Presentation is loading. Please wait.

Presentation is loading. Please wait.

Real-Time Authentication Using Digital Signature Schema Marissa Hollingsworth BOISECRYPT ‘09.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Real-Time Authentication Using Digital Signature Schema Marissa Hollingsworth BOISECRYPT ‘09."— Presentation transcript:

1 Real-Time Authentication Using Digital Signature Schema Marissa Hollingsworth BOISECRYPT ‘09

2 Overview Introduction Methodology Protocol and Implementation Demonstration Conclusion Future Work

3 INTRODUCTION

4 Project Overview RSA Secure File Transfer Server ◦ Verifies user and sends files across network RSA Client ◦ Connects to server and requests files Authentication ◦ Server authenticates client using RSA algorithms Data Transfer ◦ Server encrypts and client decrypts using RSA algorithms

5 Motivation High demand for secure data transactions over networks Online banking, email, instant messaging, online shopping, etc. Constant improvements in security is required as internet traffic increases

6 Application Objectives Secure Reliable User-Friendly Robust

7 METHODOLOGY Client-Server Architecture and RSA Cryptosystem

8 Client-Server Programming Computer programs that communicate with each other over a network Two Programs ◦ Server - Program to wait for initiation of communication ◦ Client – Program to initiate the communication Protocol ◦ Controls communication between programs

9 Client – Server Roles ServerClient Provides some service to client Establishes connection Usually up all the time Stores information about client Has access to databases and other data Uses service provided by server Displays and receives results sent from server Responds to prompts from server

10 Client-Server Communication Communication Channel ◦ Socket  End-point of a two-way communication link between two programs running on a network Communication Language ◦ Protocol  Set of rules used to “talk” between client and server  Ex: To speak in class we raise hand. Teacher calls on us and tells us it is ok to talk.

11 RSA PROTOCOL So what does the RSA cryptosystem have to do with all this??

12 Brief overview of RSA Cryptosystem for encrypting and decrypting messages (or packets) Sender must have public key of receiver Receiver must have private key to unlock the message ONLY the receiver should know the private key

13 RSA Signature Schema Similar to RSA encryption Use a different key to sign and send messages Sender signs message with private key Receiver verifies signature with public key of sender Maris

14 IMPLEMENTATION ( Java )

15 RSAKey Class PublicKey and PrivateKey are inner classes – not globally accessible Separate classes so only Public Key can be sent over network RSAKey constructor generates a new RSA key according to the RSA key generation algorithm Serializable = can be saved and sent as object

16 … …

17 Server Multi-threaded so that multiple clients can connect Opens a socket on specified port and waits for client to connect While running, stores a list of clients and their public keys in a HashMap so they can sign back on

18

19 Connects to client’s Object Output Stream to send data through socket

20 Client Connects to server and waits for data Only needs to handle a few commands from server ◦ STARTUNAMELOADKEY ◦ KEYFILESIGN ◦ YorNINPUTPRINT Stores RSAKeys assigned by server for authentication and decryption of packets

21 Can load key from file stored on local machine to connect and decrypt Received data is stored in a file with the client’s username

22 Protocol: Client-Server Communication Most important (and difficult) aspect of socket programming Before sending objects across network, server must tell the client what to expect Example: ◦ To send a file to the client, server must perform the following actions. Client must act based on protocol.

23 Sending file to client…

24 Client receiving file…

25 Protocol variables

26 DEMONSTRATION The fun part!

27 CONCLUSION

28 Successes Successfully implemented RSA encryption and signature algorithms Able to send encrypted files across a network Able to decrypt and the files on the client side Cannot decrypt without the private key… ◦ i.e. secure Learned a lot about socket programming

29 Challenges (and failures  ) Sending objects across the sockets ◦ Frustrating at times, but satisfying when worked Keeping private keys private ◦ Key storage (should we ever store them?) ◦ Key generation could be vulnerable to attacks if unlucky El-Gamal signature schema ◦ Socket programming was a little harder than I had anticipated

30 Protocol implementation ◦ Difficult to synchronize between client and server ◦ Approximately 5 different designs while developing Learning to use BigInteger class for RSA implementation

31 FUTURE WORK

32 Multi-Client communication ◦ Ability to sign/encrypt messages and send them over the server to another client Transfer more than just text files Implement more encryption and signature schema Graphical User Interface would be nice

33 QUESTIONS??

Download ppt "Real-Time Authentication Using Digital Signature Schema Marissa Hollingsworth BOISECRYPT ‘09."

Similar presentations

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
SSL Protocol By Oana Dini. Overview Introduction to SSL SSL Architecture SSL Limitations.

SSL Protocol By Oana Dini. Overview Introduction to SSL SSL Architecture SSL Limitations.
VOYAGER: Yet Another Secure Web Browser to Demonstrate Secure Socket Layer Working and Implementation By : Shrinivas G. Deshpande Advisor: Dr. Chung E.

VOYAGER: Yet Another Secure Web Browser to Demonstrate Secure Socket Layer Working and Implementation By : Shrinivas G. Deshpande Advisor: Dr. Chung E.
CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),

CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),
Module 5: Configuring Access for Remote Clients and Networks.

Module 5: Configuring Access for Remote Clients and Networks.
Implementation of a Two-way Authentication Protocol Using Shared Key with Hash CS265 Sec. 2 David Wang.

Implementation of a Two-way Authentication Protocol Using Shared Key with Hash CS265 Sec. 2 David Wang.
Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.

Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.
Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.

Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.
Page # Advanced Telecommunications/Information Distribution Research Program (ATIRP) Authentication Scheme for Distributed, Ubiquitous, Real-Time Protocols.

Page # Advanced Telecommunications/Information Distribution Research Program (ATIRP) Authentication Scheme for Distributed, Ubiquitous, Real-Time Protocols.
WAP Public Key Infrastructure CSCI 5939.02 – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
Application Layer 2-1 Chapter 2 Application Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Application Layer – Lecture.

Application Layer 2-1 Chapter 2 Application Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Application Layer – Lecture.
A CHAT CLIENT-SERVER MODULE IN JAVA BY MAHTAB M HUSSAIN MAYANK MOHAN ISE 582 FALL 2003 PROJECT.

A CHAT CLIENT-SERVER MODULE IN JAVA BY MAHTAB M HUSSAIN MAYANK MOHAN ISE 582 FALL 2003 PROJECT.
Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.

Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.
1 Java Networking – Part I CS 236607, Spring 2008/9.

1 Java Networking – Part I CS , Spring 2008/9.
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Liang, Introduction to Java Programming, Sixth Edition, (c) 2007 Pearson Education, Inc. All rights reserved. 0-13-222158-6 1 L22 (Chapter 25) Networking.

Liang, Introduction to Java Programming, Sixth Edition, (c) 2007 Pearson Education, Inc. All rights reserved L22 (Chapter 25) Networking.
© Lethbridge/Laganière 2001 Chap. 3: Basing Development on Reusable Technology 1 Let’s get started. Let’s start by selecting an architecture from among.

© Lethbridge/Laganière 2001 Chap. 3: Basing Development on Reusable Technology 1 Let’s get started. Let’s start by selecting an architecture from among.
Fundamentals of Python: From First Programs Through Data Structures

Fundamentals of Python: From First Programs Through Data Structures
SSH Secure Login Connections over the Internet

SSH Secure Login Connections over the Internet

Similar presentations

Ads by Google