1 The Elements of Cryptography Chapter 7 Panko, Corporate Computer and Network Security Copyright 2004 Prentice-Hall.

Slides:



Advertisements
Similar presentations
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Advertisements

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing.
Information Security 1 Information Security: Lecture no 7 Jeffy Mwakalinga.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.
Review For Exam 3 (April 15, 2010) © Abdou Illia – Spring 2010.
ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Cryptography Basic (cont)
Chapter 5 Cryptography Protecting principals communication in systems.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Cryptographic Technologies
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.
McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
ELC 200 Day 24. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 Day 24 Agenda Student Evaluations Should be progressing on Framework –Scheduling.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.
Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
CN8816: Network Security1 Confidentiality, Integrity & Authentication Confidentiality - Symmetric Key Encryption Data Integrity – MD-5, SHA and HMAC Public/Private.
Digital Certificates Public Key Deception Digital Certificates Certificate Authorities Public Key Infrastructures (PKIs)
Chapter 31 Network Security
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
Chapter 3.  Chapter 1 introduced the threat environment  Chapter 2 introduced the plan-protect- respond cycle and covered the planning phase  Chapters.
1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.
DNSSEC Cryptography Review Track 2 Workshop July 3, 2010 American Samoa Hervey Allen.
The Elements of Cryptography (April 1, 2015) © Abdou Illia – Spring 2015.
1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.
© Neeraj Suri EU-NSF ICT March 2006 DEWSNet Dependable Embedded Wired/Wireless Networks MUET Jamshoro Computer Security: Principles and Practice Slides.
Copyright © 2015 Pearson Education, Inc. Chapter 3 Chapter 3.
Part Two Network Security Applications Chapter 4 Key Distribution and User Authentication.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
每时每刻 可信安全 1The DES algorithm is an example of what type of cryptography? A Secret Key B Two-key C Asymmetric Key D Public Key A.
Cryptography, Authentication and Digital Signatures
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.
Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 2 – Cryptographic.
IPsec IPsec (IP security) Security for transmission over IP networks –The Internet –Internal corporate IP networks –IP packets sent over public switched.
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
Privacy versus Authentication Confidentiality (Privacy) –Interceptors cannot read messages Authentication: proving the sender’s identity –The Problem of.
Lecture 16: Security CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9.
Cryptography Chapter 3 Copyright Pearson Prentice Hall 2013.
1 The Elements of Cryptography Chapter 7 Copyright 2003 Prentice-Hall.
Lecture 2: Introduction to Cryptography
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Security fundamentals Topic 4 Encryption. Agenda Using encryption Cryptography Symmetric encryption Hash functions Public key encryption Applying cryptography.
Group 9 Chapter 8.3 – 8.6. Public Key Algorithms  Symmetric Key Algorithms face an inherent problem  Keys must be distributed to all parties but kept.
Encryption Encryption: Transforms Message so that Interceptor Cannot Read it –Plaintext (original message) Not necessarily text; Can be graphics, etc.
© 2015 Pearson Education Ltd. Chapter 3 Chapter 3.
This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
Security. Security Needs Computers and data are used by the authorized persons Computers and their accessories, data, and information are available to.
Computer Communication & Networks
IS3230 Access Security Unit 9 PKI and Encryption
The Elements of Cryptography
The Elements of Cryptography
Presentation transcript:

1 The Elements of Cryptography Chapter 7 Panko, Corporate Computer and Network Security Copyright 2004 Prentice-Hall

2 Figure 7-1: Cryptographic System Confidentiality Authentication Message Integrity Anti-Replay Protection Client PC with Cryptographic System Software Server with Cryptographic System Software Secure Communication Provided Automatically

3 Figure 7-2: Plaintext, Encryption, Ciphertext, and Decryption Network Plaintext “Hello” Encryption Method & Key Ciphertext “ ” Encryption Key Ciphertext “ ” Plaintext “Hello” Decryption Method & Key Decryption Key Interceptor Party A Party B Note: Interceptor Cannot Read Ciphertext Without the Decryption Key

4 Figure 7-3: Key Length and Number of Possible Keys 1 Key Length in Bits , Number of Possible Keys 401,099,511,627, ,057,594,037,927, ,192,296,858,534,830,000,000,000,000,000,000

5 Figure 7-3: Key Length and Number of Possible Keys Key Length in Bits E E E E+33 Number of Possible Keys

6 Figure 7-3: Key Length and Number of Possible Keys Notes: Shaded keys, with lengths of more than 100 bits, are considered strong symmetric keys today. Unshaded keys, with lengths of less than 100 bits, are considered weak symmetric keys today. Public key/private key pairs must be much longer to be strong because of the disastrous consequences of learning someone’s private key and because private keys cannot be changed rapidly.

