Crypto Theory and Security Practice David Wagner University of California at Berkeley.

Slides:

Advertisements

Similar presentations

Chris Karlof and David Wagner

Advertisements

Dan Boneh Authenticated Encryption Active attacks on CPA-secure encryption Online Cryptography Course Dan Boneh.

Introduction to Security in Computing Computer and Network Security Semester 1, 2011 Lecture #01.

CTO Office Reliability & Security Distinctions and Interactions Hal Lockhart BEA Systems.

#1 The Conventional Wisdom About Sensor Network Security… David Wagner U.C. Berkeley.

Analysis and design of symmetric ciphers David Wagner University of California, Berkeley.

Rennes, 23/10/2014 Cristina Onete Putting it all together: using multiple primitives together.

SECURING THE CLOUDS Presented By: Dr. Mohammed Imtiaz Ahmed Librarian, Pt. Ravi Shankar Shukla University Raipur (C.G), Mohammed Bakhtawar Ahmed.

Wireless Security David Wagner University of California at Berkeley.

Wireless Security David Wagner University of California, Berkeley.

TinySec: Security for TinyOS Chris Karlof Naveen Sastry David Wagner January 15, 2003

Security+ Guide to Network Security Fundamentals

Towards a unifying view of block cipher cryptanalysis David Wagner University of California, Berkeley.

A few open problems in computer security David Wagner University of California, Berkeley.

Security for ad-hoc networks: Cryptography and beyond David Wagner U.C. Berkeley.

CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.

Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003.

CMSC 414 Computer and Network Security Lecture 9 Jonathan Katz.

Presented By: Vinay Kumar.  At the time of invention, Internet was just accessible to a small group of pioneers who wanted to make the network work.

CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.

1 Modeling and Analysis of Networked Secure Systems with Application to Trusted Computing Jason Franklin Joint work with Deepak Garg, Dilsun Kaynar, and.

SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, J.D. Tygar Research Topics in Security in the context.

TinySec: Link Layer Security Chris Karlof, Naveen Sastry, David Wagner University of California, Berkeley Presenter: Todd Fielder.

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

On Algorithmic Representation of Music Style David Cope Professor of Music, Univ. of California, Santa Cruz.

CS470, A.SelcukIntroduction1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

Software Assurance CBK and University Curricula Matt Bishop Sophie Engle.

Control of Personal Information in a Networked World Rebecca Wright Boaz Barak Jim Aspnes Avi Wigderson Sanjeev Arora David Goodman Joan Feigenbaum ToNC.

CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.

Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures ProtocolRelevant Attacks TinyOS beaconingBogus routing information, selective forwarding,

Dan Boneh Introduction What is cryptography? Online Cryptography Course Dan Boneh.

Rennes, 15/10/2014 Cristina Onete Message authenticity: Digital Signatures.

Evaluating the Vulnerability of Network Traffic Using Joint Security and Routing Analysis Patrick Tague, David Slater, and Radha Poovendran Network Security.

NAVY Research Group Department of Computer Science Faculty of Electrical Engineering and Computer Science VŠB-TUO 17. listopadu Ostrava-Poruba.

Security and privacy in the age of software controlled surroundings Prashanth Mohan David Culler.

Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.

© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—1-1  A network is a connected collection of devices (computers, interconnections, routers, and.

Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms David Chaum CACM Vol. 24 No. 2 February 1981 Presented by: Adam Lee 1/24/2006 David.

Class 2 Cryptography Refresher CIS 755: Advanced Computer Security Spring 2015 Eugene Vasserman

Intercepting Mobile Communications: The Insecurity of Nikita Borisov Ian Goldberg David Wagner UC Berkeley Zero-Knowledge Sys UC Berkeley Presented.

Network Security Section 1: Introduction to security.

8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 part 3: Securing TCP.

Security on Sensor Networks Presented by Min-gyu Cho SPINS: Security Protocol for Sensor Networks TinySec: Security for TinyOS SPINS: Security Protocol.

Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof and David Wagner (modified by Sarjana Singh)

TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof :: Naveen Sastry :: David Wagner Presented by Roh, Yohan October.

Wireless Network Security. How Does Wireless Differ? Wireless networks are inherently insecure because data is transmitted over a very insecure medium,

Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof David Wagner University of California at Berkeley 1st IEEE International.

Class 2 Cryptography Refresher CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman

ICOM 5995 (crypto) - Noack Crypto - Administrivia Prontuario - Please time-share and ask questions Info is in my homepage amadeus.uprm.edu/~noack/ Make.

Muhammad Mahmudul Islam Ronald Pose Carlo Kopp School of Computer Science & Software Engineering Monash University Australia.

June All Hands Meeting Security in Sensor Networks Tanya Roosta Chris Karlof Professor S. Sastry.

网上报账系统包括以下业务：日常报销差旅费报销借款业务 1. 填写报销内容 2. 选择支付方式（或冲销借款） 3. 提交预约单 4. 打印预约单并同分类粘贴好的发票一起送至财务处预约报销步骤：网上报账系统薪酬发放管理系统财务查询系统 1.

Philip J. Beyer, Information Security Officer John P. Skaarup, Sr. Security Engineer Texas Education Agency Information Security.

CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.

Developing a Network Security Policy By: Chris Catalano.

CMSC 414 Computer (and Network) Security Lecture 3 Jonathan Katz.

CMGT 411 Week 3 DQ 2 Of the three principles of data security; availability, integrity, and confidentiality, which principle is likely to have the greatest.

TASHKENT UNIVERSITY OF INFORMATION TECHNOLOGIES NAMED AFTER MUHAMMAD AL-KHWARIZMI THE SMART HOME IS A BASIC OF SMART CITIES: SECURITY AND METHODS OF.

Software Assurance Security Issues

Computer Security Network Security

Engineering Skills: Build a Hot Air Balloon

Understanding Security Layers

CSE 4905 WiFi Security I WEP (Wired Equivalent Privacy)

Towards End-to-End Security Analysis of Networked Systems

Distributed Hash Tables

Click Summary Value Button to Show Source of Integral or Time

CSCI284 Spring 2004 GWU Introduction CSCI284 Spring 2004 GWU

draft-ietf-dtn-bpsec-06

Confidentiality, Integrity, Nonrepudiation

Presentation transcript:

Crypto Theory and Security Practice David Wagner University of California at Berkeley

Theory: IND-CCA2, INT-CTXT IND-CCA2 = no attacker can distinguish between universes  Confidentiality INT-CTXT = no attacker can forge a new ctext  Integrity EkEk DkDk random DkDk Universe 1Universe 2

Practice: Layering Principles Application EkEk TCP/IP Application DkDk TCP/IP Network Design principle: Crypto layer should not make any assumptions about other layers

Practice: Layering Principles Application EkEk TCP/IP Application DkDk TCP/IP Network Design principle: Crypto layer should not make any assumptions about other layers, i.e., crypto should ensure security even if all other layers are malicious Interesting, this is just what IND-CCA2, INT-CTXT guarantee

More Precisely… Application randomize TCP/IP Application DkDk TCP/IP drop, re-order, duplicate Anything you can do with chosen-plaintext/ciphertext, you can do with less:

Summary Crypto theory is highly relevant to engineering practice Composition is where the action is Wanted: a theory of security for systems, not just crypto primitives