Privacy, Discovery, and Authentication for the Internet of Things
|
|
- Francis Thornton
- 5 years ago
- Views:
Transcription
1 Privacy, Discovery, and Authentication for the Internet of Things David J. Wu Ankur Taly Asim Shankar Dan Boneh Stanford University Google Google Stanford University
2 The Internet of Things (IoT) Lots of smart devices, but only useful if users can discover them!
3 Private Service Discovery Many existing service discovery protocols: Multicast DNS (mdns), Apple Bonjour, Bluetooth Low Energy (BLE) A typical discovery protocol Screenshot taken on a public Wireless network Device owner s name / user ID revealed! Device location revealed!
4 Private Service Discovery Each service specifies an authorization policy Nanny Cam Monitor Setup Philips Hue Brightness ADT Security Manage Door Lock Unlock Manage Alice Nanny Cam Monitor Setup Philips Hue Brightness ADT Security Manage Door Lock Unlock Manage Technician Nanny Cam Monitor Setup Philips Hue Brightness ADT Security Manage Door Lock Unlock Manage Cleaning Service Nanny Cam Monitor Setup Philips Hue Brightness ADT Security Manage Door Lock Unlock Manage Stranger
5 Private Service Discovery Each service specifies an authorization policy Nanny Cam Philips Hue Brightness ADT Security Manage Door Lock Unlock Manage Alice Nanny Cam Nanny Cam Nanny Cam Monitor Mutual Setup Monitor privacy: Setup Monitor Setup privacy Monitor Setup Philips Hue Brightness ADT Security Manage Door Lock Technician Philips Hue Brightness ADT Security Manage Door Lock Unlock Manage Cleaning Service Philips Hue Brightness ADT Security Manage Door Lock should also hold for devices trying to discover services! Unlock Manage Unlock Manage Stranger
6 Bob security system Private Mutual Authentication Will only reveal identity to devices owned by Alice. How to authenticate between mutually distrustful parties? Will only reveal identity to Alice s family members.
7 Bob security system Private Mutual Authentication In most existing mutual authentication protocols (e.g., TLS, IKE, SIGMA), one party must reveal its identity first
8 Primary Protocol Requirements Mutual privacy: Identity of protocol participants are only revealed to authorized recipients Lightweight: privacy should be as simple as setting a flag in key-exchange (as opposed to a separate protocol e.g., using secret handshakes [BDSSSW03])
9 Identity and Authorization Model Every party has a signing + verification key, and a collection of human-readable names bound to their public keys via a certificate chain verification key alice/family/ bob/ alice/device/ security/ popular_corp/ prod/s1234
10 Identity and Authorization Model Every party has a signing + verification key, and a collection of human-readable names bound to their public keys via a certificate chain alice/ alice/family/ alice/device/ alice/family/ bob/ alice/family/ charlie/ alice/device/ security/
11 Identity and Authorization Model Authorization decisions expressed as prefix patterns Policy: alice/devices/* Policy: alice/family/* alice/family/ bob/ alice/device/ security/
12 Protocol Construction
13 Starting Point: Diffie-Hellman Key Exchange g xy x R Z p g x g y g xy y R Z p G : cyclic group of prime order p with generator g Shared key: KDF g x, g y, g xy
14 Starting Point: Diffie-Hellman Key Exchange g xy x R Z p g x g y g xy y R Z p G : cyclic group of prime order p with generator g Shared key: KDF g x, g y, g xy
15 Secure Key Agreement: SIGMA-I Protocol [CK01] x R Z p g x y R Z p g y, ID B, SIG B ID B, g x, g y k
16 Secure Key Agreement: SIGMA-I Protocol [CK01] x R Z p Bob s signature of the ephemeral DH exponents g x y R Z p g y, ID B, SIG B ID B, g x, g y k Bob s certificate message encrypted and authenticated Note: in the actual protocol, session ids are also included for replay prevention.
17 Secure Key Agreement: SIGMA-I Protocol [CK01] x R Z p g x y R Z p g y, ID B, SIG B ID B, g x, g y k ID A, SIG A (ID A, g x, g y ) k Alice s certificate Alice s signature message encrypted and authenticated Note: in the actual protocol, session ids are also included for replay prevention.
18 Secure Key Agreement: SIGMA-I Protocol [CK01] x R Z p g x y R Z p g y, ID B, SIG B ID B, g x, g y k ID A, SIG A (ID A, g x, g y ) k session key derived from g x, g y, g xy Note: in the actual protocol, session ids are also included for replay prevention.
