Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Security Continued. Digital Signature You want to sign a document. Three conditions. – 1. The receiver can verify the identity of the sender.

Published byPiers Cox Modified over 9 years ago

Similar presentations

Presentation on theme: "Network Security Continued. Digital Signature You want to sign a document. Three conditions. – 1. The receiver can verify the identity of the sender."— Presentation transcript:

1 Network Security Continued

2 Digital Signature You want to sign a document. Three conditions. – 1. The receiver can verify the identity of the sender. – 2. The sender cannot later repudiate the content of the message. – 3. The receiver cannot make the message up.

3 Using Public key / Private Key To send P, Alice send E_B(D_A(P)). Bob receives, decode it with his private key to get D_A(P), encode it with Alice’s public key to get P.

4 Digital Signature Can Bob verify this is the message from Alice? – Yes, because (1) the message usually have some format and if it is not decoded correctly it will make no sense (2) Alice can send a hash of the message to Bob and Bob can verify whether the hash matches the decoded message

5 Digital Signature If Alice later denies she sent the message P, Bob can show P and D_A(P). A third party can check if he can get P with D_A(P) and Alice’s private key. If yes, Alice is lying because Bob does not know Alice’s private key and have no way to make up D_A(P).

6 Is problem solved? How can Alice and Bob know each other’s public key? Can Alice send a message to Bob to ask him to send her pkB? No. Tom may intercept this message and return Alice a message with his key or some junk.

7 Solution? Ask someone with authority, say, C. – Alice asks C “can you tell me the public key of Bob?” – C replies “Here you are, pkB.” Will this work? No. Because how can Alice be sure that this message is from C and not from Tom?

8 Solution Because C is well-known, Alice remembers his public key. So when C sends Alice the reply, he “signs” it with his private key: D_skC(pkB, I am sending you the public key of Bob as you requested). When Alice gets this message, she knows that this must be from C and can be trusted.

9 Problems? If everyone must contact C before the session begins, can C still handle it? Note that the RSA algorithm involves multiplications of large numbers and is slow.

10 Solution In fact, C does not have to answer the reply in real time. He can send Bob a “certificate” like: D_skC[I hereby certificate that this key ############# belongs to Bob. Bob’s IP address is ****** and his email is @@@@.] Later, when Bob wants to prove he is indeed Bob, he can just present this to Alice. Actually, it is D_skC{SHA_1[I hereby certificate that this key ############# belongs to Bob. Bob’s IP address is ****** and his email is @@@@.]} and C is called Certificate Authority (CA).

11 Optimizations Still, signing all these certificates is too much for a single machine. There is PKI (Public Key Infrastructure) as a tree. You have a root, Regional Authorities, and CAs. A node certifies the nodes under it by signing. Chain of trust.

12 Authentication If someone claims he is A, how do you verify? He should present something to you which you can check and which he can have if and only if he is A. We can all think of certain things for our real friends, but does such thing exist in the electronic world?

13 Simple Protocol Will this work, suppose A and B knows each other’s public key – If A wants to communicate with B, A sends E_pkB[D_skA(P)], where P is the plain text message. Because of the digital signature scheme, B knows that this message is originally from A. But a message that is originally from A does not mean that it is from A– the replay attack.

14 The solution Recall that everyone has a public key and a private key. Suppose Alice and Bob knows each other’s public key. – If Alice wants to setup a session with Bob, she sends Bob a message E_pkB[Alice, R_a], meaning that I am Alice and I want to talk to you, where R_a is a number picked at random. – Bob replies E_pkA[R_a, R_b, K_s], where R_b is a number picked at random and K_s is the session key. – Alice replies AES_K_s[R_b]. (not exactly the same as Skype’s protocol, but the idea is the same)

15 Explanations Message 2. When Alice gets E_pkA[R_a, R_b, K_s], she can decrypt it and can get R_a, R_b, K_s. When she sees R_a, she knows that this is the response she is waiting for and the sender must be Bob. Why? Because no one except Bob knows how to decode E_pkB[Alice, R_a] to get R_a and R_a is totally random and it is impossible for one to guess it right.

16 Explainations Message 3. When Bob gets AES_K_s[R_b], he can use K_s to decode it to get R_b. Then he knows that this must be the message he is waiting for and the one who sent the first message must be Alice. Why? Because no one except Alice knows how to decode E_pkA[R_a, R_b, K_s] to get R_b and K_s to get AES_K_s[R_b].

17 Explanations The key is, we can make sure that every message must be the response of the previous message.

18 SSL -- Secure Sockets Layer and HTTPS Build a secure connection between two sockets. It is a layer between the application layer and the transportation layer. When HTTP is run over SSL, it is HTTPS.

19 SSL Twp protocols, one for establishing a secure connection, the other for using it. Fig. 8-51. Establishing connection. 1.A->B. SSL version, Preferences, R_A. 2.B->A. SSL version, Choices, R_B. Certificate. Done. 3.A->B. E_pkB[premaster key]. Change cipher. Finished. 4.B->A. Change cipher. Finished. R_A, R_B, premaster key used to get the session key. A is sure that she is talking to B. B use passwords to make sure that he is talking to A.

20 PGP – Pretty Good Privacy Used in E-mails. MD5RSAIDEA RSA P K_M DA zip EB

21 Attacks SYN Flood. Reflection.

22 Attacks http://www.nytimes.com/2008/11/10/techno logy/internet/10attacks.html http://www.nytimes.com/2008/11/10/techno logy/internet/10attacks.html http://www.scmagazine.com/asia/news/articl e/419816/a-next-generation-dos-attack- distributed-reflection/ http://www.scmagazine.com/asia/news/articl e/419816/a-next-generation-dos-attack- distributed-reflection/

Download ppt "Network Security Continued. Digital Signature You want to sign a document. Three conditions. – 1. The receiver can verify the identity of the sender."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
Last Class: The Problem BobAlice Eve Private Message Eavesdropping.

Last Class: The Problem BobAlice Eve Private Message Eavesdropping.
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Netprog: Cryptgraphy1 Cryptography Reference: Network Security PRIVATE Communication in a PUBLIC World. by Kaufman, Perlman & Speciner.

Netprog: Cryptgraphy1 Cryptography Reference: Network Security PRIVATE Communication in a PUBLIC World. by Kaufman, Perlman & Speciner.
Http Web Authentication Web authentication is used to verify a users identity before allowing access to certain web pages On web browsers you get a login.

Http Web Authentication Web authentication is used to verify a users identity before allowing access to certain web pages On web browsers you get a login.
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.

Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.
15-1 Last time Internet Application Security and Privacy Public-key encryption Integrity.

15-1 Last time Internet Application Security and Privacy Public-key encryption Integrity.
Computer Security Key Management

Computer Security Key Management
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Class on Security Raghu. Current state of Security Cracks appear all the time Band Aid solutions Applications are not designed properly OS designs are.

Class on Security Raghu. Current state of Security Cracks appear all the time Band Aid solutions Applications are not designed properly OS designs are.
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.

Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.

Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.
Chapter 9: Key Management

Chapter 9: Key Management

Similar presentations

Ads by Google