TrustPort Public Key Infrastructure. WWW.TRUSTPORT.COM Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

Slides:

Advertisements

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Advertisements

Public Key Infrastructure and Applications

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

SSL Implementation Guide Onno W. Purbo

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

An In-Depth Examination of PKI Strengths, Weaknesses and Recommendations.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Cryptography Basic (cont)

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Security on the Internet Jan Damsgaard Dept. of Informatics Copenhagen Business School

Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/

Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.

Digital Signatures. Electronic Record 1.Very easy to make copies 2.Very fast distribution 3.Easy archiving and retrieval 4.Copies are as good as original.

Sorting Out Digital Certificates Bill blog.codingoutloud.com ··· Boston Azure ··· 13·Dec·2012 ···

Chapter 31 Network Security

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.

1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.

Chapter 3 Mohammad Fozlul Haque Bhuiyan Assistant Professor CITI Jahangirnagar University.

Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.

©Copyrights 2011 Eom, Hyeonsang All Rights Reserved Distributed Information Processing 20 th Lecture Eom, Hyeonsang ( 엄현상 ) Department of Computer Science.

Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.

Crypto Bro Rigby. History

每时每刻可信安全 1The DES algorithm is an example of what type of cryptography? A Secret Key B Two-key C Asymmetric Key D Public Key A.

Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.

Cryptography, Authentication and Digital Signatures

Introduction to Secure Sockets Layer (SSL) Protocol Based on:

Cryptography Chapter 14. Learning Objectives Understand the basics of algorithms and how they are used in modern cryptography Identify the differences.

Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 50 Cryptography, Privacy, and Digital Certificates.

Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.

Internet-security.ppt-1 ( ) 2000 © Maximilian Riegel Maximilian Riegel Kommunikationsnetz Franken e.V. Internet Security Putting together the.

Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

Middleware for Secure Environments Presented by Kemal Altıntaş Hümeyra Topcu-Altıntaş Osman Şen.

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

Digital Signatures, Message Digest and Authentication Week-9.

X.509 Topics PGP S/MIME Kerberos. Directory Authentication Framework X.509 is part of the ISO X.500 directory standard. used by S/MIME, SSL, IPSec, and.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

DIGITAL SIGNATURE.

Security fundamentals Topic 4 Encryption. Agenda Using encryption Cryptography Symmetric encryption Hash functions Public key encryption Applying cryptography.

Security fundamentals Topic 5 Using a Public Key Infrastructure.

Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy

Encryption and Security Tools for IA Management Nick Hornick COSC 481 Spring 2007.

CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.

Lecture 8 (Chapter 18) Electronic Mail Security Prepared by Dr. Lamiaa M. Elshenawy 1.

Basics of Cryptography

Unit 3 Section 6.4: Internet Security

Computer Communication & Networks

IS3230 Access Security Unit 9 PKI and Encryption

Lecture 4 - Cryptography

Best Digital Signature Service in Noida. Electronic Record 1.Very easy to make copies 2.Very fast distribution 3.Easy archiving and retrieval 4.Copies.

Presentation transcript:

TrustPort Public Key Infrastructure

Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography  Electronic signature, digital certificate  Using public key infrastructure  TrustPort public key infrastructure solutions  TrustPort eSign Pro

Keep It Secure Security of electronic communications Three main aspects Integrity of transferred data Authentication of the sender Confidentiality of transferred data Perils of unsecured communications Data tempering on the way from the sender to the recipient The real sender pretending to be someone else Unwanted disclosure of confidential data

Keep It Secure Security of electronic communications Making the communications secure Data encryption Electronic signing

Keep It Secure Making the communications secure Symmetric cryptography Based on a secret key Perfect for local data encryption Problematic distribution of the secret key Asymmetric cryptography Based on a private key and a public key Designed for remote data exchange Easy distribution of the public key New issues to be solved

Keep It Secure Using asymmetric cryptography for encryption Anyone can encrypt and send data using public key Recipient only can decrypt data using private key Data Encrypted data Decrypted data encryptiondecryption Recipient‘s public key Recipient‘s private key

