Class 5 Public Key Encryption Digital Signatures Digital Library Research.

Slides:

Advertisements

Similar presentations

Relations, Functions, and Matrices Mathematical Structures for Computer Science Chapter 4 Copyright © 2006 W.H. Freeman & Co.MSCS SlidesThe Mighty Mod.

Advertisements

Sri Lanka Institute of Information Technology

Access Control and Rights Management. Legal and Technical Issues Legal: When is a resource available to digitize and make available. What requirements.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.

CC3.12 Erdal KOSE Privacy & Digital Security Encryption.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

Cryptographic Technologies

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

Security 2 Distributed Systems Lecture# 15. Overview Cryptography Symmetric Assymeteric Digital Signature Secure Digest Functions Authentication.

Computer Science Lecture 22, page 1 Security in Distributed Systems Introduction Cryptography Authentication Key exchange Readings: Tannenbaum, chapter.

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.5 Public Key Algorithms.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.

Public Key Model 8. Cryptography part 2.

 Introduction  Requirements for RSA  Ingredients for RSA  RSA Algorithm  RSA Example  Problems on RSA.

1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.

Chapter 12 Cryptography (slides edited by Erin Chambers)

Cryptography Week-6.

Information Security and Management 13. Digital Signatures and Authentication Protocols Chih-Hung Wang Fall

CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.

©Brooks/Cole, 2003 Chapter 16 Security. ©Brooks/Cole, 2003 Define four aspects of security in a network: privacy, authentication, integrity, and nonrepudiation.

Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.

Chapter 5 Digital Signatures MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.

Tonga Institute of Higher Education Design and Analysis of Algorithms IT 254 Lecture 9: Cryptography.

Bob can sign a message using a digital signature generation algorithm

1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.

Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 21 “Public-Key Cryptography.

Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)

Cryptography: RSA & DES Marcia Noel Ken Roe Jaime Buccheri.

Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.

Cryptography, Authentication and Digital Signatures

Chapter 17 Security. Information Systems Cryptography Key Exchange Protocols Password Combinatorics Other Security Issues 12-2.

Midterm Review Cryptography & Network Security

CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.

BASIC CRYPTOGRAPHIC CONCEPTS. Public Key Cryptography  Uses two keys for every simplex logical communication link.  Public key  Private key  The use.

Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University.

Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!

Chapter 21 Public-Key Cryptography and Message Authentication.

Modular Arithmetic with Applications to Cryptography Lecture 47 Section 10.4 Wed, Apr 13, 2005.

Encryption, continued Public Key encryption and Digital Signatures.

Internet Security. Four Issues of Internet Security Authenticity: Is the sender of a message who they claim to be? Privacy: Are the contents of a message.

Section 4.4: The RSA Cryptosystem Practice HW Handwritten and Maple Exercises p at end of class notes.

Cryptography and Network Security Chapter 13 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.

Wireless LAN Security. Security Basics Three basic tools – Hash function. SHA-1, SHA-2, MD5… – Block Cipher. AES, RC4,… – Public key / Private key. RSA.

Encryption Questions answered in this lecture: How does encryption provide privacy? How does encryption provide authentication? What is public key encryption?

Encryption No. 1  Seattle Pacific University Encryption: Protecting Your Data While in Transit Kevin Bolding Electrical Engineering Seattle Pacific University.

Encryption. Introduction The incredible growth of the Internet has excited businesses and consumers alike with its promise of changing the way we live.

Public Key Algorithms Lesson Introduction ●Modular arithmetic ●RSA ●Diffie-Hellman.

CS 4803 Fall 04 Public Key Algorithms. Modular Arithmetic n Public key algorithms are based on modular arithmetic. n Modular addition. n Modular multiplication.

Encryption. The problem 4 It is possible for an unauthorized agent to acquire transmissions 4 The extent of the danger varies: –Listen only -- the intruder.

Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy

Network Security. Three tools Hash Function Block Cipher Public Key / Private Key.

Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.

Network Security  introduction  cryptography  authentication  key exchange  required reading: text section 7.1.

Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.

Cryptography By: Nick Belhumeur. Overview What is Cryptography? What is Cryptography? 2 types of cryptosystems 2 types of cryptosystems Example of Encryption.

Cryptographic Hash Function

B. R. Chandavarkar CSE Dept., NITK Surathkal

Security through Encryption

Fluency with Information Technology Lawrence Snyder

Security in Distributed Systems

Presentation transcript:

Class 5 Public Key Encryption Digital Signatures Digital Library Research

Tonight’s plan Quiz on Content, Access –Remember that prior quiz questions are always candidates for reappearance on later quizzes. Complete discussion of Encryption and Digital Signatures Look at JCDL 2012 submissions Choose a paper to read and discuss Prepare for discussion of quality next week –First look at the new Digital Library book from Fox et al

Last week We looked more closely at Dublin Core Access management –involves both legal and technical issues Policies must be formulated, then enforced Rules exist for what is in the public domain, what must have explicit permission for reuse. Fair use policies attempt to make educational and other beneficial use of materials less burdensome – but there are no quick and easy rules about when Fair Use applies

Last week, continued Technical issues concern the responsibility for enforcing laws and policies. Approaches: –Steganography Hiding information in another object –Encryption A number of approaches –Digital Wrappers –Digital Watermarks

Last week, continued Encryption –Simple or more complex substitutions –Key based approaches require secure ways to transmit a key –Public Key encryption does not require communication of a key security depends on the difficulty of factoring very large numbers (hundreds of digits)

Public Key encryption Eliminates the need to deliver a key Two keys: one for encoding, one for decoding Known algorithm –security based on security of the decoding key – note, no key delivery problem Essential element: –knowing the encoding key will not reveal the decoding key

Effective Public Key Encryption Encoding method E and decoding method D are inverse functions on message M: –D(E(M)) = M Computational cost of E, D reasonable D cannot be determined from E, the algorithm, or any amount of plaintext attack with any computationally feasible techniqueplaintext attack E cannot be broken without D (only D will accomplish the decoding) Any method that meets these criteria is a valid Public Key Encryption technique

It all comes down to this: key used for decoding is dependent upon the key used for encoding, but the relationship cannot be determined in any feasible computation or observation of transmitted data

Rivest, Shamir, Adelman (RSA) Choose 2 large prime numbers, p and q, each more than 100 digits Compute n=p*q and z=(p-1)*(q-1) Choose d, relatively prime to zrelatively prime Find e, such that e*d=1 (mod z)e*d=1 (mod z) –or e*d mod z = 1, if you prefer. This produces e and d, the two keys that define the E and D methods.

Public Key encoding Convert M into a bit stringM into a bit string Break the bit string into blocks, P, of size k –k is the largest integer such that 2 k <n –P corresponds to a binary value: 0<P<n Encoding method –E = Compute C=P e (mod n) Decoding method –D = Compute P=C d (mod n) e and n are published (public key) d is closely guarded and never needs to be disclosed

An example: Choose 2 large prime numbers, p and q, each more than 100 digits (Well, not so big for our example) –p=7; q=11; Compute n=p*q and z=(p-1)*(q-1) –n = 77; z = 60 Choose d, relatively prime to z (60, in this case)relatively prime –Could we choose 9? 8? (Why not?) –Choose d=13 (List some other possible choices) Find e, such that e*d=1 (mod z)e*d=1 (mod z) –What multiple of d, when divided by z, equals1? –e=37; We have our keys: e, d, and n are required. No amount of trying will find d if given e and n.

