2 Your data is anywhere but not in your control Security breaches are recurrent – Weakest link: hardware, software, technicians, … You may trust the science.

Slides:



Advertisements
Similar presentations
Encipherment Using Modern Symmetric-Key Ciphers. 8.2 Objectives ❏ To show how modern standard ciphers, such as DES or AES, can be used to encipher long.
Advertisements

Russell Martin August 9th, Contents Introduction to CPABE Bilinear Pairings Group Selection Key Management Key Insulated CPABE Conclusion & Future.
Cryptography The science of writing in secret code.
Cryptography. 2 Objectives Explain common terms used in the field of cryptography Outline what mechanisms constitute a strong cryptosystem Demonstrate.
A PASS Scheme in Clouding Computing - Protecting Data Privacy by Authentication and Secret Sharing Jyh-haw Yeh Dept. of Computer Science Boise State University.
Security Chapters 14,15. The Security Environment Threats Security goals and threats.
Security Chapters 14,15. The Security Environment Threats Security goals and threats.
CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,
Wireless Encryption By: Kara Dolansky Network Management Spring 2009.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Security Chapter The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from.
CMSC 414 Computer and Network Security Lecture 9 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Lecture 19 Page 1 CS 111 Online Security for Operating Systems: Cryptography, Authentication, and Protecting OS Resources CS 111 On-Line MS Program Operating.
Practical Techniques for Searches on Encrypted Data Yongdae Kim Written by Song, Wagner, Perrig.
Encryption Presentation Jamie Roberts. Encryption Defined: n The process of converting messages, information, or data into a form unreadable by anyone.
Privacy-Preserving P2P Data Sharing with OneSwarm -Piggy.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.
Information Security Fundamentals Major Information Security Problems and Solutions Department of Computer Science Southern Illinois University Edwardsville.
Network Security Lecture 26 Presented by: Dr. Munam Ali Shah.
Cryptography, Authentication and Digital Signatures
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
©The McGraw-Hill Companies, Inc., 2000© Adapted for use at JMU by Mohamed Aboutabl, 2003Mohamed Aboutabl1 1 Chapter 29 Internet Security.
Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Códigos y Criptografía Francisco Rodríguez Henríquez Security Attacks: Active and Passive Active Masquerade (impersonation) Replay Modification of message.
CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1
Basic Cryptography 1. What is cryptography? Cryptography is a mathematical method of protecting information –Cryptography is part of, but not equal to,
Class 5 Channels and Preview CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
Presented by: Sanketh Beerabbi University of Central Florida.
Major Disciplines in Computer Science Ken Nguyen Department of Information Technology Clayton State University.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 28 Omar Meqdadi Department of Computer Science and Software Engineering.
Software Security Seminar - 1 Chapter 10. Using Algorithms 조미성 Applied Cryptography.
15-499Page :Algorithms and Applications Cryptography I – Introduction – Terminology – Some primitives – Some protocols.
Lecture 23 Symmetric Encryption
ICOM 5018 Network Security and Cryptography Description This course introduces and provides practical experience in network security issues and cryptographic.
Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does.
1 Thuy, Le Huu | Pentalog VN Web Services Security.
Deck 10 Accounting Information Systems Romney and Steinbart Linda Batch March 2012.
Attribute-Based Encryption With Verifiable Outsourced Decryption.
EE 122: Lecture 24 (Security) Ion Stoica December 4, 2001.
Keyword search on encrypted data. Keyword search problem  Linux utility: grep  Information retrieval Basic operation Advanced operations – relevance.
Lecture 3 Page 1 CS 236 Online Introduction to Cryptography CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
Vijay V Vijayakumar.  Implementations  Server Side Security  Transmission Security  Client Side Security  ATM’s.
This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
Information Systems Design and Development Security Precautions Computing Science.
Big Data Security Issues in Cloud Management. BDWG Big Data Working Group Researchers 1: Data analytics for security 2: Privacy preserving 3: Big data-scale.
Modeling security 1. Models - encryption r Alice and Bob have the same key k r Alice and Bob exchange encrypted messages r Eve wants to get the plaintext.
1 CIS 5371 Cryptography 1.Introduction. 2 Prerequisites for this course  Basic Mathematics, in particular Number Theory  Basic Probability Theory 
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
Searchable Encryption in Cloud
Chapters 14,15 Security.
Cryptographic Hash Functions Part I
Cloud Security 李芮,蒋希坤,崔男 2018年4月.
Cryptography and Network Security
Chapters 14,15 Security.
Review of Cryptography: Symmetric and Asymmetric Crypto Advanced Network Security Peter Reiher August, 2014.
Cloud Computing for Wireless Networks
Presentation transcript:

