©Copyrights 2011 Eom, Hyeonsang All Rights Reserved Distributed Information Processing 20 th Lecture Eom, Hyeonsang ( 엄현상 ) Department of Computer Science.

Slides:



Advertisements
Similar presentations
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Advertisements

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
SSL : An Overview Bruhadeshwar Bezawada International Institute of Information Technology, Hyderabad.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Public Key Management and X.509 Certificates
Introduction to PKI, Certificates & Public Key Cryptography Erwan Lemonnier.
DESIGNING A PUBLIC KEY INFRASTRUCTURE
WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Cryptography Basic (cont)
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,
Cryptographic Technologies
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Copyright, 1996 © Dale Carnegie & Associates, Inc. Digital Certificates Presented by Sunit Chauhan.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Security Management.
TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
Encryption Methods By: Michael A. Scott
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.
CN8816: Network Security1 Confidentiality, Integrity & Authentication Confidentiality - Symmetric Key Encryption Data Integrity – MD-5, SHA and HMAC Public/Private.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Introduction to Public Key Cryptography
Chapter 31 Network Security
1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.
1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.
Secure Electronic Transaction (SET)
Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.
Introduction to Secure Sockets Layer (SSL) Protocol Based on:
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
Networks Management and Security Lecture 3.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
CERTIFICATES. What is a Digital Certificate? Electronic counterpart to a drive licenses or a passport. Enable individuals and organizations to secure.
Symmetric Encryption Mom’sSecretApplePieRecipe Mom’sSecretApplePieRecipe The same key is used to encrypt and decrypt the data. DES is one example. Pie.
Internet-security.ppt-1 ( ) 2000 © Maximilian Riegel Maximilian Riegel Kommunikationsnetz Franken e.V. Internet Security Putting together the.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 2 – Cryptographic.
Symmetric Cryptography, Asymmetric Cryptography, and Digital Signatures.
DIGITAL SIGNATURE. GOOD OLD DAYS VS. NOW GOOD OLD DAYS FILE WHATEVER YOU WANT – PUT ‘NA’ OR ‘-’ OR SCRATCH OUT FILE BACK DATED, FILE BLANK FORMS, FILE.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
What is Digital Signature Building confidentiality and trust into networked transactions. Kishankant Yadav
Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.
Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
بسم الله. PKI Revealed Ayman Saeed Agenda Cryptography Review. PKI …… WHY and HOW!!!!!. X.509 Certificate. PKI Hierarchies Certification. Practical Implementation.
Security fundamentals Topic 4 Encryption. Agenda Using encryption Cryptography Symmetric encryption Hash functions Public key encryption Applying cryptography.
OMA Secure Content Delivery for the Mobile World ODRL Workshop, Vienna Dr. Willms Buhse Vice Chair, OMA Download and DRM group.
Security. Security Needs Computers and data are used by the authorized persons Computers and their accessories, data, and information are available to.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
IS3230 Access Security Unit 9 PKI and Encryption
The Secure Sockets Layer (SSL) Protocol
Presentation transcript:

©Copyrights 2011 Eom, Hyeonsang All Rights Reserved Distributed Information Processing 20 th Lecture Eom, Hyeonsang ( 엄현상 ) Department of Computer Science & Engineering Seoul National University

Outline DRM (Digital Rights Management)  Introduction  PKI and Certificate Chain  DRM for Content Distribution  OMA (Open Mobile Alliance) DRM Q&A

Secure Information Transfer How Can User A Send Information Securely to User B?  What does this mean?

Basic Security Concepts Identification (Against All Entities)  Process of Recognizing a Particular Individual Using Presented Information Authentication (Against a Previously Identified Entity)  Process of Verifying Certain Information Authorization  Process of Determining What You Are Allowed to Do

Basic Security Concepts (Cont’d) Integrity  Process of Ensuring That Information Is Unchanged Confidentiality  Keeping Information Secret Non-Repudiation  Not Being Able to Deny Something

Cryptography Basics Definition  Science of Applying Mathematics to Increase Security Symmetric Cryptographic Algorithms  Taking Clear Text as Input Outputting the Cipher Text Using a Symmetric Key, and Reversing This Process DES (Data Encryption Standard) 3-DES RC2, RC5, RC6 Rijndael(or AES, Advanced Encryption Standard)

Cryptography Basics (Cont’d) Asymmetric Cryptographic Algorithms  Taking Clear Text as Input Outputting the Cipher Text Using a Public/Private Key, and Reversing this Process Using the Matching Private/Public (Respectively) Key DH (Diffie-Hellman) RSA (Rivest, Shamir, and Adleman at MIT) ECC (Elliptic Curve Cryptography) PKI (Public Key Infrastructure): the Public/Private Key-Based Encryption Framework That Permits Deploying Security Services