19 Properties of the SIGMA-I Protocol Mutual authentication against active network adversaries Hides server s (Bob s) identity from a passive attacker Hides client s (Alice s) identity from an active attacker Bob s identity is revealed to an active attacker! Chicken-and-egg problem: neither party wants to go first in the key exchange.
20 Prefix-Based Encryption Public-key encryption scheme where ciphertexts are associated with a policy message public parameters m mpk PE.Encrypt alice/devices/* policy ct ciphertext Bob can encrypt a message with respect to a particular policy
21 Prefix-Based Encryption msk root authority To decrypt messages, users go to a (trusted) identity provider to obtain a decryption key for their identity sk alice sk aliceτfamilyτbob Bob can decrypt all messages with policies satisfied by his identity
22 Prefix-Based Encryption Ciphertexts associated with policies and keys associated with identities secret key ciphertext alice/devices/ security/ + alice/devices/* m m Decryption succeeds if policy is satisfied
23 Prefix-Based Encryption Ciphertexts associated with policies and keys associated with identities secret key ciphertext alice/devices/ security/ + eve/devices/* m Decryption fails if policy not satisfied
24 Prefix-Based Encryption Can be leveraged for prefix-based policies Policy: alice/devices/* Bob encrypts his message to the policy alice/devices/*. Any user with an identity that begins with alice/devices/ can decrypt.
25 Prefix-Based Encryption Can be leveraged for prefix-based policies Policy: alice/devices/* Bob encrypts his message to the Can be built from policy alice/devices/*. identity-based Any user with an identity encryption that begins with alice/devices/ can decrypt.
26 Private Mutual Authentication Key idea: encrypt certificate using prefix-based encryption x R Z p g x CT B g y, {PE. Enc(π B, ID B ), SIG B CT B, g x, g y } k y R Z p ID A, SIG A (ID A, g x, g y ) k
27 Private Mutual Authentication x R Z p g x CT B g y, {PE. Enc(π B, ID B ), SIG B CT B, g x, g y } k y R Z p ID A, SIG A (ID A, g x, g y ) k Privacy for Alice s identity: Alice sends her identity only after verifying Bob s identity Privacy for Bob s identity: Only users with a key that satisfies Bob s policy can decrypt his identity
28 Private Service Discovery Prefix-based encryption can also be leveraged for private service discovery See paper for details:
29 Implementation and Benchmarks Integrated private mutual authentication and private service discovery protocols into the Vanadium open-source framework for building distributed applications
30 Implementation and Benchmarks Intel Edison Raspberry Pi Comparison of private mutual authentication protocol with non-private SIGMA-I protocol Note: x86 assembly optimizations for pairing curve operations available only on desktop Nexus 5X Desktop SIGMA-I ms 88.0 ms 91.6 ms 5.3 ms Private Mutual Auth ms ms ms 9.5 ms Slowdown 6.7x 3.7x 3.9x 1.8x
31 Conclusions Existing key-exchange and service discovery protocols do not provide privacy controls Prefix-based encryption can be combined very naturally with existing key-exchange protocols to provide privacy + authenticity Overhead of resulting protocol small enough that protocols can run on many existing devices Thank you!
Privacy, Discovery, and Authentication for the Internet of Things
Privacy, Discovery, and Authentication for the Internet of Things David J. Wu Ankur Taly Asim Shankar Dan Boneh Stanford University Google Google Stanford University The Internet of Things (IoT) Lots of
More informationPrivacy, Discovery, and Authentication for the Internet of Things
Privacy, Discovery, and Authentication for the Internet of Things David J. Wu 1, Ankur Taly 2, Asim Shankar 2, and Dan Boneh 1 1 Stanford University 2 Google Abstract. Automatic service discovery is essential
More informationPractical Distributed Authorization
Practical Distributed Authorization Ankur Taly, Google Inc. ataly@google.com Two day course at the 2016 International school on Foundations of Security Analysis and Design, Bertinoro, Italy (Aug. 29 -
More informationarxiv: v3 [cs.cr] 28 Feb 2017
Privacy, Discovery, and Authentication for the Internet of hings (Extended Version) David J. Wu 1, Ankur aly 2, Asim Shankar 2, and Dan Boneh 1 arxiv:1604.06959v3 [cs.cr] 28 Feb 2017 1 Stanford University
More informationL13. Reviews. Rocky K. C. Chang, April 10, 2015
L13. Reviews Rocky K. C. Chang, April 10, 2015 1 Foci of this course Understand the 3 fundamental cryptographic functions and how they are used in network security. Understand the main elements in securing
More informationKey Establishment and Authentication Protocols EECE 412
Key Establishment and Authentication Protocols EECE 412 1 where we are Protection Authorization Accountability Availability Access Control Data Protection Audit Non- Repudiation Authentication Cryptography
More information1. Diffie-Hellman Key Exchange
e-pgpathshala Subject : Computer Science Paper: Cryptography and Network Security Module: Diffie-Hellman Key Exchange Module No: CS/CNS/26 Quadrant 1 e-text Cryptography and Network Security Objectives
More informationLecture 9a: Secure Sockets Layer (SSL) March, 2004
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York University artg@cs.nyu.edu Security Achieved by
More informationPublic-key Cryptography: Theory and Practice
Public-key Cryptography Theory and Practice Department of Computer Science and Engineering Indian Institute of Technology Kharagpur Chapter 1: Overview What is Cryptography? Cryptography is the study of
More informationCristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.
