Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Slides:



Advertisements
Similar presentations
Chapter 14 – Authentication Applications
Advertisements

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Cryptography and Network Security Chapter 14
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CS5204 – Operating Systems 1 Authentication. CS 5204 – Operating Systems2 Authentication Digital signature validation proves:  message was not altered.
COMP043-Cryptology Week 4 – Certs and Sigs. Digital Signatures Digital signatures provide –Integrity –Authenticity and –Non-repudiation How do they work?
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Public Key Management and X.509 Certificates
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
HIT Standards Committee: Digital Certificate Trust – Policy Question for HIT Policy Committee March 29, 2011.
Pretty Good Privacy (PGP). How PGP works PGP uses both public-key cryptography and symmetric key cryptography, and includes a system which binds the public.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
CS470, A.SelcukPKI1 Public Key Infrastructures CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Security Management.
TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.
Digital Certificates With Chuck Easttom. Digital Signatures  Digital Signature is usually the encryption of a message or message digest with the sender's.
Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.
ECE454/599 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2012.
Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Csci5233 Computer Security1 Bishop: Chapter 10 (Cont.) Key Management: Storage & Revoking.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian.
Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.
Cryptography Chapter 14. Learning Objectives Understand the basics of algorithms and how they are used in modern cryptography Identify the differences.
SECURITY MANAGEMENT Key Management in the case of public-key cryptosystems, we assumed that a sender of a message had the public key of the receiver at.
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
1 Chapter 9: Key Management All algorithms we have introduced are based on one assumption: keys have been distributed. But how to do that? Key generation,
CERTIFICATES. What is a Digital Certificate? Electronic counterpart to a drive licenses or a passport. Enable individuals and organizations to secure.
Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.
King Mongkut’s University of Technology Faculty of Information Technology Network Security Prof. Reuven Aviv 6. Public Key Infrastructure Prof. R. Aviv,
15.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Key Management.
Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian
X.509 Topics PGP S/MIME Kerberos. Directory Authentication Framework X.509 is part of the ISO X.500 directory standard. used by S/MIME, SSL, IPSec, and.
Cryptography and Network Security Chapter 14 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
PKI Future Directions 29 November 2001 Russ Housley RSA Laboratories CS – Class of 1981.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Network Security Continued. Digital Signature You want to sign a document. Three conditions. – 1. The receiver can verify the identity of the sender.
Cryptography and Network Security Chapter 14
Key Management. Authentication Using Public-Key Cryptography  K A +, K B + : public keys Alice Bob K B + (A, R A ) 1 2 K A + (R A, R B,K A,B ) 3 K A,B.
Digital Signatures and Digital Certificates Monil Adhikari.
Security  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.
1 Public Key Infrastructure Rocky K. C. Chang 6 March 2007.
Mar 28, 2003Mårten Trolin1 This lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.
April 20023CSG11 Electronic Commerce Authentication John Wordsworth Department of Computer Science The University of Reading Room.
2013Prof. Reuven Aviv, Mail Security1 Pretty Good Privacy (PGP) Prof. Reuven Aviv Dept. of Computer Science Tel Hai Academic College.
Prof. Reuven Aviv, Nov 2013 Public Key Infrastructure1 Prof. Reuven Aviv Tel Hai Academic College Department of Computer Science Public Key Infrastructure.
Pertemuan #12 Pretty Good Privacy (Pretty Good Privacy) Kuliah Pengaman Jaringan.
Key management issues in PGP
Basics of Cryptography
Cryptography and Network Security
S/MIME T ANANDHAN.
IS3230 Access Security Unit 9 PKI and Encryption
Public Key Infrastructure
زير ساخت كليد عمومي و گواهي هويت
Digital Certificates and X.509
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
Presentation transcript:

Authentication Cristian Solano

Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key distribution are solve with Public Key Cryptography. –Uses a public key and a private key. Cryptography Authentication 2

