Security- Chapter 7 By Carrie Mace And Bill Coley.

Slides:



Advertisements
Similar presentations
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Advertisements

AUTHENTICATION AND KEY DISTRIBUTION
Chapter 14 – Authentication Applications
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
Digital Signatures and Hash Functions. Digital Signatures.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Principles of Information Security, 2nd edition1 Cryptography.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Chapter 8 Web Security.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.
Chapter 31 Network Security
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Part Two Network Security Applications Chapter 4 Key Distribution and User Authentication.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Cryptography, Authentication and Digital Signatures
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
©The McGraw-Hill Companies, Inc., 2000© Adapted for use at JMU by Mohamed Aboutabl, 2003Mohamed Aboutabl1 1 Chapter 29 Internet Security.
Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
© Oxford University Press 2011 DISTRIBUTED COMPUTING Sunita Mahajan Sunita Mahajan, Principal, Institute of Computer Science, MET League of Colleges, Mumbai.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
Types of Electronic Infection
Chapter 21 Distributed System Security Copyright © 2008.
23-1 Last time □ P2P □ Security ♦ Intro ♦ Principles of cryptography.
11.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 11 Message Integrity and Message Authentication.
Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
IM NTU Distributed Information Systems 2004 Security -- 1 Security Yih-Kuen Tsay Dept. of Information Management National Taiwan University.
Csci5233 computer security & integrity 1 Cryptography: an overview.
Lecture 16: Security CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9.
X.509 Topics PGP S/MIME Kerberos. Directory Authentication Framework X.509 is part of the ISO X.500 directory standard. used by S/MIME, SSL, IPSec, and.
Chapter 11 Message Authentication and Hash Functions.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Protocol Analysis. CSCE Farkas 2 Cryptographic Protocols Two or more parties Communication over insecure network Cryptography used to achieve goal.
Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
IT 221: Introduction to Information Security Principles Lecture 5: Message Authentications, Hash Functions and Hash/Mac Algorithms For Educational Purposes.
Fall 2006CS 395: Computer Security1 Key Management.
Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.
Information and Network Security
CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9
CDK: Chapter 7 TvS: Chapter 9
Cryptography and Network Security
Chapter 8 roadmap 8.1 What is network security?
Presentation transcript:

Security- Chapter 7 By Carrie Mace And Bill Coley

Chapter 7: Security 7.1 Introduction 7.2 Overview of Security Techniques 7.3 Cryptographic algorithms 7.4 Digital Signatures 7.5 Cryptographic Pragmatics 7.6 Case Studies

NextPreviousOverview Security is needed to guarantee the privacy, integrity and availability of resources Designers of secure distributed systems must cope with the possibility of exposed service interfaces and insecure networks

NextPrevious Types of Service Attacks Masquerading Tampering Denial of Service

NextPreviousCryptography Provides the basis for the authentication of messages as well as their secrecy and integrity Cryptographic algorithms and the management of keys are critical to the security mechanisms effectiveness

NextPrevious Where Are Security Measures Needed In any computer system that is a possible target for attacks Especially important for financial systems or systems that handle confidential data Need for protection arises from the desire to share resources Security mechanisms are used to ensure security policies are enforced

NextPrevious Threats and Attacks Security Threats fall into three categories –Leakage which is the acquisition of information by unauthorized recipients –Tampering which is the unauthorized alteration of information –Vandalism which is the interference with the proper operation of a system without gain to the perpetrator

NextPrevious Channel misuse Methods of attacks can be further classified according to the way in which a channel is misused –Eavesdropping which is copies of messages without authority –Masquerading is sending or receiving messages using the identity of another principal without their authority

NextPrevious Channel Misuse-Continued Message Tampering is intercepting messages and altering their contents before passing them on to the intended recipient Replaying is storing intercepted messages and sending them at a later date Denial of service is flooding channels or other resource with messages in order to deny access for others

NextPrevious Threats from Mobile Code Several programming languages have been designed to enable programs to be loaded into a process from a remote server and then executed locally Internal interfaces and objects within an executing process may be exposed to attack by mobile code

NextPrevious Java -Threats from Mobile Code The sandbox model of protection against mobile code The Java Virtual Machine gives each application its own environment in which to run Each environment has a security manager that determines which resources are available to the application