CS355: Cryptography Lecture 17: X509. PGP. Authentication protocols. Key establishment. Public Keys and Trust Public Key:P A Secret key: S A Public Key:P B Secret key: S B How are public keys stored How
More informationCSC 5930/9010 Modern Cryptography: Public Key Cryptography
CSC 5930/9010 Modern Cryptography: Public Key Cryptography Professor Henry Carter Fall 2018 Recap Number theory provides useful tools for manipulating integers and primes modulo a large value Abstract
More informationAuth. Key Exchange. Dan Boneh
Auth. Key Exchange Review: key exchange Alice and want to generate a secret key Saw key exchange secure against eavesdropping Alice k eavesdropper?? k This lecture: Authenticated Key Exchange (AKE) key
More informationViber Encryption Overview
Introduction Terms Preparations for Session Setup Secure Session Setup Exchanging Messages Encrypted Calls Photo, Video and File Sharing Secure Groups Secondary Device Registration Authentication Viber
More informationNoise Protocol Framework. Trevor Perrin
Noise Protocol Framework Trevor Perrin Cryptography Public Key (DH, RSA, ECC etc) Symmetric Key (AES etc) AKE Authenticated Key Exchange (or Agreement) Goals Shared symmetric key Authentication Forward
More informationData Security and Privacy. Topic 14: Authentication and Key Establishment
Data Security and Privacy Topic 14: Authentication and Key Establishment 1 Announcements Mid-term Exam Tuesday March 6, during class 2 Need for Key Establishment Encrypt K (M) C = Encrypt K (M) M = Decrypt
More informationKey Agreement Schemes
Key Agreement Schemes CSG 252 Lecture 9 November 25, 2008 Riccardo Pucella Key Establishment Problem PK cryptosystems have advantages over SK cryptosystems PKCs do not need a secure channel to establish
More informationAn Identity and Authorization Model for Internet of Things (IOT)
An Identity and Authorization Model for Internet of Things (IOT) Ankur Taly, Google Inc. Joint work with Asim Shankar, Gautham Thambidorai, Suharsh Sivakumar, Ryan Brown, Martin Abadi, Mike Burrows, Adam
More informationInformation Security CS 526
Information Security CS 526 Topic 14: Key Distribution & Agreement, Secure Communication Topic 14: Secure Communication 1 Readings for This Lecture On Wikipedia Needham-Schroeder protocol (only the symmetric
More informationDiffie-Hellman. Part 1 Cryptography 136
Diffie-Hellman Part 1 Cryptography 136 Diffie-Hellman Invented by Williamson (GCHQ) and, independently, by D and H (Stanford) A key exchange algorithm o Used to establish a shared symmetric key Not for
More informationCSC/ECE 774 Advanced Network Security
Computer Science CSC/ECE 774 Advanced Network Security Topic 2. Network Security Primitives CSC/ECE 774 Dr. Peng Ning 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange;
More informationPublic Key Cryptography, OpenPGP, and Enigmail. 31/5/ Geek Girls Carrffots GVA
Public Key Cryptography, OpenPGP, and Enigmail Cryptography is the art and science of transforming (encrypting) a message so only the intended recipient can read it Symmetric Cryptography shared secret
More informationPublic-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7
Public-Key Cryptography Professor Yanmin Gong Week 3: Sep. 7 Outline Key exchange and Diffie-Hellman protocol Mathematical backgrounds for modular arithmetic RSA Digital Signatures Key management Problem:
More informationDr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010
CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Public Key Cryptography Modular Arithmetic RSA
More informationMASHaBLE: Mobile Applications of Secret Handshakes over Bluetooth Low-Energy. Yan Michalevsky, Suman Nath, Jie Liu
MASHaBLE: Mobile Applications of Secret Handshakes over Bluetooth Low-Energy Yan Michalevsky, Suman Nath, Jie Liu Motivation Private communication Anonymous messaging Secret communities Location-based
More informationCryptography and Network Security. Sixth Edition by William Stallings
Cryptography and Network Security Sixth Edition by William Stallings Chapter 9 Public Key Cryptography and RSA Misconceptions Concerning Public-Key Encryption Public-key encryption is more secure from
More informationCSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L
