Presentation is loading. Please wait.

Presentation is loading. Please wait.

Authentication Question: how does a receiver know that remote communicating entity is who it is claimed to be?

Published byLambert Walsh Modified over 9 years ago

Similar presentations

Presentation on theme: "Authentication Question: how does a receiver know that remote communicating entity is who it is claimed to be?"— Presentation transcript:

1 Authentication Question: how does a receiver know that remote communicating entity is who it is claimed to be?

2 Approach 1: peer-peer key-based authentication  A, B (only) know secure key for encryption/decryption  A sends encrypted msf to B and B decrypts: A to B: msg = encrypt("I am A") B computes: if decrypt(msg)=="I am A" then A is verified then A is verified else A is fradulent else A is fradulent  failure scenarios?

3 Authentication Using Nonces to prove that A is alive, B sends "once-in-a-lifetime-only" number (nonce) to A, which A encodes and returns to B A to B: msg = encrypt("I am A") B compute: if decrypt(msg)=="I am A" then A is OK so far then A is OK so far B to A: once-in-a-lifetime value, n A to B: msg2 = encrypt(n) B computes: if decrypt(msg2)==n then A is verified then A is verified else A is fradulent else A is fradulent  note similarities to three way handshake and initial sequence number choice  problems with nonces?

4 Authentication Using Public Keys B wants to authenticate A A has made its encryption key EA known A alone knows DA symmetry: DA( EA(n) ) = EA ( DA(n) ) A to B: msg = "I am A" B to A: once-in-a-lifetime value, n A to B: msg2 = DA(n) B computes: if EA (DA(n))== n then A is verified then A is verified else A is fradulent else A is fradulent

5 Digital Signatures Using Public Keys Goals of digital signatures:  sender cannot repudiate message never sent ("I never sent that")  receiver cannot fake a received message Suppose A wants B to "sign" a message M B sends DB(M) to A A computes if EB ( DB(M)) == M then B has signed M then B has signed M Question: can B plausibly deny having sent M?

6 Symmetric key exchange: trusted server Problem: how do distributed entities agree on a key? Assume: each entity has its own single key, which only it and trusted server know Server:  will generate a one-time session key that A and B use to encrypt communication  will use A and B's single keys to communicate session key to A, B

7

8 Symmetric Key exchange: trusted server Preceding scenario: 1. A sends encrypted msg to S, containing A, B, nonce RA: EA(A,B,RA) 2. S decrypts using DA, generates one time session key, K, sends nonce, key, and B-encrypted encoding of key to A: EA(RA,B,K,EB(K,A)) 3. A decrypts msg from S using DA and verifies nonce. Extracts K, saves it and sends EB(K,A) to B. 4. B decrypts msg using DB, extracts K, generates new nonce RB, sends EK(RB) to A 5. A decrypts using K, extracts RB, computes RB-1 and encrypts using K. Sends EK(RB-1) to B 6. B decrypts using K and verifies RB-1

9 Public key exchange: trusted server  public key retrieval subject to man-in-middle attack  locate all public keys in trusted server  everyone has server's encryption key (ED public)  suppose A wants to send to B using B's "public" key

10 Clipper Chip: technical aspects US gov't proposed federal information processing standard (voluntary)  obviously need to encrypt many things passed over phone line  encryption technique for Clipper (skipjack algorithm) highly classified  voluntarily installed in telecommunications equipment (existing products)

11 call setup: A and B want to communicate  A, B use standard public key techniques to agree on a session key  session key encrypted using clipper chips unit key  encrypted session key and unencrypted unit ID put into LEAF (Law Enforcement Access Field) which is sent  note: LEAF redundant, A and B know session K  session key transmitted so it can be intercepted!  session communication encrypted using session key

12 Privacy issues Clipper I: device manufacturers split unit chip key in half:  unit chip key hardwired into tamper proof, non reverse-engineerable chip  half in escrow at NIST, half at Treasury  gov't wants to wiretap machine with known unit ID  gov't (e.g., FBI) presents court orders to both agencies, gets unit chip key  uses chip key to determine session key from LEAF  decrypts using session key

13 U.S. Export Laws Cryptography products are munitions 1992 - 40 bit key products can be exported 1996 - software key escrow  64bit key products can be exported provided key is registered with escrow agent in US 1996 - key recovery  all encrypted msgs include session key encrypted using recovery agent key Other countries:  most - none  France - must escrow key for encryption

14 Protection against Intruders: Firewalls

15 Firewall: network components (host/router+software) sitting between inside ("us") and outside ("them) Packet filtering firewalls: drop packets on basis of source or destination address (i.e., IP address, port) Application gateways: application specific code intercepts, processes and/or relays application specific packets  e.g., email of telnet gateways  application gateway code can be security hardened  can log all activity

16 Security: Internet activity IP layer:  authentication of header: receiver can authenticate sender using messageauthentication code (MAC)  encryption of contents: DES, RFC 1829 API  SSL - secure socket layer: support for authentication and encryption  port numbers: 443 for http with SSL, 465 for smtp with SSL Application Layer  Privacy Enhanced Mail (PEM)  secure http: supports many authentication, encryption schemes

17 Secure Email PEM :  operates on top of SMTP  ASCII  msg authentication - MD2, MD5  msg encryption - RSA, DES  authenticated encrypted msgs and encrypted authenticated msgs PGP (Pretty Good Privacy): secure file transfer (incl. email)  binary files

18 Security: conclusion key concerns:  encryption  authentication  key exchange also:  increasingly an important area as network connectivity increases  digital signatures, digital cash, authentication, increasingly important  an important social concern  further reading:  Crypto Policy Perspectives: S. Landau et al., Aug 1994 CACM  Internet Security, R. Oppliger, CACM May 1997  www.eff.org

Download ppt "Authentication Question: how does a receiver know that remote communicating entity is who it is claimed to be?"

Similar presentations

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)

Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.

Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.
Part 5:Security Network Security (Access Control, Encryption, Firewalls)

Part 5:Security Network Security (Access Control, Encryption, Firewalls)
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.

Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security

Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security
Business Data Communications, Fourth Edition Chapter 10: Network Security.

Business Data Communications, Fourth Edition Chapter 10: Network Security.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.

Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.
Computer Science Lecture 22, page 1 Security in Distributed Systems Introduction Cryptography Authentication Key exchange Readings: Tannenbaum, chapter.

Computer Science Lecture 22, page 1 Security in Distributed Systems Introduction Cryptography Authentication Key exchange Readings: Tannenbaum, chapter.
Cryptography 101 Frank Hecker

Cryptography 101 Frank Hecker
Network Security  introduction  cryptography  authentication  key exchange  Reading: Tannenbaum, section 7.1 Ross/Kurose, Ch 7 (which is incomplete)

Network Security  introduction  cryptography  authentication  key exchange  Reading: Tannenbaum, section 7.1 Ross/Kurose, Ch 7 (which is incomplete)

Similar presentations

Ads by Google