7 Figure 7-4: Symmetric Key Encryption for Confidentiality Network Plaintext “Hello” Encryption Method & Key Ciphertext “ ” Symmetric Key Ciphertext “ ” Plaintext “Hello” Decryption Method & Key Same Symmetric Key Interceptor Party A Party B Note: A single key is used to encrypt and decrypt in both directions.

8 Figure 7-5: Data Encryption Standard (DES) DES Encryption Process 64-Bit Ciphertext Block 64-Bit DES Symmetric Key (56 bits + 8 redundant bits) 64-Bit Plaintext Block

9 Figure 7-6: DES-CBC (DES-Cipher Block Chaining) First 64-Bit Plaintext Block DES Encryption Process Second 64-Bit Plaintext Block First 64-Bit Ciphertext Block Initialization Vector (IV) DES Encryption Process Second 64-Bit Ciphertext Block DES Key

10 Figure 7-7: Triple DES (3DES) SenderReceiver Encrypts plaintext with the 1 st key Decrypts ciphertext with the 3d key Decrypts output of first step with the 2 nd key Encrypts output of the first step with the 2 nd key Encrypts output of second step with the 3d key; gives the ciphertext to be sent Decrypts output of second step with the 1 st key; gives the original plaintext 168-Bit Encryption with Three 56-Bit Keys

11 Figure 7-7: Triple DES (3DES) SenderReceiver Encrypts plaintext with the 1 st key Decrypts ciphertext with the 1 st key Decrypts output with the 2 nd key Encrypts output with the 2 nd key Encrypts output with the 1 st key Decrypts output with the 1 st key 112-Bit Encryption With Two 56-Bit Keys

12 Figure 7-7: Triple DES (3DES) SenderReceiver Encrypts plaintext with the key Decrypts ciphertext with the key Encrypts output with the key (undoes first step) Encrypts output with the key 56-Bit Encryption With One 56-Bit Key (For Compatibility With Receivers Who Can Handle Only Normal DES)

13 Figure 7-8: DES, 3DES, and AES DES 56 Weak Moderate 3DES 112 or 168 Strong High AES 128, 192, 256 Strong Modest Key Length (bits) Strength Processing Requirements RAM Requirements

14 Symmetric Key Encryption RC4  Only 40-bit encryption  Very weak  Used in wired equivalent privacy security for initially New

15 Figure 7-9: Public Key Encryption for Confidentiality Party A Party B Decrypt with Party A’s Private Key Encrypt with Party A’s Public Key Encrypt with Party B’s Public Key Decrypt with Party B’s Private Key Encrypted Message Encrypted Message

16 Figure 7-10: Strong Keys for Symmetric and Public Key Encryption Strong Symmetric KeysStrong Public and Private Keys Limited damage if cracked, so can be shorter Changed frequently, so can be shorter Serious damage if cracked, so must be longer Rarely changed, so must be longer

17 Figure 7-10: Strong Keys for Symmetric and Public Key Encryption Strong Symmetric KeysStrong Public and Private Keys 100 bits or more today Longer for high-value transactions Longer tomorrow as cracking power increases DES: 56-bits (weak), but 3DES gives 112-bit or 168-bit security AES: Key lengths of 128, 192, or 256; yet places a light load on processor and RAM so can be used by mobile devices IDEA: 128 bits 1,024 or 2,048 bits for RSA encryption today 512 bits for ECC encryption today Longer tomorrow as cracking power increases

18 Figure 7-11: MS-CHAP Challenge- Response Authentication Protocol 2. Verifier sends Challenge Message Challenge Applicant (Client) Verifier (Server) 1. Verifier creates Challenge Message Note: Both the client and the server know the client’s password.

19 Figure 7-11: MS-CHAP Challenge- Response Authentication Protocol 3. Applicant (Supplicant) creates a Response Message: (a)Adds password to Challenge Message (b) Hashes the resultant bit string (does not encrypt) (c) The hash is the Response Message ChallengePassword Response Hashing (Not Encryption)

20 Figure 7-11: MS-CHAP Challenge- Response Authentication Protocol 4. Applicant sends Response Message without encryption Transmitted Response

21 Figure 7-11: MS-CHAP Challenge- Response Authentication Protocol ChallengePassword Expected Response Hashing 5. Verifier adds password to the Challenge Message it sent. Hashes the combination. This is the expected Response Message.