CS 3461/5461: Introduction to Computer Networking and Internet Technologies Network Security Study: 21.1 21.5 Kannan Srinivasan 11-27-2012 Security Attacks, Services and Mechanisms Security Attack: Any
More informationOther Topics in Cryptography. Truong Tuan Anh
Other Topics in Cryptography Truong Tuan Anh 2 Outline Public-key cryptosystem Cryptographic hash functions Signature schemes Public-Key Cryptography Truong Tuan Anh CSE-HCMUT 4 Outline Public-key cryptosystem
More informationCSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography
CSCI 454/554 Computer and Network Security Topic 5.2 Public Key Cryptography Outline 1. Introduction 2. RSA 3. Diffie-Hellman Key Exchange 4. Digital Signature Standard 2 Introduction Public Key Cryptography
More informationWhat did we talk about last time? Public key cryptography A little number theory
Week 4 - Friday What did we talk about last time? Public key cryptography A little number theory If p is prime and a is a positive integer not divisible by p, then: a p 1 1 (mod p) Assume a is positive
More informationOutline. CSCI 454/554 Computer and Network Security. Introduction. Topic 5.2 Public Key Cryptography. 1. Introduction 2. RSA
CSCI 454/554 Computer and Network Security Topic 5.2 Public Key Cryptography 1. Introduction 2. RSA Outline 3. Diffie-Hellman Key Exchange 4. Digital Signature Standard 2 Introduction Public Key Cryptography
More informationSession key establishment protocols
our task is to program a computer which gives answers which are subtly and maliciously wrong at the most inconvenient possible moment. -- Ross Anderson and Roger Needham, Programming Satan s computer Session
More informationSession key establishment protocols
our task is to program a computer which gives answers which are subtly and maliciously wrong at the most inconvenient possible moment. -- Ross Anderson and Roger Needham, Programming Satan s computer Session
More informationChapter 9 Public Key Cryptography. WANG YANG
Chapter 9 Public Key Cryptography WANG YANG wyang@njnet.edu.cn Content Introduction RSA Diffie-Hellman Key Exchange Introduction Public Key Cryptography plaintext encryption ciphertext decryption plaintext
More informationCrypto Background & Concepts SGX Software Attestation
CSE 5095 & ECE 4451 & ECE 5451 Spring 2017 Lecture 4b Slide deck extracted from Kamran s tutorial on SGX, presented during ECE 6095 Spring 2017 on Secure Computation and Storage, a precursor to this course
More informationOutline. Public Key Cryptography. Applications of Public Key Crypto. Applications (Cont d)
Outline AIT 682: Network and Systems Security 1. Introduction 2. RSA 3. Diffie-Hellman Key Exchange 4. Digital Signature Standard Topic 5.2 Public Key Cryptography Instructor: Dr. Kun Sun 2 Public Key
More informationNotes for Lecture 14
COS 533: Advanced Cryptography Lecture 14 (November 6, 2017) Lecturer: Mark Zhandry Princeton University Scribe: Fermi Ma Notes for Lecture 14 1 Applications of Pairings 1.1 Recap Consider a bilinear e
More informationReal-time protocol. Chapter 16: Real-Time Communication Security
Chapter 16: Real-Time Communication Security Mohammad Almalag Dept. of Computer Science Old Dominion University Spring 2013 1 Real-time protocol Parties negotiate interactively (Mutual) Authentication
More informationCHAPTER 4 VERIFIABLE ENCRYPTION OF AN ELLIPTIC CURVE DIGITAL SIGNATURE
68 CHAPTER 4 VERIFIABLE ENCRYPTION OF AN ELLIPTIC CURVE DIGITAL SIGNATURE 4.1 INTRODUCTION This chapter addresses the Verifiable Encryption of Elliptic Curve Digital Signature. The protocol presented is
More informationUnderstand the TLS handshake Understand client/server authentication in TLS. Understand session resumption Understand the limitations of TLS
Last Updated: Oct 31, 2017 Understand the TLS handshake Understand client/server authentication in TLS RSA key exchange DHE key exchange Explain certificate ownership proofs in detail What cryptographic
More informationCS 494/594 Computer and Network Security
CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Real-Time Communication Security Network layers
More informationECE 646 Lecture 3. Key management
