Presentation is loading. Please wait.

Presentation is loading. Please wait.

01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101.

Published byThomasina Rogers Modified over 8 years ago

Similar presentations

Presentation on theme: "01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101."— Presentation transcript:

1 01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Encryption & Authetication Jan Pobříslo

2 01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Overview ● Dictionary ● Authenticaton – why and how? ● Large scale models ● Usage examples

3 01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Dictionary ● One way function (Hash) ● Symetric cipher ● Asymetric cipher – Private key (secret key) – Public key (certificate)

4 01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Authentication What is it for? – Man in the middle (MITM) Types of authentication: – Direct – Trusted third party Security issues: – Eavesdropping – Replay attack

5 01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Public key cryptography ● Encryption – Encrypt message with other party's public key ● Signing – Make hash of a message – Encrypt it with your private key

6 01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Public key infrastructure (X.509) ● Trusted third party (Certification Authority) ● Hierarchical ● Certificate revocation ● Used by: – SSL / TLS – S/MIME ● Certificate contains: – Public key – Identification details – Usage flags – Validity period – Signature by CA

7 01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Web of trust (PGP) ● Decentralised ● Mainly for personal use ● New keys are often not verifiable – Keysigning parties ● You have to trust all people along the chain

8 01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Kerberos ● Default authentication method for Microsoft Windows ● Authentication procedure: – client authentication server – client ticket granting server – client service server

9 01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Low level protocols ● SSL / TLS – One or two sided authentication ● IPsec – Autentication Header (AH) – Encapsulating Security Payload (ESP) ● VPN – SSL (OpenVPN) / IPsec – PPTP (Microsoft Windows)

10 01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication SSL Handshake

11 01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Summary ● Authentication is necessary when encryption is required ● Distribution of public keys is complex problem

12 01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101 Jan Pobříslo – encryption & authentication Questions?

Download ppt "01101111 01101101 00100000 01101101 01100001 01101110 01101001 00100000 01110000 01100001 01100100 01101101 01100101 00100000 01101000 01110101 01101101."

Similar presentations

Authentication Applications Kerberos And X.509. Kerberos Motivation –Secure against eavesdropping –Reliable – distributed architecture –Transparent –

Authentication Applications Kerberos And X.509. Kerberos Motivation –Secure against eavesdropping –Reliable – distributed architecture –Transparent –
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Introduction to PKI, Certificates & Public Key Cryptography Erwan Lemonnier.

Introduction to PKI, Certificates & Public Key Cryptography Erwan Lemonnier.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography.
Introduction to Cryptography

Introduction to Cryptography
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Topic 11: Key Distribution and Agreement 1 Information Security CS 526 Topic 11: Key Distribution & Agreement, Secure Communication.

Topic 11: Key Distribution and Agreement 1 Information Security CS 526 Topic 11: Key Distribution & Agreement, Secure Communication.
Lecture 12 e-mail Security. Summary  PEM  secure email  PGP  S/MIME.

Lecture 12 Security. Summary  PEM  secure  PGP  S/MIME.
Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 23 Virtual Private Networks (VPNs)

Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 23 Virtual Private Networks (VPNs)
Protocol Basics. IPSec Provides two modes of protection –Tunnel Mode –Transport Mode Authentication and Integrity Confidentiality Replay Protection.

Protocol Basics. IPSec Provides two modes of protection –Tunnel Mode –Transport Mode Authentication and Integrity Confidentiality Replay Protection.
Computer Networks NYUS FCSIT Spring 2008 Milos STOLIC, Bs.C. Teaching Assistant

Computer Networks NYUS FCSIT Spring 2008 Milos STOLIC, Bs.C. Teaching Assistant
Network Security. An Introduction to Cryptography The encryption model (for a symmetric-key cipher).

Network Security. An Introduction to Cryptography The encryption model (for a symmetric-key cipher).
SYSTEM ADMINISTRATION Chapter 13 Security Protocols.

SYSTEM ADMINISTRATION Chapter 13 Security Protocols.

Similar presentations

Ads by Google