22 Figure 7-11: MS-CHAP Challenge- Response Authentication Protocol Expected ResponseTransmitted Response =? 6. If the two Response Messages are equal, the applicant knows the password and is authenticated. Sever logs Client in. 7. Note that only hashing is involved. There is no encryption.

23 Hashing Hashing is a one-way function. It cannot be reversed  From the hash, you cannot compute the original message Hashing is repeatable  If two parties apply the same hashing method to the same bit string, they will get the same hash

24 Figure 7-12: Encryption Versus Hashing Encryption Uses a key as an input to an encryption method Output is similar in length to input Reversible; ciphertext can be decrypted back to plaintext Use of Key Length of Result Reversibility Hashing Key is usually added to text; the two are combined, and the combination is hashed Output is of a fixed short length, regardless of input One-way function; hash cannot be “de-hashed” back to the original string

25 Figure 7-13: Digital Signature for Message-by-Message Authentication To Create the Digital Signature: 1. Hash the plaintext to create a brief message digest; this is NOT the Digital Signature. 2. Sign (encrypt) the message digest with the sender’s private key to create the digital signature. 3. Transmit the plaintext + digital signature, encrypted with symmetric key encryption. Plaintext MD DS Plaintext Hash Sign (Encrypt) with Sender’s Private Key

26 Figure 7-13: Digital Signature for Message-by-Message Authentication 4. Encrypted with Session Key DSPlaintext Sender Receiver

27 Figure 7-13: Digital Signature for Message-by-Message Authentication To Test the Digital Signature 5. Hash the received plaintext with the same hashing algorithm the sender used. This gives the message digest. 6. Decrypt the digital signature with the sender’s public key. This also should give the message digest. 7. If the two match, the message is authenticated. Received Plaintext MD DS MD 5.6. Hash Decrypt with True Party’s Public Key 7. Are they equal?

28 Figure 7-14: Public Key Deception Impostor “I am the True Person.” “Here is TP’s public key.” (Sends Impostor’s public key) “Here is authentication based on TP’s private key.” (Really Impostor’s private key) Decryption of message from Verifier encrypted with Imposter’s public key, so Impostor can decrypt it Verifier Must authenticate True Person. Believes now has TP’s public key Believes True Person is authenticated based on Impostor’s public key “True Person, here is a message encrypted with your public key.” Critical Deception

29 Figure 7-15: Important X.509 Digital Certificate Fields FieldDescription Version Number Version number of the X.509. Most certificates follow Version 3. Different versions have different fields. This figure reflects the Version 3 standard. IssuerName of the Certificate Authority (CA). Serial Number Unique serial number for the certificate, set by the CA.

30 Figure 7-15: Important X.509 Digital Certificate Fields FieldDescription SubjectThe name of the person, organization, computer, or program to which the certificate has been issued. This is the true party. Public Key The public key of the subject—the public key of the true party. Public Key Algorithm The algorithm the subject uses to sign messages with digital signatures.

31 Figure 7-15: Important X.509 Digital Certificate Fields FieldDescription Valid Period The period before which and after which the certificate should not be used. Note: Certificate may be revoked before the end of this period. Digital Signature The digital signature of the certificate, signed by the CA with the CA’s own private key. Provides authentication and certificate integrity. User must know the CA’s public key independently.

32 Figure 7-15: Important X.509 Digital Certificate Fields FieldDescription Signature Algorithm Identifier The digital signature algorithm the CA uses to sign its certificates.

33 Figure 7-16: Digital Signature and Digital Certificate in Authentication Digital Certificate Authentication Public Key of True Party Signature to Be Tested with Public Key of True Party Digital Signature

34 Figure 7-17: Public Key Infrastructure (PKI) with a Certificate Authority Create & Distribute (1)Private Key and (2) Digital Certificate 4. Certificate for Lee 3. Request Certificate for Lee 5. Certificate for Lee 6. Request Certificate Revocation List (CRL) 7. Copy of CRL Verifier (Brown) Applicant (Lee) Verifier (Cheng) Certificate Authority PKI Server

