Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing.

Slides:



Advertisements
Similar presentations
Chapter 3 Public Key Cryptography and Message authentication.
Advertisements

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Sri Lanka Institute of Information Technology
Chapter 11: Cryptography
Digital Signatures and Hash Functions. Digital Signatures.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Cryptography Basic (cont)
Chapter 5 Cryptography Protecting principals communication in systems.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Cryptographic Technologies
Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
Encryption Methods By: Michael A. Scott
CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Cryptographic Security Cryptographic Mechanisms 1Mesbah Islam– Operating Systems.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.
1 Public-Key Cryptography and Message Authentication Ola Flygt Växjö University, Sweden
1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.
1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.
Message Authentication  message authentication is concerned with: protecting the integrity of a message protecting the integrity of a message validating.
Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester ITGD 2202 University of Palestine.
1 Chapter 11: Message Authentication and Hash Functions Fourth Edition by William Stallings Lecture slides by Lawrie Brown (modified by Prof. M. Singhal,
Hash Functions A hash function H accepts a variable-length block of data M as input and produces a fixed-size hash value h = H(M) Principal object is.
Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.
10/1/2015 9:38:06 AM1AIIS. OUTLINE Introduction Goals In Cryptography Secrete Key Cryptography Public Key Cryptograpgy Digital Signatures 2 10/1/2015.
Security.  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.
Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.
Cryptography, Authentication and Digital Signatures
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
Review of basic cryptographically algorithm Asymmetric encoding (Private and Public Keys), Hash Function, Digital Signatures and Certification.
CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.
Bit Cipher 1. Example of bit Cipher 2 Practical Stream Cipher 3.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 2 – Cryptographic.
Network Security David Lazăr.
11.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 11 Message Integrity and Message Authentication.
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
Csci5233 computer security & integrity 1 Cryptography: an overview.
Chapter 11 Message Authentication and Hash Functions.
Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.
Cryptography and Network Security (CS435) Part Nine (Message Authentication)
Mort Anvari Introduction to Encryption Technology To insert your company logo on this slide From the Insert Menu Select “Picture” Locate your logo file.
IT 221: Introduction to Information Security Principles Lecture 5: Message Authentications, Hash Functions and Hash/Mac Algorithms For Educational Purposes.
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
Software Security Seminar - 1 Chapter 2. Protocol Building Blocks 발표자 : 최두호 Applied Cryptography.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
@Yuan Xue 285: Network Security CS 285 Network Security Message Authentication Code Data integrity + Source authentication.
Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.
Cryptographic Hash Function
CSCE 715: Network Systems Security
Encryption
Presented by: Dr. Munam Ali Shah
Chapter -7 CRYPTOGRAPHIC HASH FUNCTIONS
Presentation transcript:

Topic 7: Using cryptography in mobile computing

Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing the art of secret communication, comes from Greek meaning “secret writing.” Cryptography has growth in tandem with technology and its importance has also similarly grown. Just as in its early days, good cryptographic prowess still wins wars. A cryptographic system consists of four essential components: –Plaintext – the original message to be sent. –Cryptographic system (cryptosystem) or a cipher – consisting of mathematical encryption and decryption algorithms. –Ciphertext – the result of applying an encryption algorithm to the original message before it is sent to the recipient. –Key – a string of bits used by the two mathematical algorithms in encrypting and decrypting processes. –Key-based encryption algorithm can either be symmetric, also commonly known as conventional encryption, or asymmetric, also known as public key encryption.

Symmetric Encryption – Symmetric encryption or secret key encryption uses a common key and the same cryptographic algorithm to scramble and unscramble the message – The transmitted final ciphertext stream is usually a chained combination of blocks of the plaintext, the secret key, and the ciphertext. – The security of the transmitted data depends on the assumption that eavesdroppers and cryptanalysts with no knowledge of the key are unable to read the message

Public Key Encryption – Public key encryption, commonly known asymmetric encryption, uses two different keys, a public key known by all and a private key known by only the sender and the receiver. – Both the sender and the receiver own a pair of keys, one public and the other a closely guarded private one. To encrypt a message from sender A to receiver B, as shown in figure 10.4, both A and B must create their own pairs of keys. Then A and B publicize their public keys – anybody can acquire them. When A is to send a message M to B, A uses B’s public key to encrypt M. On receipt of M, B then uses his or her private key to decrypt the message M. As long as only B, the recipient, has access to the private key, then A, the sender, is assured that only B, the recipient, can decrypt the message. – This ensures data confidentiality. – Data integrity is also ensured because for data to be modified by an attacker it requires the attacker to have B’s, the recipient’s private key. Data confidentiality and integrity in public key encryption is also guaranteed.

Hash functions – A hash function is a mathematical function that takes an input message M of a given length and creates a unique fixed length output code. The code, usually a 128-bit or 160-bit stream, is commonly referred to as a hash or a message digest. – A one-way hash function, a variant of the hash function, is used to create a signature or fingerprint of the message – just like a human fingerprint. – On input of a message, the hash function compresses the bits of a message to a fixed-size hash value in a way that distributes the possible messages evenly among the possible hash values. – Different messages always hash to different message digests

Digital Signatures A digital signature is an encrypted message digest, by the private key of the sender, appended to a document to analogously authenticate it, just like the handwritten signature appended on a written document authenticates it. Digital signatures are formed using a combination of public key encryption and one-way secure hash function according to the following steps: – The sender of the message uses the message digest function to produce a message authentication code (MAC). – This MAC is then encrypted using the private key and the public key encryption algorithm. This encrypted MAC is attached to the message as the digital signature

Protecting stored data Cryptography plays a vital role in safegurading both stored data and data in communication – Cryptography, due to use of keys, has function codes and digital signitures is widely used and is becoming more and more acknowledged as one of the best ways to secure data and applications both stores at rest and in motion between devices.

Secure key generation and management of mobile devices More and more people are now using a mobile device with either personal or work related data. A growing number of employers are increasingly using unmanaged, personal devices to access sensitive enterprise resources and then connecting these devices to third party services outside of the enterprise security controls. This potentially expose the enterprise sensitive data to possible attackers. There are several security protocols and best practices that can come in handy to situations including: – Mobile Device Encryption – Mobile Remote Wiping – Mobile Passcode Policy

Mobile phone authentication Mobile authentication is driven by a number of factors including: – Simplicity of authentication experience – device-anywhere access – enterprises byod policies – Device public commons access – increased security and compliance demands. Mainstream mobile device authentication methods include: – short message service (SMS) OTP, – device-generated OTP – out-of-band (OOB) – growing number of device manufacturers’ specific authication methods.