Presentation is loading. Please wait.

Presentation is loading. Please wait.

01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101.

Similar presentations


Presentation on theme: "01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101."— Presentation transcript:

1 01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Encryption & Authetication Jan Pobříslo

2 01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Overview ● Dictionary ● Authenticaton – why and how? ● Large scale models ● Usage examples

3 01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Dictionary ● One way function (Hash) ● Symetric cipher ● Asymetric cipher – Private key (secret key) – Public key (certificate)

4 01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Authentication What is it for? – Man in the middle (MITM) Types of authentication: – Direct – Trusted third party Security issues: – Eavesdropping – Replay attack

5 01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Public key cryptography ● Encryption – Encrypt message with other party's public key ● Signing – Make hash of a message – Encrypt it with your private key

6 01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Public key infrastructure (X.509) ● Trusted third party (Certification Authority) ● Hierarchical ● Certificate revocation ● Used by: – SSL / TLS – S/MIME ● Certificate contains: – Public key – Identification details – Usage flags – Validity period – Signature by CA

7 01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Web of trust (PGP) ● Decentralised ● Mainly for personal use ● New keys are often not verifiable – Keysigning parties ● You have to trust all people along the chain

8 01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Kerberos ● Default authentication method for Microsoft Windows ● Authentication procedure: – client authentication server – client ticket granting server – client service server

9 01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Low level protocols ● SSL / TLS – One or two sided authentication ● IPsec – Autentication Header (AH) – Encapsulating Security Payload (ESP) ● VPN – SSL (OpenVPN) / IPsec – PPTP (Microsoft Windows)

10 01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication SSL Handshake

11 01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Summary ● Authentication is necessary when encryption is required ● Distribution of public keys is complex problem

12 01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Questions?


Download ppt "01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101."

Similar presentations


Ads by Google