Presentation is loading. Please wait.

Presentation is loading. Please wait.

Message Digest Cryptographic checksum One-way function Relevance

Published byDarren Arnold Modified over 5 years ago

Similar presentations

Presentation on theme: "Message Digest Cryptographic checksum One-way function Relevance"— Presentation transcript:

1 Message Digest Cryptographic checksum One-way function Relevance
just as a regular checksum protects the receiver from accidental changes to the message, a cryptographic checksum protects the receiver from malicious changes to the message. One-way function given a cryptographic checksum for a message, it is virtually impossible to figure out what message produced that checksum; it is not computationally feasible to find two messages that hash to the same cryptographic checksum. Relevance if you are given a checksum for a message and you are able to compute exactly the same checksum for that message, then it is highly likely this message produced the checksum you were given. 17-Nov-18 4/598N: Computer Networks

2 Identification verification process
Authentication Identification verification process E.g. kerberos certificates, digital certificates, smart cards Used to grant resources to authorized users 17-Nov-18 4/598N: Computer Networks

3 Authentication Protocols
Three-way handshake 17-Nov-18 4/598N: Computer Networks

4 Trusted third party (Kerberos)
, B A E (( T , L , K E , B (( T ), , K L , ), K , A A ), K ) B E (( A , E T (( ), T , K L ), , K , A ), K ) B K ) + 1, T E ( 17-Nov-18 4/598N: Computer Networks

5 Public key authentication
17-Nov-18 4/598N: Computer Networks

6 Message Integrity Protocols
Digital signature using RSA special case of a message integrity where the code can only have been generated by one participant compute signature with private key and verify with public key Keyed MD5 sender: m + MD5(m + k) + E(k, private) receiver recovers random key using the sender’s public key applies MD5 to the concatenation of this random key message MD5 with RSA signature sender: m + E(MD5(m), private) decrypts signature with sender’s public key compares result with MD5 checksum sent with message 17-Nov-18 4/598N: Computer Networks

7 Certified Authority (CA)
Key Distribution Certificate special type of digitally signed document: “I certify that the public key in this document belongs to the entity named in this document, signed X.” the name of the entity being certified the public key of the entity the name of the certified authority a digital signature Certified Authority (CA) administrative entity that issues certificates useful only to someone that already holds the CA’s public key. 17-Nov-18 4/598N: Computer Networks

8 Key Distribution (cont)
Chain of Trust if X certifies that a certain public key belongs to Y, and Y certifies that another public key belongs to Z, then there exists a chain of certificates from X to Z someone that wants to verify Z’s public key has to know X’s public key and follow the chain Certificate Revocation List 17-Nov-18 4/598N: Computer Networks

9 Common technology - firewalls
Firewalls are used to restrict the kinds of network traffic in/out of companies Application level proxies Packet level firewalls Does not prevent end-to-end security violations People sometimes list of internal computer users outside firewall to scrupulous “researchers” s viruses exploit certain vulnerabilities in VBS to get around firewalls 17-Nov-18 4/598N: Computer Networks

10 Filter-Based Solution
Firewalls Filter-Based Solution example ( , 1234, , 80 ) (*,*, , 80 ) default: forward or not forward? how dynamic? Rest of the Internet Local site Firewall 17-Nov-18 4/598N: Computer Networks

11 Proxy-Based Firewalls
Problem: complex policy Example: web server Solution: proxy Design: transparent vs. classical Limitations: attacks from within Company net Firewall W eb server Random external user Remote company Internet External client External HTTP/TCP connection Proxy Firewall Internal HTTP/TCP connection Local server 17-Nov-18 4/598N: Computer Networks

Download ppt "Message Digest Cryptographic checksum One-way function Relevance"

Similar presentations

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
1 Digital Signatures CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 12, 2004.

1 Digital Signatures CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 12, 2004.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
1 Enabling Secure Internet Access with ISA Server.

1 Enabling Secure Internet Access with ISA Server.
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues1 Lecture 9: E-commerce & Business r E-Commerce r Security Issues m Secure.

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues1 Lecture 9: E-commerce & Business r E-Commerce r Security Issues m Secure.
CSE 30264 Computer Networks Prof. Aaron Striegel Department of Computer Science & Engineering University of Notre Dame Lecture 23 – April 6, 2010.

CSE Computer Networks Prof. Aaron Striegel Department of Computer Science & Engineering University of Notre Dame Lecture 23 – April 6, 2010.
5-Sep-154/598N: Computer Networks Recap UDP: IP with port abstraction TCP: Reliable, in order, at most once semantics –Sliding Windows –Flow control: ensure.

5-Sep-154/598N: Computer Networks Recap UDP: IP with port abstraction TCP: Reliable, in order, at most once semantics –Sliding Windows –Flow control: ensure.
Web Server Administration Chapter 10 Securing the Web Environment.

Web Server Administration Chapter 10 Securing the Web Environment.
Network Security. Cryptography Cryptography functions Secret key (e.g., DES) Public key (e.g., RSA) Message digest (e.g., MD5) Security services Privacy:

Network Security. Cryptography Cryptography functions Secret key (e.g., DES) Public key (e.g., RSA) Message digest (e.g., MD5) Security services Privacy:
Security Keys, Signatures, Encryption. Slides by Jyrki Nummenmaa ‘

Security Keys, Signatures, Encryption. Slides by Jyrki Nummenmaa ‘
Mar 13, 2001CSCI {4,6}900: Ubiquitous Computing1 Announcements HW 4 due Thursday – 11:00 AM If you have any questions regarding HW3, Project Proposal and.

Mar 13, 2001CSCI {4,6}900: Ubiquitous Computing1 Announcements HW 4 due Thursday – 11:00 AM If you have any questions regarding HW3, Project Proposal and.

Similar presentations

Ads by Google