Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,

Slides:



Advertisements
Similar presentations
Chapter 3 Public Key Cryptography and Message authentication.
Advertisements

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.
ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Cryptographic Technologies
Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
Encryption Methods By: Michael A. Scott
Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.
Computer Science Public Key Management Lecture 5.
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Introduction to Public Key Cryptography
Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.
1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.
CSCI 6962: Server-side Design and Programming
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
Public Key Cryptography July Topics  Symmetric and Asymmetric Cryptography  Public Key Cryptography  Digital Signatures  Digital Certificates.
1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.
1 Public-Key Cryptography and Message Authentication Ola Flygt Växjö University, Sweden
©Brooks/Cole, 2003 Chapter 16 Security. ©Brooks/Cole, 2003 Define four aspects of security in a network: privacy, authentication, integrity, and nonrepudiation.
Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
10/1/2015 9:38:06 AM1AIIS. OUTLINE Introduction Goals In Cryptography Secrete Key Cryptography Public Key Cryptograpgy Digital Signatures 2 10/1/2015.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Cryptography, Authentication and Digital Signatures
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
©The McGraw-Hill Companies, Inc., 2000© Adapted for use at JMU by Mohamed Aboutabl, 2003Mohamed Aboutabl1 1 Chapter 29 Internet Security.
Computer and Internet Security. Introduction Both individuals and companies are vulnerable to data theft and hacker attacks that can compromise data,
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
BASIC CRYPTOGRAPHIC CONCEPTS. Public Key Cryptography  Uses two keys for every simplex logical communication link.  Public key  Private key  The use.
Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!
1 Public-Key Cryptography and Message Authentication.
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Encryption. What is Encryption? Encryption is the process of converting plain text into cipher text, with the goal of making the text unreadable.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
1 Introduction The State of the Art in Electronic Payment Systems, IEEE Computer, September 1997.
Cryptographic Techniques
Key Management Network Systems Security Mort Anvari.
Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
1 Cryptography Troy Latchman Byungchil Kim. 2 Fundamentals We know that the medium we use to transmit data is insecure, e.g. can be sniffed. We know that.
Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
EE 122: Lecture 24 (Security) Ion Stoica December 4, 2001.
IT 221: Introduction to Information Security Principles Lecture 5: Message Authentications, Hash Functions and Hash/Mac Algorithms For Educational Purposes.
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
Basics of Cryptography
Security Outline Encryption Algorithms Authentication Protocols
Chapter 3 - Public-Key Cryptography & Authentication
Presentation transcript:

Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May, 2000

Topic: Crytographic Techniques - Encryption and decryption - Symmetric encryption - Asymmetric or public-key encryption - Message digesting or hashing - Digital signatures and enveloping - digital signatures, dual signatures, blind signatures - Public key management - certificates and certification authorities Jerry Gao Ph.D.5/20000 Outline All Rights Reserved

Jerry Gao Ph.D.5/2000 Introduction to Crytographic Techniques Topic: Crytographic Techniques

Jerry Gao Ph.D.5/2000 In cryptographics, a message in human readable form is referred to plaintext or cleartext. Encryption: Encryption refers to a process which disguises a cleartext message to hide its substance and generates a message, known as ciphertext. Plaintext is denoted by P, whereas ciphertext is denoted by C. The encryption function E operates on P to produce C based on a key value K: E k (P) = C Encryption and Decryption Encryption Key PlaintextCiphtext Topic: Crytographic Techniques

Jerry Gao Ph.D.5/2000 Encryption and Decryption decryption Decryption: The reverse process of encryption is known as a decryption, in which a cihhertext is converted back to its original cleartext form. In the reverse process, the decryption function D operates on C to produce P based on a key value K: D k (C) = P Encryption Key CiphertextPlaintext Topic: Crytographic Techniques

