Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.

Slides:

Advertisements

Similar presentations

Public Key Infrastructure and Applications

Advertisements

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Cryptography and Network Security Chapter 14

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Pretty Good Privacy (PGP). How PGP works PGP uses both public-key cryptography and symmetric key cryptography, and includes a system which binds the public.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

An In-Depth Examination of PKI Strengths, Weaknesses and Recommendations.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Cryptographic Technologies

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

Encryption Methods By: Michael A. Scott

Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/

Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.

1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.

AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.

Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.

©Copyrights 2011 Eom, Hyeonsang All Rights Reserved Distributed Information Processing 20 th Lecture Eom, Hyeonsang ( 엄현상 ) Department of Computer Science.

Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

Crypto Bro Rigby. History

Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Cryptography, Authentication and Digital Signatures

Unit 1: Protection and Security for Grid Computing Part 2

Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.

Symmetric Encryption Mom’sSecretApplePieRecipe Mom’sSecretApplePieRecipe The same key is used to encrypt and decrypt the data. DES is one example. Pie.

Secure Messaging Workshop The Open Group Messaging Forum February 6, 2003.

Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.

Encryption. What is Encryption? Encryption is the process of converting plain text into cipher text, with the goal of making the text unreadable.

1. 2 Overview In Exchange security is managed by assigning permissions in Active Directory Exchange objects are secured with DACL and ACEs Permissions.

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.

بسم الله. PKI Revealed Ayman Saeed Agenda Cryptography Review. PKI …… WHY and HOW!!!!!. X.509 Certificate. PKI Hierarchies Certification. Practical Implementation.

DIGITAL SIGNATURE.

Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does.

1 Thuy, Le Huu | Pentalog VN Web Services Security.

1 Session 4 Module 6: Digital signatures. Digital Signatures / Session4 / 2 of 18 Module 4, 5 - Review (1)  Java 2 security model provides a consistent.

Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

1 Certification Issue : how do we confidently know the public key of a given user? Authentication : a process for confirming or refuting a claim of identity.

Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.

Encryption and Security Tools for IA Management Nick Hornick COSC 481 Spring 2007.

Prof. Reuven Aviv, Nov 2013 Public Key Infrastructure1 Prof. Reuven Aviv Tel Hai Academic College Department of Computer Science Public Key Infrastructure.

CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.

Fundamentals of Network Security Ravi Mukkamala SCI 101 October 6, 2003.

Unit 3 Section 6.4: Internet Security

Message Security, User Authentication, and Key Management

Chapter 4 Cryptography / Encryption

Secure How do you do it? Need to worry about sniffing, modifying, end-user masquerading, replaying. If sender and receiver have shared secret keys,

Introduction to Cryptography

Presentation transcript:

Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik

CISA 2002 Franci Tajnik cryptographic system u cryptographic algoritm ( math. function) u keys ( word, number, phrase ) u protokol u convert plain text to cipher text

CISA 2002 Franci Tajnik Symmetric method DES Cipher text Plaintext Symetric Key Sender Receiver Plaintext Cipher text

CISA 2002 Franci Tajnik Asymmetric Key Generation Seed Data Generation Program Secret Key Public Key Asymmetric Relationship

CISA 2002 Franci Tajnik Asymmetric method RSA Cipher text Plaintext Sender Receiver Plaintext Cipher text Public Private Secrecy

CISA 2002 Franci Tajnik Asymmetric method RSA Authentication Cipher text Plaintext Sender Receiver Plaintext Cipher text Public Private Plaintext

CISA 2002 Franci Tajnik PGP princip Plaintext Sender Receiver Plaintext Public Private One time Session key Encry. Session key Cipher text Encry. Session.key Cipher text Encry. Session key

CISA 2002 Franci Tajnik Digital signatures Cipher text Plaintext Sender Receiver Plaintext Cipher text Public Private

CISA 2002 Franci Tajnik Digital signature Plaintext Sender Receiver Public Private message digest 160 hash signature Plaintext signature Plaintext message digest 160 hash message digest 160

CISA 2002 Franci Tajnik Digital signature Plaintext Sender Receiver Private S message digest 160 hash signature Plaintext signature Plaintext message digest 160 hash message digest 160 Public R Private R Public S

CISA 2002 Franci Tajnik security Plaintext Sender Receiver Private S message digest 160 hash signature Plaintext signature Plaintext message digest 160 hash message digest 160 Public R Private R Public S One time Session key Dec.SESS. K e Y ENC.SESS. K E Y

CISA 2002 Franci Tajnik Certification Authority Registration Authority Holder Certificate information Public Holder CA Digital signature Private Public Holder Digital certificate RA

CISA 2002 Franci Tajnik Digital signature Plaintext Sender Receiver Private S message digest 160 hash signaturePlaintext signaturePlaintext message digest 160 hash message digest 160 Public R Private R Dig.cert. CAS

CISA 2002 Franci Tajnik Certification Authority n software for issue the certificates n creates certificates n digitaly signs certificate Registration Authority n people, processes, tools n administration of users

CISA 2002 Franci Tajnik Problems n Do you trust the certification company? n What validation process does the company undertake to ensure that an entity is who they claim to be before issuing a certificate? n Who certifies the Certification Authority?

CISA 2002 Franci Tajnik Certification Process Certification Authority User Verifies Credentials Creates Certificate Generates Key Set Presents Public Key and Credentials Receives Certificate Public Distribution

CISA 2002 Franci Tajnik Requirements for a CA n Outstanding integrity - recognised by others n Financial backing to cover potential liabilities

CISA 2002 Franci Tajnik Requirements of a CA n Physically secure environment n Tamper resistant modules for its cryptographic processing n Ability to generate key pairs n Random number generator n Ability to check signatures n Ability to sign certificates

CISA 2002 Franci Tajnik Requirements of a CA n Software to support all certificate formats n Clear security policy n Secure, auditable procedures for certificate production n Directory of certificates (including archived certificates)

CISA 2002 Franci Tajnik PGP certificate format n PGP version number n certificate holders public key n certificate holders information n digital signature of certificate owner u using holders private key (self signature) n certificate validity period n encryption algorrthm

CISA 2002 Franci Tajnik X.509 certificate format n X.509 version number n certificate holders public key n serial number of certificate n certificate holders unique identifier n certificate validity period n unique name of CA n digital signature of CA n signature algorithm

CISA 2002 Franci Tajnik Cross Verification Where there is more than one Certification Authority there must be a way of relying on certificates provided by other Certification Authorities Where there is more than one Certification Authority there must be a way of relying on certificates provided by other Certification Authorities

CISA 2002 Franci Tajnik Conclusions n The auditor has to accept the integrity of the underlying algorithms n The role of the Certification Authority is critical to the operational process n Certification Authorities will be the key to the entire Public Key Infrastructure (PKI) process