ECE 646 Lecture 3 Key management Required Reading Stallings, Cryptography and Network Security: Principles and Practice, 5/E or 6/E Chapter 14 Key Management and Distribution Using the same key for multiple
More informationApplied Cryptography and Computer Security CSE 664 Spring 2017
Applied Cryptography and Computer Security Lecture 18: Key Distribution and Agreement Department of Computer Science and Engineering University at Buffalo 1 Key Distribution Mechanisms Secret-key encryption
More informationPublic-Key Encryption, Key Exchange, Digital Signatures CMSC 23200/33250, Autumn 2018, Lecture 7
Public-Key Encryption, Key Exchange, Digital Signatures CMSC 23200/33250, Autumn 2018, Lecture 7 David Cash University of Chicago Plan 1. Security of RSA 2. Key Exchange, Diffie-Hellman 3. Begin digital
More informationPassword. authentication through passwords
Password authentication through passwords Human beings Short keys; possibly used to generate longer keys Dictionary attack: adversary tries more common keys (easy with a large set of users) Trojan horse
More informationStructure-Preserving Certificateless Encryption and Its Application
SESSION ID: CRYP-T06 Structure-Preserving Certificateless Encryption and Its Application Prof. Sherman S. M. Chow Department of Information Engineering Chinese University of Hong Kong, Hong Kong @ShermanChow
More informationScalable privacy-enhanced traffic monitoring in vehicular ad hoc networks
Scalable privacy-enhanced traffic monitoring in vehicular ad hoc networks Yi Liu1,2,3 Jie Ling 1 Qianhong Wu4,6 Bo Qin5 Presented By Khaled Rabieh Introduction & Problem Statement In traffic monitoring
More informationChapter 9. Public Key Cryptography, RSA And Key Management
Chapter 9 Public Key Cryptography, RSA And Key Management RSA by Rivest, Shamir & Adleman of MIT in 1977 The most widely used public-key cryptosystem is RSA. The difficulty of attacking RSA is based on
More informationAuthenticating People and Machines over Insecure Networks
Authenticating People and Machines over Insecure Networks EECE 571B Computer Security Konstantin Beznosov authenticating people objective Alice The Internet Bob Password= sesame Password= sesame! authenticate
More informationCryptography CS 555. Topic 16: Key Management and The Need for Public Key Cryptography. CS555 Spring 2012/Topic 16 1
Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography CS555 Spring 2012/Topic 16 1 Outline and Readings Outline Private key management between two parties Key management
More informationLecture 6.2: Protocols - Authentication and Key Exchange II. CS 436/636/736 Spring Nitesh Saxena. Course Admin
Lecture 6.2: Protocols - Authentication and Key II CS 436/636/736 Spring 2012 Nitesh Saxena Mid-Term Grading Course Admin Will be done over the break Scores will be posted online and graded exams distribute
More informationPublic Key Algorithms
Public Key Algorithms 1 Public Key Algorithms It is necessary to know some number theory to really understand how and why public key algorithms work Most of the public key algorithms are based on modular
More informationCrypto meets Web Security: Certificates and SSL/TLS
CSE 484 / CSE M 584: Computer Security and Privacy Crypto meets Web Security: Certificates and SSL/TLS Spring 2016 Franziska (Franzi) Roesner franzi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann,
More informationCS 161 Computer Security
Popa & Wagner Spring 2016 CS 161 Computer Security Midterm 2 Print your name:, (last) (first) I am aware of the Berkeley Campus Code of Student Conduct and acknowledge that academic misconduct will be
More informationLecture Notes 14 : Public-Key Infrastructure
6.857 Computer and Network Security October 24, 2002 Lecture Notes 14 : Public-Key Infrastructure Lecturer: Ron Rivest Scribe: Armour/Johann-Berkel/Owsley/Quealy [These notes come from Fall 2001. These
More informationCS 161 Computer Security
Popa & Wagner Spring 2016 CS 161 Computer Security Discussion 5 Week of February 19, 2017 Question 1 Diffie Hellman key exchange (15 min) Recall that in a Diffie-Hellman key exchange, there are values
More informationIntroduction to Cryptography Lecture 7
