Forschungsrichtungen in der IT-Sicherheit
|
|
- Eustace Hodge
- 5 years ago
- Views:
Transcription
1 Forschungsrichtungen in der IT-Sicherheit Dr. Jan Camenisch Principle Researcher; Member, IBM Academy of Technology IBM Research ibm.biz/jancamenisch
2 Facts 33% of cyber crimes, including identity theft, take less time than to make a cup of tea.
3 Facts 10 Years ago, your identity information on the black market was worth $150. Today.
4 Facts $15'000'000'000 cost of identity theft worldwide (2015)
5 Attackers hide easily in the vast of cyberspace
6 ᄅ Houston, we have a problem!
7 The problem is this
8 computers never forget Data is stored by default Data mining gets ever better Apps built to use & generate (too much) data New (ways of) businesses using personal data Humans forget most things too quickly Paper collects dust in drawers But that s how we design and build applications!
9 You have no privacy, get over it! Huge security problem! Millions of hacked passwords (100'000 followers $ ) Stolen credit card number ($5 2013, <10$ ) Stolen identity ($ , $ , $5-2013, $1-2016) Stolen accounts (ebay, PayPal $2-2016) Lots of not reported issues (industrial espionage, stock manipulation, ) Data is the new money so we better protect it and we have not event discussed social issues such as democracy etc 9
10 Learnings from Snowden Very Short Summary Massive scale mass surveillance Meta data vs plain texts and what can be inferred Data from companies (e.g., Google), Industrial collaborations, industrial espionage But also from underwater cables Technical sophistication (hardly a surprise) Rigged equipment, chips; subverted standards (PRG); Control of CAs control of network Not by breaking encryption schemes! But using insecurity of systems, etc. However, Snowden had limited access to docs (no crypt-analysis reports)
11 Learnings from Snowden Take Aways Many things doable by ordinary hackers or somewhat sophisticated crooks Some of CA infiltration Stealing data at rest Other things require large budget and organization FPGA, ASICS Deliberate weakening of infrastructure (PRG standards, etc) - very bad idea All hope is lost no chance against three letter orgs & no real harm done! Really??
12 So it seems our environment is even nastier...
13 Security & Privacy is not a lost cause! We need paradigm shift: build things for use on the moon rather than the sandy beach!
14 Security & Privacy is not a lost cause! That means: Use only minimal data necessary Encrypt every bit and keep it like that Attach usage policies to each bit Good news: Cryptography allows for that!
15 Cryptography to the Aid! Mix Networks Oblivious Transfer Searchable Encryption Onion Routing Confirmer signatures Anonymous Credentials OT with Access Control Pseudonym Systems Priced OT e-voting Blind signatures Private information retrieval Group signatures Secret Handshakes Homomorphic Encryption
16 Cryptography to the Aid a few examples of rocket science Multi Party Computation Cryptographic 4 People - IFIP SEC ROME 2017 IBM Corporation
17 Data Protection f(data)
18 Secure Multi Party Computation for Data Protection f(data) Can be done for any function typically not considered efficient. Two or three parties protocols today can be very efficient e.g., computing AES in 100ms 3PC with one party corrupt
19 Multi Party Computation Basic Principles Evaluate Circuit gate per gate with distributed protocol data f(data)
20 Multi Party Computation Basic Principles Computation of gates typically for free requires protocols Encrypted data under shared key + + (Fully) homomorphic encryption... Secret-share data, compute with shares + Main approaches:
21 Dedicated MPC Protocol Today: Getting Rid of Password Databases password Paper-world approach: - store password - better, store hash of password
22 Dedicated MPC Protocol Today: Getting Rid of Password Databases password salted PW hash Paper-world approach: - store password - better, store hash of password Password (hashes) useless against offline attacks correct? correct? correct? correct? correct? correct? correct!! Human-memorizable passwords are inherently weak NIST: 16-character passwords have 30 bits of entropy 1 billion possibilities Rig of 25 GPUs tests 350 billion possibilities / second, so 3ms for 16 chars 60% of LinkedIn passwords cracked within 24h
