Download presentation
Presentation is loading. Please wait.
Published byThomasina Rogers Modified over 8 years ago
1
01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Encryption & Authetication Jan Pobříslo
2
01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Overview ● Dictionary ● Authenticaton – why and how? ● Large scale models ● Usage examples
3
01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Dictionary ● One way function (Hash) ● Symetric cipher ● Asymetric cipher – Private key (secret key) – Public key (certificate)
4
01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Authentication What is it for? – Man in the middle (MITM) Types of authentication: – Direct – Trusted third party Security issues: – Eavesdropping – Replay attack
5
01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Public key cryptography ● Encryption – Encrypt message with other party's public key ● Signing – Make hash of a message – Encrypt it with your private key
6
01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Public key infrastructure (X.509) ● Trusted third party (Certification Authority) ● Hierarchical ● Certificate revocation ● Used by: – SSL / TLS – S/MIME ● Certificate contains: – Public key – Identification details – Usage flags – Validity period – Signature by CA
7
01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Web of trust (PGP) ● Decentralised ● Mainly for personal use ● New keys are often not verifiable – Keysigning parties ● You have to trust all people along the chain
8
01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Kerberos ● Default authentication method for Microsoft Windows ● Authentication procedure: – client authentication server – client ticket granting server – client service server
9
01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Low level protocols ● SSL / TLS – One or two sided authentication ● IPsec – Autentication Header (AH) – Encapsulating Security Payload (ESP) ● VPN – SSL (OpenVPN) / IPsec – PPTP (Microsoft Windows)
10
01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication SSL Handshake
11
01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Summary ● Authentication is necessary when encryption is required ● Distribution of public keys is complex problem
12
01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Questions?
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.