Public-key Cryptography Strengths and Weaknesses Matt Blumenthal.

Slides:



Advertisements
Similar presentations
The Diffie-Hellman Algorithm
Advertisements

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Public Key Infrastructure and Applications
Encryption, SSL and Certificates BY JOSHUA COX AND RACHAEL MEAD.
Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Apr 9, 2002Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication The second assignment.
Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Cryptographic Technologies
Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Cryptographic Security Cryptographic Mechanisms 1Mesbah Islam– Operating Systems.
Understanding Security Lesson 6. Objective Domain Matrix Skills/ConceptsMTA Exam Objectives Understanding the System.Security Namespace Understand the.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.
Security. Cryptography Why Cryptography Symmetric Encryption – Key exchange Public-Key Cryptography – Key exchange – Certification.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.
Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Encryption Objective 1: Explain data encryption procedures.
Symmetric versus Asymmetric Cryptography. Why is it worth presenting cryptography? Top concern in security Fundamental knowledge in computer security.
Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.
Chapter 37 Network Security. Aspects of Security data integrity – data received should be same as data sent data availability – data should be accessible.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Cryptography, Authentication and Digital Signatures
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
James Higdon, Sameer Sherwani
Review of basic cryptographically algorithm Asymmetric encoding (Private and Public Keys), Hash Function, Digital Signatures and Certification.
CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
10. Key Management. Contents Key Management  Public-key distribution  Secret-key distribution via public-key cryptography.
Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.
NDSU Lunchbytes "Are They Really Who They Say They Are?" Digital or Electronic Signature Information Rick Johnson, Theresa Semmens, Lorna Olsen April 24,
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
Encryption. What is Encryption? Encryption is the process of converting plain text into cipher text, with the goal of making the text unreadable.
1. 2 Overview In Exchange security is managed by assigning permissions in Active Directory Exchange objects are secured with DACL and ACEs Permissions.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
Csci5233 computer security & integrity 1 Cryptography: an overview.
Encryption. Introduction The incredible growth of the Internet has excited businesses and consumers alike with its promise of changing the way we live.
Ch 13 Trustworthiness Myungchul Kim
Protocol Analysis. CSCE Farkas 2 Cryptographic Protocols Two or more parties Communication over insecure network Cryptography used to achieve goal.
© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.
Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Understanding Security
Jump to first page Internet Security in Perspective Yong Cao December 2000.
Mar 28, 2003Mårten Trolin1 This lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.
Copyright 2004 MayneStay Consulting Group Ltd. - All Rights Reserved Jan-041 Security using Encryption Security Features Message Origin Authentication.
Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.
6.033 Quiz3 Review Spring How can we achieve security? Authenticate agent’s identity Verify the integrity of the request Check the agent’s authorization.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
Fundamentals of Network Security Ravi Mukkamala SCI 101 October 6, 2003.
Web Applications Security Cryptography 1
Unit 3 Section 6.4: Internet Security
Symmetric and Asymmetric Encryption
Cryptography Why Cryptography Symmetric Encryption
Security Design.
IS3230 Access Security Unit 9 PKI and Encryption
Electronic Payment Security Technologies
Presentation transcript:

Public-key Cryptography Strengths and Weaknesses Matt Blumenthal

Cryptography Definition – the art of writing or solving codes Origins in ancient Egypt Use in religious writings in times of persecution Important military role in both World Wars Rise of modern cryptography in last half- century

Secret-key Cryptography Also known as symmetric cryptography Users have unique public keys, but identical private keys Public keys are used to encrypt a message Private keys are used to decrypt a message

Secret-key Cryptography Not ideal because it requires a secure exchange of private keys, which is not always possible Problematic as the compromise of one private key results in all private keys being compromised

Public-key Cryptography Also called asymmetric cryptography Participants have both unique private and public keys Two divisions of public-key cryptography –Public-key encryption –Digital signatures

Public-key encryption Intended recipient gives sender his or her public key Sender encrypts a message with the recipient’s public key Only the recipient’s private key can be used to decrypt a message encrypted with that public key

Digital Signatures Serves as a verifiable seal or signature to confirm the authenticity of sender and integrity of the message Sender encrypts a message with his or her private key for authentication purposes Recipient can decrypt the message with the sender’s public key to confirm the sender’s identity and the message’s integrity

Digital Signatures Provide no time stamping The compromise of a sender’s private key throws all of the sender’s digital signatures into doubt Because of the lack of time stamping, all messages signed with that key are thrown into doubt

Vulnerabilities Public-key algorithms require longer key sizes than secret-key algorithms, and can be vulnerable to brute-force attacks Man in the middle attack –Third party intercepts message –After decrypting, modifying, and encrypting message, third party passes message along to intended recipient without suspicion

Certificate Authorities Trusted third party that verifies identity of sender and issues digital certificate indicating authorization Has been implemented in web browsing security such as SSL Helps prevent man in the middle attacks

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.