23 Homomorphic Encryption Encryption scheme KGen(l)-> (PK,SK) C = EncPK(m) m = DecSK(c) Plaintext homomorphism EncPK(m1) EncPK(m2) EncPK(m) EncPK(m) = EncPK(m) 2 <=> EncPK(m1 m2) <=> EncPK(m ) 2 Secret key homomorphism SK = SK1 SK2 => DecSK1(DecSK2(EncPK(m))) = m = DecSK1(DecSK2(EncPK(m)))
24 Dedicated MPC Protocol Today: Getting Rid of Password Databases Account Setup p Uid, E=EncPK(p)
25 Dedicated MPC Protocol Today: Getting Rid of Password Databases Login E' p (Uid, E) E = (EncPK(1/p ) E) r1 = EncPK( (p/p ) ) r1
26 Dedicated MPC Protocol Today: Getting Rid of Password Databases Login r2 E' p D (Uid, E) E = (EncPK(1/p ) E) r1 = EncPK( (p/p ) ) r1 E = E D = Decsk2(E )
27 Dedicated MPC Protocol Today: Getting Rid of Password Databases Login r2 E' p D D (Uid, E) E = E D = Decsk2(E ) r3 E = (EncPK(1/p ) E) r1 = EncPK( (p/p ) ) r1 E = D D = Decsk3(E )
28 Dedicated MPC Protocol Today: Getting Rid of Password Databases Login r2 E' p D (Uid, E) 1 =? decsk1(d )! Result 1 if password match, random otherwise With ElGamal, each server makes two exponentiations only! Passwords safe as long as not all servers are hacked off-line attacks no longer possible on-line attacks can be throttled D E = E D = Decsk2(E ) r3 E = D D = Decsk3(E )
29 From password to cryptographic keys [CLN12,CLLN14,CEN15] EncPK(p) One of the servers could be your smart phone, laptop, Get key share from if password check succeeded Decrypt all your files on phone (or stored in the cloud, etc)
30 From password to cryptographic keys [CLN12,CLLN14,CEN15] p' p = p? One of the servers could be your smart phone, laptop, Get key share from if password check succeeded Decrypt all your files on phone (or stored in the cloud, etc)
31 Cryptography to the Aid an example of rocket science Authentication without Identification
32 Alice wants to watch a movie at Mplex I wish to see Alice in Wonderland I need proof of: - be older than 12 Alice Movie Streaming Service
33 Alice wants to watch a movie at Mplex Name = Alice Doe Birth date = April 3, 1997 Alice Movie Streaming Service
34 Alice wants to watch a movie at Mplex Aha, you are Alice Doe, born April 3, 1997 Alice Movie Streaming Service
35 Privacy-protecting authentication with Anonymous Credentials Like PKI, but better: One secret Identity (secret key) Many Public Pseudonyms (public keys)
36 Privacy-protecting authentication with Anonymous Credentials Like PKI, but better: Issuing a credential Name = Alice Doe Birth date = April 3, 1997
37 Privacy-protecting authentication with Anonymous Credentials I wish to see Alice in Wonderland I need proof of: - be older than 12 Alice Movie Streaming Service
38 Privacy-protecting authentication with Anonymous Credentials Like PKI but does not send credential only minimal disclosure Alice - valid subscription - eid with age 12 Movie Streaming Service
39 Privacy-protecting authentication with Anonymous Credentials Like PKI but does not send credential only minimal disclosure (Public Verification Key of issuer) Aha, you are - older than 12 Alice Movie Streaming Service
40 Data Minimizing Authorization w/ ABCs (Public Verification Key) Are you > 12? Only minimally necessary information is revealed!
41 Research Directions 2017 IBM Corporation
42 Crypto research is done since late '90 We know how to sign and encrypt, so just need to use what we have But wait, we have blockchain and crypto can do magic! In truth, more research needed than ever 42
43 Crypto can do magic but how? Each sector and application needs its own solution More than (crypto) engineering or applied crypto Starts with 43 Security model Craft protocol Prove protocol secure Example: look at an arbitrary blockchain use case
44 Provable Security scheme specification Does realization behave as the specification? scheme realization
45 Provable Security Research Directions scheme specification hard problem security Proof scheme realization
46 Provable Security Research Directions Is this implied?
47 Provable Security Research Directions Composable security framework (Canetti, Maurer, Küsters...), but Properly modeling protocols (UC, realistic attacks models,...) Verifiable security proofs - humans and computers Tools to tame the complexity Modular proofs, templates for proof parts, helper theorems Computer aided verification all cases covered, etc Retaining efficiency Modeling and implementing setup assumptions (CRS, RO,...) Realistic threat models (power analysis, virtual machines,...)