Introduction to Cryptography Lecture 7 Public-Key Encryption: El-Gamal, RSA Benny Pinkas page 1 1 Public key encryption Alice publishes a public key PK Alice. Alice has a secret key SK Alice. Anyone knowing
More informationKey Management and Distribution
CPE 542: CRYPTOGRAPHY & NETWORK SECURITY Chapter 10 Key Management; Other Public Key Cryptosystems Dr. Lo ai Tawalbeh Computer Engineering Department Jordan University of Science and Technology Jordan
More informationCSC 474/574 Information Systems Security
CSC 474/574 Information Systems Security Topic 2.5 Public Key Algorithms CSC 474/574 Dr. Peng Ning 1 Public Key Algorithms Public key algorithms covered in this class RSA: encryption and digital signature
More informationKey Agreement. Guilin Wang. School of Computer Science, University of Birmingham
Key Agreement Guilin Wang School of Computer Science, University of Birmingham G.Wang@cs.bham.ac.uk 1 Motivations As we know, symmetric key encryptions are usually much more efficient than public key encryptions,
More informationSpatial Encryption. March 17, Adam Barth, Dan Boneh, Mike Hamburg
Adam Barth Dan Boneh Mike Hamburg March 17, 2008 Traditional Public-Key Infrastructure CA Alice Bob Traditional Public-Key Infrastructure CA PK Bob, proof of identity Alice Bob Traditional Public-Key Infrastructure
More informationCSC 774 Advanced Network Security
CSC 774 Advanced Network Security Topic 5 Group Key Management Dr. Peng Ning CSC 774 Adv. Net. Security 1 Group Communication A group consists of multiple members Messages sent by one sender are received
More informationWAP Security. Helsinki University of Technology S Security of Communication Protocols
WAP Security Helsinki University of Technology S-38.153 Security of Communication Protocols Mikko.Kerava@iki.fi 15.4.2003 Contents 1. Introduction to WAP 2. Wireless Transport Layer Security 3. Other WAP
More informationISSN: (Online) Volume 3, Issue 5, May 2015 International Journal of Advance Research in Computer Science and Management Studies
ISSN: 2321-7782 (Online) Volume 3, Issue 5, May 2015 International Journal of Advance Research in Computer Science and Management Studies Research Article / Survey Paper / Case Study Available online at:
More informationSecure Multiparty Computation
CS573 Data Privacy and Security Secure Multiparty Computation Problem and security definitions Li Xiong Outline Cryptographic primitives Symmetric Encryption Public Key Encryption Secure Multiparty Computation
More informationSIDE CHANNEL ATTACKS AGAINST IOS CRYPTO LIBRARIES AND MORE DR. NAJWA AARAJ HACK IN THE BOX 13 APRIL 2017
SIDE CHANNEL ATTACKS AGAINST IOS CRYPTO LIBRARIES AND MORE DR. NAJWA AARAJ HACK IN THE BOX 13 APRIL 2017 WHAT WE DO What we do Robust and Efficient Cryptographic Protocols Research in Cryptography and
More informationAnonymity. Assumption: If we know IP address, we know identity
03--4 Anonymity Some degree of anonymity from using pseudonyms However, anonymity is always limited by address TCP will reveal your address address together with ISP cooperation Anonymity is broken We
More informationSSL/TLS & 3D Secure. CS 470 Introduction to Applied Cryptography. Ali Aydın Selçuk. CS470, A.A.Selçuk SSL/TLS & 3DSec 1
SSL/TLS & 3D Secure CS 470 Introduction to Applied Cryptography Ali Aydın Selçuk CS470, A.A.Selçuk SSL/TLS & 3DSec 1 SSLv2 Brief History of SSL/TLS Released in 1995 with Netscape 1.1 Key generation algorithm
More informationSpring 2010: CS419 Computer Security
Spring 2010: CS419 Computer Security Vinod Ganapathy Lecture 7 Topic: Key exchange protocols Material: Class handout (lecture7_handout.pdf) Chapter 2 in Anderson's book. Today s agenda Key exchange basics
More informationCryptography Lecture 9 Key distribution and trust, Elliptic curve cryptography
Cryptography Lecture 9 Key distribution and trust, Elliptic curve cryptography Key Management The first key in a new connection or association is always delivered via a courier Once you have a key, you
More informationCOMPUTER & NETWORK SECURITY
COMPUTER & NETWORK SECURITY Lecture 7: Key Management CRYPTOBULLETIN: IN THE LAST WEEK OpenSSL Patch to Plug Severe Security Holes http://krebsonsecurity.com/2015/03/openssl patch to plug severe security
More informationIdeal Security Protocol. Identify Friend or Foe (IFF) MIG in the Middle 4/2/2012