Keep It Secure The key pair explained The keys are mathematically related Data encrypted by public key can be decrypted only by the owner of the private key Data encrypted by private key can be decrypted by anyone using public key The private key cannot be reverse engineered from the public key Big random number Public key Key generation algorithm Private key

Keep It Secure Using asymmetric cryptography for signing DataHash value Encrypted hash value = electronic signature hash algorithm encryption sender‘s private key Data

Keep It Secure Verification of electronic signature Hash values are identical … signature is valid Hash values are different … signature is not valid Hash value Encrypted hash value = electronic signature hash algorithm sender‘s public key Data decryption Decrypted hash value comparison

Keep It Secure Advantages of electronic signature Authentication of the sender –no other person can create a valid signature of a document in the name of the sender Securing integrity of the data –the signed document cannot be modified without making the signature invalid Indisputability of the sender –the sender cannot deny the document was sent by him or her

Keep It Secure Credibility of the electronic signature The credibility is based on the asymmetric encryption algorithm used. bit length of the encryption keys used. secure storage of the private keys.

Keep It Secure Digital certificate A certificate is binding together a personal identity with a public key. Certificate parts Identification of the holder Serial number Identification of certification authority Validity period Public key of the holder

Keep It Secure Registration and certification authority accepts requests for certificates, verifies the identity of the applicants, issues digital certificates guarantees the credibility of digital certificates maintains a certificate revocation list –each certificate has a limited validity period –a certificate may be revoked even before the end of validity period –on verification of an electronic signature, the certification authority checks the list of all revoked certificates Accredited certification authority is a certification authority recognized by the state. It can issue qualified digital certificates, applicable for legally binding communications with the public administration. Certification authority without accreditation can be used for internal purposes of a business or an institution.

Keep It Secure Public key infrastructure explained Certification authority Registration authority Verification authority SenderRecipient Certificate, private key Request Request is OK Data message Signature Signature is OK Signature Certificate, public key

Keep It Secure The use of public key infrastructure web applications mail clients office applications content management systems … TrustPort Public Key Infrastructure, built on long tradition of development and experience in the field of electronic signature

Keep It Secure TrustPort Public Key Infrastructure Asymmetric encryption algorithms in use RSA (512 to 4096 bit), DSA (1024 bits), Elliptic curves (112 to 256 bits), Diffie-Hellman Symmetric encryption algorithms in use RC2 (40 to 128 bits), CAST128 (64, 80, 128 bits), BlowFish (64 to 448 bits), DES (56 bits), 3DES (168 bits), Rijndael (128, 192, 256 bits), TwoFish (128, 256 bits) Hash algorithms in use SHA1, SHA256, SHA384, SHA512, MD5, RIPEMD 160 Further specifications LDAP support, electronic signing and verification of PDF files, PDF encryption based on password and certificate, PDF timestamping

Keep It Secure Solutions based on TrustPort Public Key Infrastructure Solutions for end users TrustPort eSign Pro (encrypting and signing files, verification of electronic signatures, timestamping files, safe storage of private keys and personal certificates) Solutions for businesses TrustPort Certification Authority (issuance and revocation of certificates, handling certificate requests, the core can run multiple certification authorities) TrustPort Timestamp Authority (issuance of time stamps, detection of exact time from independent sources, can be used in combination with the previous product)

Keep It Secure Solutions based on TrustPort Public Key Infrastructure TrustPort PKI SDK enables development of applications using public key infrastructure easy import and export of certificates, certificate revocation lists, encryption keys safe storage of private keys and personal certificates –on the hard drive –on chip cards and flash tokens multitude of symmetric, asymmetric and hash algorithms extensive support of cards and tokens from different manufacturers optional modules miniCA, miniTSA –certification and timestamp authorities for internal corporate use

Keep It Secure TrustPort eSign Pro Specific endpoint solution Signs electronic documents Encrypts documents reliably Enables time stamping Complete PDF support PDF signing PDF encryption PDF time stamping TrustPort eSign Pro

Keep It Secure Recommended system requirements: Pentium 200 MHz or higher, Windows 2000 or higher, 64 MB RAM 20 MB HDD Supported systems: Microsoft Windows 7 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 TrustPort eSign Pro

Keep It Secure TrustPort eSign Pro

Keep It Secure Thank you for your attention!