2 Your data is anywhere but not in your control Security breaches are recurrent – Weakest link: hardware, software, technicians, … You may trust the science of cryptography

3 + CRYPTOGRAPHY “Applied Crypto” – system constructions – practical & efficient “Foundation” – formal definitions – formal security proof I. Privacy Enhancing Technologies II. Searchable Encryption III. Cloud Crypto. IV. Lattice- Based Crypto Projects I, III, IV are ongoing FYPs in ’13-’14 Projects I-III have both research and implementation elements Project IV requires a good foundation in Mathematics

4 Confid- entiality Integrity (/ Auth.) Info. Security Availab- ility

5 Encryption supposes to hide as much info of the plaintext as possible You may want your mobile devices only download encrypted s marked with the keyword “urgent” from the server. You don’t want the server to know what are the keywords associated with each .

6 Download all data, then decrypt – O(N) communication – N: number of documents Build a local index, then download – O(N) local storage Ideally, O(n) complexity (at least at client side) – n: number of matching documents (n << N)

7 = Enc( ) = “work, blah blah …” Keyword ( ) = [“work”] = [“work”] = Enc(“work …”)

8 Encryption of the same plaintext always lead to the same ciphertext – Not the most secure, but allows efficient indexing Order-preserving encryption – the relative order of plaintexts is preserved in ciphertexts

9 Is “absolute-”authentication always good? Right balance of privacy and accountability Electronic Payments – Octopus, electronic toll pricing, Bitcoin, etc – Do you worry about leaking your spending pattern? – Merchants & Bank also have their concerns Double-spending, money laundry, etc.

10 Everyone can write on different topics Writers & reviewers can be anonymous Multiple posts are unlinkable Even in places with restricted freedom of speech, user will not be identified (and punished)

11 Easy! Use pseudonyms – Service provider (SP) knows your nym and IP – profile a user uniquely by sophisticated data mining Easy! Use anonymous network, e.g., Tor What if user repeatedly violating copyright, posting advertisement, using abusive language? So exit-nodes of Tor are blocked Crypto-solutions, e.g., MS U-Prove, IBM Idemix

12 A system must be serving the info when it is needed. How can cryptography help to ensure availability? E.g., consider cloud storage again, how can I ensure that the cloud service provider is really storing my file? At least, I can provide (cryptographic) evidence when it fails to do so.

13 The cloud may not want to store the same copy of the file from different users twice. Check a message digest like hash(file)? You can then transfer this short hash to your friend => Instant sharing! Again, we need cryptographic technique

14 Symmetric key encryption: dk = ek Public key encryption: (dk, ek) is a valid key pair Identity-based encryption: dk ID can decrypt Enc f ID’ (m) when f ID’ (ID)=1, i.e., ID = ID’ Key-Policy ABE: dk f decrypt Enc A () when f(A)=1 Ciphertext-Policy: dk A decrypt Enc f () Functional encryption: dk g dec Enc f () if R(f, g)=1

15 Big data You may not have the computational resource or the expertise to analyze the big data Outsource it to the cloud! What if the computation is sensitive? – Filing tax, DNA-related computation, etc What if the cloud computed wrongly? – Wrong decision in investment

16 A lattice is a set of points in the n-dimensional Euclidean space R n with a strong periodicity. Intractable mathematical problems are leveraged to construct cryptographic systems. Shortest Vector Problem: Given a basis of a lattice, find the shortest vector in the lattice.

17 Fully Homomorphic Encryption – It was open until 2009 Multi-linear pairing – The first construction was born in May last year! – Bi-linear pairing already solved many problems in this decade, e.g.: – public-key searchable encryption – functional encryption

18 familiarity with proofs designing systems (basic) probability and number theory You don’t need to know number theory but you are expected to pick it up under my advice open-minded cryptanalysis (black-hat) We can setup meetings for further discussion

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.