Presentation is loading. Please wait.

Presentation is loading. Please wait.

Technical Presentation AIAC 2010-2011 Group 11. System Rationale System Architecture Secure Channel Establishment Username/Password Cartão Cidadão Digital.

Published byDestiny Jacobs Modified over 10 years ago

Similar presentations

Presentation on theme: "Technical Presentation AIAC 2010-2011 Group 11. System Rationale System Architecture Secure Channel Establishment Username/Password Cartão Cidadão Digital."— Presentation transcript:

1 Technical Presentation AIAC 2010-2011 Group 11

2 System Rationale System Architecture Secure Channel Establishment Username/Password Cartão Cidadão Digital Certificate Secure Functionalities Competence Verification Document Signature and Validation System Security Analysis AIAC 2010-2011 Group 12

3 Client asked for a system who was able to: Verify a title or competency of a subject; Digitally Sign a document with a given Competency of a subject. All the communication and processes performed in a secure fashion CERTCOP was developed to address these (and more…) requisites AIAC 2010-2011 Group 13

4 4

5 5 3 Modes Used: Username/Password Cartão Cidadão Digital Certificates Used with a slight modification in Web Server All modes based on EKE (Encrypted Key Exchange) At the end each entity has: Public/Private Key; Symmetric Session Key; Mutual Authentication Guarantees.

6 AIAC 2010-2011 Group 16

7 7

8 8

9 9 One signature is generated for every message Provides Integrity, Freshness and Non-Repudiation The original message, along with the Signature, is ciphered with the Symmetric Session Key Providing Confidentiality and Authentication

10 AIAC 2010-2011 Group 110 Competence Verification Document Signature and Validation

11 AIAC 2010-2011 Group 111

12 AIAC 2010-2011 Group 112

13 AIAC 2010-2011 Group 113 To each signed document is generated the following signature: If the Document has a higher priority it is stored and verified by another system VERICOP This additional service can be billed at a higher price

14 AIAC 2010-2011 Group 114 State of the art cryptographic algorithms and protocols used: AES (with 128 bits key and 10 encryption rounds) SHA-2 (256 bits) RSA (with 2048 bits key for certificate, 1024 for the transient key pairs) Adapted EKE Protocol Quite few practical attacks reported on those algorithms

15 AIAC 2010-2011 Group 115 System Security is an important issue: Database Servers Isolation Credentials Management Firewall Configuration Users and Administrators security awareness is vital to the Security Neither Users nor Administrators should ever release their passwords to anybody

16 AIAC 2010-2011 Group 116 Web Interface will be available in a future release; System design based on state of the art security technologies Great overall System Security Level Special care must be taken to the maintenance and operation procedures of the system

Download ppt "Technical Presentation AIAC 2010-2011 Group 11. System Rationale System Architecture Secure Channel Establishment Username/Password Cartão Cidadão Digital."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
PKI Introduction Ravi Sandhu 2 © Ravi Sandhu 2002 CRYPTOGRAPHIC TECHNOLOGY PROS AND CONS SECRET KEY SYMMETRIC KEY Faster Not scalable No digital signatures.

PKI Introduction Ravi Sandhu 2 © Ravi Sandhu 2002 CRYPTOGRAPHIC TECHNOLOGY PROS AND CONS SECRET KEY SYMMETRIC KEY Faster Not scalable No digital signatures.
Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
Confidential 1 Phoenix Security Architecture and DevID July 2005 Karen Zelenko Phoenix Technologies.

Confidential 1 Phoenix Security Architecture and DevID July 2005 Karen Zelenko Phoenix Technologies.
L8. Reviews Rocky K. C. Chang, May 2011. Foci of this course 2 Rocky K. C. Chang  Understand the 3 fundamental cryptographic functions and how they are.

L8. Reviews Rocky K. C. Chang, May Foci of this course 2 Rocky K. C. Chang  Understand the 3 fundamental cryptographic functions and how they are.
Off-the-Record Communication, or, Why Not To Use PGP

Off-the-Record Communication, or, Why Not To Use PGP
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
MAC Raushan. DES simple fiestel network 3131 PlainText Blocks 2*4=8bits 31 f f =0011 xor 0011=0000 = 0 f(r,k)=(2*r+k^2)%8 f(1,5)=(2*1+5^2)%8=3 xor 3 3.

MAC Raushan. DES simple fiestel network 3131 PlainText Blocks 2*4=8bits 31 f f =0011 xor 0011=0000 = 0 f(r,k)=(2*r+k^2)%8 f(1,5)=(2*1+5^2)%8=3 xor 3 3.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Cryptography Basic (cont)

Cryptography Basic (cont)
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Similar presentations

Ads by Google