IEEE P1363.2: Standard Specifications for Password-based Public-Key Cryptography David Jablon CTO Phoenix Technologies Treasurer, IEEE P1363 NIST Key Management.

Slides:



Advertisements
Similar presentations
Revised 08/16/1999 IEEE P1363: Standard Specifications for Public-Key Cryptography Burt Kaliski Chair, IEEE P1363 August 17, 1999.
Advertisements

Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.
Key Establishment Schemes Workshop Document October 2001.
SIP Authentication using EC- SRP5 Protocol draft-liu-sipcore-ecc-srp5-00.txt Authors: Fuwen Liu, Minpeng Qi and Min Zuo.
SPEKE S imple Password-authenticated Exponential Key Exchange Robert Mol Phoenix Technologies.
Cryptography and Network Security
Public-key based. Public-key Techniques based Protocols –may use either weak or strong passwords –high computation complexity (Slow) –high deployment.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.
Trustworthy User Interface Design: Dynamic Security Skins Rachna Dhamija and J.D. Tygar University of California, Berkeley TIPPI Workshop June 13, 2005.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
Applied Cryptography for Network Security
國立清華大學資訊工程系 資訊安全實驗室 孫宏民 博士 Phone: Authenticated Key Exchange Protocols.
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Geneva, Switzerland, 4 December 2014 ITU-T Study Group 17 activities in the context of digital financial services and inclusion: Security and Identity.
Authentication System
Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.
Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
IEEE P1363: Standard Specifications for Public-Key Cryptography
Network Security Essentials Fifth Edition by William Stallings Fifth Edition by William Stallings.
C HAPTER 13 Asymmetric Key Cryptography Slides adapted from "Foundations of Security: What Every Programmer Needs To Know" by Neil Daswani, Christoph Kern,
Public Key Model 8. Cryptography part 2.
Bob can sign a message using a digital signature generation algorithm
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 21 “Public-Key Cryptography.
1 Cryptography and Network Security Fourth Edition by William Stallings Lecture slides by Lawrie Brown Changed by: Somesh Jha [Lecture 1]
Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester ITGD 2202 University of Palestine.
Internet Research Task Force Crypto Forum Research Group IETF 89 March 3, 2014 London List: Chairs:
TLS 1.2 and NIST SP A Tim Polk November 10, 2006.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
The Secure Password-Based Authentication Protocol
Solutions for Secure and Trustworthy Authentication Ramesh Kesanupalli
The Battle Against Phishing: Dynamic Security Skins Rachna Dhamija and J.D. Tygar U.C. Berkeley.
Key Agreement Guilin Wang School of Computer Science 12 Nov
IEEE Robotics and Automation Society: Meetings & Conferences Report T. J. Tarn IEEE RAS Vice-President for Conferences October 2005 IEEE RAS.
Chapter 21 Public-Key Cryptography and Message Authentication.
Cryptography and Network Security Chapter 10 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Chapter 13 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Elliptic Curve Cryptography-based Authorization & Key Agreement for IEEE m IEEE Presentation Submission Template (Rev. 9) Document Number:
Maryland Information Systems Security Lab D EPARTMENT OF C OMPUTER S CIENCE EAP Password Authenticated eXchange (PAX) T. Charles Clancy William A. Arbaugh.
CIST/ETRI/ISIT/KDDI/Kyusyu Univ./NICT Joint Research Workshop on Ubiquitous Network Security 2005 Verifier-Based Password-Authenticated Key Exchange Jeong.
Understanding Cryptography by Christof Paar and Jan Pelzl These slides were prepared by Christof Paar and Jan Pelzl Chapter 8 –
PUBLIC-KEY CRYPTOGRAPH IT 352 : Lecture 2- part3 Najwa AlGhamdi, MSc – 2012 /1433.
1 Robust and Efficient Password-Authenticated Key Agreement Using Smart Cards 使用在 smart cards 的強韌及高效率密碼驗證金鑰協定 IEEE Transactions on Industrial Electronics,
Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.
One-Time Password Specifications (OTPS): Overview, Workshop Agenda, and Process DRAFT – 18 May 2005.
Doc.: IEEE /213r0 Submission March 2002 D Jablon/Phoenix and Alternative Authentication Protocols David Jablon Phoenix Technologies.
Kerberos Guilin Wang School of Computer Science 03 Dec
Pairing Based Cryptography Standards Terence Spies VP Engineering Voltage Security
1 Chapter 10: Key Management in Public key cryptosystems Fourth Edition by William Stallings Lecture slides by Lawrie Brown (Modified by Prof. M. Singhal,
Public Key Algorithms Lesson Introduction ●Modular arithmetic ●RSA ●Diffie-Hellman.
Doc.: IEEE /303 Submission May 2001 Simon Blake-Wilson, CerticomSlide 1 EAP-TLS Alternative for Security Simon Blake-Wilson Certicom.
Reliability Standards Development Plan David Taylor Manager Standards Development Standards Committee Meeting June 12-13, 2008.
1 Diffie-Hellman (Key Exchange) Protocol Rocky K. C. Chang 9 February 2007.
Cryptography and Network Security Chapter 10 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Diffie-Hellman Key Exchange first public-key type scheme proposed by Diffie & Hellman in 1976 along with the exposition of public key concepts – note:
IEEE P AMP March 25, History 1/3 May 2000 [Kw00] –First proposal to IEEE P1363 February 2001 [Kw01] –Presented at NDSS ’01, San Diego, CA.
RSA Data Security, Inc. PKCS #13: Elliptic Curve Cryptography Standard Burt Kaliski RSA Laboratories PKCS Workshop October 7, 1998.
IEEE P1363 and Standards Process William Whyte, NTRU Cryptosytems 2/16/2005.
November 2011 Jin-Meng Ho and David Davenport. doc.: IEEE Slide 1Submission Project: IEEE P Working Group for Wireless Personal.
PKCS #5 v2.0: Password-Based Cryptography Standard
IEEE P Consolidation of Schemes November 20, 2003 Teleconference.
1 Diffie-Hellman (Key Exchange) Protocol Rocky K. C. Chang 9 February 2007.
The Federal Information Processing Standards (FIPS) Encryption Suite Sean Smith COSC
SIP Authentication using EC- SRP5 Protocol Fuwen Liu, Minpeng Qi, Min Zuo, 1.
RSA Data Security, Inc. Emerging Standards for Public-Key Cryptography Burt Kaliski Chief Scientist, RSA Laboratories BRICS Summer School in Cryptology.
Diffie-Hellman Key Exchange
Presentation transcript:

IEEE P1363.2: Standard Specifications for Password-based Public-Key Cryptography David Jablon CTO Phoenix Technologies Treasurer, IEEE P1363 NIST Key Management Workshop November 1-2, 2001

November 1, 2001NIST Key Management Workshop2 What is IEEE P ? “Standard Specifications for Public Key Cryptography: Password-based Techniques” “Standard Specifications for Public Key Cryptography: Password-based Techniques” Proposed IEEE standard Proposed IEEE standard Companion to IEEE Std Companion to IEEE Std Product of P1363 Working Group Product of P1363 Working Group Open standards process Open standards process

November 1, 2001NIST Key Management Workshop3 ScopeScope Password-based public-key techniques Password-based public-key techniques Supplemental to IEEE Std Supplemental to IEEE Std Primitives, schemes, and protocols Primitives, schemes, and protocols Key agreement, plus Key agreement, plus resistance to dictionary attack resistance to dictionary attack Tolerates or safely uses low-grade secrets Tolerates or safely uses low-grade secrets passwords, password-derived keys, etc. passwords, password-derived keys, etc.

November 1, 2001NIST Key Management Workshop4 Focus of P Password-based public-key techniques Password-based public-key techniques balanced key agreement balanced key agreement augmented key agreement augmented key agreement key retrieval key retrieval Discrete log and elliptic curve families Discrete log and elliptic curve families Examples Examples AMP, AuthA, EKE, OKE, PAK, SNAPI, SPEKE, SRP,... AMP, AuthA, EKE, OKE, PAK, SNAPI, SPEKE, SRP,...

