Cryptographic Security CS5204 – Operating Systems1.

Slides:

Advertisements

Similar presentations

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Advertisements

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.

Digital Signatures and Hash Functions. Digital Signatures.

Cryptographic Security Presented by: Josh Baker October 9 th, CS5204 – Operating Systems.

Asymmetric-Key Cryptography

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

8.1 Learning Objectives To become familiar with the range of security threats faced by networked and distributed systems (DSs); To examine various cryptographic.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.

How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.

CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.

E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.

Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.

CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Cryptographic Security Cryptographic Mechanisms 1Mesbah Islam– Operating Systems.

Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/

Chapter 31 Network Security

CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.

©Brooks/Cole, 2003 Chapter 16 Security. ©Brooks/Cole, 2003 Define four aspects of security in a network: privacy, authentication, integrity, and nonrepudiation.

Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.

Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)

Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.

Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.

COEN 351 E-Commerce Security Essentials of Cryptography.

Cryptography, Authentication and Digital Signatures

©The McGraw-Hill Companies, Inc., 2000© Adapted for use at JMU by Mohamed Aboutabl, 2003Mohamed Aboutabl1 1 Chapter 29 Internet Security.

How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.

Computer and Internet Security. Introduction Both individuals and companies are vulnerable to data theft and hacker attacks that can compromise data,

4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.

Fall 2002CS 395: Computer Security1 Chapter 11: Message Authentication and Hash Functions.

Basic Cryptography 1. What is cryptography? Cryptography is a mathematical method of protecting information –Cryptography is part of, but not equal to,

Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!

Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.

23-1 Last time □ P2P □ Security ♦ Intro ♦ Principles of cryptography.

Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.

Network Security7-1 CIS3360: Chapter 8: Cryptography Application of Public Cryptography Cliff Zou Spring 2012 TexPoint fonts used in EMF. Read the TexPoint.

11-Basic Cryptography Dr. John P. Abraham Professor UTPA.

Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

Lecture 8 Overview. Secure Hash Algorithm (SHA) SHA SHA SHA – SHA-224, SHA-256, SHA-384, SHA-512 SHA-1 A message composed of b bits.

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

COEN 351 E-Commerce Security

Computer Science and Engineering Computer System Security CSE 5339/7339 Lecture 11 September 23, 2004.

Network Security Celia Li Computer Science and Engineering York University.

Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

EE 122: Lecture 24 (Security) Ion Stoica December 4, 2001.

Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.

Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.

Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.

Overview Modern public-key cryptosystems: RSA

Security Outline Encryption Algorithms Authentication Protocols

Computer Communication & Networks

Cryptographic Hash Function

NET 311 Information Security

Chapter -7 CRYPTOGRAPHIC HASH FUNCTIONS

Presentation transcript:

Cryptographic Security CS5204 – Operating Systems1

Cryptographic Security CS 5204 – Operating Systems2 Security Considerations Goals : privacy/confidentiality - information not disclosed to unauthorized entities integrity - information not altered deliberately or accidentally authentication - validation of identity of source of information non-repudiation - source of information can be objectively established Factors : reliance on unknown, vulnerable intermediaries (e.g., Internet routers) parties may have no personal or organizational relationship (e.g., e-commerce) use of automated surrogates (e.g., agents) Threats: replay of messages interference (inserting bogus messages) corrupting messages

Cryptographic Security CS 5204 – Operating Systems3 Cryptography Encryption key Decryption key public information E CA M D C M’ KeKe M KdKd Forms of attack: ciphertextonly knownplaintext chosenplaintext

Cryptographic Security CS 5204 – Operating Systems4 Forms of Cryptosystems Private Key (symmetric) : A single key is used for both encryption and decryption. Key distribution problem a secure channel is needed to transmit the key before secure communication can take place over an unsecure channel. Public Key (asymmetric): The encryption procedure (key) is public while the decryption procedure (key) is private. Requirements: 1. For every message M, D(E(M)) = M 2. E and D can be efficiently applied to M 3. It is impractical to derive D from E.

Cryptographic Security CS 5204 – Operating Systems5 Combining Public/Private Key Systems (1) (2) A B Public key encryption is more expensive than symmetric key encryption For efficiency, combine the two approaches (1)Use public key encryption for authentication; once authenticated, transfer a shared secret symmetric key (2) Use symmetric key for encrypting subsequent data transmissions

Cryptographic Security CS 5204 – Operating Systems6 Secure Communication - Public Key System M M ? User X User Y User Z D Y (C) E Y (M) C E Y is the public key for user Y D Y is the secret key for user Y

Cryptographic Security CS 5204 – Operating Systems7 RivestShamirAdelman (RSA) Method M M User X User Y M e mod n C d mod n Encryption Key for user YDecryption Key for user Y C (e, n) (d, n)

Cryptographic Security CS 5204 – Operating Systems8 RSA Method 1. Choose two large (100 digit) prime numbers, p and q,and set n = p x q 2. Choose any large integer, d, so that: GCD( d, ((p1)x(q1)) = 1 3. Find e so that: e x d = 1 (modulo (p1)x(q1)) Example: 1. p = 5, q = 11 and n = 55. (p1)x(q1) = 4 x 10 = A valid d is 23 since GCD(40, 23) = 1 3. Then e = 7 since: 23 x 7 = 161 modulo 40 = 1

Cryptographic Security CS 5204 – Operating Systems9 (Large) Document Integrity File/ message hash process digest Digest properties: fixed-length, condensation of the source efficient to compute irreversible - computationally infeasible for the original source to be reconstructed from the digest unique - difficult to find two different sources that map to the same digest (collision resistance) Also know as: fingerprint Examples: MD5 (128 bits), SHA-1 (160 bits)

Cryptographic Security CS 5204 – Operating Systems10 (Large)Document Integrity file hash process digest file encrypt with sender’s private key digital envelope

Cryptographic Security CS 5204 – Operating Systems11 Guaranteeing Integrity hash process file digest decrypt with sender’s public key file digital envelope digest compare

Cryptographic Security CS 5204 – Operating Systems12 Digital Signatures (Public Key) Requirements: unforgable and unique receiver: knows that a message came from the sender (authenticity) sender: cannot deny authorship( non-repudiation) message integrity sender & receiver: message contents preserved (integrity) (e.g., cannot cutandpaste a signature into a message) Public Key System: sender, A: (E A : public, D A : private) receiver, B: (E B : public, D B : private) sender(A) C= E B (D A (M)) > receiver(B) receiver(B) M = E A (D B (C)) > M

Cryptographic Security CS 5204 – Operating Systems13 Secure Communication (Public Key) B A Handshaking I A, I B are “nonces” nonces can be included in each subsequent message PKB: public key of B; PKA: public key of A; E PKA (I A, I B ) E PKB, (I A, A) E PKB (I B )