Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Slides:



Advertisements
Similar presentations
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Advertisements

Internet Protocol Security (IP Sec)
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
CP3397 ECommerce.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography.
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Principles of Information Security, 2nd edition1 Cryptography.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 22.
Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security
Chapter 10: Electronic Commerce Security. Electronic Commerce, Seventh Annual Edition2 Impact of Security on E-Commerce In 2006 an estimated $913 million.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 12-1© 2007 Prentice-Hall, Inc ELC 200 Day 22.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.
Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Security Jonathan Calazan December 12, 2005.
Public Key Infrastructure Ammar Hasayen ….
SMUCSE 5349/49 Security. SMUCSE 5349/7349 Threats Threats to the security of itself –Loss of confidentiality s are sent in clear over.
Digital Certificates With Chuck Easttom. Digital Signatures  Digital Signature is usually the encryption of a message or message digest with the sender's.
How HTTPS Works J. David Giese. Hyper Text Transfer Protocol BrowserHTTP Server GET / HTTP/1.1 HOST: edge-effect.github.io HEADERS BODY HTTP/ OK.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
SYSTEM ADMINISTRATION Chapter 13 Security Protocols.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.
OpenVPN OpenVPN: an open source, cross platform client/server, PKI based VPN.
 TCP/IP is the communication protocol for the Internet  TCP/IP defines how electronic devices should be connected to the Internet, and how data should.
Securing Data at the Application Layer Planning Authenticity and Integrity of Transmitted Data Planning Encryption of Transmitted Data.
32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
1 TCP/IP Applications. 2 NNTP: Network News Transport Protocol NNTP is a TCP/IP protocol based upon text strings sent bidirectionally over 7 bit ASCII.
每时每刻 可信安全 1The DES algorithm is an example of what type of cryptography? A Secret Key B Two-key C Asymmetric Key D Public Key A.
Securing Electronic Transactions University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Krerk Piromsopa. Network Security Krerk Piromsopa. Department of Computer Engineering. Chulalongkorn University.
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
Chapter 6 Electronic Mail Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
Module 9: Fundamentals of Securing Network Communication.
Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.
1 Securing Data and Communication. 2 Module - Securing Data and Communication ♦ Overview Data and communication over public networks like Internet can.
Cryptography and Network Security (CS435) Part Twelve (Electronic Mail Security)
Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.
1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.
X.509 Topics PGP S/MIME Kerberos. Directory Authentication Framework X.509 is part of the ISO X.500 directory standard. used by S/MIME, SSL, IPSec, and.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.
Digital Signatures and Digital Certificates Monil Adhikari.
Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy
7.6 Secure Network Security / G.Steffen1. In This Section Threats to Protection List Overview of Encrypted Processing Example.
Jump to first page Internet Security in Perspective Yong Cao December 2000.
2/19/2016clicktechsolution.com Security. 2/19/2016clicktechsolution.com Threats Threats to the security of itself –Loss of confidentiality.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.
Chapter 7 : Web Security Lecture #1-Week 12 Dr.Khalid Dr. Mohannad Information Security CIT 460 Information Security Dr.Khalid Dr. Mohannad 1.
This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
Secure Socket Layer Protocol Dr. John P. Abraham Professor, UTRGV.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
Key management issues in PGP
IS3230 Access Security Unit 9 PKI and Encryption
CompTIA Security+ Study Guide (SY0-501)
Security at the Application Layer: PGP and S/MIME
Unit 8 Network Security.
Presentation transcript:

Cryptography Chapter 7 Part 4 Pages 833 to 874

PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange

Certificate Authority (CA) PKI requires a digital certificate CA creates and digitally signs it Entrust and VeriSign Registration Authority (RA) – Verifies identity – Ask CA for certificate Certificate (X.509 standard) – Figure 7-25 on page 838

Key Management Keys should not be available in cleartext If a user loses the key, data is encrypted forever. Key escrow

TPM Trusted Platform Module Microchip installed on the motherboard and dedicated to security functions: symmetric and asymmetric keys, hashing, digital certificates Encrypting the hard disk – Key stored on TPM encrypted with another key

Sealing a System Particular hardware and software configuration TPM generates a hash based on system configuration files. TPM verifies the integrity by computing the hash and comparing it with the “sealing” value.

Link Encryption Encrypts all data – User data, header, addresses Protects against packet sniffing Packets must be decrypted at each hop so routers can read routing and address information Takes place at the data link and physical layer

End-to-End Encryption The header, addresses, routing, and trailer are not encrypted Enables attackers to learn more about a captured packet Happens within the application

Multipurpose Internet Mail Extension (MIME) – how multimedia data and binary attachments are to be transferred. What program should process it.

Secure MIME (S/MIME) A standard for encrypting and digitally signing and for providing secure data transmission. Follows PKCS (Public Key Cryptography Standard) Confidentiality, Integrity (Hashing), Authentication (X.509 Public Key Certificates), Non-repudiation (Signed Message Digest)

PGP Pretty Good Privacy Phil Zimmerman 1991 RSA public key encryption for key management IDEA for symmetric key for bulk encryption MD5 hash for authentication of public key certificate

PGP “Web of Trust” User’s Key Ring – collection of public keys Does not use centralized CA No CRL – What if private key is compromised?

Internet Security HTTP Secure (HTTPS) – SSL (Secure Socket Layer) works at Transport Layer – Provides data encryption, server authentication, message integrity – Server send digital certificate signed by CA containing it public key – Client uses public key to encrypt symmetric session keys

SSL SSL 3.0 Transport Layer Security (TLS) – open source version

Cookies Text file that the browser maintains in memory or on disk HTTP is stateless. – Save login, shopping cart, etc. Sometimes kept to keep track on the user’s browsing and spending for advertising. Cookies that contain sensitive information should be encrypted by the server or stored in memory.

Attacking Cryptography Ciphertext-Only Attack Known-Plaintext Attack Chosen-Plaintext Attack Key Terms on page 869