Jerry Gao Ph.D.5/2000 Symmetric Encryption Topic: Crytographic Techniques Symmetric encryption (secret-key encryption, or single-key encryption): Secret-key encryption refers to the use of a shared key for both encryption by the transmitter and decryption by the receiver. Work step: - Sender sends a message after encryption with a secret-key. - Receiver decrypt the message with the same secret key after receiving it. Internet Anne sends a message Bob receives Anne’s message Encrypt with a secret key Decrypt with a secret key Encrypted Message Encrypted Message

Jerry Gao Ph.D.5/2000 Symmetric Encryption Topic: Crytographic Techniques Special features of symmetric encryption: - Two communication parties use and share the same key. - Encryption and decryption is carried out based on the same key. - Both parties must agree on the secret key before communications. Advantages: - Useful in many cases which only involves two-party communications. Problems and limitations: - Complex in key distribution (key generation, transmission, and storage). - Not scalable. - Impractical to support large group of communications in networks. - Impossible to support exchanging messages with a large group of previously unknown parties over a public open network. Example: DES (the Data Encryption Standard)

Jerry Gao Ph.D.5/2000 Asymmetric Encryption Topic: Crytographic Techniques Asymmetric encryption (public-key encryption): Public-key encryption (asymmetric encryption) use a pair of keys for each party. - One key is known as a “public key”, which is known to other parties. - One key is known as a “private key” or a “secret key”, which must be confidential, and is known only to its owner. - The public key encrypts the message. - The private key decrypts the message. Internet Anne sends a message Bob receives Anne’s message Encrypt with a public key PK(Bob) Decrypt with Bob’ private key SK(Bob) Scrambled Message Scrambled Message

Jerry Gao Ph.D.5/2000 Asymmetric Encryption Topic: Crytographic Techniques Special features of asymmetric encryption (public-key encryption): SK(PK(M)) = M Advantages: - Easy to key distribution (key generation, maintain and storage) - Scalable to support large group of users in an public network - Easy to support unknown users since no previous consent is needed. - Better protection than symmetric encryption. Problems and limitations: - Slow performance Applications:E-commerce, snoop-proof system. Standards:the best known public-key encryption algorithm --> RSA

Jerry Gao Ph.D.5/2000, Sh RSA Algorithm Topic: Crytographic Techniques The RSA algorithm was developed by Rivest, Shamir, and Adleman at MIT in The basic algorithm is outlined below: 1: Choose two large distinct primes, p and q. 2: Compute the product (modulus) n = pq. 3: Randomly choose encryption key e, such that e and (p-1)(q-1) are relatively prime. 4: Finally use Euclid’s algorithm to compute the decryption key, d such that e. d = 1 (mod (p-1). (q -1)). Where, d and n are relatively prime. e and n are the public key. d is the secret key. To encrypt a message M, e C = M mod n To decrypt C, d M = C mod n

Jerry Gao Ph.D.5/2000 Comparing Symmetric Encryption and Asymmetric Encryption Topic: Crytographic Techniques FeaturesSecret-Key EncryptionPublic-Key Encryption No. of keysSingle KeyPair of Keys Types of keysSecret Key onlyOne Public Key and one Private Key Key ManagementSimple but difficult to Need digital certificates manageand trusted third parties PerformanceVery fastSlower UsageUsed for bulk data Used for less demanding encryption,such asapplications such as a phone system,encryption small doc. or to sign messages StandardsData Encryption the RSA algorithm Standard (DES)

Jerry Gao Ph.D.5/2000 Message Digesting or Hashing Topic: Crytographic Techniques Message digesting is a way to provide integrity without confidentiality. The basic idea is to apply a digesting or hash algorithm to the (long) message to produce a (short) message digest. Since the encryption is only applied to a very small quantity, and message digesting is very much faster than encryption. Checking==> When the message arrives, the receiver computes a hash of the message using the same algorithm. If this matches the decrypted MIC that came with the message, then the message has not been tampered with. A good Hash function has two properties: - It must be difficult to invert. - It must be resistant to collision. Two well-known Hash functions in payment protocols are MD5 and SHA.