48 Quantum Computers are Coming! Quantum computers can factor and solve DL 48
49 Quantum Computers are Coming! Quantum computers can factor and solve DL Use Quantum resistant assumptions! 49
50 Quantum Computers are Coming! Quantum computers can factor and solve DL Use Quantum resistant assumptions! But classical definitions and proofs consider ITM only! 50
51 Quantum Computers are Coming! Security Models adversary Interaction w/ scheme honest parties QS0 Classical security C C C QS1 Post-quantum security Q C C QS2 Superposition-based quantum security Q Q C QS3 All quantum security Q Q Q 51
52 Quantum Computers are Coming! A broader view Mind the gap! Ciphertexts put on a blockchain now might not be safe in the near future Classical crypto that resists quantum computers New security models and schemes are needed! Efficient signature and encryption schemes known use them now! More complex primitives still not efficient enough for practical use 52 Hybrid schemes might be a midterm solution Crypto for quantum computers: How to encrypt/sign quantum states
53 Building a Crypto Toolbox Goal: Library of cryptographic primitives beyond encryption and signatures Multiparty computation Zero-knowledge proofs (Schnorr-proofs, SNARKS, circuit based) Signatures & encryption with protocols Research Challenges Defining good API not too low level, yet not too specific Enable security proof of application using the primitives (plus formal analysis) 53
54 Building a Crypto Toolbox An Example: ZKLang Are you > 12? 54
55 Building a Crypto Toolbox An Example Proof of Knowledge of a signature on messages m1,..., mk: Cryptographer: Signature (A,r,s) with A := (g h s h m1... h mk )1/(x+r) where public key y = gx 0 PoK {(m1,..., mk, r, s) : 1 k e(a, y gr) = e( g, g h s h m1... h mk ) } 0 1 k Software Engineer: NIZK{(m1,m2,m3): Credential(PKissuer, m1,m2,m3,m4) AND Enc(PKauditor, ciphertext, m3) } Emerging activities: 55 ZKProof.org Hyperledger crypto lib
56 Research Directions Securing the infrastructure & IoT ad-hoc establishment of secure authentication and communication audit-ability & privacy (where is my information, crime traces) security services, e.g., better CA, oblivious TTPs, anon. routing, Towards a secure information society Society gets shaped by quickly changing technology Consequences are hard to grasp yet We must inform and engage in a dialog 56
57 Conclusion Much of the needed technology exists need to use them & build apps for the moon and make apps usable & secure for end users Still lots of research to be done! Let engage in some rocket science! 57
58 Thank you! Joint work w/ Maria Dubovitskaya, Anja Lehmann, Anna Lysyanskaya, Gregory Neven, and many many more. ibm.biz/jancamenisch
Directions in Security Research
Directions in Security Research Jan Camenisch IBM Research Zurich jca@zurich.ibm.com @JanCamenisch ibm.biz/jancamenisch Facts 33% of cyber crimes, including identity theft, take less time than to make
More informationPrivacy in an Electronic World A Lost Cause?
