Public Key Infrastructure Alex Bardas. What is Cryptography ? Cryptography is a mathematical method of protecting information –Cryptography is part of,

Slides:



Advertisements
Similar presentations
Public Key Infrastructure and Applications
Advertisements

1 Pretty Good Privacy (PGP) Security for Electronic .
PUBLIC KEY CRYPTOSYSTEMS Symmetric Cryptosystems 6/05/2014 | pag. 2.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Off-the-Record Communication, or, Why Not To Use PGP
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Digital Signatures and Hash Functions. Digital Signatures.
Information Security & Cryptographic Principles. Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Computer Security Key Management. Introduction We distinguish between a session key and a interchange key ( long term key ). The session key is associated.
Computer Security Key Management
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Public Key Management Brent Waters. Page 2 Last Time  Saw multiple one-way function candidates for sigs. OWP (AES) Discrete Log Trapdoor Permutation.
Chapter 5 Cryptography Protecting principals communication in systems.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Cryptographic Technologies
1 CPSC156: The Internet Co-Evolution of Technology and Society Lectures 19,20, and 21: April 5, 10, and 12, 2007 Cryptographic Primitives.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.
Security Management.
1 Introduction to Information Security , Spring 2015 Lecture 7: Applied cryptography: asymmetric Eran Tromer Slides credit: John Mitchell, Stanford.
Computer Science Public Key Management Lecture 5.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.
Sorting Out Digital Certificates Bill blog.codingoutloud.com ··· Boston Azure ··· 13·Dec·2012 ···
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.
1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.
Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.
Network Security – Part 2 (Continued) Lecture Notes for May 8, 2006 V.T. Raja, Ph.D., Oregon State University.
每时每刻 可信安全 1The DES algorithm is an example of what type of cryptography? A Secret Key B Two-key C Asymmetric Key D Public Key A.
Lecture 5.3: Key Distribution: Public Key Setting CS 436/636/736 Spring 2012 Nitesh Saxena.
Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.
Cryptography, Authentication and Digital Signatures
Basic Cryptography 1. What is cryptography? Cryptography is a mathematical method of protecting information –Cryptography is part of, but not equal to,
Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.
Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Encryption. What is Encryption? Encryption is the process of converting plain text into cipher text, with the goal of making the text unreadable.
Key Exchange Methods Diffie-Hellman and RSA CPE 701 Research Case Study Derek Eiler | April 2012.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
A Quick Tour of Cryptographic Primitives Anupam Datta CMU Fall A: Foundations of Security and Privacy.
Upper OSI Layers Natawut Nupairoj, Ph.D. Department of Computer Engineering Chulalongkorn University.
Digital Signatures, Message Digest and Authentication Week-9.
Public Key Infrastructure (PKI) Chien-Chung Shen
Computer and Network Security - Message Digests, Kerberos, PKI –
Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
Prof. Reuven Aviv, Nov 2013 Public Key Infrastructure1 Prof. Reuven Aviv Tel Hai Academic College Department of Computer Science Public Key Infrastructure.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
Key management issues in PGP
Basics of Cryptography
Computer Communication & Networks
IS3230 Access Security Unit 9 PKI and Encryption
Digital Signatures Last Updated: Oct 14, 2017.
Chapter 4 Cryptography / Encryption
Lecture 10: Network Security.
Install AD Certificate Services
Secure How do you do it? Need to worry about sniffing, modifying, end-user masquerading, replaying. If sender and receiver have shared secret keys,
Introduction to Cryptography
Presentation transcript:

Public Key Infrastructure Alex Bardas

What is Cryptography ? Cryptography is a mathematical method of protecting information –Cryptography is part of, but not equal to, security In modern computing, crypto is used to remediate deficiencies in the cyber space

Cryptographic Primitives Four Cryptographic Primitives: 1.Cryptographic Hash 2.Symmetric Encryption 3.Asymmetric Encryption 4.Digital Signatures

Cryptographic Hash If the message content is changed, the hash will be different (provides integrity guarantee) Knowing the hash does not reveal the input message Hashing is NOT encryption! Examples: SHA-1 Text Message (variable length) Cryptographic Hash Function “Unique” Fixed-length String (Hash or Digest)

Image source: Cryptographic Hash Example

Encryption vs. Hashing Image source:

Symmetric Encryption (Secret-key Encryption) Encryption and decryption use the same key Examples: AES Clear Text MessageEncryption Algorithm Encrypted Message Shared Key Encrypted MessageDecryption Algorithm Clear Text Message Shared Key 1. 2.

Asymmetric Encryption (Public-key Encryption) Every party has a pair of keys: Encryption and decryption use different keys It is hard to infer private key from the public key Examples: RSA, El-Gamal Public Key: announced to everyone Private Key: known to the owner only

Asymmetric Encryption (Public-key Encryption) Clear Text MessageEncryption Algorithm Encrypted Message Public Key Encrypted MessageDecryption Algorithm Clear Text Message Private Key 1. 2.

Digital Signature Based on asymmetric crypto - Examples: RSA, DSA, El-Gamal Properties of a Digital Signature: 1.Verification of the validity of a digital signature needs only the public key 2.Only the owner of the corresponding private key can produce a valid signature There is also MAC (Message Authentication Code) – signing using a shared key (based on symmetric cryptography)

Digital Signature MessageSigning Algorithm Signed Message Private Key Signed MessageVerification Algorithm Signature is valid Public Key 1. 2.

A digitally signed Message Image source:

Public Crypto Challenge Alice has Bob’s Public Key Bob has Alice’s Public Key I am out of luck today  -What if Alice and Bob cannot meet and exchange public keys ? -What if Alice and Bob don’t know each other ? -How to do they know that the public key that they are using belongs to the other legitimate party and not to a malicious third party ?

Man-In-The-Middle Alice thinks she has Bob’s Public Key Bob thinks he has Alice’s Public Key 1.Eve has Bob’s and Alice legitimate public keys 2.“Somehow” Alice and Bob have Eve’s public keys 3.It’s Eve’s lucky day

How to Distribute Public Keys ? Ad-Hoc public key distribution (distribute at will) – Alice and Bob exchange public keys in a reliable way Public directory (similar to the telephone directory) – Use a read-only directory (hard to modify/forge in a large scale) Published on paper

Public Key Distribution We want to distribute public keys in electronic form, NOT on paper How to verify the authenticity of the digital directory? Use digital signature

Certification Authority (CA) Alice and Bob don’t know each other but they both trust Cindy (Certification Authority) Alice and Bob have Cindy’s public key Cindy certifies Alice and Bob’s public keys => Digital Certificates

Digital Certificates Cindy’s (CA) Digital Signature What does the certificate tell us? This public key belongs to Alice. Alice is not a CA (Certification Authority)

Public Key Infrastructure What if Alice and Bob do not have a common friend? – Cindy cannot be everywhere, Bob knows her but Alice doesn’t We have to find a trustworthy person that knows Cindy and Alice – Carl knows Cindy but doesn’t know Alice directly – Carl knows John and John knows Alice Certification chain

Multiple Certification Authorities (CAs) R R L 11 L 12 L 21 L 22 L 23 L 24 L 31 L 32 L 33 L 34 L 35 L 36 L 37 L 38 CA hierarchy Alice Bob John Carl Cindy

How are we getting the CA keys? Web Browsers are coming with an important number of root CA keys Other CA’s or single digital certificates can be added by the user (can be risky)

Valid Certificate (signed by VeriSign)

Valid Certificate Example

Certificates Warnings in Different Web Browsers

Sources of Information CIS751 Basic Crypto & PKI slide sets by Xinming (Simon) Ou – Kansas State University

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.