Jerry Gao Ph.D.5/2000 Computing a message integrity check (MIC) Topic: Crytographic Techniques Message MICMessage Hash Digest Algorithm Block Cipher Message Integrity Check Secret Key

Jerry Gao Ph.D.5/2000 Digital Signatures Topic: Crytographic Techniques What is a digital signature? - Digital signatures are implemented using public-key encryption. - A digital signature is a cryptographic mechanism that performs a similar function to a written signature. - Created using PPK cryptograph and message digests. Encryption allows a message sender the ability to digitally sign messages, thus creating a digital signature for the message. When a message digest is computed and then encrypted using the sender’s private key, and later append to the message, the result is called the digital signature of the message.

Jerry Gao Ph.D.5/2000 Digital Signatures Topic: Crytographic Techniques Purposes: Digital signatures are used to ensure the integrity and authentication. -- To verify the origin and contents of a message. -- Digital signatures are used for sender authentication. Why digital signatures? - Public-key algorithms are computation-intensive. With large messages they may be too expensive or too slow for the application. - Digital signatures based on digested message provide alternative solutions. Application: Digital signatures can be used to endorse an electronic document in a way that can be later validated for authenticity.

Jerry Gao Ph.D.5/2000 Digital Enveloping Topic: Crytographic Techniques What is a digital envelop? - When a digitally signed message is further encrypted using the receiver’s public key, and the message is said to be contained in a digital envelope. Purposes: Digital signatures are used to ensure the integrity and authentication. -- To verify the origin and contents of a message. -- Digital signatures are used for sender authentication. -- To ensure the integrity of communication messages. Why digital signatures? - Public-key algorithms are computation-intensive. With large messages they may be too expensive or too slow for the application. - Digital signatures based on digested message provide alternative solutions.????

Jerry Gao Ph.D.5/2000 Generating A Digital Signature Topic: Crytographic Techniques Message Signature Message Digest Encrypt Hashing Algorithm Sender’s Private Key (SK sender) To Receiver

Jerry Gao Ph.D.5/2000 Receiving and Checking A Digital Signature Topic: Fundamental Crytographic Concepts Signature Original Message Digest Message Digest Decrypt Hashing Algorithm Sender’s Public Key (PK sender) Message Compare two values

Jerry Gao Ph.D.5/2000 Enveloping a message for a recipient Topic: Fundamental Cryptographic Concepts Message Encrypted Message Encrypted Content Encryption Key Random Content Encryption Key Encryption Symmetric Key Encryption Recipient’s Public Key PK recipient

Creating a Secure Digital Envelope John’s letter Encrypted Message Digest Symmetric random key Symmetric random key Digest Algorithm Steve’s Public key Encrypted Digest John’s Public key Encrypted Message From: John: To Steve: Jerry Gao Ph.D.5/2000 Topic: Fundamental Crytographic Concepts

Digital Certificates Topic: Crytographic Techniques Why digital certificate? - To ensure all participants in a communication or an e-commerce transaction are authenticated. What is a digital certificate? - A digital message which is digitally signed by a trusted certificate authority to a party in a communication or an e-commerce transaction to ensure its authenticity with a public key. - A digital certificate includes: a) a party’s ID information b) its public key issued by a CA CA --> a certificate authority (a trusted third-party) Applications: Through the use of a common third party, digital certificates provide an easy and convenient way to ensure that the participants in an electronic commerce transaction can trust each other.

Digital Certificates WebSite’s sever information Message Digest CA’s private key Certificate Authority (CA) Digest Algorithm WebSite’s sever information X.509 Certificate Creating a Server Certificate Jerry Gao Ph.D.5/2000 Topic: Fundamental Crytographic Concepts

Jerry Gao Ph.D.5/2000 Topic: Fundamental Crytographic Concepts WebSite’s sever information X.509 Certificate Message Digest Message Digest Digest Algorithm CA’s Public Key Decryption Compare? Server Authentication by Client Digital Certificates

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.