InfoSec 2015 Summer School on Information Security Bilbao Privacy in an Electronic World A Lost Cause? Dr. Jan Camenisch Cryptography & Privacy Principal Research Staff Member Member, IBM Academy of Technology
More informationCryptography 4 Privacy
SuRI School of Computer and Communication Sciences EPFL Cryptography 4 Privacy Jan Camenisch Principle RSM; Member, IBM Academy of Technology IBM Research Zurich @JanCamenisch ibm.biz/jancamenisch Facts
More informationCryptographic dimensions of Privacy
PRIVACY SUMMIT 2016 The Alain Turing Institute Cryptographic dimensions of Privacy Dr. Jan Camenisch Principle RSM; Member, IBM Academy of Technology IBM Research Zurich @JanCamenisch ibm.biz/jancamenisch
More informationCryptography for People
CySeP2015 Winter School on Cyber Security & Privacy KTH Stockholm Cryptography for People Dr. Jan Camenisch Cryptography & Privacy Principal Research Staff Member Member, IBM Academy of Technology jca@zurich.ibm.com
More informationIBM Identity Mixer. Introduction Deployment Use Cases Blockchain More Features
Introduction Deployment Use Cases Blockchain More Features IBM Identity Mixer Privacy-preserving identity management and authentication for Blockchain and beyond Dr. Maria Dubovitskaya IBM Research Zurich
More informationCryptography 4 People
ZISC Lunch Seminar, ETH Zurich, March 15, 2017 Cryptography 4 People bases Jan Camenisch Principle RSM; Member, IBM Academy of Technology IBM Research Zurich @JanCamenisch ibm.biz/jancamenisch Facts We
More informationCryptography 4 People
International Workshop on Inference & Privacy in a Hyperconnected World 2016 Cryptography 4 People Jan Camenisch Principle RSM; Member, IBM Academy of Technology IBM Research Zurich @JanCamenisch ibm.biz/jancamenisch
More informationIBM Identity Mixer. Authentication without identification. Introduction Demo Use Cases Features Overview Deployment
Introduction Demo Use Cases Features Overview Deployment IBM Identity Mixer Authentication without identification Jan Camenisch, Maria Dubovitskaya, Peter Kalambet, Anja Lehmann, Gregory Neven, Franz-Stefan
More informationPrivacy-Enhancing Technologies: Anonymous Credentials and Pseudonym Systems. Anja Lehmann IBM Research Zurich
Privacy-Enhancing Technologies: Anonymous Credentials and Pseudonym Systems Anja Lehmann IBM Research Zurich ROADMAP Anonymous Credentials privacy-preserving (user) authentication Pseudonym Systems privacy-preserving
More informationPrivacy-Enhancing Technologies & Applications to ehealth. Dr. Anja Lehmann IBM Research Zurich
Privacy-Enhancing Technologies & Applications to ehealth Dr. Anja Lehmann IBM Research Zurich IBM Research Zurich IBM Research founded in 1945 employees: 3,000 12 research labs on six continents IBM Research
More informationKey Protection for Endpoint, Cloud and Data Center
Key Protection for Endpoint, Cloud and Data Center ENCRYPTION IS ONLY AS SECURE AS ITS LEAST SECURE KEY Encryption is undoubtedly one of the pillars of information security. It is used everywhere today:
More informationPrivacy-Preserving & User-Auditable Pseudonym Systems. Jan Camenisch, Anja Lehmann IBM Research Zurich
Privacy-Preserving & User-Auditable Pseudonym Systems Jan Camenisch, Anja Lehmann IBM Research Zurich Motivation: How to maintain related yet distributed data? examples: social security system, ehealth
More informationCS573 Data Privacy and Security. Cryptographic Primitives and Secure Multiparty Computation. Li Xiong
CS573 Data Privacy and Security Cryptographic Primitives and Secure Multiparty Computation Li Xiong Outline Cryptographic primitives Symmetric Encryption Public Key Encryption Secure Multiparty Computation
More informationSecure Multiparty Computation
CS573 Data Privacy and Security Secure Multiparty Computation Problem and security definitions Li Xiong Outline Cryptographic primitives Symmetric Encryption Public Key Encryption Secure Multiparty Computation
More informationSecure Multiparty Computation
Secure Multiparty Computation Li Xiong CS573 Data Privacy and Security Outline Secure multiparty computation Problem and security definitions Basic cryptographic tools and general constructions Yao s Millionnare
More informationDirect Anonymous Attestation
Direct Anonymous Attestation Revisited Jan Camenisch IBM Research Zurich Joint work with Ernie Brickell, Liqun Chen, Manu Drivers, Anja Lehmann. jca@zurich.ibm.com, @JanCamenisch, ibm.biz/jancamenisch
More informationResearch Statement. Yehuda Lindell. Dept. of Computer Science Bar-Ilan University, Israel.
