Presentation is loading. Please wait.

Presentation is loading. Please wait.

McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 30 Message Security, User Authentication, and Key Management.

Published byRussell Nichols Modified over 9 years ago

Similar presentations

Presentation on theme: "McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 30 Message Security, User Authentication, and Key Management."— Presentation transcript:

1 McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 30 Message Security, User Authentication, and Key Management

2 McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 30.1 Message Security Privacy Authentication Integrity Nonrepudiation

3 McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Figure 30.1 Message security

4 McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Figure 30.2 Privacy using symmetric-key encryption

5 McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Figure 30.3 Privacy using public-key encryption

6 McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 30.2 Digital Signature Signing the Whole Document Signing the Digest

7 McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Figure 30.4 Signing the whole document

8 McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Digital signature does not provide privacy. If there is a need for privacy, another layer of encryption/decryption must be applied. Note:

9 McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Figure 30.5 Signing the digest

10 McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Figure 30.6 Sender site

11 McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Figure 30.7 Receiver site

12 McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 30.3 User Authentication With Symmetric Key With Public Key

13 McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Figure 30.8 Using a symmetric key only

14 McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Figure 30.9 Using a nonce

15 McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Figure 30.10 Bidirectional authentication

16 McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 30.4 Key Management Symmetric-Key Distribution Public-Key Certification

17 McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 A symmetric key between two parties is useful if it is used only once; it must be created for one session and destroyed when the session is over. Note:

18 McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Figure 30.11 Diffie-Hellman method

19 McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 The symmetric (shared) key in the Diffie-Hellman protocol is K = G xy mod N. Note:

20 McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Example 2 Assume G = 7 and N = 23. The steps are as follows: 1. Alice chooses x = 3 and calculates R1 = 7 3 mod 23 = 21. 2. Alice sends the number 21 to Bob. 3. Bob chooses y = 6 and calculates R2 = 7 6 mod 23 = 4. 4. Bob sends the number 4 to Alice. 5. Alice calculates the symmetric key K = 4 3 mod 23 = 18. 6. Bob calculates the symmetric key K = 21 6 mod 23 = 18. The value of K is the same for both Alice and Bob; G xy mod N = 7 18 mod 23 = 18.

21 McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Figure 30.12 Man-in-the-middle attack

22 McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Figure 30.13 First approach using KDC

23 McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Figure 30.14 Needham-Schroeder protocol

24 McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Figure 30.15 Otway-Rees protocol

25 McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Table 30.1 X.500 fields FieldExplanation VersionVersion number of X.509 Serial numberThe unique identifier used by the CA SignatureThe certificate signature IssuerThe name of the CA defined by X.509 Validity periodStart and end period that certificate is valid Subject nameThe entity whose public key is being certified Public keyThe subject public key and the algorithms that use it

26 McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Figure 30.16 PKI hierarchy

27 McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 30.5 Kerberos Servers Operation Using Different Servers Realms Version 5

28 McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Figure 30.17 Kerberos servers Authentication service Ticket Granting Service

29 McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Figure 30.18 Kerberos example

Download ppt "McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 30 Message Security, User Authentication, and Key Management."

Similar presentations

Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Network Security Chapter 8. Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic.

Network Security Chapter 8. Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic.
Computer Security Key Management

Computer Security Key Management
 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.

 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.
CMSC 414 Computer and Network Security Lecture 19 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 19 Jonathan Katz.
1 Key Establishment Symmetric key problem: How do two entities establish shared secret key in the first place? Solutions: Deffie-Hellman trusted key distribution.

1 Key Establishment Symmetric key problem: How do two entities establish shared secret key in the first place? Solutions: Deffie-Hellman trusted key distribution.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 30 Message Security, User Authentication, and Key Management.

McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 30 Message Security, User Authentication, and Key Management.
1 Key Establishment Symmetric key problem: How do two entities establish shared secret key over network? Solution: trusted key distribution center (KDC)

1 Key Establishment Symmetric key problem: How do two entities establish shared secret key over network? Solution: trusted key distribution center (KDC)
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Chapter 8 Network Security 4/17/2017 www.noteshit.com.

Chapter 8 Network Security 4/17/2017
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 DISTRIBUTED SYSTEMS.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.

1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.

Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
Computer Science Public Key Management Lecture 5.

Computer Science Public Key Management Lecture 5.

Similar presentations

Ads by Google