Pengenalan kepada Prasarana Kekunci Awam (PKI) dan Konsep Mobile PKI

Slides:



Advertisements
Similar presentations
What is. Digital Certificate It is an identity.
Advertisements

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Public Key Infrastructure and Applications
1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
By: Mr Hashem Alaidaros MIS 326 Lecture 6 Title: E-Business Security.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
Information Security & Cryptographic Principles. Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction.
Pretty Good Privacy (PGP). How PGP works PGP uses both public-key cryptography and symmetric key cryptography, and includes a system which binds the public.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Technology – Broad View1 Networks  For the most part, not a technology, but political/financial issue Available bandwidth continuously increasing (“√2-rule”
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
CERTIFICATES “a document containing a certified statement, especially as to the truth of something ”
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
1. INDEX 2 A signature is a handwritten depiction of someone’s name or nickname that a person writes on documents as proof of identity and intent. Signature.
Computer Science Public Key Management Lecture 5.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Controller of Certifying Authorities Public Key Infrastructure for Digital Signatures under the IT Act, 2000 : Framework & status Mrs Debjani Nag Deputy.
Digital Signatures. Electronic Record 1.Very easy to make copies 2.Very fast distribution 3.Easy archiving and retrieval 4.Copies are as good as original.
Cryptography 101 Frank Hecker
Chapter 31 Network Security
Public Key Cryptography July Topics  Symmetric and Asymmetric Cryptography  Public Key Cryptography  Digital Signatures  Digital Certificates.
1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.
Kittiphan Techakittiroj (24/08/58 22:49 น. 24/08/58 22:49 น. 24/08/58 22:49 น.) Digital Certification Kittiphan Techakittiroj
Digital Certificates With Chuck Easttom. Digital Signatures  Digital Signature is usually the encryption of a message or message digest with the sender's.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
Types of Electronic Infection
Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.
ELECTROINC COMMERCE TOOLS Chapter 6. Outline 6.0 Introduction 6.1 PUBLIC KEY INFRASTRUCTURE (PKI) AND CERTIFICATE AUTHORITIES (CAs) TRUST
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
Welcome to the Introduction of Digital Signature Submitted By: Ankit Saxena.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
DIGITAL SIGNATURE.
Private key
Security. Security Needs Computers and data are used by the authorized persons Computers and their accessories, data, and information are available to.
TAG Presentation 18th May 2004 Paul Butler
Key management issues in PGP
Public Key Infrastructure (PKI)
Basics of Cryptography
Public Key Infrastructure and Applications
Computer Communication & Networks
TAG Presentation 18th May 2004 Paul Butler
e-Health Platform End 2 End encryption
S/MIME T ANANDHAN.
IS3230 Access Security Unit 9 PKI and Encryption
Chapter 7 STRENGTH OF ENCRYPTION & Public Key Infrastructure
The Secure Sockets Layer (SSL) Protocol
Chapter 4 Cryptography / Encryption
e-Security Solutions Penki Kontinentai Vladas Lapinskas
National Trust Platform
Presentation transcript:

Pengenalan kepada Prasarana Kekunci Awam (PKI) dan Konsep Mobile PKI Introduction to Public Key Infrastructure (PKI) and Mobile PKI concept Pengenalan kepada Prasarana Kekunci Awam (PKI) dan Konsep Mobile PKI By: Ami Azrul bin Abdullah

Notes Dengan izin, the content of this presentation will be in English for the ease of understanding.

AGENDA PREAMBLE BACKGROUND OF ENCRYPTION PKI IN A NUTSHELL PKI IN A MACRO LEVEL MOBILE PKI CONCEPT QUESTION AND ANSWER AGENDA

PREAMBLE 1:

PREAMBLE 2 Preservation of Confidentiality, Integrity, Availability (CIA) Confidentiality Information is observed by or disclosed to only those who have a right to know. Availability Integrity Information is available and usable when required, and the systems that provide it can resist attacks and recover from failure. Information is accurate and protected from unauthorized modification.