Research Statement Yehuda Lindell Dept. of Computer Science Bar-Ilan University, Israel. lindell@cs.biu.ac.il www.cs.biu.ac.il/ lindell July 11, 2005 The main focus of my research is the theoretical foundations
More informationSIDE CHANNEL ATTACKS AGAINST IOS CRYPTO LIBRARIES AND MORE DR. NAJWA AARAJ HACK IN THE BOX 13 APRIL 2017
SIDE CHANNEL ATTACKS AGAINST IOS CRYPTO LIBRARIES AND MORE DR. NAJWA AARAJ HACK IN THE BOX 13 APRIL 2017 WHAT WE DO What we do Robust and Efficient Cryptographic Protocols Research in Cryptography and
More informationAuthentication Technology for a Smart eid Infrastructure.
Authentication Technology for a Smart eid Infrastructure. www.aducid.com One app to access all public and private sector online services. One registration allows users to access all their online accounts
More informationIs Password InSecurity Inevitable?
Is Password InSecurity Inevitable? Cryptographic Enhancements to Password Protocols Hugo Krawczyk (IBM Research) Works with Stanislaw Jarecki, Jiayu Xu (UC Irvine) Aggelos Kiayas (U Edinburgh) Nitesh Saxena,
More informationAPPLICATIONS AND PROTOCOLS. Mihir Bellare UCSD 1
APPLICATIONS AND PROTOCOLS Mihir Bellare UCSD 1 Some applications and protocols Internet Casino Commitment Shared coin flips Threshold cryptography Forward security Program obfuscation Zero-knowledge Certified
More informationFujitsu World Tour 2018
Fujitsu World Tour 2018 May 30, 2018 #FujitsuWorldTour 1 Copyright 2018 FUJITSU Security and Privacy of Big Data A NIST Perspective Arnab Roy Fujitsu Laboratories of America Co-Chair, NIST Big Data WG:
More informationCSE484 Final Study Guide
CSE484 Final Study Guide Winter 2013 NOTE: This study guide presents a list of ideas and topics that the TAs find useful to know, and may not represent all the topics that could appear on the final exam.
More informationSecurity Protections for Mobile Agents
Stephen R. Tate Dept. of Computer Science and Engineering University of North Texas Talk describes joint work with Ke Xu and Vandana Gunupudi Research supported by the National Science Foundation class
More informationMore crypto and security
More crypto and security CSE 199, Projects/Research Individual enrollment Projects / research, individual or small group Implementation or theoretical Weekly one-on-one meetings, no lectures Course grade
More informationPKI Credentialing Handbook
PKI Credentialing Handbook Contents Introduction...3 Dissecting PKI...4 Components of PKI...6 Digital certificates... 6 Public and private keys... 7 Smart cards... 8 Certificate Authority (CA)... 10 Key
More informationBEYOND TRADITIONAL PASSWORD AUTHENTICATION: PKI & BLOCKCHAIN
SESSION ID: GPS-R09B BEYOND TRADITIONAL PASSWORD AUTHENTICATION: PKI & BLOCKCHAIN Sid Desai Head of Business Development Remme.io @skd_desai Agenda Our relationship to our digital-selves Evolution of Authentication
More informationCryptography. Lecture 12. Arpita Patra
Cryptography Lecture 12 Arpita Patra Digital Signatures q In PK setting, privacy is provided by PKE q Integrity/authenticity is provided by digital signatures (counterpart of MACs in PK world) q Definition:
More information1 Identification protocols
ISA 562: Information Security, Theory and Practice Lecture 4 1 Identification protocols Now that we know how to authenticate messages using MACs, a natural question is, how can we use MACs to prove that
More informationSecurity Specification
Security Specification Security Specification Table of contents 1. Overview 2. Zero-knowledge cryptosystem a. The master password b. Secure user authentication c. Host-proof hosting d. Two-factor authentication
More informationCryptography Today. Ali El Kaafarani. Mathematical Institute Oxford University. 1 of 44
Cryptography Today Ali El Kaafarani Mathematical Institute Oxford University 1 of 44 About the Course Regular classes with worksheets so you can work with some concrete examples (every Friday at 1pm).
