Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cryptographic Security CS5204 – Operating Systems1.

Published byGary Gilbert Modified over 9 years ago

Similar presentations

Presentation on theme: "Cryptographic Security CS5204 – Operating Systems1."— Presentation transcript:

1 Cryptographic Security CS5204 – Operating Systems1

2 Cryptographic Security CS 5204 – Operating Systems2 Security Considerations Goals : privacy/confidentiality - information not disclosed to unauthorized entities integrity - information not altered deliberately or accidentally authentication - validation of identity of source of information non-repudiation - source of information can be objectively established Factors : reliance on unknown, vulnerable intermediaries (e.g., Internet routers) parties may have no personal or organizational relationship (e.g., e-commerce) use of automated surrogates (e.g., agents) Threats: replay of messages interference (inserting bogus messages) corrupting messages

3 Cryptographic Security CS 5204 – Operating Systems3 Cryptography Encryption key Decryption key public information E CA M D C M’ KeKe M KdKd Forms of attack: ciphertext­only known­plaintext chosen­plaintext

4 Cryptographic Security CS 5204 – Operating Systems4 Forms of Cryptosystems Private Key (symmetric) : A single key is used for both encryption and decryption. Key distribution problem ­ a secure channel is needed to transmit the key before secure communication can take place over an unsecure channel. Public Key (asymmetric): The encryption procedure (key) is public while the decryption procedure (key) is private. Requirements: 1. For every message M, D(E(M)) = M 2. E and D can be efficiently applied to M 3. It is impractical to derive D from E.

5 Cryptographic Security CS 5204 – Operating Systems5 Combining Public/Private Key Systems (1) (2) A B Public key encryption is more expensive than symmetric key encryption For efficiency, combine the two approaches (1)Use public key encryption for authentication; once authenticated, transfer a shared secret symmetric key (2) Use symmetric key for encrypting subsequent data transmissions

6 Cryptographic Security CS 5204 – Operating Systems6 Secure Communication - Public Key System M M ? User X User Y User Z D Y (C) E Y (M) C E Y is the public key for user Y D Y is the secret key for user Y

7 Cryptographic Security CS 5204 – Operating Systems7 Rivest­Shamir­Adelman (RSA) Method M M User X User Y M e mod n C d mod n Encryption Key for user YDecryption Key for user Y C (e, n) (d, n)

8 Cryptographic Security CS 5204 – Operating Systems8 RSA Method 1. Choose two large (100 digit) prime numbers, p and q,and set n = p x q 2. Choose any large integer, d, so that: GCD( d, ((p­1)x(q­1)) = 1 3. Find e so that: e x d = 1 (modulo (p­1)x(q­1)) Example: 1. p = 5, q = 11 and n = 55. (p­1)x(q­1) = 4 x 10 = 40 2. A valid d is 23 since GCD(40, 23) = 1 3. Then e = 7 since: 23 x 7 = 161 modulo 40 = 1

9 Cryptographic Security CS 5204 – Operating Systems9 (Large) Document Integrity File/ message hash process digest Digest properties: fixed-length, condensation of the source efficient to compute irreversible - computationally infeasible for the original source to be reconstructed from the digest unique - difficult to find two different sources that map to the same digest (collision resistance) Also know as: fingerprint Examples: MD5 (128 bits), SHA-1 (160 bits)

10 Cryptographic Security CS 5204 – Operating Systems10 (Large)Document Integrity file hash process digest file encrypt with sender’s private key digital envelope

11 Cryptographic Security CS 5204 – Operating Systems11 Guaranteeing Integrity hash process file digest decrypt with sender’s public key file digital envelope digest compare

12 Cryptographic Security CS 5204 – Operating Systems12 Digital Signatures (Public Key) Requirements: unforgable and unique receiver: knows that a message came from the sender (authenticity) sender: cannot deny authorship( non-repudiation) message integrity sender & receiver: message contents preserved (integrity) (e.g., cannot cut­and­paste a signature into a message) Public Key System: sender, A: (E A : public, D A : private) receiver, B: (E B : public, D B : private) sender(A) ­­­­ C= E B (D A (M)) ­­­> receiver(B) receiver(B) ­­ M = E A (D B (C)) ­­­> M

13 Cryptographic Security CS 5204 – Operating Systems13 Secure Communication (Public Key) B A Handshaking I A, I B are “nonces” nonces can be included in each subsequent message PKB: public key of B; PKA: public key of A; E PKA (I A, I B ) E PKB, (I A, A) E PKB (I B )

Download ppt "Cryptographic Security CS5204 – Operating Systems1."

Similar presentations

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.

Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
Cryptographic Security Presented by: Josh Baker October 9 th, 2012 1CS5204 – Operating Systems.

Cryptographic Security Presented by: Josh Baker October 9 th, CS5204 – Operating Systems.
Asymmetric-Key Cryptography

Asymmetric-Key Cryptography
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,

Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
8.1 Learning Objectives To become familiar with the range of security threats faced by networked and distributed systems (DSs); To examine various cryptographic.

8.1 Learning Objectives To become familiar with the range of security threats faced by networked and distributed systems (DSs); To examine various cryptographic.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.

ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.

How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.

1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.

CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.

Similar presentations

Ads by Google