Ideal Security Protocol Satisfies security requirements Requirements must be precise Efficient Small computational requirement Small bandwidth usage, network delays Not fragile Works when attacker tries
More informationCSC 774 Network Security
CSC 774 Network Security Topic 2. Review of Cryptographic Techniques CSC 774 Dr. Peng Ning 1 Outline Encryption/Decryption Digital signatures Hash functions Pseudo random functions Key exchange/agreement/distribution
More informationCSC 5930/9010 Modern Cryptography: Public-Key Infrastructure
CSC 5930/9010 Modern Cryptography: Public-Key Infrastructure Professor Henry Carter Fall 2018 Recap Digital signatures provide message authenticity and integrity in the public-key setting As well as public
More informationDistributed Systems. Fall 2017 Exam 3 Review. Paul Krzyzanowski. Rutgers University. Fall 2017
Distributed Systems Fall 2017 Exam 3 Review Paul Krzyzanowski Rutgers University Fall 2017 December 11, 2017 CS 417 2017 Paul Krzyzanowski 1 Question 1 The core task of the user s map function within a
More informationNetwork Security. Chapter 8. MYcsvtu Notes.
Network Security Chapter 8 Network Security Some people who cause security problems and why. Cryptography Introduction Substitution ciphers Transposition ciphers One-time pads Fundamental cryptographic
More informationInnovation and Cryptoventures. Digital Signatures. Campbell R. Harvey. Duke University, NBER and Investment Strategy Advisor, Man Group, plc
Innovation and Cryptoventures Digital Signatures Campbell R. Harvey Duke University, NBER and Investment Strategy Advisor, Man Group, plc January 30, 2017 Definition Cryptography is the science of communication
More informationInnovation and Cryptoventures. Digital Signatures. Campbell R. Harvey. Duke University, NBER and Investment Strategy Advisor, Man Group, plc
Innovation and Cryptoventures Digital Signatures Campbell R. Harvey Duke University, NBER and Investment Strategy Advisor, Man Group, plc January 30, 2017 Definition Cryptography is the science of communication
More informationPublic Key Algorithms
CSE597B: Special Topics in Network and Systems Security Public Key Cryptography Instructor: Sencun Zhu The Pennsylvania State University Public Key Algorithms Public key algorithms RSA: encryption and
More informationChapter 8. Network Security. Need for Security. An Introduction to Cryptography. Transposition Ciphers One-Time Pads
Cryptography p y Chapter 8 Network Security Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Need for Security An Introduction
More informationEncryption from the Diffie-Hellman assumption. Eike Kiltz
Encryption from the Diffie-Hellman assumption Eike Kiltz Elliptic curve public-key crypto Key-agreement Signatures Encryption Diffie-Hellman 76 passive security ElGamal 84 passive security Hybrid DH (ECDH)
More informationOblivious Signature-Based Envelope
Oblivious Signature-Based Envelope Ninghui Li Department of Computer Sciences and CERIAS Purdue University 656 Oval Dr, West Lafayette, IN 47907-2086 ninghui@cs.purdue.edu Wenliang Du Department of Electrical
More informationChapter 8. Network Security. Cryptography. Need for Security. An Introduction to Cryptography 10/7/2010
Cryptography Chapter 8 Network Security Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Need for Security An Introduction
More informationDr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010
Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Photuris and SKIP PHASE 1 IKE PHASE 2 IKE How is SA established? How do parties negotiate
More informationT Cryptography and Data Security
T-79.4501 Cryptography and Data Security Lecture 10: 10.1 Random number generation 10.2 Key management - Distribution of symmetric keys - Management of public keys Stallings: Ch 7.4; 7.3; 10.1 1 The Use
More informationInter-Domain Identity-based Authenticated Key Agreement Protocol from the Weil Pairing
Inter-Domain Identity-based Authenticated Key Agreement Protocol from the Weil Pairing Tsai, Hong-Bin Chiu, Yun-Peng Lei, Chin-Laung Dept. of Electrical Engineering National Taiwan University July 10,
More informationIntroduction and Overview. Why CSCI 454/554?