More informationControlling Website Account Information. A recent survey done by Privacy Rights Clearinghouse shows that in the past five years
Colson 1 Alex Colson Dr. Lunsford Information Security Management 10 July 2007 Controlling Website Account Information A recent survey done by Privacy Rights Clearinghouse shows that in the past five years
More informationCSCI 5440: Cryptography Lecture 5 The Chinese University of Hong Kong, Spring and 6 February 2018
CSCI 5440: Cryptography Lecture 5 The Chinese University of Hong Kong, Spring 2018 5 and 6 February 2018 Identification schemes are mechanisms for Alice to prove her identity to Bob They comprise a setup
More informationBitcoin, Security for Cloud & Big Data
Bitcoin, Security for Cloud & Big Data CS 161: Computer Security Prof. David Wagner April 18, 2013 Bitcoin Public, distributed, peer-to-peer, hash-chained audit log of all transactions ( block chain ).
More informationFoundations of Cryptography CS Shweta Agrawal
Foundations of Cryptography CS 6111 Shweta Agrawal Course Information 4-5 homeworks (20% total) A midsem (25%) A major (35%) A project (20%) Attendance required as per institute policy Challenge questions
More informationProf. Christos Xenakis
From Real-world Identities to Privacy-preserving and Attribute-based CREDentials for Device-centric Access Control Device-Centric Authentication for Future Internet Prof. Christos Xenakis H2020 Clustering
More informationProf. Christos Xenakis
From Real-world Identities to Privacy-preserving and Attribute-based CREDentials for Device-centric Access Control Device-Centric Authentication for Future Internet Prof. Christos Xenakis SAINT Workshop
More informationCryptography Lecture 4. Attacks against Block Ciphers Introduction to Public Key Cryptography. November 14, / 39
Cryptography 2017 Lecture 4 Attacks against Block Ciphers Introduction to Public Key Cryptography November 14, 2017 1 / 39 What have seen? What are we discussing today? What is coming later? Lecture 3
More informationWhitepaper on AuthShield Two Factor Authentication with SAP
Whitepaper on AuthShield Two Factor Authentication with SAP By AuthShield Labs Pvt. Ltd Table of Contents Table of Contents...2 1.Overview...4 2. Threats to account passwords...5 2.1 Social Engineering
More informationIntroduction. CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell
Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell 1 Cryptography Merriam-Webster Online Dictionary: 1. secret writing 2. the enciphering and deciphering
More informationDistributed ID-based Signature Using Tamper-Resistant Module
, pp.13-18 http://dx.doi.org/10.14257/astl.2013.29.03 Distributed ID-based Signature Using Tamper-Resistant Module Shinsaku Kiyomoto, Tsukasa Ishiguro, and Yutaka Miyake KDDI R & D Laboratories Inc., 2-1-15,
More informationHow Formal Analysis and Verification Add Security to Blockchain-based Systems
Verification Add Security to Blockchain-based Systems January 26, 2017 (MIT Media Lab) Pindar Wong (VeriFi Ltd.) 2 Outline of this talk Security Definition of Blockchain-based system Technology and Security
More informationOverview of PBI-blockchain cooperation technology
FOR IMMEDIATE RELEASE Biometric authentication technology to realize secure trade on blockchain Enabling IoT payments and automatic transactions through PBI (1) -blockchain cooperation technology Overview
More informationBlockchain for Enterprise: A Security & Privacy Perspective through Hyperledger/fabric
Blockchain for Enterprise: A Security & Privacy Perspective through Hyperledger/fabric Elli Androulaki Staff member, IBM Research, Zurich Workshop on cryptocurrencies Athens, 06.03.2016 Blockchain systems
More informationPhoenix: Rebirth of a Cryptographic Password-Hardening Service
Phoenix: Rebirth of a Cryptographic Password-Hardening Service Russell W.F. Lai 1,2 Christoph Egger 1 Dominique Schro der 1 Sherman S.M. Chow 2 1 Friedrich-Alexander-Universita t Erlangen-Nu rnberg University
More informationCSCI 454/554 Computer and Network Security. Topic 2. Introduction to Cryptography
CSCI 454/554 Computer and Network Security Topic 2. Introduction to Cryptography Outline Basic Crypto Concepts and Definitions Some Early (Breakable) Cryptosystems Key Issues 2 Basic Concepts and Definitions
More informationProblem: Equivocation!
