Presentation is loading. Please wait.

Presentation is loading. Please wait.

Induction: Security and Certification –April 26-28, 2004 - 1 Security and Certification; Authentication and Authorisation John Kewley EGEE is funded by.

Published byGwen McCoy Modified over 9 years ago

Similar presentations

Presentation on theme: "Induction: Security and Certification –April 26-28, 2004 - 1 Security and Certification; Authentication and Authorisation John Kewley EGEE is funded by."— Presentation transcript:

1 Induction: Security and Certification –April 26-28, 2004 - 1 Security and Certification; Authentication and Authorisation John Kewley EGEE is funded by the European Union under contract IST-2003-508833

2 Induction: Security and Certification –April 26-28, 2004 - 2 Security and Certification; Authentication and Authorisation EGEE Training Team EGEE is funded by the European Union under contract IST-2003-508833

3 Induction: Security and Certification –April 26-28, 2004 - 3 Acknowledgements Some of these slides have been taken from a longer presentation by Mike Jones of the University of Manchester. Prepared by John Kewley, CCLRC Daresbury Laboratory

4 Induction: Security and Certification –April 26-28, 2004 - 4 Goals of this module Describe … Security basics Use of Certificates Importance of Certificate Authorities

5 Induction: Security and Certification –April 26-28, 2004 - 5 Overview Introduction to Security Public/private keys in action Certificates Certificate Authorities

6 Induction: Security and Certification –April 26-28, 2004 - 6 Introduction to Security What aspects of security should we be concerned about? Authentication (Identification) Confidentiality (Privacy) Integrity (non-Tampering) Authorisation Also Accounting Delegation Non-Repudiation

7 Induction: Security and Certification –April 26-28, 2004 - 7 Tools of the trade Encryption Secret “symmetric” key – both parties need to share the key DES, RC4 Comparatively efficient Public/private key – “asymmetric” - 2 keys mathematically related RSA, DSA Slower Oneway hash / message digest MD5, SHA-1 fast

8 Induction: Security and Certification –April 26-28, 2004 - 8 Gbbyf bs gur genqr Rapelcgvba Frpergt “flzzrgevp” xrl – obgu cnegvrf arrq gb funer gur xrl QRF, EP4 Pbzcnengviryl rssvpvrag Choyvp/cevingr xrl – “nflzzrgevp” - 2 xrlf zngurzngvpnyyl eryngrq EFN, QFN Fybjre Barjnl unfu / zrffntr qvtrfg ZQ5, FUN-1 Snfg

9 Induction: Security and Certification –April 26-28, 2004 - 9 Tools of the trade Encryption Secret “symmetric” key – both parties need to share the key DES, RC4 Comparatively efficient Public/private key – “asymmetric” - 2 keys mathematically related RSA, DSA Slower Oneway hash / message digest MD5, SHA-1 fast

10 Induction: Security and Certification –April 26-28, 2004 - 10 Encrypting for Confidentiality (1) Sending a message using symmetric keys 1.Encrypt message using shared key 2.Send encrypted message 3.Receiver decrypts message using shared key Only someone with shared key can decrypt message But how do the keys get shared? Sender spaceReceiver spacePublic space Hello World openssl hR3a rearj openssl Hello World 2 1 3 key

11 Induction: Security and Certification –April 26-28, 2004 - 11 Encrypting for Confidentiality Sending a message using asymmetric keys 1.Encrypt message using Receiver’s public key 2.Send encrypted message 3.Receiver decrypts message using own private key Only someone with Receiver’s private key can decrypt message Sender space Receiver spacePublic space Hello World Receiver’s Public Key Public Key Private Key Receiver’s Public Key openssl hR3a rearj openssl Hello World 2 1 3

12 Induction: Security and Certification –April 26-28, 2004 - 12 Encrypting for Confidentiality (2) Sending a message using asymmetric keys 1.Encrypt message using Receiver’s public key 2.Send encrypted message 3.Receiver decrypts message using own private key Only someone with Receiver’s private key can decrypt message Sender space Receiver spacePublic space Hello World Receiver’s Public Key Public Key Private Key Receiver’s Public Key openssl hR3a rearj openssl Hello World 2 1 3

13 Induction: Security and Certification –April 26-28, 2004 - 13 Signing for Authentication 1.Encrypt message with Sender’s private key 2.Send encrypted message 3.Message is readable by ANYONE with Sender’s public key 4.Receiver decrypts message with Sender’s public key Receiver can be confident that only someone with Sender’s private key could have sent the message Sender space Receiver space Public space Hello World Sender’s Public Key openssl n52krj rer openssl Hello World Public KeyPrivate Key Sender’s Public Key openssl Hello World 1 3 4 2

14 Induction: Security and Certification –April 26-28, 2004 - 14 Certificates A statement from someone else (the Certificate Authority), that your public key (and hence your private key) is associated with your identity A certificate can be checked if you have the public key of the party who signed it

15 Induction: Security and Certification –April 26-28, 2004 - 15 Certificate Authority A Certificate Authority (CA) issues you your certificates. By signing them it is able to vouch for you to third parties In return for this service, you must provide appropriate documentary evidence of identity when you apply for a certificate through a Registration Authority (RA)

16 Induction: Security and Certification –April 26-28, 2004 - 16 Certificate contents The certificate that you present to others contains: Your distinguished name (DN) Your public key The identity of the CA who issued the certificate Its expiry date Digital signature of the CA which issued it

17 Induction: Security and Certification –April 26-28, 2004 - 17 The Full Monty Server authenticates Client Client authenticates Server (Symmetric) Session key exchanged confidentially using public key mechanism Secure session can now commence using more efficient, agreed “session key” Secure messages will also contain a message digest to ensure integrity

18 Induction: Security and Certification –April 26-28, 2004 - 18 Summary We have looked at Security basics Use of Certificates Importance of Certification Authorities

Download ppt "Induction: Security and Certification –April 26-28, 2004 - 1 Security and Certification; Authentication and Authorisation John Kewley EGEE is funded by."

Similar presentations

Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
John Kewley STFC e-Science Centre Accessing the Grid from DL 8 th January 2008 Accessing the Grid from DL John Kewley Grid Technology Group E-Science Centre.

John Kewley STFC e-Science Centre Accessing the Grid from DL 8 th January 2008 Accessing the Grid from DL John Kewley Grid Technology Group E-Science Centre.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Information Security & Cryptographic Principles. Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction.

Information Security & Cryptographic Principles. Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.

An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.
Cryptography Basic (cont)

Cryptography Basic (cont)
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Cryptographic Technologies

Cryptographic Technologies
Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.

Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.
Cryptography April 20, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
TrustPort Public Key Infrastructure. WWW.TRUSTPORT.COM Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.

E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.

Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
Encryption Methods By: Michael A. Scott 20140508.

Encryption Methods By: Michael A. Scott
Cryptographic Security Cryptographic Mechanisms 1Mesbah Islam– Operating Systems.

Cryptographic Security Cryptographic Mechanisms 1Mesbah Islam– Operating Systems.
Digital Signature Xiaoyan Guo/102587 Xiaohang Luo/104446.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/

Similar presentations

Ads by Google