Presentation is loading. Please wait.

Presentation is loading. Please wait.

Image from (but I think they stole it from Monsters and Aliens)

Published byLouise French Modified over 9 years ago

Similar presentations

Presentation on theme: "Image from (but I think they stole it from Monsters and Aliens)"— Presentation transcript:

1 Image from http://www.theregister.co.uk/2015/02/22/lenovo_superfish_removal_tool/ (but I think they stole it from Monsters and Aliens) http://www.theregister.co.uk/2015/02/22/lenovo_superfish_removal_tool/ Cryptocurrency Cabal cs4501 Fall 2015 David Evans and Samee Zahur University of Virginia Class 5: Becoming More Paranoid

2 Upcoming Schedule Today: How Cryptosystems Fail Next Week: blockchain and mining (readings in notes) Tuesday, 15 September: Problem Set 1 Wednesday, 23 September: Checkup 2 (delayed from 21 Sept in original schedule) 1

3 “Hard” Problems 2 Why do cryptographers consider discrete logarithm to be a hard problem?

4 3

5 Why do cryptosystems fail in practice? 4

6 Trusting Software 5

7 6

8 7

9 SSL (Secure Sockets Layer) 8 ClientServer Hello KR CA [ Server Identity, KU S ] Verify Certificate using KU CA Check identity matches URL Generate random K E KU S (K) Decrypt using KR S Secure channel using K Simplified TLS Handshake Protocol

10 SSL (Secure Sockets Layer) 9 ClientServer Hello KR CA [ Server Identity, KU S ] Verify Certificate using KU CA Check identity matches URL Generate random K E KU S (K) Decrypt using KR S Secure channel using K Simplified TLS Handshake Protocol How did client get KU CA ?

11 10

12 Certificates 11 VarySign.com TJ multibit.org multibit.org, KU Multibit CPCP Verifies using KU VarySign How does VarySign decide if it should give certificate to requester? C P = KR VarySign [“multibit.org”, KU Multibit ]

13 12

14 13

15 14

16 15

17 16 https://www.google.com/#q=chair

18 17 Internet explorer connects to a web server on port 443 using SSL. The data is encrypted. Komodia’s SSL hijacker intercepts the communication and redirects it to Komodia’s Redirector. The channel between the SSL hijacker and the Redirector is encrypted. At this stage, Komodia’s Redirector can shape the traffic, block it, or redirect it to another website. Communication between the Redirector and the website is encrypted using SSL. All data received from the website can be again modified and/or blocked. When data manipulation is done, it is forwarded again to Internet explorer. The browser displays the SSL lock, and the session will not display any “Certificate warnings”. http://www.komodia.com/products/komodias-ssl-decoderdigestorhttp://www.komodia.com/products/komodias-ssl-decoderdigestor (in archive.org)

19 Charge Problem Set 1: due Tuesday 18 Upcoming office hours: Now (Samee) tomorrow (Dave, 2:30-3:30) Monday (Ori, 5-6:30pm)

Download ppt "Image from (but I think they stole it from Monsters and Aliens)"

Similar presentations

Cryptography and Network Security Chapter 16

Cryptography and Network Security Chapter 16
SECURE SITES. A SECURE CONNECTION TERMS Secure Sockets Layer (SSL) An older Internet protocol that allows for data transmission between server and client.

SECURE SITES. A SECURE CONNECTION TERMS Secure Sockets Layer (SSL) An older Internet protocol that allows for data transmission between server and client.
Cryptocurrency Café UVa cs4501 Spring 2015 David Evans Class 12: Mostly About Superfish Image from

Cryptocurrency Café UVa cs4501 Spring 2015 David Evans Class 12: Mostly About Superfish Image from
TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Cryptography and Network Security

Cryptography and Network Security
Secure Socket Layer.

Secure Socket Layer.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, I've Got You under My Skin“ by Cole Porter.

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),

CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),
By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.

By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Cryptography and Network Security

Cryptography and Network Security
Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.

Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.
EECC694 - Shaaban #1 lec #16 Spring2000 5-4-2000 Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.

EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.
SSL By: Anthony Harris & Adam Shkoler. What is SSL? SSL stands for Secure Sockets Layer SSL is a cryptographic protocol which provides secure communications.

SSL By: Anthony Harris & Adam Shkoler. What is SSL? SSL stands for Secure Sockets Layer SSL is a cryptographic protocol which provides secure communications.
Chapter 8 Web Security.

Chapter 8 Web Security.
Secure Sockets Layer 1 / 99  SSL is perhaps the widest used security protocol on the Internet today.  Together with DC enables secure communication.

Secure Sockets Layer 1 / 99  SSL is perhaps the widest used security protocol on the Internet today.  Together with DC enables secure communication.
CSCI 6962: Server-side Design and Programming

CSCI 6962: Server-side Design and Programming

Similar presentations

Ads by Google