Trust and the Public Key Infrastructure (PKI) Sangyoon Oh Florida State University Computer Security Projects GS5891-01 Spring 2001.

Slides:

Advertisements

Similar presentations

The Diffie-Hellman Algorithm

Advertisements

Computer Security CIS326 Dr Rachel Shipsey.

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Security in Internet: what is it now? A presentation by Dmitry Belyavsky, TCI ENOG 6 / RIPE NCC Regional Meeting Kiev, Ukraine, October 2013.

Computer and Network Security Mini Lecture by Milica Barjaktarovic.

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

Public Key Infrastructure Ben Sangster February 23, 2006.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography.

Computer Security Key Management. Introduction We distinguish between a session key and a interchange key ( long term key ). The session key is associated.

Computer Security Key Management

Is Hierarchical Public-key Certification The Next Target For Hackers? 報告人：范亞亭 2005/10/06.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.

CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

EEC-484/584 Computer Networks Lecture 16 Wenbing Zhao

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.

Public-Key Cryptography and RSA CSE 651: Introduction to Network Security.

Network Security Chapter Computer Networks, Fifth Edition by Andrew Tanenbaum and David Wetherall, © Pearson Education-Prentice Hall, 2011.

Computer Science Public Key Management Lecture 5.

Public Key Infrastructure Ammar Hasayen ….

Public Key Model 8. Cryptography part 2.

Security Protocols in Automation Dwaine Clarke MIT Laboratory for Computer Science January 8, 2002 With help from: Matt Burnside, Todd.

1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.

Computer Networks NYUS FCSIT Spring 2008 Milos STOLIC, Bs.C. Teaching Assistant

Network Security. An Introduction to Cryptography The encryption model (for a symmetric-key cipher).

ECE453 – Introduction to Computer Networks Lecture 18 – Network Security (I)

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

Network Security. Information secrecy-only specified parties know the information exchanged. Provided by criptography. Information integrity-the information.

CS110: Computers and the Internet Encryption and Certificates.

RSA Implementation. What is Encryption ? Encryption is the transformation of data into a form that is as close to impossible as possible to read without.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

Social Networking with Frientegrity: Privacy and Integrity with an Untrusted Provider Prateek Basavaraj April 9 th 2014.

Symmetric versus Asymmetric Cryptography. Why is it worth presenting cryptography? Top concern in security Fundamental knowledge in computer security.

Lecture 5.3: Key Distribution: Public Key Setting CS 436/636/736 Spring 2012 Nitesh Saxena.

Krerk Piromsopa. Network Security Krerk Piromsopa. Department of Computer Engineering. Chulalongkorn University.

Midterm Review Cryptography & Network Security

Trust- and Clustering-Based Authentication Service in Mobile Ad Hoc Networks Presented by Edith Ngai 28 October 2003.

Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.

15.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Key Management.

CSE 543 Computer Security: Risks of PKI - Josh Schiffman & Archana Viswanath Ten Risks of PKI: What You're not Being Told about Public Key Infrastructure.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED.

Security (and privacy) Larry Rudolph With help from Srini Devedas, Dwaine Clark.

Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.

Virtual Private Network. VPN In the most basic definition, VPN is a connection which allows 2 computers or networks to communicate with each other across.

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Cryptographic Security Identity-Based Encryption.

Encryption CS110: Computer Science and the Internet.

Computer and Network Security - Message Digests, Kerberos, PKI –

INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.

Group 9 Chapter 8.3 – 8.6. Public Key Algorithms  Symmetric Key Algorithms face an inherent problem  Keys must be distributed to all parties but kept.

©2001 Check Point Software Technologies Ltd. - Proprietary & Confidential outline What is a VPN? What is a VPN?  Types of VPN.

Digital Signatures and Digital Certificates Monil Adhikari.

1 Authenticated Key Exchange Rocky K. C. Chang 20 March 2007.

Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.

M2 Encryption techniques Gladys Nzita-Mak. What is encryption? Encryption is the method of having information such as text being converted into a format.

Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.

INFSO-RI Enabling Grids for E-sciencE Sofia, 17 March 2009 Security, Authentication and Authorisation Mike Mineter Training, Outreach.

Key management issues in PGP

Presented by Edith Ngai MPhil Term 3 Presentation

Virtual Private Network

Recent developments in group key exchange

Computer Security CIS326 Dr Rachel Shipsey.

Install AD Certificate Services

Public-Key, Digital Signatures, Management, Security

Computer Security CIS326 Dr Rachel Shipsey.

Presentation transcript:

Trust and the Public Key Infrastructure (PKI) Sangyoon Oh Florida State University Computer Security Projects GS Spring 2001

4/20/2001Computer Security2 Outlines Security on Current Internet What is PKI? Structures and Models Weaknesses and Right PKI Trustworthiness in open network

4/20/2001Computer Security3 Security on Internet Internet is cloud of connection User is responsible for everything E-commerce and B2B grow rapidly Needs framework to exchange data and money securely and privately

4/20/2001Computer Security4 Public Key Infrastructure Alice CA Bob Privacy: Bob ’ s public key Bob ’ s public key Alice ’ s public key Authentication: Alice ’ s private key

4/20/2001Computer Security5 Structures and Models Hierarchical structure: X.509 Pretty Good Privacy Virtual Private Network Secure connection over the phone line. Network service provider & Hardware vender Authentication, Encryption, Tunneling, Access Control

4/20/2001Computer Security6 Weakness Security is as strong as weakest link User computer is not safe: Private key Hacker use Root certificate RA (certificate content) - CA link is very weak.

4/20/2001Computer Security7 Right PKI Choose the right structure B2B, B need Hierarchical structure: X.509 Right Implementation Stochastic, security policy management prevent reliability failure and low level penatration Right Choice of PKI Structure prevent malicious attack

4/20/2001Computer Security8 Valuation of Trust (Thomas Beth, Malte Borcherding, Birgit Klein) Direct and Recommended Trust Trust Value Deriving Trust Relationships Combination of Trust Values Use: entrust task worth 100 unit, risk 49 unit.

4/20/2001Computer Security9 Secure communication in an unknown network ( M. Burmester and Y. Desmedt) Structure of trust graph is not known except attacker Using query flood, get neighbor list. Label the vertexes Get a good approximation of the trust graph

4/20/2001Computer Security10 Reference Which PKI (Public Key Infrastructure) is the right one? -- Carlisle Adams, Mike Burmester, Yvo Desmedt (2000) Valuation of Trust in Open Networks -- Thomas Beth, Malte Borcherding, Birgit Klein (1994) Secure communication in an unknownnetwork using certificates. -- M. Burmester and Y. Desmedt. (1999) Ten Risks of PKI: What you’re not being told about Public Key Infrastructure. -- Carl Ellison, Bruce Schneier (2000) Security in Computing, 2 nd -- Charles P. Pfleeger

4/20/2001Computer Security11 Reference Con ’ t A Method for Obtaining Digital Signatures and Public-Key Cryptosystems. -- Rivest, R. L., Shamir, A., and Adleman, L. (1978). SPKI/SDSI 2.0 A Simple Distributed Security Infrastructure -- Ronald L. Rivest (1997) Virtual Private Networks -- Cris Banson (1999) What is a VPN? -- Paul Ferguson, Geoff Huston (1998)