35 Certificate Authority (CA) CAs are not regulated in any country today  Anyone can be a CA  Even an organized crime syndicate  Some, such as VeriSign, are widely trusted Companies can be their own CAs  Assign keys and certificates to their internal computers  This gets around the need to trust public CAs

36 Figure 7-18: Public Key Distribution for Symmetric Session Keys Party A Party B 1. Create Symmetric Session Key

37 Figure 7-18: Public Key Distribution for Symmetric Session Keys Party A Party B 2. Encrypt Session Key with Party B’s Public Key 4. Decrypt Session Key with Party B’s Private Key 3. Send the Symmetric Session Key Encrypted for Confidentiality 5. Subsequent Encryption with Symmetric Session Key

38 Figure 7-19: Diffie-Hellman Key Agreement Party X Party Y 1. Agree on Diffie-Hellman Group p (prime) and g (generator) 2. Generates Random Number x 2. Generates Random Number y

39 Figure 7-19: Diffie-Hellman Key Agreement Party X Party Y 3. Computes x’=g^x mod p 3. Computes y’=g^y mod p 4. Exchange x’ and y’ Without Security

40 Figure 7-19: Diffie-Hellman Key Agreement Party X Party Y 5. Compute Key= y’^x mod p =g^(xy) mod p 5. Compute Key= x’^y mod p =g^(xy) mod p 6. Subsequent Encryption with Symmetric Session Key

41 Figure 7-20: Replay Attacks Replay Attacks  Retransmit an intercepted message  Message is encrypted so that replay attacker cannot read it Why Replay Attacks  Repetition might work—for instance, replaying an encrypted username and password might result in access to a poorly designed system

42 Figure 7-20: Replay Attacks Preventing Replay Attacks  Insert a time stamp in messages and accept messages only if they are very recent  Insert a sequence number in each message  Insert a nonce (random number selected for the occasion) in a request message; only accept a reply message with the same nonce. Other party does not accept a request message with a previous nonce

43 Figure 7-21: Quantum Computing and Steganography Quantum Computing  Quantum Bits (Q-Bits) In ordinary computers, each bit is either a zero or a one at any time In quantum computers, each quantum bit (q-bit) can be both a zero and a one at any moment When decohered, the q-bit becomes a classic one or zero randomly

44 Figure 7-21: Quantum Computing and Steganography Quantum Computing  Quantum Key Distribution (QKD) Two particles representing q-bits can be entangled so that both will be up or down when read The two entangled particles are sent to the two communicating parties Both will always read the bit the same way—as a one or a zero

45 Figure 7-21: Quantum Computing and Steganography Quantum Computing  Quantum Key Distribution (QKD) They will both read the stream of decohered q- bits as a key Easy to detect interception of q-bits en route by an eavesdropper QKD is becoming commercially viable

46 Figure 7-21: Quantum Computing and Steganography Quantum Computing  Quantum Key Cracking For determining private keys from public keys An array of N q-bits can represent all possible keys of length N Operations can be performed on all possible keys simultaneously Results are put in a results register Decoherence gives one result randomly from all possible results

47 Figure 7-21: Quantum Computing and Steganography Quantum Computing  Quantum Key Cracking This single result can be used to compute the private key Not instantaneous, but much faster than exhaustive key search

48 Figure 7-21: Quantum Computing and Steganography Quantum Computing  Quantum Key Cracking Not practical today  We can only build quantum computers with a few q-bits  Quantum computers with 1000 or more q-bits are some time off

49 Figure 7-21: Quantum Computing and Steganography Steganography  Steganography means hidden writing  Hiding a message in an image Every image is made of pixels There often is about one byte per pixel for each color: red, green, and blue One bit in each byte is the least significant— changing it will alter the color by only 1/256 The process steals the least significant bit from each byte

50 Figure 7-21: Quantum Computing and Steganography Steganography  Hiding a message in an image The message is written into these bits The message may be encrypted before writing it into the bits The picture will look unchanged

51 Figure 7-21: Quantum Computing and Steganography Steganography  Digital Watermarking  Using steganography to hide identifying information in a document  To prove copyright ownership  To identify different copies of a document

52 Figure 7-22: Cryptographic Goals and Methods ConfidentialityAuthentication Applicable. Sender encrypts with key shared with the receiver. Not applicable.Symmetric Key Encryption Applicable. Sender encrypts with receiver’s public key. Applicable. Sender encrypts with own private key. Public Key Encryption Not applicable. Applicable. Used in MS-CHAP and HMACs discussed in the next chapter. Hashing Recap: Not in Book