November 1, 2001NIST Key Management Workshop5 History of P Password-based submissions to P1363 Password-based submissions to P through through 2001 Work deferred to a P1363 supplement Work deferred to a P1363 supplement while Std completed while Std completed P PAR approved P PAR approved late 2000 late 2000 Latest draft Latest draft October 23, 2001 October 23, 2001

November 1, 2001NIST Key Management Workshop6 IEEE P1363 Supplements P1363a, P1363b P1363a, P1363b same goals and families as Std same goals and families as Std P1363.1: Lattice-based P1363.1: Lattice-based same goals -- different family same goals -- different family P1363.2: Password-based P1363.2: Password-based same families -- different goals same families -- different goals

November 1, 2001NIST Key Management Workshop7 Purpose of IEEE P Reference for specification of techniques Reference for specification of techniques Provide theoretic background Provide theoretic background Discuss security and implementation issues Discuss security and implementation issues Does not mandate particular techniques or security requirements Does not mandate particular techniques or security requirements

November 1, 2001NIST Key Management Workshop8 RationaleRationale People are important entities People are important entities Passwords are important for personal authentication Passwords are important for personal authentication People have trouble with high-grade keys People have trouble with high-grade keys storage -- memorizing storage -- memorizing input -- attention to detail input -- attention to detail output-- typing output-- typing Need to standardize the best password techniques Need to standardize the best password techniques

November 1, 2001NIST Key Management Workshop9 BenefitsBenefits Mutual authentication Mutual authentication Person-to-machine, person-to-person,... Person-to-machine, person-to-person,... Authenticated key agreement Authenticated key agreement Authenticated key retrieval Authenticated key retrieval Safer handling of password-derived keys Safer handling of password-derived keys

November 1, 2001NIST Key Management Workshop10 Sample sections of draft Overview Overview Definitions, Concepts, Rationale Definitions, Concepts, Rationale Types of Techniques (primitives, schemes, protocols) Types of Techniques (primitives, schemes, protocols) Methods Based on Discrete Log & Elliptic Curve Problems Methods Based on Discrete Log & Elliptic Curve Problems Password-Authenticated Key Agreement Password-Authenticated Key Agreement Password-Authenticated Key Retrieval Password-Authenticated Key Retrieval Number-Theoretic Background Number-Theoretic Background Security Considerations Security Considerations References & Bibliography References & Bibliography

November 1, 2001NIST Key Management Workshop11 Example of a PKA Scheme Password-authenticated Key Agreement Scheme (PKAS) operation for each party: Password-authenticated Key Agreement Scheme (PKAS) operation for each party: Password (  )  PEPKGP  password-entangled public key (w) Password (  )  PEPKGP  password-entangled public key (w) Send w to other party Send w to other party Get password-entangled public key (w’) from other party Get password-entangled public key (w’) from other party ,w’  SVDP  agreed value z ,w’  SVDP  agreed value z

November 1, 2001NIST Key Management Workshop12 Example of a PKA Primitive Password-entangled Public Key Generation Primitive (PEPKGP) operation: Password-entangled Public Key Generation Primitive (PEPKGP) operation: Input: Input:  n password-derived mask group element  n password-derived mask group element sprivate key sprivate key gdomain parameter gdomain parameter Compute w = (g^s) *  n Compute w = (g^s) *  n Output: w Output: w

November 1, 2001NIST Key Management Workshop13 Summary of IEEE P IEEE proposed standard -- work in progress IEEE proposed standard -- work in progress Reference for password-based public-key techniques Reference for password-based public-key techniques Solves important problems with human participants Solves important problems with human participants Fills a big gap in other standards Fills a big gap in other standards

November 1, 2001NIST Key Management Workshop14 For More Information IEEE P1363 Web site IEEE P1363 Web site publicly accessible research contributions and document submissions publicly accessible research contributions and document submissions Two mailing lists Two mailing lists general announcements list, low volume general announcements list, low volume technical discussion list, high volume technical discussion list, high volume everybody is welcome to subscribe everybody is welcome to subscribe web site contains subscription information web site contains subscription information

November 1, 2001NIST Key Management Workshop15 David Jablon Phoenix Technologies P1363 Working Group

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.