HISTORY OF ENCRYPTION

In the beginning The needs to encrypt/decrypt message Creation of Keys E.g. Ami Azrul - gqi18qhoi Creation of Keys Keys are drived from an algorithm/set of formulas At first symmetric key is used

Next The flaws of symmetric key The Creation of Assymetric Key Two keys are not the same yet interrelated One cannot exist without the other Always term as key pairs – private and public The process done by private (secret) can only be reversed by public (and vice versa)

Intermezzo Symmetric – Key Pairs are the same; encrypt and decrypt Common Algorithm :AES · Blowfish · DES · Triple DES · Serpent · Twofish Assymmetric – Public and Private Key Pairs Common examples: Diffie-Helman, ECC, RSA Further reading: http://en.wikipedia.org/wiki/RSA or http://en.wikipedia.org/wiki/Assymetric_key_cryptography

And so.. "private key" means the key of a key pair used to create a digital signature; "public key" means the key of a key pair used to verify a digital signature; Definitions from DSA 1997

But Keys are only algorithms ->numbers The numbers -> keys are unique Associate identity with keys The birth of the Certification Authority, Registration Authority, and of course our regulator.

PKI IN A NUTSHELL

Digital Certificates Electronic counterparts to driver licenses, passports, membership cards or any legal identification documents: Proof of identity when communicating online Contain information about the owner i.e Name, Public Key, Issuer Name, Validity Date etc Contain a pair of key: Private Key and Public Key Kept securely and safely by the owner Use to generate digital signature Kept by the relying party, CA or anybody who want to transact with the owner Use to verify the digital signature

Digital Certificate: Sample a) Identity of the public key owner b) Public Key c) Version Number d) Certificate serial number e) Identity of the issuer f) Validity period g) Extension fields The digital certificate’s format is defined by CCITT X.509 International standard

The story continues.. digital signature" means a transformation of a message using an asymmetric cryptosystem such that a person having the initial message and the signer's public key can accurately determine- (a) whether the transformation was created using the private key that corresponds to the signer's public key; and (b) whether the message has been altered since the transformation was made; "

The Concept of Digital Certificates - Private & Public Key SOME TECHNICAL CONCEPT The Concept of Digital Certificates - Private & Public Key Document private (recipient) CA via RA Smart Card secret public public (recipient) Document Document Decryption Encryption Digital Signature Digital Signature Internet Intranet

Asymmetric encryption The quick brown fox jumps over the lazy dog H88g&ikp080+h6 54gcv.&Tgf7676f HF76yt476hTPcs Encryption Encrypted data Clear data Receivers Public key H88g&ikp080+h6 54gcv.&Tgf7676f HF76yt476hTPcs The quick brown fox jumps over the lazy dog Decryption Clear data Encrypted data cret Receivers Private key se Different keys Suggested for the first time in 1976 by two Americans, Diffie & Hellman Only receiver can decrypt with his private key Everyone can encrypt with receiver’s public key

Digital Signature and authentication The quick brown fox jumps over the lazy dog H88g&ikp080+h6 54gcv.&Tgf7676f HF76yt476hTPcs Me mod n Encrypted data (but not secret) Clear data Senders Private key H88g&ikp080+h6 54gcv.&Tgf7676f HF76yt476hTPcs The quick brown fox jumps over the lazy dog Re mod n Encrypted data Clear data Senders Public key Private key can be used for “encryption” Only sender can have generated this message! Used for authentication and digital signatures

WHAT DOES PKI FULFILL? Confidentiality Authenticity Integrity Non Repudiation

PKI IN MACRO LEVEL

Registration Authority Accredit CA/ Trust Partner HOW TRUST WORKS IN PKI Registration Authority Accredit CA/ Trust Partner Root CA Agency (USER) Register Subscriber Information Certificate Request (Identification) 1 3 Issue Subscriber Certificate 2 Validate Subscriber 5 Validate CA 6 Issue CA Electronic Document Certificate 4 Verify Electronic Signature 7 Agency

MEDIA FOR CERTIFICATES Key & Certificates Storage: Smart Card incl. MyKad Crypto USB Token Hard / Floppy Disk MOBILE PHONES

AND …. Reader Driver for communication between OS/Devices PKI Agent/Software needed to give card / token function. Similar to mobile.

MOBILE PKI CONCEPT

Background There are more users of smart phones than PC On the go transaction Concept wise: User download Agent on mobile phone: Android, iOS, Windows and Blackberry

Socket Based Connection User opens the third party’s website User provides needed info Third party calls the required function from our server. Our server calls the client side app. Client side app sent back the result Our Server sends the result back to the server. The client side (phone/pc) is having two way connection with our server. Third parties can issue a request for operation; Our server will ask the client to do that operation Server will send the result back to the third party.

Socket Based Connection Functions: Encrypt Verify Authentication Mobile GPKI Agent Functions: Sign Decrypt Bidirectional Socket Web Service Calling Third Party Application GPKI Agent Gateway Server PC GPKI Agent

Question and Answers TERIMA KASIH

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.