NextPrevious Information Leakage If a transmission of a message between two processes can be observed then information can be gained from its mere existence Potential for leakage arises whenever the results of a computation can be observed

NextPrevious Securing Electronic Transaction - Types –contents of message might need to be secured Purchase of Goods and Service – need to secure private purchases data and sometimes the product itself Banking Transactions – must secure customers private banking information Micro-Transactions – supply of small quantities of information to many customers at a low cost

NextPrevious Requirements for Securing Web Purchases Authenticate the vendor to the buyer Keeping buyer’s credit card and payment detail from falling into unauthorized hands and keeping the information accurate from buyer to vendor If goods are downloadable they also need to be secured from third parties and accurate when they reach the buyer Authenticate the identity of the account holder to the bank

NextPrevious Designing Secure System The big dilemma is that the designer aims to exclude all possible attacks and loop holes but it is difficult to plan for all possible attacks There is always a balance act between costs and threats and convenience

NextPreviousCryptography Encryption is the process of encoding a message to hide its content Uses several secure algorithms for encrypting and decrypting messages Based on the use of secret keys Two main classes of encryption algorithms –Shared secret keys where the sender and receiver share knowledge of the key –Public/Private keys where the sender of the message uses the public key to encrypt the message and the receiver uses the private key to decrypt the message

NextPrevious Uses of Cryptography Three major uses –Secrecy and Integrity –Authentication –Digital Signatures

NextPrevious Cryptography – Secrecy and Integrity Exploits the fact that a message that is encrypted with a particular encryption key can only be decrypted by a recipient who knows the corresponding decryption key As long as the decryption key is not compromised and the encryption algorithm is strong enough to defeat possible attempts to crack it the message will remain a secret It can also help maintain integrity if the encrypted algorithm contains things like check sum

NextPrevious Cryptography - Authentication Cryptography is used in support of mechanisms for authentication communication between pairs and principals A principal who decrypts a message can successfully using a particular key can assume that the message is authenticated if it contains the correct checksum Can infer that the sender of the message possessed the corresponding encryption key and hence deduce the identity of the sender if the key is only known to two parties

NextPrevious Cryptography – Digital Signatures Implemented by cryptography Verifying to a third party that a message or a document is an unaltered copy of one produced by the signer Digital signatures are based upon the irreversible binding to the message or document of a secret known only to the signer Achieved by encrypting the message or a compression form of the message called a digest

NextPreviousCertificates A digital certificate is a document containing a statement signed by a principal For a certificate to be useful the following is required: –A standard format and representation for them so that certificate issuers and certificate users can successfully construct and interpret them –Agreement on the manner in which chains of certificates are constructed and in particular the notion of trusted authority There is sometimes a need to revoke a certificate since it is expensive to track down and delete all certificates, this is usually addressed with an expiration date included in the signature

NextPrevious Cryptography Algorithm A message is encrypted by the sender applying some rule to transform the plaintext message to a ciphertext Recipient must know the inverse rule in order to transform the ciphertext into the original plaintext Other principals are unable to decipher the message unless they know the inverse rules

NextPrevious 7.4 Digital Signatures Handwritten signatures are used to meet the needs of document recipients to very that the document is : Authentic Unforgeable Non-repudiable Digital documents are easy to generate, copy, and alter. Simply appending the identity of the originator to a document has no value.

NextPrevious Digital Signing An electronic document or message M can be signed by a principal A by encrypting a copy of M with a key K A and attaching it to a plaintext copy of M and A’s identifier. Signed document will be of the form: M, A, [M] K A. By verifying the signature the recipient can be assured the message was unaltered and originated by A.

NextPrevious Digital Signing If a secret key is used to encrypt the document, only others who share the secret key can verify the signature. If public-key cryptography is used, the signer uses her private key, and anyone who has the corresponding public key can verify the signature. The public-key method is more analogous to a written signature.

NextPrevious Digest Functions Also called secure hash functions and denoted H(M). Must be carefully designed to ensure that H(M) is different from H(M’) for all values of M, and M’.

