solving for f(0). 24Md Emran Mazumder

 Any coalition of k shareholders may sign a message by generating a message digest and encrypting it with their additive shares which produces a partial signature  A candidates signature can be generated from k partial signatures. 25Md Emran Mazumder

 By applying the k-bounded coalition offsetting algorithm, a proper signature SIGN (which is verifiable by pkCA) can be recovered. 26Md Emran Mazumder

Reference  Key Predistribution inWireless Sensor Networks When Sensors Are Within Communication Range Sushmita Ruj, Amiya Nayak, and Ivan Stojmenovic  C. Perkins, Ad Hoc Networking, Addison-Wesley 2001, ISBN  A. Menezes, P. van Oorschot and S.Vanstone,Handbook of Applied Cryptography, CRC Press 1997,ISBN  W. Stallings, Cryptography and Network Security:Principles and Practice, 2nd ed., Prentice-Hall 1999,ISBN  A. Nash, W. Duane, C. Joseph and D. Brink, PKI: Implementing and Managing E-Security,McGraw-Hill 2001, ISBN  N. Asokan and P. Ginzboorg, “Key Agreement in Ad Hoc Networks”, Computer Communications,Volume 23, Pages  J. Mackar and S. Corson, RFC 2501, “Mobile Ad hoc Networking (MANET): Routing Protocol Performance Issues and Evaluation Considerations”, IETF 1999  Saab NetDefence, Available on-line Md Emran Mazumder

Questions 1 Given any two prime numbers p=7 & q=17. Calculate the public key and private key. Explain the process of encryption and decryption with the same pair of keys using RSS algorithm. Given values e=5 and d=77 Note: mod (119)= Md Emran Mazumder

Solution 1  Suppose p=7 and q=17  Calculate n= p*q=7*17=119  Calculate (n)=(p-1)*(q-1)= 96  Select integer e such that e is relatively prime to (n)=96 and less than (n). In this case it is 5.  Determine d such that de=1 (mod96) and d<96. hence d=77, because 77*5=385=4*96+1.  Public key ={ 5, 119}  Private key ={77,119} 29Md Emran Mazumder

 Encryption process Say plain text M=19. Cipher text C= 19^5 (mod119) = (mod119) =66  Decryption process M=66^77(mod119)=19 30Md Emran Mazumder

Question 2 Explain diffie–hellman algorithm and calculate the secret key. Use n=119. mod (119)= Md Emran Mazumder

Solution 2  Select any two prime numbers n and g.  Given n=119 and let g=50 (1<50<119)  Let x=5  X=g^x mod(n)=50^5 mod(119)=  Let y=11  Y=g^y mod(n)=50^11 mod(119)=1.3*10^14  X and Y are transmitted via a insecure channel. 32Md Emran Mazumder

 A computes k1=Y^x mod(n)=1.3*10^(14*5) mod(n)= 3.4*10^65  B computes k2=X^y mod(n)=8329.6^11*mod(n) =3.6*10^38. 33Md Emran Mazumder

Question 3 Explain certificate renewal process in a partially distributed certificate authority. 34Md Emran Mazumder

Solution 3  When a node wishes to renew its certificate it must request a certificate renewal from a minimum of ‘K’ server nodes.  If a request is granted than each of the K server nodes generates a partial certificate with a new expiration date.  The partial certificates are then sent to a combiner which could be one of the K servers, which combines the partial certificates. 35Md Emran Mazumder

36Md Emran Mazumder