Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Slides:

Advertisements

Similar presentations

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Advertisements

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Sri Lanka Institute of Information Technology

Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing.

Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.

Feb 18, 2003Mårten Trolin1 Previous lecture Block ciphers Modes of operations First assignment Hash functions.

Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Apr 9, 2002Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication The second assignment.

Homework #4 Solutions Brian A. LaMacchia Portions © , Brian A. LaMacchia. This material is provided without.

Network Security – Part 2 Public Key Cryptography Spring 2007 V.T. Raja, Ph.D., Oregon State University.

Apr 30, 2002Mårten Trolin1 Previous lecture – passwords Passwords for authentication –Storing hashed passwords –Use of salt Passwords for key generation.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Mar 25, 2003Mårten Trolin1 Previous lecture – smart-cards Card-terminal authentication Card-issuer authentication.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

May 21, 2002Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Apr 4, 2003Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication.

Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.

Feb 19, 2002Mårten Trolin1 Previous lecture Practical things about the course. Example of cryptosystem — substitution cipher. Symmetric vs. asymmetric.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.

Security. Cryptography Why Cryptography Symmetric Encryption – Key exchange Public-Key Cryptography – Key exchange – Certification.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

May 28, 2002Mårten Trolin1 Protocols for e-commerce Traditional credit cards SET SPA/UCAF 3D-Secure Temporary card numbers Direct Payments.

Public-key Cryptography Strengths and Weaknesses Matt Blumenthal.

Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.

每时每刻可信安全 1The DES algorithm is an example of what type of cryptography? A Secret Key B Two-key C Asymmetric Key D Public Key A.

Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Cryptography, Authentication and Digital Signatures

CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.

Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.

Cryptography and Network Security Chapter 9 - Public-Key Cryptography

1 Cryptography NOTES. 2 Secret Key Cryptography Single key used to encrypt and decrypt. Key must be known by both parties. Assuming we live in a hostile.

Feb 17, 2003Mårten Trolin1 Previous lecture Practical things about the course. Example of cryptosystem — substitution cipher. Symmetric vs. asymmetric.

Encryption. What is Encryption? Encryption is the process of converting plain text into cipher text, with the goal of making the text unreadable.

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

Encryption No. 1  Seattle Pacific University Encryption: Protecting Your Data While in Transit Kevin Bolding Electrical Engineering Seattle Pacific University.

Copyright 1999 S.D. Personick. All Rights Reserved. Telecommunications Networking II Lecture 41b Cryptography and Its Applications.

Lecture 2: Introduction to Cryptography

Lecture 23 Symmetric Encryption

COEN 351 E-Commerce Security

INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.

Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

Mar 28, 2003Mårten Trolin1 This lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.

Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.

Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.

@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.

Mar 18, 2003Mårten Trolin1 Agenda Parts that need to be secured Card authentication Key management.

Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.

Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke1 Database architecture and security Workshop 4.

CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.

Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.

Security Outline Encryption Algorithms Authentication Protocols

Previous lecture – smart-cards

Cryptography Why Cryptography Symmetric Encryption

Secure Sockets Layer (SSL)

Presented by: Dr. Munam Ali Shah

Chapter -7 CRYPTOGRAPHIC HASH FUNCTIONS

Presentation transcript:

Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding

Feb 25, 2003Mårten Trolin2 This lecture General differences between asymmetric and symmetric cryptography General design of interactive protocols Key exchange Man-in-the-middle

Feb 25, 2003Mårten Trolin3 Symmetric vs. asymmetric cryptography Asymmetric cryptography has easier key management Why not always use asymmetric cryptography –Slower –Needs longer keys

Feb 25, 2003Mårten Trolin4 When to use what type Symmetric –Speed –Key size –Signature size (MACs) Asymmetric –Key distribution –Parties with no secure side-channel (for key distribution)

Feb 25, 2003Mårten Trolin5 Communication with many parties Example: Users want to connect securely to web sites There are many web sites There are even more users Impossible for each web site to know all its potential visitors The solution – use public key cryptography –What if public key cryptography is too slow?

Feb 25, 2003Mårten Trolin6 Designing interactive protocols The web surfer (user) and the web server wishes to exchange large amount of information The user will send a request, and the server will answer (think http!) TCP/IP User Web server

Feb 25, 2003Mårten Trolin7 Interactive protocols – first approach We try with public key cryptography TCP/IP User Web server User’s public key p u Server’s public key p s Request encrypted under p s Response encrypted under p u

Feb 25, 2003Mårten Trolin8 Problems with first approach Speed –Each public key operation takes a significant amount of time. When used on large messages this becomes significant. –The server may have to handle several hundred connections simultanously, making encryption slow. Size –For encryption the message has to split into smaller messages that can be encrypted. –Since public key cryptography is more vulnerable to “weak clear texts” (e.g., small numbers) some padding technique must be used on every block. This makes the cipher text much longer than the clear text.

Feb 25, 2003Mårten Trolin9 Interactive protocols – second approach We try with secret key cryptography TCP/IP User Web server User and web server decides on a symmetric key k Request encrypted under k Response encrypted under k

Feb 25, 2003Mårten Trolin10 Problems with second approach Encryption and decryption is fast, cipher text not much larger than the clear text, but... How does the user and the web server decide on a common secret key? –The user and the web server physically exchange data –The web server sends the key to the user via a secure off-line channel (registered mail etc.) Feasible only when the number of users is low, and there is time to do key-exchange off-line –Possible solution for Internet banking, but not for e-commerce

Feb 25, 2003Mårten Trolin11 Interactive protocols Both the public key and secret key approach has serious problems. What we want – use symmetric cryptography for encryption of the traffic, but avoid the need for complicated off-line key exchange schemes.

Feb 25, 2003Mårten Trolin12 Key exchange The symmetric key can be sent encrypted under the public key Either party can create the key (or they can create it together) Other techniques for key exchange exist (Diffie-Hellman)

Feb 25, 2003Mårten Trolin13 Key exchange – general idea TCP/IP User (p u, s u ) Web server User’s public key p u Symmetric key k encrypted under p u Communication encrypted under k Generates symmetric key k Decrypts k using s u

Feb 25, 2003Mårten Trolin14 Key exchange – possible enhancements Both parties can take part in key generation Assuming the length of the symmetric key s is n, the following variants are possible –First n / 2 bits of s are created by user, last n / 2 by server –User creates n-bit s u, server n-bit s s. The key s is computed as s = s u  s s Key exchange should be repeated at regular intervals

Feb 25, 2003Mårten Trolin15 Man-in-the-middle Access to the key exchange does not give you any useful information about the key. A person that can modify messages can use this to gain knowledge of the symmetric key. This kind of attack is for obvious reasons known as a man-in-the-middle attack.

Feb 25, 2003Mårten Trolin16 User (p u, s u ) Web server User’s public key p u Symmetric key k encrypted under p m Communication encrypted under k Generates symmetric key k Decrypts k using s u Replaces p u with his own p m Man in the middle (p m, s m ) pmpm Decrypts k using s m and reencrypts using p u Symmetric key k encrypted under p u

Feb 25, 2003Mårten Trolin17 Man-in-the-middle After this scheme, the Man-in-the-middle knows the symmetric key k, and can decrypt (or modify) data as he wishes. Different techniques exist to address this problems –Public key certificates