NextPrevious Digital signatures with public keys Relatively simple and does not require communication between recipient and signer. 1. A generates a key pair K PUB and K PRIV and publishes the public key K PUB. 2. A computes the digest of M, H(M) with an agreed hash function and encrypts it with K PRIV to produce the signature S = {H(M)} K PRIV 3. A sends the signed message [M] K = M,S to B 4. B decrypts S using K PUB and computes the digest of M, H(M). If they match, the signature is valid.

NextPrevious Digital signatures with secret keys - MACs To verify, the secret key must be shared Problems: 1. Signer must arrange for the verifier to receive the secret key 2. It may be necessary to verify a signature in several contexts, and at different times 3. Disclosure weakens the security of signatures made with that key. Exception: message authentication codes (MAC) - requires a secure channel.

NextPrevious Message authentication code (MAC) Depends on the existence of a secure channel through which the shared key can be distributed. 1. A generates a random key K for signing and distributes it through secure channels 2. For any document M to be signed: h = H(M + K) Then the message sent is [M] K = M, h 3. Receiver B computes h’ = H(M + K) using the secret, shared key. Signature is verified if h = h’ The digest h is a MAC

NextPrevious Secure Digest Functions A secure digest function h = H(M) should have the following properties: 1. Given M, it is easy to compute h 2. Given h, it is hard to compute M 3. Given M, it is hard to find another message M’, such that H(M)=H(M’) Vulnerable to the birthday attack, where an alternate M’ is found to hash the same as M.

NextPrevious Secure Digest Functions Similar to symmetric cryptography but does not preserve information. MD5 SHA Using an encryption algorithm to make a digest –Used in CBC mode

NextPrevious Certificate standards and certificate authorities X.509 is the most widely used standard format for certificates Structure and content of X.509 Certificate: –SubjectDistinguished Name, Public Key –IssuerDistinguished Name, Signature –Period of ValidityNot before & not after dates –Administrative InfoVersion, Serial Number SPKI - Simple Public-key Infrastructure –recent proposal enables chains of certificates

NextPrevious Performance of cryptographic algorithms Table 7.5.1

NextPrevious Applications of cryptography and political obstacles Algorithms described in this chapter emerged in the 1980’s and 1990’s Strongly resisted by the US government Cryptographic software had stringent export restrictions US software companies protested Current position - software that implements most of the major algorithms has been available worldwide for several years

NextPrevious Applications of cryptography and political obstacles Example: PGP (Pretty Good Privacy) –Generates and manages public and secret keys on behalf of a user In Jan US government changed its policy on exported software. Current proposals want to require the inclusion of loopholes for gov’t law enforcement, and security agencies

NextPrevious The Needham and Schroeder authentication protocol Solution to authentication and key distribution using authentication server Authentication server maintains a table containing a name and secret key for each principal known to the system. Protocol is based on the use of tickets from the authentication server.

NextPreviousNeedham-Schroeder N A and N B are nonces Nonces are used only once, and generated on demand

NextPrevious Kerberos Developed at MIT in the 1980’s Deals with three kinds of security objects: –Ticket –Authentication –Session Key Client processes must possess a ticket for each server that they use (most have a lifetime of several hours)

NextPreviousKerberos Figure 7.16 System architecture of Kerberos

NextPreviousKerberos A Kerberos server is known as a Key Distribution Center (KDC), supplying: –Authentication Service (AS) –Ticket-Granting Service (TGS)

NextPrevious Securing electronic transactions with secure sockets Secure Socket Layer protocol (SSL) SSL is supported by most browsers and is widely used in Internet commerce. Algorithms used for encryption and authentication are negotiated between the two processes The only requirement is for public-key certificates recognized by both parties

NextPrevious Low-value electronic transactions: The Millicent protocol A scheme for the secure distribution of scrip - a specialized form of digital cash for use in low value transactions Scalable: each vendor’s server is responsible only for validating the scrip that it has issued.

NextPrevious The Millicent protocol Scrip is designed to offer the following features: –it has value only at a specific vendor –it can be spent only once –it is tamper-resistant and hard to counterfeit –it can be spent only by its rightful owner –it can be produced and validated efficiently

NextPrevious The Millicent protocol Scrip is represented by digital tokens with the following format: Vendor Value Scrip ID Cust ID Expiry date Properties Certificate Properties field - for vendor defined uses. i.e. for applying correct taxes Certificate field - digital signature protecting all the fields in the scrip from modification (MAC method)