Using the keys We need to choose a size (k) for the blocks of code that will be sent together. –k is the largest integer such that 2 k <n –Our n is 77, what is k? 2 5 is 32; 2 6 is 64; 2 7 is 128 k is 6 How will we encode our characters? ASCII? Other? –Let’s keep it simple. A = 1, B= 10, C= 11, etc. How many bits to we need to encode all 26 letters? 26 < is 2 5. We need 5 bits to encode all 26 letters So, A = 00001, B=00010, C=00011, D= 00100, What is S?

Encode a message Let’s encode “CAT” First, convert the letters to binary –C = 00011A = T = –Our message, in binary, is Group the bits in blocks of 6 (because k is 6) – Note extra 0s needed to fill the block. Add extra 0s at the left so that the numeric value does not change

Encoding, continued We are sending this: Each 6-bit block is a chunk of plaintext, P Each block of code must be encrypted. –Our e is 37, n is 77 P 37 mod 77 is the encrypted version of our plaintext block 0 37 is 0; is mod 77 is is mod 77 is 24 We transmit the binary version of ( )

Your turn You receive this: –There will not be any convenient spacing between the blocks in the transmitted message. That is not necessary. It has been encoded with your public key. You have the private key, d = 13 n = 77 Show the decoding process

Another exercise Transmit and send a three letter message. Use the same e, d, n that we have developed here. Receive a message from someone else and decode it.

A practical note There is a lot more to security than encryption. Encryption coding is done by a few experts Understanding how the common encryption algorithms work is useful in choosing the right approach for your situation. Our interest here is in providing assurance that access to protected resources will be limited to those with legitimate rights.

On a practical note: PGP You can create your own real public and private keys using PGP (Pretty Good Privacy) See the following Web sites for full information. PGP.htmlhttp:// PGP.html

Issues Intruder vulnerability –If an intruder intercepts a request from A for B’s public key, the intruder can masquerade as B and receive messages from B intended for A. The intruder can send those same or different messages to B, pretending to be A. –Prevention requires authentication of the public key to be used. Computational expense –One approach is to use Public Key Encryption to send the Key for use in DES, then use the faster DES to transmit messages

Digital Signatures Some messages do not need to be encrypted, but they do need to be authenticated: reliably associated with the real sender –Protect an individual against unauthorized access to resources or misrepresentation of the individual’s intentions –Protect the receiver against repudiation of a commitment by the originator

Digital Signature basic technique Sender A Receiver B Intention to send E(Random Number) where E is A’s public key Message and D(E(Random Number)) = Random Number, decoded as only A could do

Public key encryption with implied signature Add the requirement that E(D(M)) = M Sender A has encoding key E A, decoding key D A Intended receiver has encoding (public) key E B. A produces E B (D A (M)) Receiver calculates E A (D B (E B (D A (M)))) –Result is M, but also establishes that only A could have encoded M

Digital Signature Standard (DSS) Verifies that the message came from the specified source and also that the message has not been modified More complexity than simple encoding of a random number, but less than encrypting the entire message Message is not encoded. An authentication code is appended to it.

Digital Signature – SHA (Secure Hash Algorithm) FIPS Pub Digital Signature Standard

Encryption summary Problems –intruders can obtain sensitive information –intruder can interfere with correct information exchange Solution –disguise messages so an intruder will not be able to obtain the contents or replace legitimate messages with others

Important methods DES –fast, reasonably good encryption –key distribution problem Public Key Encryption –more secure based on the difficulty of factoring very large numbers –no key distribution problem –computationally intense

Digital signatures Authenticate messages so the sender cannot repudiate the message later Protect messages from changes during transmission or at the receiver’s site Useful when the contents do not need encryption, but the contents must be accurate and correctly associated with the sender

Legal and ethical issues People who work in these fields face problems with allowable exports, and are not always allowed to talk about their work. Is it desirable to have government able to crack all codes? What is the tradeoff between privacy of law abiding citizens vs. the ability of terrorists and drug traffickers to communicate in secret?

Digital Library Research Review of some papers from digital library conferences –Looking at titles and abstracts to get a sense of the kind of work that is being done under the heading of digital libraries.