Presentation is loading. Please wait.

Presentation is loading. Please wait.

NET 311 Information Security

Published byArthur McBride Modified over 6 years ago

Similar presentations

Presentation on theme: "NET 311 Information Security"— Presentation transcript:

1 NET 311 Information Security
Networks and Communication Department Lecture 5: Cryptographic data integrity and Digital signatures

2 lecture contents: Message Integrity Message Authentication
Message and Message Digest Secure Hash Algorithms: SHA-1 Message Authentication Message Authentication Code (MAC) Digital signiture 12-Oct-18 Networks and Communication Department

3 Introduction Message Confidentiality Message Integrity
The transmitted message must make sense to only intended receivers. Message Integrity The data must arrive at the receiver exactly as they were sent. Message Authentication Make sure of the user identity.

4 Message Confidentiality
The concept of how to achieve message confidentiality or privacy has not changed for thousands of years. The message must be encrypted at the sender site and decrypted at the receiver site. This can be done using either: symmetric-key cryptography or asymmetric-key cryptography.

5 Message Integrity Encryption and decryption provide secrecy, or confidentiality, but not integrity. However, on occasion we may not even need secrecy, but instead must have integrity. E.g. writing will Message and Message Digest Creating and Checking the Digest Hash Function Criteria Hash Algorithms: SHA-1

6 Message Integrity The electronic equivalent of the document and fingerprint pair is the message and message digest. The message digest needs to be kept secret.

7 Message Integrity

8 Crating and Checking the Digest
The message digest is created at the sender site and is sent with the message to the receiver. The receiver checks the integrity of the message.

9 Checking integrity

10 Criteria of a hash function

11 Hash function Criteria
One –way It is extremely difficult to recreate the message if the message digest is given. e.g. document/fingerprint Weak Collision Resistance By given a specific message and its digest, it is impossible to create another message with the same digest. Strong Collision Resistance If the sender creates two messages that hash to the same digest. The solution: is to deny sending the first and claim that s/he sent only the second.

12 Example#1 Can we use a conventional lossless compression method as a hashing function? Solution We cannot. A lossless compression method creates a compressed message that is reversible. You can uncompress the compressed message to get the original one.

13 Example#2 Can we use a checksum method as a hashing function? Solution
We can. A checksum function is not reversible; it meets the first criterion. However, it does not meet the other criteria.

14 Hash Algorithms: SHA-1 SHA-1 (Secure Hash Algorithm 1) is revised version of SHA designed by NIST. SHA-1 hash algorithms create an N-bit message digest out of a message of 512-bit blocks. SHA-1 has a message digest of 160 bits (5 words of 32 bits).

15 Hash Algorithms: SHA-1

16 Hash Algorithms: SHA-1 Word Expansion Processing Each Block
Before processing, the block needs to be expanded. A block of 512 bits ( 16 words of 32-bits), but we need 80 words in the processing phase Thus, the 16-word block needs to be expanded to 80 words( word0 – word79) Processing Each Block Each step mangles a word of data and a constant to create a result that is fed to the next step.

17 Hash Algorithms: SHA-1 Message digest size 160 Block size 512
Word size 32 Number of steps 80

18 Hash Algorithms: SHA-1

19 Message Authentication
The digest that created by a hash function is called a Modification Detection Code (MDC). The MDC guarantees that the message hasn’t been altered. In message authentication , we need to know that the message is coming from trusted source ( e.g. Alice not Eve) Thus, Message Authentication Code (MAC) is used for this purpose.

20 Message Authentication
While MDC is used keyless hash function, the MAC is used keyed hash function. MAC, created by Alice and checked by Bob

21 HMAC HMAC is a hashed MAC which used any standard keyless hash function such as SHA-1.

22 Digital Signature When Alice sends a message to Bob, Bob needs to check the authenticity of the sender; he needs to be sure that the message comes from Alice and not Eve. Bob can ask Alice to sign the message electronically. An electronic signature can prove the authenticity of Alice as the sender of the message Digital Signature

23 Conventional and Digital Signature
Inclusion Included in the doc. Separated in other document Verification method By comparing the signature of the doc. with a copy of signature that stored on a file. A copy of the signature is not stored anywhere. The receiver applies technique to verify the authenticity. Relationship 1:N relationship between signature and document 1:1 relationship between signature and document Duplicity The copy of the signed doc != original signed on the file There is no difference unless there is factor of time ( e.g. timestamp)

24 Digital Signature Process
The process of Digital Signature can be done in two ways: Signing the document Signing the digest of the document

25 Digital Signature Process
Signing the document Signing the message itself in digital signature

26 Digital Signature Process
In a cryptosystem, we use the private and public keys of the receiver; In digital signature, we use the private and public keys of the sender.

27 Digital Signature Process
Signing the digest of the document

28 Digital Signature Services
A digital signature provides : Message integrity Message authentication

29 References: Data Communications and Networking By Behrouz A.Forouzan . Fourth edition 12-Oct-18 Networks and Communication Department

Download ppt "NET 311 Information Security"

Similar presentations

MAC Raushan. DES simple fiestel network 3131 PlainText Blocks 2*4=8bits 31 f f =0011 xor 0011=0000 = 0 f(r,k)=(2*r+k^2)%8 f(1,5)=(2*1+5^2)%8=3 xor 3 3.

MAC Raushan. DES simple fiestel network 3131 PlainText Blocks 2*4=8bits 31 f f =0011 xor 0011=0000 = 0 f(r,k)=(2*r+k^2)%8 f(1,5)=(2*1+5^2)%8=3 xor 3 3.
Encipherment Using Modern Symmetric-Key Ciphers. 8.2 Objectives ❏ To show how modern standard ciphers, such as DES or AES, can be used to encipher long.

Encipherment Using Modern Symmetric-Key Ciphers. 8.2 Objectives ❏ To show how modern standard ciphers, such as DES or AES, can be used to encipher long.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
CSE331: Introduction to Networks and Security Lecture 21 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 21 Fall 2002.
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Cryptographic Technologies

Cryptographic Technologies
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
Cryptography and Network Security Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown/Mod. & S. Kondakci.

Cryptography and Network Security Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown/Mod. & S. Kondakci.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.

CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.
Network Security Essentials Fifth Edition by William Stallings Fifth Edition by William Stallings.

Network Security Essentials Fifth Edition by William Stallings Fifth Edition by William Stallings.
Cryptographic Security Cryptographic Mechanisms 1Mesbah Islam– Operating Systems.

Cryptographic Security Cryptographic Mechanisms 1Mesbah Islam– Operating Systems.
Digital Signature Xiaoyan Guo/102587 Xiaohang Luo/104446.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Chapter 31 Network Security

Chapter 31 Network Security
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.

1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.
Message Authentication  message authentication is concerned with: protecting the integrity of a message protecting the integrity of a message validating.

Message Authentication  message authentication is concerned with: protecting the integrity of a message protecting the integrity of a message validating.
Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester 2008-2009 ITGD 2202 University of Palestine.

Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester ITGD 2202 University of Palestine.

Similar presentations

Ads by Google