Presentation is loading. Please wait.

Presentation is loading. Please wait.

Message Security, User Authentication, and Key Management

Published byZoe Fisher Modified over 5 years ago

Similar presentations

Presentation on theme: "Message Security, User Authentication, and Key Management"— Presentation transcript:

1 Message Security, User Authentication, and Key Management
Chapter 30 Message Security, User Authentication, and Key Management

2 Message Security Privacy Authentication Integrity Nonrepudiation

3 Figure 30.1 Message security

4 Figure 30.2 Privacy using symmetric-key encryption

5 Figure 30.3 Privacy using public-key encryption

6 Digital Signature Signing the Whole Document Signing the Digest

7 Figure 30.4 Signing the whole document

8 Note: Digital signature does not provide privacy. If there is a need for privacy, another layer of encryption/decryption must be applied.

9 Figure 30.5 Signing the digest

10 Figure Sender site

11 Figure Receiver site

12 User Authentication With Symmetric Key With Public Key

13 Figure 30.8 Using a symmetric key only

14 Figure Using a nonce

15 Figure 30.10 Bidirectional authentication

16 30.4 Key Management Symmetric-Key Distribution
Public-Key Certification

17 Note: A symmetric key between two parties is useful if it is used only once; it must be created for one session and destroyed when the session is over.

18 Figure 30.11 Diffie-Hellman method

19 Note: The symmetric (shared) key in the Diffie-Hellman protocol is K = Gxy mod N.

20 Example 2 Assume G = 7 and N = 23. The steps are as follows:
1. Alice chooses x = 3 and calculates R1 = 73 mod 23 = 21. 2. Alice sends the number 21 to Bob. 3. Bob chooses y = 6 and calculates R2 = 76 mod 23 = 4. 4. Bob sends the number 4 to Alice. 5. Alice calculates the symmetric key K = 43 mod 23 = 18. 6. Bob calculates the symmetric key K = 216 mod 23 = 18. The value of K is the same for both Alice and Bob; Gxy mod N = 718 mod 23 = 18.

21 Figure 30.12 Man-in-the-middle attack

22 Figure 30.13 First approach using KDC

23 Figure 30.14 Needham-Schroeder protocol

24 Figure 30.15 Otway-Rees protocol

25 Note: In public-key cryptography, everyone has access to everyone’s public key.

26 Table 30.1 X.500 fields Field Explanation Version
Version number of X.509 Serial number The unique identifier used by the CA Signature The certificate signature Issuer The name of the CA defined by X.509 Validity period Start and end period that certificate is valid Subject name The entity whose public key is being certified Public key The subject public key and the algorithms that use it

27 Figure PKI hierarchy

28 30.5 Kerberos Servers Operation Using Different Servers Version 5
Realms

29 Figure 30.17 Kerberos servers

30 Figure 30.18 Kerberos example

Download ppt "Message Security, User Authentication, and Key Management"

Similar presentations

The Diffie-Hellman Algorithm

The Diffie-Hellman Algorithm
Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.

1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.
Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
PIS: Unit III Digital Signature & Authentication Sanjay Rawat PIS Unit 3 Digital Sign Auth Sanjay Rawat1 Based on the slides of Lawrie.

PIS: Unit III Digital Signature & Authentication Sanjay Rawat PIS Unit 3 Digital Sign Auth Sanjay Rawat1 Based on the slides of Lawrie.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.

 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.
1 Key Establishment Symmetric key problem: How do two entities establish shared secret key in the first place? Solutions: Deffie-Hellman trusted key distribution.

1 Key Establishment Symmetric key problem: How do two entities establish shared secret key in the first place? Solutions: Deffie-Hellman trusted key distribution.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 30 Message Security, User Authentication, and Key Management.

McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 30 Message Security, User Authentication, and Key Management.
1 Key Establishment Symmetric key problem: How do two entities establish shared secret key over network? Solution: trusted key distribution center (KDC)

1 Key Establishment Symmetric key problem: How do two entities establish shared secret key over network? Solution: trusted key distribution center (KDC)
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Computer Science Public Key Management Lecture 5.

Computer Science Public Key Management Lecture 5.
Chapter 31 Network Security

Chapter 31 Network Security
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.

_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.

Similar presentations

Ads by Google