Chapt. 10 – Key Management Dr. Wayne Summers Department of Computer Science Columbus State University

Slides:

Advertisements

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Advertisements

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.

Chapter 11: Cryptography

Csci5233 Computer Security1 Bishop: Chapter 10 (Cont.) Key Management: Certificates.

Information Security & Cryptographic Principles. Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Pretty Good Privacy (PGP). How PGP works PGP uses both public-key cryptography and symmetric key cryptography, and includes a system which binds the public.

Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.

Computer Security Key Management

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

CSCI283 Fall 2005 GWU All slides from Bishop’s slide set Public Key Infrastructure (PKI)

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Apr 9, 2002Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication The second assignment.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Cryptographic Technologies

1 Digital Signatures CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 12, 2004.

Chapter 9: Key Management

Applied Cryptography for Network Security

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Slide #9-1 Chapter 9: Key Management Session and Interchange Keys Key Exchange Cryptographic Key Infrastructure Storing and Revoking Keys Digital Signatures.

Computer Science Public Key Management Lecture 5.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/

Csci5233 Computer Security1 Bishop: Chapter 10 Key Management: Digital Signature.

Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY

Csci5233 Computer Security1 Bishop: Chapter 10 (Cont.) Key Management: Storage & Revoking.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.

Cryptography, Authentication and Digital Signatures

E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.

Códigos y Criptografía Francisco Rodríguez Henríquez Security Attacks: Active and Passive Active Masquerade (impersonation) Replay Modification of message.

1 Chapter 9: Key Management All algorithms we have introduced are based on one assumption: keys have been distributed. But how to do that? Key generation,

Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.

Cryptography and Network Security (CS435) Part Eight (Key Management)

Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

Csci5233 computer security & integrity 1 Cryptography: an overview.

Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.

Security Using PGP - Prajakta Bahekar. Importance of Security is one of the most widely used network service on Computer Currently .

Security fundamentals Topic 5 Using a Public Key Infrastructure.

1 Thuy, Le Huu | Pentalog VN Web Services Security.

Chapter 14: Representing Identity Dr. Wayne Summers Department of Computer Science Columbus State University

Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy

7.6 Secure Network Security / G.Steffen1. In This Section Threats to Protection List Overview of Encrypted Processing Example.

Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.

Mar 28, 2003Mårten Trolin1 This lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.

Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.

1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.

CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.

Key management issues in PGP

Chapter 9. Key management

Basics of Cryptography

Key Management Session and Interchange Key Key Exchange

S/MIME T ANANDHAN.

IS3230 Access Security Unit 9 PKI and Encryption

Ch. 11 – Cipher Techniques Dr. Wayne Summers

Security at the Application Layer: PGP and S/MIME

Chapt. 10 – Key Management Dr. Wayne Summers

Bishop: Chapter 10 Key Management: Digital Signature

Public-Key, Digital Signatures, Management, Security

Presentation transcript:

Chapt. 10 – Key Management Dr. Wayne Summers Department of Computer Science Columbus State University

Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and the generation, maintenance, and revoking of such keys  Solves problem of propagating authentication  Interchange key – cryptographic key associated with a principal to a communication  Session key - cryptographic key associated with the communication

Key Exchange  Goal is two allow two parties to communicate secretly using a shared cryptographic key 1.Key cannot be transmitted in the clear (must be encipher when sent or derived without an exchange of data used to derive the key) 2.Sender and receiver may decide to trust a third party 3.Cryptosystems and protocols are publicly known. The only secret data is the keys involved.

Cryptographic Key Infrastructures  Certificate- token that binds an identity to a cryptographic key  X.509: Directory Authentication Framework – defines certificate formats and certification validation (see Bishop pg. 257 for details)  Certification authority (CA) – entity that issues certificates  PGP (Pretty Good Privacy) – enchipherment program widely used to provide privacy for electronic mail (see Bishop pg. 259 for details)

Storing and Revoking Keys  If stored in a file, easy to compromise, even if enchiphered  Store on one or more smart cards (ROM)  Key escrow system – system where a third party can recover a cryptographic key –Should not depend on encipherment algorithm –Privacy protections must work throughout, including the user interface –Requirements (legal/business) must map to the key exchange protocol –All parties must authenticate themselves –System must ensure that keys are valid while message is observable

Digital Signatures  Digital signatures – authenticates both the origin and content of a message  Uses public key cryptography  Provides nonrepudiation  RSA Digital Signature (some problems)  El Gamal Digital Signature (similar to Diffie- Hellman)