Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.

Slides:



Advertisements
Similar presentations
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Advertisements

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
CP3397 ECommerce.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Cryptography and Network Security
SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
COMP043-Cryptology Week 4 – Certs and Sigs. Digital Signatures Digital signatures provide –Integrity –Authenticity and –Non-repudiation How do they work?
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Chapter 5 Network Security Protocols in Practice Part I
Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Principles of Information Security, 2nd edition1 Cryptography.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Cryptography and Network Security Chapter 17
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Cryptographic Technologies
Chapter 8 Web Security.
Security on the Internet Jan Damsgaard Dept. of Informatics Copenhagen Business School
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
Digital Certificates Public Key Deception Digital Certificates Certificate Authorities Public Key Infrastructures (PKIs)
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
SYSTEM ADMINISTRATION Chapter 13 Security Protocols.
OpenVPN OpenVPN: an open source, cross platform client/server, PKI based VPN.
Securing Data at the Application Layer Planning Authenticity and Integrity of Transmitted Data Planning Encryption of Transmitted Data.
32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
Secure Socket Layer (SSL)
SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Web Security : Secure Socket Layer Secure Electronic Transaction.
06 APPLYING CRYPTOGRAPHY
Module 9: Fundamentals of Securing Network Communication.
Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.
Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.
Internet-security.ppt-1 ( ) 2000 © Maximilian Riegel Maximilian Riegel Kommunikationsnetz Franken e.V. Internet Security Putting together the.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Encryption protocols Monil Adhikari. What is SSL / TLS? Transport Layer Security protocol, ver 1.0 De facto standard for Internet security “The primary.
Mar 28, 2003Mårten Trolin1 This lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Encryption and Security Tools for IA Management Nick Hornick COSC 481 Spring 2007.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
Chapter 5 Network Security Protocols in Practice Part I
Cryptography and Network Security
IS3230 Access Security Unit 9 PKI and Encryption
CompTIA Security+ Study Guide (SY0-501)
Security in ebXML Messaging
The Secure Sockets Layer (SSL) Protocol
Unit 8 Network Security.
Electronic Payment Security Technologies
Presentation transcript:

Lesson 12 Cryptography for E-Commerce

Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with Core Protocols--IPsec Parallel Security Protocol--Kerberos

Protocol and Security: SSL HTTP TCP IP NOT SECURE SSL TCP IP HTTPFTPSMTP SECURE

The TCP connection (“3-way Handshake”) client Server SYN Client sends connection request, Specifying a port to connect to On the server. client Server SYN/ACK Server responds with both an acknowledgement and a queue for the connection. client Server ACK Client returns an acknowledgement and the circuit is opened.

SSL in Action CLIENT SERVER 1 ClientHello 2 ServerHello 3 ServerKey Exchange 4 ServerHelloDone 5 ClientKey Exchange 6 ChangeCiperSpec 7 Finished

SSL in Action CLIENT SERVER 4 ServerHelloDone 5 ClientKey Exchange 6 ChangeCiperSpec 7 Finished 8 ChangeCipherSpec 9 Finished

Protocol and Security: SHTTP HTTP TCP IP NOT SECURE SECURE HTTP TCP IP Security

Protocol and Security: IPSEC HTTP TCP IP NOT SECURESECURE HTTP TCP IPSEC

Protocol and Security: Parallel HTTP TCP IP NOT SECURE SECURE HTTP TCP IP Kerberos

PROTOCL COMPARISONS Separate Protocol Application Protocol Integrated with Core Parallel Protocol ABCDE A - Full security B - Multiple Applications C - Tailored Services D - Transparent to Applications E - Easy to Deploy

What is Cryptography Protecting information by transforming it into an unreadable format Encryption is the process that transforms the data into the unreadable format, Decryption restores it to its original format. Used to prevent information from “falling into the wrong hands” Data is only available to the people that are supposed to see it

Uses of Cryptography Use Keeping Secrets Providing Identity Verifying Info Service Confidentiality Authentication Message Integrity Protects Against Eavesdropping Forgery & Masquerade Alteration

