Security By Design Scott A. Vanstone V.P. Cryptographic Research Research in Motion Distinguished Professor Emeritus University of Waterloo.

Slides:



Advertisements
Similar presentations
Public Key Cryptography INFSCI 1075: Network Security – Spring 2013 Amir Masoumzadeh.
Advertisements

Chapter 11: Cryptography
Digital Signatures and Hash Functions. Digital Signatures.
Information Security & Cryptographic Principles. Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
Public Key Algorithms …….. RAIT M. Chatterjee.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Block Ciphers: Workhorses of Cryptography COMP 1721 A Winter 2004.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Cryptographic Technologies
CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Public-Key Cryptography and RSA CSE 651: Introduction to Network Security.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Cryptographic Security Cryptographic Mechanisms 1Mesbah Islam– Operating Systems.
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
Computer Science Public Key Management Lecture 5.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Introduction to Public Key Cryptography
13.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 13 Digital Signature.
Chapter 13 Digital Signature
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
Public Key Cryptography July Topics  Symmetric and Asymmetric Cryptography  Public Key Cryptography  Digital Signatures  Digital Certificates.
1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.
©Brooks/Cole, 2003 Chapter 16 Security. ©Brooks/Cole, 2003 Define four aspects of security in a network: privacy, authentication, integrity, and nonrepudiation.
1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.
ECE453 – Introduction to Computer Networks Lecture 18 – Network Security (I)
Dr. Khalid A. Kaabneh Amman Arab University
Lecture 19 Page 1 CS 111 Online Symmetric Cryptosystems C = E(K,P) P = D(K,C) E() and D() are not necessarily the same operations.
Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.
10/1/2015 9:38:06 AM1AIIS. OUTLINE Introduction Goals In Cryptography Secrete Key Cryptography Public Key Cryptograpgy Digital Signatures 2 10/1/2015.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Symmetric versus Asymmetric Cryptography. Why is it worth presenting cryptography? Top concern in security Fundamental knowledge in computer security.
Cryptography, Authentication and Digital Signatures
CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1
Basic Cryptography 1. What is cryptography? Cryptography is a mathematical method of protecting information –Cryptography is part of, but not equal to,
CS461/ECE422 Spring 2012 Nikita Borisov — UIUC1.  Text Chapters 2 and 21  Handbook of Applied Cryptography, Chapter 8 
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Symmetric Cryptography, Asymmetric Cryptography, and Digital Signatures.
1 Security and Cryptography: basic aspects Ortal Arazi College of Engineering Dept. of Electrical & Computer Engineering The University of Tennessee.
Cryptography Chapter 7 Part 3 Pages 812 to 833. Symmetric Cryptography Security Services – Only confidentiality, not authentication or non- repudiation.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 part 2: Message integrity.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Lecture 2: Introduction to Cryptography
Overview of Cryptography & Its Applications
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Cryptography issues – elliptic curves Presented by Tom Nykiel.
Encryption Encryption: Transforms Message so that Interceptor Cannot Read it –Plaintext (original message) Not necessarily text; Can be graphics, etc.
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.
INCS 741: Cryptography Overview and Basic Concepts.
Cryptography services Lecturer: Dr. Peter Soreanu Students: Raed Awad Ahmad Abdalhalim
CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.
Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.
Computer Communication & Networks
Chapter -7 CRYPTOGRAPHIC HASH FUNCTIONS
DISSERTATION ON CRYPTOGRAPHY.
Review of Cryptography: Symmetric and Asymmetric Crypto Advanced Network Security Peter Reiher August, 2014.
Presentation transcript:

Security By Design Scott A. Vanstone V.P. Cryptographic Research Research in Motion Distinguished Professor Emeritus University of Waterloo

Security by Design When designing a new telecommunications system it is prudent to make security a fundamental part of the design process. Geneva, 6-7 December Addressing security challenges on a global scale

What is Cryptography? Cryptography is the study of mathematical techniques related to aspects of information security such as: – confidentiality – data integrity – entity authentication – data origin authentication Geneva, 6-7 December Addressing security challenges on a global scale

What is Cryptography (2) Cryptography plays a fundamental role in securing information based systems. Often cryptography (and security in general) is an afterthought and as such it is bolted on after the overall system has been completed. Geneva, 6-7 December Addressing security challenges on a global scale