Cryptography Basics (Cont’d) Illustrations: Asymmetric Cryptography

Cryptography Basics (Cont’d) Symmetric vs Asymmetric Cryptographic Algorithms  Advantages of Asymmetric Algorithms Superior key management and scaling Unnecessary prior relationship Private-key-holder only operations (as a basis for digital signatures)  Disadvantages of Asymmetric Algorithms Possibly 10 to 100 times slower execution Expansion of the cipertext

Cryptography Basics (Cont’d) Hash Algorithms  Definition Taking a chunk of data and compressing it into a digest (or fingerprint) of the data  Examples MD2 (128-bit digest; best for 8-bit processors) MD5 (128-bit digest; best for 32-bit processors) SHA-1 (160-bit digest; best for high-end processors)  Properties No backward recovery No information about the initial clear text No backward creation/discovery

Digital Signatures Data Encrypted with a Private Key  Technique for Authentication and Non-Repudiation If a public key properly decrypts data, then it must have been encrypted with the private key Verifying Integrity, too

Certificate Notarized Association between the Particular User with the Particular Public Key Do We Need Time?

Illustration: Public Key Infrastructure Request Certificate - Download Program to Generate Key Pair - Input Reference No. & License Code - Create (Private Key, Public Key) Pair - Send Certificate Request Information (Public Key Included) Verify Identification Issue Certificate - Signed w/ CA’s Private Key Generate Digital Signature Send Digital Document + Digital Signature + Certificate Request Certificate of CA / CRL Verify CRL Verify Certificate of User A Verify Digital Signature of User A Send Certificate of CA / CRL Save Certificate on the Storage (HDD, USB, etc) Encrypt / Save Private Key Using Password Registration Authority Submit Request Form / ID Verify Identification Send Identification Information to CA Send Reference No. & License Code Convey Reference No. & License Code Directory Exchange Certificate and CRL (Certificate Revocation List)

X.509 Certificate X.509 Specification  Information Contained in a Certificate, and Its Format Components  Version Indicator of Version 1,2, or 3  Serial Number Unique Identifying Number for This Certificate  Signature Algorithm Identifier of the Digital Signature Algorithm  Issuer X.500 Name of the Issuing CA  Validity Start and Expiration Dates and Times of the Certificate  Subject X.500 Name of the Holder of the Private Key (Subscriber)  Subject Public-Key Information Value of the Public-Key for the Subject Together with an Identifier of the Algorithm with Which This Public-Key to Be Used

Security Holes in PKI Fabricated Identification Card Illegal Copy of Certificate Hacking Program  E.g. Key Logger Program Hacker can get id/password, account no, security card no, and password for encrypting private key Hacker can disguise himself/herself as a user The Main Reasons for These Security Holes Are Unsafe Storage, Operating System, and Character-Based Protection Mechanism. ☞ Security-Enabled Storage Medium, OS Security Patch, and Biometrics

Certificate Chain X.509 Standard Model for Setting Up a Hierarchy of CAs  In Large Organizations, It May Be Appropriate to Delegate the Responsibility for Issuing Certificates to Several Different Certificate Authorities Ordered List of Certificates Containing an End-User or Subscriber Certificate and Its Certificate Authority Certificates  Each Certificate Is Followed by the Certificate of Its Issuer  Each Certificate Contains the Name (DN) of That Certificate's Issuer Same as the subject name of the next certificate in the chain  Each Certificate Is Signed with the Private Key of Its Issuer Signature verifiable with the public key in the issuer's certificate, which is the next certificate in the chain

Certificate Chain Example Korea - Check Validity Period - Verify That This Is Signed by Engineering CA - Since Engineering CA Is Not Trusted, Check the Next Certificate

Applying DRM to Protect Content Distributing DRM Protected Content  Content Issuer’s Encrypting the Content and Packaging in DRM Content Format  Rights Issuer’s Assigning Permissions and Constraints for Content  User’s Receiving Content and Rights  User’s Sending the Protected Content to a Friend with OMA DRM Enabled Devices  Friend’s Purchasing the Permission to Consume the Content

Example of OMA DRM Deployment Content Issuer Rights Issuer 2. Transfer Content Encryption Key 1. Browse to Website and Download Protected Content 4. Deliver Protected Rights Object Your Device Share Content within Your Domain 5. Super-Distribute Content to a Friend Your Friend’s Phone 3. Purchase “Rights” and Establish Trust 6. Establish Trust; Purchase and Deliver Rights Object

References [Burnett01] S. Burnett and S. Paine, RSA Security’s Official Guide to Cryptography, Osborne/McGraw-Hill, March 2001 [Nash01] A. Nash, et al., PKI: Implementing and Managing E-Security, Osborne/McGraw-Hill, March2001 [OMA] Open Mobile Alliance,

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.