Presentation is loading. Please wait.

Presentation is loading. Please wait.

Fundamental Concepts in Security and its Application Cloud Computing

Published byBethany Hardy Modified over 6 years ago

Similar presentations

Presentation on theme: "Fundamental Concepts in Security and its Application Cloud Computing"— Presentation transcript:

1 Fundamental Concepts in Security and its Application Cloud Computing

2 Basics of Cryptography
Relationship between the plaintext and the ciphertext

3 Secret-Key Cryptography
Monoalphabetic substitution each letter replaced by different letter Given the encryption key, easy to find decryption key Secret-key crypto called symmetric-key crypto Issues: key distribution; only as safe as the key

4 Public-Key Cryptography
Directly address the issues with symmetric keys All users pick a public key/private key pair publish the public key private key not published Public key is the encryption key private key is the decryption key

5 RSA (Rivest, Shamir, Adelman) Encryption
To find a key pair e, d: 1. Choose two large prime numbers, P and Q (each greater than 10100), and form: N = P x Q Z = (P–1) x (Q–1) 2. For d choose any number that is relatively prime with Z (that is, such that d has no common factors with Z). We illustrate the computations involved using small integer values for P and Q: P = 13, Q = 17 –> N = 221, Z = 192 d = 5 3. To find e solve the equation: e x d = 1 mod Z That is, e x d is the smallest element divisible by d in the series Z+1, 2Z+1, 3Z+1, ... . e x d = 1 mod = 1, 193, 385, ... 385 is divisible by d e = 385/5 = 77

6 RSA Encryption (contd.)
To encrypt text using the RSA method, the plaintext is divided into equal blocks of length k bits where 2k < N (that is, such that the numerical value of a block is always less than N; in practical applications, k is usually in the range 512 to 1024). k = 7, since 27 = 128 The function for encrypting a single block of plaintext M is: (N = P X Q = 13X17 = 221), e = 77, d = 5: E'(e,N,M) = Me mod N for a message M, the ciphertext is M77 mod 221 The function for decrypting a block of encrypted text c to produce the original plaintext block is: D'(d,N,c) = cd mod N The two parameters e,N can be regarded as a key for the encryption function, and similarly d,N represent a key for the decryption function. So we can write Ke = <e,N> and Kd = <d,N>, and we get the encryption function: E(Ke, M) ={M}K (the notation here indicating that the encrypted message can be decrypted only by the holder of the private key Kd) and D(Kd, ={M}K ) = M. <e,N> - public key, d – private key for a station

7 Application of RSA Lets say a person in Atlanta wants to send a message M to a person in Buffalo: Atlanta encrypts message using Buffalo’s public key B  E(M,B) Only Buffalo can read it using it private key b: E(b, E(M,B))  M In other words for any public/private key pair determined as previously shown, the encrypting function holds two properties: E(p, E(M,P))  M E(P, E(M,p))  M

8 How can you authenticate “sender”?
In real life you will use signatures: we will look at concept of digital signatures next. Instead of sending just a simple message, Atlanta will send a signed message signed by Atlanta’s private key: E(B,E(M,a)) Buffalo will first decrypt using its private key and use Atlanta’s public key to decrypt the signed message: E(b, E(B,E(M,a))  E(M,a) E(A,E(M,a))  M

9 SSH protocol ssh (SSH client) is a program for logging into a remote machine and for executing commands on a remote machine. Provides secure encrypted communications between two untrusted hosts over an insecure network. X11 connections , arbitrary TCP/IP ports and SFTP can also be forwarded over the secure channel.

10 SSH with RSA ssh supports RSA based authentication (SHA-1, SHA-2). The scheme is based on public-key cryptography: there are cryptosystems where encryption and decryption are done using separate keys, and it is not possible to derive the decryption key from the encryption key. RSA is one such system. The idea is that each user creates a public/private key pair for authentication purposes.

11 SSH (contd.) The server knows the public key, and only the user knows the private key. The file $HOME/.ssh/authorized_keys lists the public keys that are permitted for logging in. When the user logs in, the ssh program tells the server which keypair it would like to use for authentication. The server checks if this key is permitted, and if so, sends the user (actually the ssh program running on behalf of the user) a challenge, a random number, encrypted by the user's public key. The challenge can only be decrypted using the proper private key. The user's client then decrypts the challenge using the private key, proving that he/she knows the private key but without disclosing it to the server.

12 More uses of SSH Password-less access:
The user creates his/her RSA key pair by running ssh-keygen. This stores the private key in $HOME/.ssh/identity and the public key in $HOME/.ssh/identity.pub in the user's home directory. The user should then copy the identity.pub to $HOME/.ssh/authorized_keys in his/her home directory on the remote machine (the authorized_keys file corresponds to the conventional $HOME/.rhosts file, and has one key per line, though the lines can be very long). After this, the user can log in without giving the password.

13 Why are we interested in PKI?
PKI : public key infrastructure Of course, this is the way we can automate authentication (of programs running on users’ behalf) into remote system. Lets look at amazon aws , ec2, and other systems as examples.

Download ppt "Fundamental Concepts in Security and its Application Cloud Computing"

Similar presentations

Module XXI Cryptography

Module XXI Cryptography
1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.

1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.
Security Chapters 14,15. The Security Environment Threats Security goals and threats.

Security Chapters 14,15. The Security Environment Threats Security goals and threats.
CC3.12 Erdal KOSE Privacy & Digital Security Encryption.

CC3.12 Erdal KOSE Privacy & Digital Security Encryption.
Security Chapters 14,15. The Security Environment Threats Security goals and threats.

Security Chapters 14,15. The Security Environment Threats Security goals and threats.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Public Key Crytography1 From: Introduction to Algorithms Cormen, Leiserson and Rivest.

Public Key Crytography1 From: Introduction to Algorithms Cormen, Leiserson and Rivest.
Security Chapter 9 9.1 The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from.

Security Chapter The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from.
Security Chapter 9 9.1 The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from.

Security Chapter The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from.
Public Key Cryptography

Public Key Cryptography
Cryptography April 20, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Dr.Saleem Al_Zoubi1 Cryptography and Network Security Third Edition by William Stallings Public Key Cryptography and RSA.

Dr.Saleem Al_Zoubi1 Cryptography and Network Security Third Edition by William Stallings Public Key Cryptography and RSA.
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.

8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
BR1 Protection and Security B. Ramamurthy Chapters 18 and 19.

BR1 Protection and Security B. Ramamurthy Chapters 18 and 19.
Introduction to Public Key Cryptography

Introduction to Public Key Cryptography
Public Key Model 8. Cryptography part 2.

Public Key Model 8. Cryptography part 2.
 Introduction  Requirements for RSA  Ingredients for RSA  RSA Algorithm  RSA Example  Problems on RSA.

 Introduction  Requirements for RSA  Ingredients for RSA  RSA Algorithm  RSA Example  Problems on RSA.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.

_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
9/21/2015B.Ramamurthy1 Security Chapter 7. 9/21/2015B.Ramamurthy2 Introduction What is the security model of your system? There are many issues: 1. Security.

9/21/2015B.Ramamurthy1 Security Chapter 7. 9/21/2015B.Ramamurthy2 Introduction What is the security model of your system? There are many issues: 1. Security.
Public-Key Cryptography CS110 Fall 2002. Conventional Encryption.

Public-Key Cryptography CS110 Fall Conventional Encryption.

Similar presentations

Ads by Google