Pretty Good Privacy (PGP) PGP is an application and protocol for secure and file encryption. PGP provides encryption, authentication, message integrity and key management. It uses a session key, which is a one time-only secret key generated from the random movements of the mouse and keystrokes typed. PGP stores the keys in two files on your hard disk; one for public and one for private keys. These files are called keyrings. Authentication 3

Digital Signatures Digital Signatures enable the recipient of information to verify the authenticity of the information’s origin, and also to verify the information is intact. Digital Signatures provide authentication, data integrity and non- repudiation (it prevents the sender from claiming that he/she did not actually send the information. Authentication 4

Digital Signatures Hash functions –Resolves the problem of enormous volume of data produced by the previous method by producing a fixed-length output. –The Previous method produced at least double the size of the original information. PGP uses this method. Authentication 5

Authentication is a mechanism that verify a claim of authenticity. How do we know that a public key really belongs to its owner? –Key Server –Digital Certificates Key Server –The key server stores [identity, public key] pairs –The key request can be in plaintext –The key server reply is encrypted using the private key of the server –The key server must be trustworthy. Authentication 6 Request: Key of Identity I? Reply: This is the Key of Identity I Key ServerRelying Party

Authentication using a Key Server Problems: –Message 2 can be compromised to allow someone else to act as Bob. –Message 3 can be compromised to allow someone else to act as Alice. Authentication 7

Needham-Schroeder Protocol Authentication 8

Digital Certificates Digital certificates or certs simplifies the task of establishing whether a public key truly belongs to the purported owner. It is a form of credential. A digital certificate consists of three things: –A public key –Certificate information. (Identity) –One or more digital signatures from the attesters. A certificate is a public key with one or two forms of ID attached, plus the approval from some other trusted individual. Certificate servers store certs. Public Key Infrastructures (PKIs) are structured systems that provide additional key management features. Authentication 9

PGP Certificate Format A single certificate can contain multiple signature from the attesters. Some PGP certificates consist of public key with several labels which contains different means of identifying the key owner. Authentication 10

X.509 Certificate Format Authentication 11

X.509 Certificate Example Authentication 12 Public Key Signature

Establishing Trust Trust Models for PGP: –Direct Trust –Hierarchical Trust –A Web of Trust Authentication 13

CA Topologies Authentication 14 Ops Carol Doug BobAlice R&D Legal HQ MESH PKI HQ Carol Doug BobAlice R&DLegalOps HIERARCHI PKI

Authentication 15 CA Topologies Val Rob Louis CarlJohn A&M Main MF HQ Carol Doug BobAlice R&DLegalOps CROSS CERTIFICATION

Certificate Revocation When a certificate holder terminates employment with a company or suspects that the certificate’s corresponding private key has been compromised, they have to invalidate a certificate prior to its expiration date. Only the certificate’s owner or someone whom the certificate’s owner has designated as a revoker can revoke a PGP Certificate. Certificate Revocation List (CRL) provides a list of the unexpired certificates that should no longer be used. Certificate Authority (CA) distributes the CRL to users periodically. Authentication 16

CRL Format Authentication 17 VERSION SIGNATURE ALGORITHM RSA with SHA-1 v1 or v2 C=US, S=VA, O=RSA Labs ISSUER LAST UPDATE 11/25/01 NEXT UPDATE 12/2/01 REVOKED CERTIFICATES CRL EXTENSIONS SIGNATURE SEQUENCE OF SERIAL NUMBER REVOCATION DATE 9/27/01 CRL ENTRY EXTENSIONS

PKIX Infrastructure Authentication 18

Certificate Authorities (CA) The primary role of the CA is to publish the key bound to a given user. This is done using the CA's own key, so that trust in the user key relies on one's trust in the validity of the CA's key. CA generates public keys. (Optional service) CA revokes certificates if information change or if private key is disclosed. Authentication 19

Thank You Questions ? Comments Authentication 20

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.