Rennes, 23/10/2014 Cristina Onete Graded Exercises & Authentication.

Slides:



Advertisements
Similar presentations
Word List A.
Advertisements

DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13
DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 Digital Signatures Authentication.
Rennes, 24/10/2014 Cristina Onete CIDRE/ INRIA Privacy in signatures. Hiding in rings, hiding in groups.
Rennes, 23/10/2014 Cristina Onete Commitment Schemes and Identification/Authentication.
Last Class: The Problem BobAlice Eve Private Message Eavesdropping.
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Rennes, 23/10/2014 Cristina Onete Commitment Schemes and Identification/Authentication.
Rennes, 24/10/2014 Cristina Onete CIDRE/ INRIA Sigma Protocols and (Non-Interactive) Zero Knowledge.
Security Definitions in Computational Cryptography
Rennes, 23/10/2014 Cristina Onete Key-Exchange Protocols. Diffie-Hellman, Active Attacks, and TLS/SSL.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
Rennes, 07/11/2014 Cristina Onete CIDRE/ INRIA Controlled malleability. Sanitizable Signatures.
Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.
Rennes, 27/11/2014 Cristina Onete Subject Review, Questions, and Exam Practice.
1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.
Rennes, 23/10/2014 Cristina Onete Putting it all together: using multiple primitives together.
SMUCSE 5349/73491 Authentication Protocols. SMUCSE 5349/73492 The Premise How do we use perfect cryptographic mechanisms (signatures, public-key and symmetric.
CMSC 414 Computer (and Network) Security Lecture 21 Jonathan Katz.
Class on Security Raghu. Current state of Security Cracks appear all the time Band Aid solutions Applications are not designed properly OS designs are.
Authentication. Terminology  Authentication التثبت من الهوية  Access Control (authorization) التحكم في الوصول  Note the difference between the two.
CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
ITIS 6200/8200. time-stamping services Difficult to verify the creation date and accurate contents of a digital file Required properties of time-stamping.
Slide 1 Vitaly Shmatikov CS 378 Public-Key Authentication and Public-Key Infrastructure.
CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.
Chapter 9 Cryptographic Protocol Cryptography-Principles and Practice Harbin Institute of Technology School of Computer Science and Technology Zhijun Li.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.
CMSC 414 Computer and Network Security Lecture 13 Jonathan Katz.
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
Security using Encryption Security Features Message Origin Authentication - verifying that the sender is who he or she says they are Content Integrity.
Strong Password Protocols
Csci5233 Computer Security1 Bishop: Chapter 10 Key Management: Digital Signature.
Rennes, 15/10/2014 Cristina Onete Message authenticity: Digital Signatures.
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
14.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 14 Entity Authentication.
CS555Topic 211 Cryptography CS 555 Topic 21: Digital Schemes (1)
Digital signature in automatic analyses for confidentiality against active adversaries Ilja Tšahhirov, Peeter Laud.
Secure Electronic Transaction (SET)
SAR-SSI, 16/05/2014Cristina Onete CIDRE Keep your friends close with distance-bounding protocols.
8-1Network Security Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity, authentication.
Authentication and Authorization Authentication is the process of verifying a principal’s identity (but how to define “identity”?) –Who the person is –Or,
Authentication: keys, MAC, hashes, message digests, digital signatures.
Lecture 11: Strong Passwords
Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Security: An Overview of Cryptographic Techniques /440 With slides from: Debabrata Dash, Nick Feamster, Gregory Kesden, Vyas Sekar and others.
Fall 2004/Lecture 201 Cryptography CS 555 Lecture 20-b Zero-Knowledge Proof.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
Privacy versus Authentication Confidentiality (Privacy) –Interceptors cannot read messages Authentication: proving the sender’s identity –The Problem of.
1 Lecture 9: Cryptographic Authentication objectives and classification one-way –secret key –public key mutual –secret key –public key establishing session.
8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 part 2: Message integrity.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Digital Signatures, Message Digest and Authentication Week-9.
14.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 14 Entity Authentication.
Authentication Issues and Solutions CSCI 5857: Encoding and Encryption.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Secure Communication between Set-top Box and Smart Card in DTV Broadcasting Authors: T. Jiang, Y. Hou and S. Zheng Source: IEEE Transactions on Consumer.
Game-based composition for key exchange Cristina Brzuska, Marc Fischlin (University of Darmstadt) Nigel Smart, Bogdan Warinschi, Steve Williams (University.
Network Security Continued. Digital Signature You want to sign a document. Three conditions. – 1. The receiver can verify the identity of the sender.
多媒體網路安全實驗室 Anonymous Authentication Systems Based on Private Information Retrieval Date: Reporter: Chien-Wen Huang 出處: Networked Digital Technologies,
Identify Friend or Foe (IFF) Chapter 9 Simple Authentication protocols Namibia Angola 1. N 2. E(N,K) SAAF Impala Russian MIG 1 Military needs many specialized.
Chapter eight: Authentication Protocols 2013 Term 2.
Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.
Efficient Public-Key Distance Bounding
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
The power of Pairings towards standard model security
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
Presentation transcript:

Rennes, 23/10/2014 Cristina Onete Graded Exercises & Authentication

 Challenge-Response Prover Verifier challenge response  Symmetric authentication: Verifier stores a keyring of many keys (each corresponding to one prover) Goal of challenge-response: verifier can decide whether the prover is legitimate or not Shared Property 1: a legitimate prover can always authenticate Property 2: an illegitimate prover can never authenticate Cristina Onete || 06/11/2014 || 2

 Challenge-Response Prover Verifier challenge response  Exercise 5: Design a challenge-response protocol using a symmetric encryption function Now use a PK encryption scheme Use a pseudo-random hash function Now use a signature scheme Use a commitment scheme and a 1-way hash function Cristina Onete || 06/11/2014 || 3

 Exercises  Exercise 6: Prover Verifier Use the protocol above, assuming the hash function produ- ces pseudo-random outputs What is a simple denial-of-service attack that an attacker can run against a verifier who stores very many keys? Cristina Onete || 06/11/2014 || 4

 Exercises Prover Verifier  Exercise 7: A mutual authentication protocol is one in which both parties can verify the legitimacy of their partner Start from a basic 2-move challenge-response protocol. Can you think of a 3-move protocol that ensures MUTUAL authentication? Design a mutual authentication protocol using only a (keyed) hash function. What are the required properties? Cristina Onete || 06/11/2014 || 5

 Exercise 8: the age game  One of your friends, a girl, asks you to guess her age  You know the penalty for guessing she is too old: she’ll kick you and punch you, and probably then kill you  So you say: I bet you I know your age. But you have to give me your ID card to check it. If it’s right, I will prove to you that I knew your age. If I am wrong, I’m buying you flowers, chocolates, and an expensive dinner Use a commitment scheme. The idea is that you want to be able to prove that your guess was right (if the number you guessed is at most her age – as you will see from her ID) or withold any information about your guess (if you guessed wrongly). That way, she will at least not know how old you thought she was Cristina Onete || 06/11/2014 || 6

 Some thought:  We have an arbitrary unforgeable signature scheme: SScheme = (KGen, Sign, Vf)  And we also have any IND-CCA encryption scheme  Say we want to ensure that a (confidential) message comes from a given party. Can we send: EScheme = (KGen, Enc, Dec) Cristina Onete || 15/10/2014 || 7

CIDRE Thanks!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.