Think of the Postal Analogue You put a letter in an envelope to maintain the integrity of the information in the letter and keep the letter from prying eyes (integrity and encryption). You put your address in the upper left corner of the envelope to authenticate the sender which is you (authentication). You sign the letter so that at a later date you cannot say you did not send it. 6 Addressing security challenges on a global scaleGeneva, 6-7 December 2010

The Digital World We want to mimic all of these services but electronically. This has been done and done more securely and efficiently than postal mail. It is all due to the advent of something called “public-key cryptography”. Canada is and continues to be a leader in this field. 7 Addressing security challenges on a global scaleGeneva, 6-7 December 2010

Symmetric-Key Cryptography Communicating parties a priori share secret information. 8 Addressing security challenges on a global scaleGeneva, 6-7 December 2010 secure channel Eve Alice Bob unsecured channel

Public-Key Cryptography Communicating parties a priori share authentic information. 9 Addressing security challenges on a global scaleGeneva, 6-7 December 2010 authentic channel Eve Alice Bob unsecured channel

Symmetric-Key vs Public-Key Symmetric-Key has been used for thousands of years. Public-Key is relatively new dating from Public-key cryptography is based on hard mathematical problems. 10 Addressing security challenges on a global scaleGeneva, 6-7 December 2010

Why Symmetric-Key? Typically very fast for bulk encryption (confidentiality). The Advanced Encryption Standard (AES) is well accepted as a superior algorithm for symmetric-key. 11 Addressing security challenges on a global scaleGeneva, 6-7 December 2010

Disadvantages of Symmetric Key Key management can be a serious problem. Non-repudiation (digital signature) is very difficult to realize. 12 Addressing security challenges on a global scaleGeneva, 6-7 December 2010

Why Public-Key? One disadvantage of symmetric-key cryptography is key management. Public-Key provides an efficient method to distribute keys. Public-key offers a very efficient way to provide non-repudiation. This is one of the great strengths of public-key. 13 Addressing security challenges on a global scaleGeneva, 6-7 December 2010

Disadvantages of Public-Key Public-key operations require intense mathematical calculations. They can be thousands of times slower to encrypt data than a well designed symmetric- key scheme. 14 Addressing security challenges on a global scaleGeneva, 6-7 December 2010

Hybrid Schemes Use symmetric-key schemes to do bulk encryption. Use public-key techniques to pass keys so that key management is not a problem. 15 Addressing security challenges on a global scaleGeneva, 6-7 December 2010

Digital Signatures One of the truly great technologies that public-key cryptography can provide. Handwritten signatures are fixed to the message but not an integral part of the message. Digital signatures combine the message and private information of the signer. 16 Addressing security challenges on a global scaleGeneva, 6-7 December 2010

Why Elliptic Curve Cryptography (ECC)? Most security per bit of any known public-key scheme Ideally suited to constrained environments – Computationally efficient – Bandwidth efficient – Battery efficient Well studied Standardized in relevant influential international standards 17 Addressing security challenges on a global scaleGeneva, 6-7 December 2010

Elliptic Curve: y2=x3+ax+b 18 Addressing security challenges on a global scaleGeneva, 6-7 December 2010

Suite B PurposeAlgorithmUnclassifiedClassified EncryptionAES128 bit key256 bit key SignaturesECDSA256 bit curve384 bit curve Key ExchangeECDH or ECMQV256 bit curve384 bit curve HashingSHASHA-256SHA

Suite E for Embedded Systems PurposeAlgorithmUnclassified EncryptionAES128 bit key SignaturesECDSA283 bit curve Key ExchangeECDH or ECMQV283 bit curve HashingSHASHA-256 Geneva, 6-7 December Addressing security challenges on a global scale

Examples of Security by Design XM Radio Blackberry Geneva, 6-7 December Addressing security challenges on a global scale

XM Radio XM Radio delivers digital radio to most of North America. XM approached Certicom in the late 90s to design security into the system from the ground up. Geneva, 6-7 December Addressing security challenges on a global scale

BlackBerry RIM built security in from the beginning. Suite B was running on the device even before the NSA endorsement in Geneva, 6-7 December Addressing security challenges on a global scale

Conclusion There is good security available. The simple but often forgotten message is: – Design security into the system from the beginning. – Think the design through careful so that you meet your objectives. Geneva, 6-7 December Addressing security challenges on a global scale

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.