Introduction and Overview CSCI 454/554 Why CSCI 454/554? Get Credits and Graduate Security is important More job opportunities More research funds 1 Workload Five homework assignments Two exams (open book
More informationTECHNISCHE UNIVERSITEIT EINDHOVEN Faculty of Mathematics and Computer Science Exam Cryptology, Tuesday 31 October 2017
Faculty of Mathematics and Computer Science Exam Cryptology, Tuesday 31 October 2017 Name : TU/e student number : Exercise 1 2 3 4 5 6 total points Notes: Please hand in this sheet at the end of the exam.
More informationDiffie-Hellman Key Agreement
Diffie-Hellman Key Agreement (Anonymous) Diffie-Hellman 0. params: p, g 1. generate: a 2. compute: A= g a p 3. compute: s= B a p Alice A B s = g ab p Bob 0. params: p, g 1. generate: b 2. compute: B= g
More informationA Two-Fold Authentication Mechanism for Network Security
Asian Journal of Engineering and Applied Technology ISSN 2249-068X Vol. 7 No. 2, 2018, pp. 86-90 The Research Publication, www.trp.org.in A Two-Fold for Network Security D. Selvamani 1 and V Selvi 2 1
More informationFall 2010/Lecture 32 1
CS 426 (Fall 2010) Key Distribution & Agreement Fall 2010/Lecture 32 1 Outline Key agreement without t using public keys Distribution of public keys, with public key certificates Diffie-Hellman Protocol
More informationThe ElGamal Public- key System
Online Cryptography Course Dan Boneh Public key encryp3on from Diffie- Hellman The ElGamal Public- key System Recap: public key encryp3on: (Gen, E, D) Gen pk sk m c c m E D Recap: public- key encryp3on
More informationLecture 5: Protocols - Authentication and Key Exchange* CS 392/6813: Computer Security Fall Nitesh Saxena
Lecture 5: Protocols - Authentication and Key Exchange* CS 392/6813: Computer Security Fall 2009 Nitesh Saxena *Adopted from a previous lecture by Gene Tsudik Course Admin HW3 Problem 3 due Friday midnight
More informationCryptography (Overview)
Cryptography (Overview) Some history Caesar cipher, rot13 substitution ciphers, etc. Enigma (Turing) Modern secret key cryptography DES, AES Public key cryptography RSA, digital signatures Cryptography
More informationWeb Security 2 https://www.xkcd.com/177/ http://xkcd.com/1323/ Encryption basics Plaintext message key secret Encryp)on Func)on Ciphertext Insecure network Decryp)on Func)on Curses! Foiled again! key Plaintext
More informationAuditing IoT Communications with TLS-RaR
Auditing IoT Communications with TLS-RaR Judson Wilson, Henry Corrigan-Gibbs, Riad S. Wahby, Keith Winstein, Philip Levis, Dan Boneh Stanford University Auditing Standard Devices MITM Used for: security
More informationAn IBE Scheme to Exchange Authenticated Secret Keys
An IBE Scheme to Exchange Authenticated Secret Keys Waldyr Dias Benits Júnior 1, Routo Terada (Advisor) 1 1 Instituto de Matemática e Estatística Universidade de São Paulo R. do Matão, 1010 Cidade Universitária
More informationDecentralised Communication: The challenge of balancing interoperability and privacy.
Decentralised Communication: The challenge of balancing interoperability and privacy. matthew@matrix.org http://www.matrix.org Privacy in Matrix 2 Two basic types of privacy: 1. Can attackers see what
More informationEncryption 2. Tom Chothia Computer Security: Lecture 3
Encryption 2 Tom Chothia Computer Security: Lecture 3 This Lecture Counter Mode (CTR) enryption Diffie Helleman key exchange Public Key Encryption RSA Signing Combining public and symmetric key encryption
More informationAuthentication Part IV NOTE: Part IV includes all of Part III!
Authentication Part IV NOTE: Part IV includes all of Part III! ECE 3894 Hardware-Oriented Security and Trust Spring 2018 Assoc. Prof. Vincent John Mooney III Georgia Institute of Technology NOTE: THE FOLLOWING
More informationPractical Distributed Authorization
Practical Distributed Authorization Ankur Taly, Google Inc. ataly@google.com Two day course at the 2016 International School on Foundations of Security Analysis and Design, Bertinoro, Italy (Aug. 29 -
More information