Trusted Key Server OpenPKSD TKS Hironobu SUZUKI IWFST 2005 International Workshop on Future Software Technology.

Slides:



Advertisements
Similar presentations
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
Advertisements

COS 461 Fall 1997 Todays Lecture u intro to security in networking –confidentiality –integrity –authentication –authorization u orientation for assignment.
CIS 193A – Lesson6 CRYPTOGRAPHY RAPELCGRQ. CIS 193A – Lesson6 Focus Question Which cryptographic methods help computer users maintain confidentiality,
Csci5233 Computer Security1 Bishop: Chapter 10 (Cont.) Key Management: Certificates.
PGP Overview 2004/11/30 Information-Center meeting peterkim.
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
Pretty Good Privacy (PGP). How PGP works PGP uses both public-key cryptography and symmetric key cryptography, and includes a system which binds the public.
15-1 Last time Internet Application Security and Privacy Public-key encryption Integrity.
CSCI283 Fall 2005 GWU All slides from Bishop’s slide set Public Key Infrastructure (PKI)
Apr 9, 2002Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication The second assignment.
OOP/Java1 Public Key Crytography From: Introduction to Algorithms Cormen, Leiserson and Rivest.
Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
1 Key Establishment Symmetric key problem: How do two entities establish shared secret key in the first place? Solutions: Deffie-Hellman trusted key distribution.
CSCI 530L Public Key Infrastructure. Who are we talking to? Problem: We receive an . How do we know who it’s from? address Can be spoofed.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
The Idea of Public Key Cryptography Cunsheng Ding HKUST, Hong Kong.
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
Security Management.
Pretty Good Privacy (PGP)
DePaul Information Security
Computer Science Public Key Management Lecture 5.
1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.
Digital Certificates With Chuck Easttom. Digital Signatures  Digital Signature is usually the encryption of a message or message digest with the sender's.
Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward.
Cryptology Digital Signatures and Digital Certificates Prof. David Singer Dept. of Mathematics Case Western Reserve University.
Trusted Key Server OpenPKSD TKS Hironobu SUZUKI IWFST 2005 International Workshop on Future Software Technology.
Japanese FLOSS Now Free Software Movement among People, Open Source Software in Industry Free Software Initiative of Japan Chief Operating Officer Hironobu.
Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.
Beginning PGP 2600 JAN09. What? OpenPGP is the proposed standard. – (RFC 2440, 3156, 4880, 5081, etc) OpenPGP is not a program. PGP and GnuPG are computer.
16.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 16 Security at the Application Layer: PGP and.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.
Cryptography, Authentication and Digital Signatures
Unit 1: Protection and Security for Grid Computing Part 2
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
PGP ENCRYPTION Prepared by Noel Kigaraba. Introduction This presentation explains the basic information about PGP encryption software. It discusses the.
Using secure methods for sending and receiving files SPEEDE Server SPEEDE Users’ Group May 4, 2007 David Stallcup.
Cryptography. Introduction Encryption  The art (or science) of putting messages into a code, and the study of those coding techniques. Decryption  The.
Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.
1 Information Security Practice I Lab 5. 2 Cryptography and security Cryptography is the science of using mathematics to encrypt and decrypt data.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
Upper OSI Layers Natawut Nupairoj, Ph.D. Department of Computer Engineering Chulalongkorn University.
Public Key Infrastructure (PKI) Chien-Chung Shen
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Encryption CS110: Computer Science and the Internet.
Encryption Basics Module 7 Section 2. History of Encryption Secret - NSA National Security Agency –has powerful computers - break codes –monitors all.
Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does.
Key Management. Authentication Using Public-Key Cryptography  K A +, K B + : public keys Alice Bob K B + (A, R A ) 1 2 K A + (R A, R B,K A,B ) 3 K A,B.
Digital Signatures and Digital Certificates Monil Adhikari.
PGP Key Management Basic Principals AfNOG 2007 April 26, 2007 Abuja, Nigeria Hervey Allen.
Mar 28, 2003Mårten Trolin1 This lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.
Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
Prof. Reuven Aviv, Nov 2013 Public Key Infrastructure1 Prof. Reuven Aviv Tel Hai Academic College Department of Computer Science Public Key Infrastructure.
@Yuan Xue Case Study (Mid-term question) Bob sells BatLab Software License Alice buys BatLab Credit card information Number of.
and File Security With GnuPG Matt Brodeur
Key management issues in PGP
PGP Key Management Basic Principals
Public Key Encryption Systems
GnuPG The GNU Privacy Guard
PGP Key Management Basic Principals
asymmetric cryptography
Public Key Infrastructure
Security at the Application Layer: PGP and S/MIME
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
PGP Key Management Basic Principles
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
Public Key Encryption Systems
Presentation transcript:

Trusted Key Server OpenPKSD TKS Hironobu SUZUKI IWFST 2005 International Workshop on Future Software Technology 2005 November 8 – 10, 2005 in Shanghai, China

Who am I Co-chairman and COO of FSIJ –Free Software Initiative of Japan Unix Expert –Over 20 years professional career –Software consultant, President of my own company Part-time teacher in some colleges –Waseda Univ. Senshu Univ. and Jissen Women Univ. My own Free Software project and research project –OpenPKSD.ORG project –WCLSCAN project

What Is OpenPGP OpenPGP is a public key cryptography technology specification as defined RFC2440 OpenPGP provides encryption, decryption, digital signature and others PGP is cryptographic tool that was developed by Philip Zimmermann GNUPG has been developed by GNU Privacy Guard project.

Why We Need It? Verify file for distribution –To distribute collect file –To avoid Trojan horse Source code exchange –Between trustworthy developers Example –Debian developer community uses OpenPGP among them Public key infrastructure is required to build trustful distribution

Public Key Scheme Alice generates a pair of public key and secret key Alice sends a public key Bob Bob make text encrypt using Alice’s public key and bob sends encrypted text to Alice Only Alice can decrypt using her own secret key

Digital Signature Scheme Alice generates a pair of sign key and verify key Alice sends a verify key to bob Alice signs on Alice’s data using Alice’s sign key and send signed data to bob Bob can verify Alice’s signed data using Alice’s verify key

Where Is Alice’s Public/Verify Key? –Do you want to send again, again and again? Personal website –Not too bad Keyserver –Easy to find it –Pgp public key servers have been available since 1994 –OpenPKSD that is ruby version of keyserver has been available at since 2002

Old Style Keyserver Alice can’t handle her own public key –Cathy can put Alice’s public key –David can put his signature on Alice’s public key Alice doesn't want it either Since 1994

Key owner Third party signer Key user Current keyserver key flow diagram

OpenPKSD TKS Successor of OpenPKSD that is written in Ruby –Ruby is good for rapid programming –True Object Oriented language I introduced OpenPKSD in Ruby Conference 2002 Seattle Public key owners can handle their own key under OpenPKSD TKS (trusted key server) –Because TKS has their own public keys Free Software –Free as in speech not as in beer

Key owner Third party key signer Key user TKS key flow diagram

PostgreSQL Apache2 Cgi scripts OpenPGP Packet Class OpenPKSD Class TKS Class DB handle Class Bit manipulate module (Written in C) GNU gpg command Structure of OpenPKS TKS

Status of OpenPKSD TKS Project Prototype developing was started in December 2004 and finished September 2005 Test site will be started next few month Trusted keyserver service will start in April 2006

Summary Digital Signature is strongly required for Free Software/Open Source developers OpenPKSD provides public key exchange infrastructure OpenPKSD Trusted Keyserver, new version keyserver server system is coming soon. Ruby is a strong glue between Apache2, extra- modules and Database and is good for server application