Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.

Slides:



Advertisements
Similar presentations
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Advertisements

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
Chapter 11: Cryptography
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Cryptographic Security Presented by: Josh Baker October 9 th, CS5204 – Operating Systems.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Information Security & Cryptographic Principles. Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
Pretty Good Privacy (PGP). How PGP works PGP uses both public-key cryptography and symmetric key cryptography, and includes a system which binds the public.
AAI and universities Roles and functions. The Smart Card Architect Objectives zBuild a secure Authentication and Authorization Infrastructure between.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Computer Security Key Management. Introduction We distinguish between a session key and a interchange key ( long term key ). The session key is associated.
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
Computer Security Key Management
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Principles of Information Security, 2nd edition1 Cryptography.
CSCI283 Fall 2005 GWU All slides from Bishop’s slide set Public Key Infrastructure (PKI)
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Apr 9, 2002Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication The second assignment.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Cryptographic Technologies
1 Digital Signatures CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 12, 2004.
Chapter 9: Key Management
Slide #9-1 Chapter 9: Key Management Session and Interchange Keys Key Exchange Cryptographic Key Infrastructure Storing and Revoking Keys Digital Signatures.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.
Csci5233 Computer Security1 Bishop: Chapter 10 Key Management: Digital Signature.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Csci5233 Computer Security1 Bishop: Chapter 10 (Cont.) Key Management: Storage & Revoking.
16.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 16 Security at the Application Layer: PGP and.
SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Códigos y Criptografía Francisco Rodríguez Henríquez Security Attacks: Active and Passive Active Masquerade (impersonation) Replay Modification of message.
1 Chapter 9: Key Management All algorithms we have introduced are based on one assumption: keys have been distributed. But how to do that? Key generation,
Web Security : Secure Socket Layer Secure Electronic Transaction.
Cryptography and Network Security (CS435) Part Twelve (Electronic Mail Security)
1. 2 Overview In Exchange security is managed by assigning permissions in Active Directory Exchange objects are secured with DACL and ACEs Permissions.
Csci5233 computer security & integrity 1 Cryptography: an overview.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
1 Thuy, Le Huu | Pentalog VN Web Services Security.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Using Public Key Cryptography Key management and public key infrastructures.
7.6 Secure Network Security / G.Steffen1. In This Section Threats to Protection List Overview of Encrypted Processing Example.
Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Chapt. 10 – Key Management Dr. Wayne Summers Department of Computer Science Columbus State University
Mar 28, 2003Mårten Trolin1 This lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.
Key management issues in PGP
Chapter 9. Key management
Key Management Session and Interchange Key Key Exchange
S/MIME T ANANDHAN.
IS3230 Access Security Unit 9 PKI and Encryption
Security at the Application Layer: PGP and S/MIME
Chapt. 10 – Key Management Dr. Wayne Summers
Bishop: Chapter 10 Key Management: Digital Signature
Presentation transcript:

Key Management

Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and the generation, maintenance, and revoking of such keys  Solves problem of propagating authentication  Interchange key – cryptographic key associated with a principal to a communication  Session key - cryptographic key associated with the communication

Key Exchange  Goal is two allow two parties to communicate secretly using a shared cryptographic key 1.Key cannot be transmitted in the clear (must be encipher when sent or derived without an exchange of data used to derive the key) 2.Sender and receiver may decide to trust a third party 3.Cryptosystems and protocols are publicly known. The only secret data is the keys involved.

Cryptographic Key Infrastructures  Certificate- token that binds an identity to a cryptographic key  X.509: Directory Authentication Framework – defines certificate formats and certification validation (see security notes for details)  Certification authority (CA) – entity that issues certificates  PGP (Pretty Good Privacy) – enchipherment program widely used to provide privacy for electronic mail (see web link to

Storing and Revoking Keys  If stored in a file, easy to compromise, even if enchiphered  Store on one or more smart cards (ROM)

Digital Signatures  Digital signatures – authenticates both the origin and content of a message  Uses public key cryptography  Provides nonrepudiation  RSA Digital Signature (some problems)  El Gamal Digital Signature

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.