Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Security message M one-way hash fingerprint f = H(M)

Published byEmma Murphy Modified over 6 years ago

Similar presentations

Presentation on theme: "Information Security message M one-way hash fingerprint f = H(M)"— Presentation transcript:

1 Information Security message M one-way hash fingerprint f = H(M)
9/19/2018 6:46 AM Information Security message M one-way hash fingerprint f = H(M) 9/19/2018 6:46 AM Information Security

2 Outline and Reading Digital signatures One-way hash functions
Definition (§10.2.2) RSA signature and verification (§10.2.3) One-way hash functions Definition (§10.3.1) Applications (§10.3.2) Key distribution Certificates (§10.3.5) Revocation (§10.3.5) 9/19/2018 6:46 AM Information Security

3 Digital Signatures Scenario: Messages sent on papers:
Alice sends a message M to Bob Bob receives M, and wants to verify that Alice is the author of M. Messages sent on papers: Alice signs the message M and sends the handwritten signature with M to Bob. When Bob sees Alice’s autograph, he knows that M is sent by Alice. Messages sent through networks: Digital signatures Alice computes a digital signature S computed based on M and send S with M to Bob By examining S, Bob can verify that the author of M is Alice, because only Alice can compute such a S from M (in a reasonable amount of time) Two components needed for digital signature An algorithm for Alice to compute S (Alice signs the message) An algorithm for Bob to examine S (Bob reads the signature) A recently passed law in the US gives digital signatures the same validity of handwritten signatures 9/19/2018 6:46 AM Information Security

4 Digital Signatures Public-key cryptosystem
D(E(M))=M E(D(M))=M A public-key cryptosystem yields a digital signature scheme provided encrypt(KE, decrypt(KD, M)) = M Signature: Alice (author) computes S = decrypt(KD,M) using her private key KD and sends the pair (M,S) to Bob Verification: Bob (reader) computes M´ = encrypt(KE, S) using Alice’s public key KE and checks that M´ = M 9/19/2018 6:46 AM Information Security

5 RSA Digital Signature Setup: Keys: Signature: Verification: Setup:
n = pq, with p and q primes e relatively prime to f(n) = (p - 1) (q - 1) d inverse of e in Zf(n) Keys: Public key: KE = (n, e) Private key: KD = d Signature: Message M in Zn Signature S = Md mod n Verification: Check that M = Se mod n Setup: p = 5, q = 11 n = 511 = 55 f(n) = 410 = 40 e = 3 d = 27 (327 = 81 = 240 + 1) Keys: Public key: KE = (55, 3) Private key: KD = 27 Signature: M = 51 S = 5127 mod 55 = 6 Verification: S = 63 mod 55 = 216 mod 55 = 51 9/19/2018 6:46 AM Information Security

6 Certificates Public-key cryptography is based on the knowledge by each participant of the public key of the other participants If Alice wants to send a confidential message to Bob, she needs to know Bob’s public key When Alice receives an message M with digital signature S from Bob, she needs to know Bob’s public key to verify S It is complicated to securely distribute the public keys of all the participants How does Alice get Bob’s public key? Bob sends it to Alice. But how can Alice verify that the public key she receives is in fact Bob’s public key? What if Eve intercepts the communication and replaces Bob’s public key with hers? Eve can trick Alice into believing that she is Bob. (Eve impersonates Bob) Charlie is trusted by all participants. Each participants knows Charlie’s public key. Bob registers with Charlie, and Charlie sends Bob an message (Certificate) with his digital signature saying “Bob’s public key is ….” Bob sends Alice the Alice certificate that Charlie sent him Alice verifies that the certificate is sent by Charlie by checking the digital signature using Charlie’s public key 9/19/2018 6:46 AM Information Security

7 Certificates A certificate is a message of the type (name, public key) signed by a third-party Public-key infrastructure (PKI) An entity trusted by all the participants, called certification authority (CA), issues to each participant a certificate (Name, KE) that authoritatively binds the participants to their public keys Only the CA’s public key needs to be distributed securely Before sending an encrypted message to Bob or verifying a message digitally signed by Bob, Alice determines Bob’s public key KE by using Bob’s certificate (Bob, KE) 9/19/2018 6:46 AM Information Security

8 Web Server Certificates
A Web server certificate is used to authenticate the public key of a Web server Fields of a Web server certificate Serial number Hash and signature schemes (e.g., MD5 and RSA) Issuer (certification authority) Period of validity (from, to) Subject (URL and organization) Public key The SSL (secure socket layer) protocol uses Web server certificates to provide encryption and authentication in a secure Web connection (https) 9/19/2018 6:46 AM Information Security

9 Certificate Revocation
In certain circumstances, a certificate may have to be revoked before its expiration date The private key of the subject has been compromised The certificate was incorrectly issued by the CA Certificate Revocation List (CRL) Time-stamped list of all the unexpired certificates that have been revoked by the CA Periodically published and signed by the CA When presented with a certificate, one should Verify the CA’s signature on the certificate Check that the certificate has non been revoked by searching in the latest available CRL By default, Web browsers do not check the revocation status of a Web server certificate, which poses a security risk 9/19/2018 6:46 AM Information Security

Download ppt "Information Security message M one-way hash fingerprint f = H(M)"

Similar presentations

Cryptography and Network Security Chapter 14

Cryptography and Network Security Chapter 14
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Public Key Management and X.509 Certificates

Public Key Management and X.509 Certificates
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Cryptography in e-Business Guest Lecture, November 13, 2006, Olin College Steven R. Gordon Prof. of Info Tech Management Babson College.

Cryptography in e-Business Guest Lecture, November 13, 2006, Olin College Steven R. Gordon Prof. of Info Tech Management Babson College.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.

November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Chapter 5 Digital Signatures MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.

Chapter 5 Digital Signatures MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.
Digital Certificates With Chuck Easttom. Digital Signatures  Digital Signature is usually the encryption of a message or message digest with the sender's.

Digital Certificates With Chuck Easttom. Digital Signatures  Digital Signature is usually the encryption of a message or message digest with the sender's.
Digital Certificates Made Easy Sam Lutgring Director of Informational Technology Services Calhoun Intermediate School District.

Digital Certificates Made Easy Sam Lutgring Director of Informational Technology Services Calhoun Intermediate School District.
Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Network Security – Part 2 (Continued) Lecture Notes for May 8, 2006 V.T. Raja, Ph.D., Oregon State University.

Network Security – Part 2 (Continued) Lecture Notes for May 8, 2006 V.T. Raja, Ph.D., Oregon State University.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.

_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
254542 Networks Management and Security Lecture 3.

Networks Management and Security Lecture 3.
23-1 Last time □ P2P □ Security ♦ Intro ♦ Principles of cryptography.

23-1 Last time □ P2P □ Security ♦ Intro ♦ Principles of cryptography.
Network Security7-1 CIS3360: Chapter 8: Cryptography Application of Public Cryptography Cliff Zou Spring 2012 TexPoint fonts used in EMF. Read the TexPoint.

Network Security7-1 CIS3360: Chapter 8: Cryptography Application of Public Cryptography Cliff Zou Spring 2012 TexPoint fonts used in EMF. Read the TexPoint.

Similar presentations

Ads by Google