53 Topics Covered Cryptographic Systems  Provide protections to dialog automatically  Secure communication involves Confidentiality Authentication Message integrity Anti-replay protection

54 Topics Covered Encryption Concepts  Plaintext  Encryption with encryption method and key  Ciphertext, which is is transmitted  Decryption with decryption method and decryption key  Plaintext

55 Topics Covered Key  Random bit string of a particular length  Cryptanalysts try to crack keys  Exhaustive search is thwarted by having long keys  Symmetric key encryption uses a single key for both encryption and decryption in both directions  Public key encryption uses four different keys for encrytpion and decryption in both directions

56 Topics Covered Symmetric Key Encryption Methods  DES (56-bit block encryption method) Weak: 100 bits needed for strong symmetric key encryption  DES-Cipher Block Chaining Encryption input has three parts  Plaintext block  Key  Previous ciphertext block or initialization vector 3DES  Apply DES three times with 1, 2, or 3 keys  With 3 keys, 168-bit encryption

57 Topics Covered Symmetric Key Encryption Methods  DES and its variants has dominated in the past  Advanced Encryption Standard (AES) New, becoming dominant rapidly Key Length  128 bits  192 bits  256 bits Low processing and memory requirements  Can even be done on hand-held devices

58 Topics Covered Public Key Encryption  Each party has a secret private key and a public key  Sender uses the receiver’s public key to encrypt for confidentiality  Receiver uses the receiver’s private key to decrypt messages  Never say “the public key” or “the private key”— always refer to a specific party’s public or private key

59 Topics Covered Public Key Encryption Methods  RSA Dominates public key encryption today 1,024 or 2,048 bits to be strong today  Elliptic curve cryptosystem (ECC) 512 bits to be strong today (more efficient than RSA)  In contrast, symmetric key methodologies only need key lengths of 100 bits to be strong today

60 Topics Covered MS-CHAP  Used in initial authentication  Shared secret is the user’s password  Applicant’s computer adds password to a challenge message and hashes the combined bit string  Applicant’s computer sends the hash as the response message  Problem is that process is only as secure as the strength of the user’s password

61 Topics Covered Hashing  Often used in authentication  Hashing is NOT encryption  Hashing produces a result (hash) that is always the same small length regardless of the input  Hashing is repeatable: given the same bit string, will always give the same hash No key  Hashing is irreversible

62 Topics Covered Digital Signatures  Used in message-by-message authentication  Applicant hashes plaintext message to produce a short message digest  Applicant signs message digest (encrypts it with the Applicant’s private key) to produce the digital signature  Verifier uses the true party’s public key to test the digital signature

63 Topics Covered Digital Certificates  Verifier uses the true party’s public key to test the digital signature—not the sender’s public key  Where does the verifier get the true party’s public key?  Digital certificates give the true party’s name and public key  Note that both a digital signature and a digital certificate (to test the digital signature) are needed in authentication. Neither alone is enough.

64 Topics Covered Public Key Infrastructure  Digital certificates Do not vouch for the goodness of the true party—only the true party’s public key Follow the X.509 standard  PKI Server Distributes private keys securely Distributes public keys in digital certificates Provides certification revocation list (CRL) to ensure that digital certificate is still valid

65 Topics Covered Certificate Authorities (CA)  Manage the PKI  If the CA is set up by an attacker, cannot trust its digital certificates  Not regulated

66 Topics Covered ConfidentialityAuthentication Applicable. Sender encrypts with key shared with the receiver. Not applicable.Symmetric Key Encryption Applicable. Sender encrypts with receiver’s public key. Applicable. Sender encrypts with own private key. Public Key Encryption Not applicable. Applicable. Used in MS-CHAP and HMACs discussed in the next chapter. Hashing Recap: Not in Book

67 Topics Covered Key Distribution  Symmetric keys must be distributed securely between the two parties  Session keys are only used during a single communication session to prevent cryptanalysts from getting enough traffic to crack the key

68 Topics Covered Public Key Distribution  One party randomly generates a symmetric session key  Encrypts the key with the other party’s public key  Both have the symmetric session key, use it Diffie-Hellman Key Agreement  Mathematical way to exchange information to allow the two parties to compute the same symmetric session key

69 Topics Covered Replay Attacks  Attacker resends message  May be effective even if the attacker cannot decrypt the message  To thwart replay attacks, use Time stamps Sequence numbers Different nonces for each command/response cycle