Cryptography in Use Today SSL -- Secure Socket Layer TLS -- Transport Layer Security protocol IPsec -- Internet Protocol Security SET -- Secure Electronic Transactions Smart Cards VPN -- Virtual Private Network File or Disk Encryption Tools Remote access: SSH -- Secure Shell Digital Signature Algorithm -- DSA PGP -- Pretty Good Privacy PKI -- Public Key Infrastructure

Cryptographic Classifications Secret Key Cryptography –Symmetric Encryption –All Parties have same key Public Key Cryptography –Asymmetric Encryption –Different Keys: public and private

Secret Key Cryptography Symmetric Encryption Professor Student Step 4- Decipher with secret key Step 3 - Send Encrypted Message Step 2-Encipher with secret key Step 1- Secret Key Exchange occurs

Secret Key Cryptography PROs: – Very Secret – Key Size Determines how hard to break CONs: –Key Management is a Burden –Cryptography can be slow

Symmetirc Encrpytion Algorithms DESData Encryption Standard 3DESTriple-Strength DES RC2Rivest Cipher 2 RC4Rivest Cipher 4 All commonly used with SSL

Public Key Cryptography Digital Signatures and Public Key Encryption –Message encrypted or signed with private key of sender and public key of recipient –Recipient decrypts with own private key and sender’s public key –Only sender has the right private key so if it decrypts it must have come from the sender –NOTE: Assumes keys have not been compromised

Public Key Cryptography Asymmetric Encryption Step 1- Create Public and Private Keys Professor Student Step 3- Encipher with public Key Step 2 - Send Public Key to Student Step 4 -Send Encrypted Message Step 5- Decipher with private key

Public Key Cryptography PROs: –As Shown this Proves Identity –This Results in a Digital Signature Used to authenticate digital material Prove identity and validity of action or material CONs: –Burdensome if you need widespread use

Combining the Best of Both Professor Student Step 1- Create Public and Private Keys Step 1- Generate a Secret Key Step 2 - Send Public Key to Student Step 4 -Send Encrypted Message Step 5- Decipher with private key and retrieve secret key Step 3- Encipher Secret Key with Public Key

Uses of Public Key Cryptography Digital Signatures –Used to authenticate digital material –Prove identity and validity of action or material Transmission of symmetric key (public key encryption is generally slower)

Public Key Infrastructure The Mainstream method (using public key cryptography ) by which to ensure key management and reliable authentication and encryption between two objects that are communicating over a single open network

Public Key Infrastructure Purpose: provide an environment that addresses today’s business, legal, network, and security demands for trust and confidentiality Environment: policies, protocols, services and standards that support public key cryptogrpahy

Public Key Infrastructure Provides: –Strong user identification –Cryptographic Services –Evidence for non-repudiation among strangers

Technology Components of PKI Keys: public and private Certificate Authority (CA) –Responsible trusted 3rd party that issues, revokes, and manages digital certificates Registration Authority (RA) –Optional entity implicity trusted by a CA to validate another entity’s indentity prior to the CA issuing a digital certificate –Usually needed in large PKI deployments

Technology Components of PKI Digital Certificates –Fundamental to PKI –Credentials issued to an entity that uniquely identifies the entity for all others –The credentials act like a “passport” –Digital Certificates contain the entity’s public key

Technology Components of PKI Repository –The workhorse of PKI –Stores certificates and entity information –Provides lookup and retrieval services to an enterprise –Also handles certificate revocation list (CRL) checking

Other Components of PKI Policy Management Authority (PMA) –Policy Approval Authority Develops governing policy for PKI –Policy Creation Authority (PCA) Implements PKI policy through CA establishment

PKI Policy Primary PKI Policies –Certificate Policy (CP) What the PKI environment does Publicly available document Policy Approval Authority –Certification of Practice Statement(CPS) How the PKI environment does it Details the functions of the PKI Internal document

PKI in Action Certificate Authority Certificate Repository ME YOU Generate Keys Register with CA Digital Certificates Returned

PKI in Action Certificate Authority Certificate Repository ME YOU Encrypt With Private Key Decrypt With Public Key Send Encrypted Message Request/Get Digital Certificate

Summary Cryptography ensures CIA Public Key Cryptography ensures Authentication Public Key Cryptography ensures non-repudiation

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.