Bitcoin: 10,000 foot view Bitcoin and the Blockchain New bitcoins are created every ~10 min, owned by miner (more on this later) Thereafter, just keep record of transfers e.g., Alice pays Bob 1 BTC COS
More informationCryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng
Cryptography Basics IT443 Network Security Administration Slides courtesy of Bo Sheng 1 Outline Basic concepts in cryptography systems Secret key cryptography Public key cryptography Hash functions 2 Encryption/Decryption
More information9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers
Cryptography Basics IT443 Network Security Administration Slides courtesy of Bo Sheng Basic concepts in cryptography systems Secret cryptography Public cryptography 1 2 Encryption/Decryption Cryptanalysis
More informationBasic Concepts and Definitions. CSC/ECE 574 Computer and Network Security. Outline
CSC/ECE 574 Computer and Network Security Topic 2. Introduction to Cryptography 1 Outline Basic Crypto Concepts and Definitions Some Early (Breakable) Cryptosystems Key Issues 2 Basic Concepts and Definitions
More informationPrivacy Enhancing Technologies CSE 701 Fall 2017
Privacy Enhancing Technologies Lecture 2: Anonymity Applications Department of Computer Science and Engineering University at Buffalo 1 Lecture Outline Anonymous communication mixes, anonymizing proxies,
More informationAttribute-based Credentials on Smart Cards
Attribute-based Credentials on Smart Cards ir. Pim Vullers p.vullers@cs.ru.nl Privacy & Identity Lab Institute for Computing and Information Sciences Digital Security SaToSS Research Meeting 28th February
More informationCRYPTOGRAPHIC PROTOCOLS: PRACTICAL REVOCATION AND KEY ROTATION
#RSAC SESSION ID: CRYP-W04 CRYPTOGRAPHIC PROTOCOLS: PRACTICAL REVOCATION AND KEY ROTATION Adam Shull Recent Ph.D. Graduate Indiana University Access revocation on the cloud #RSAC sk sk Enc Pub Sym pk k
More informationSecurity: Cryptography
Security: Cryptography Computer Science and Engineering College of Engineering The Ohio State University Lecture 38 Some High-Level Goals Confidentiality Non-authorized users have limited access Integrity
More informationOutline. Cryptography. Encryption/Decryption. Basic Concepts and Definitions. Cryptography vs. Steganography. Cryptography: the art of secret writing
Outline CSCI 454/554 Computer and Network Security Basic Crypto Concepts and Definitions Some Early (Breakable) Cryptosystems Key Issues Topic 2. Introduction to Cryptography 2 Cryptography Basic Concepts
More informationCOMPOSABLE AND ROBUST OUTSOURCED STORAGE
SESSION ID: CRYP-R14 COMPOSABLE AND ROBUST OUTSOURCED STORAGE Christian Badertscher and Ueli Maurer ETH Zurich, Switzerland Motivation Server/Database Clients Write Read block 2 Outsourced Storage: Security
More informationMASHaBLE: Mobile Applications of Secret Handshakes over Bluetooth Low-Energy. Yan Michalevsky, Suman Nath, Jie Liu
MASHaBLE: Mobile Applications of Secret Handshakes over Bluetooth Low-Energy Yan Michalevsky, Suman Nath, Jie Liu Motivation Private communication Anonymous messaging Secret communities Location-based
More informationIdentity Mixer: From papers to pilots and beyond. Gregory Neven, IBM Research Zurich IBM Corporation
Identity Mixer: From papers to pilots and beyond Gregory Neven, IBM Research Zurich Motivation Online security & trust today: SSL/TLS for encryption and server authentication Username/password for client
More informationPart VI. Public-key cryptography
Part VI Public-key cryptography Drawbacks with symmetric-key cryptography Symmetric-key cryptography: Communicating parties a priori share some secret information. Secure Channel Alice Unsecured Channel
More informationCSE 127: Computer Security Cryptography. Kirill Levchenko
CSE 127: Computer Security Cryptography Kirill Levchenko October 24, 2017 Motivation Two parties want to communicate securely Secrecy: No one else can read messages Integrity: messages cannot be modified
More informationQUANTUM SAFE PKI TRANSITIONS
QUANTUM SAFE PKI TRANSITIONS Quantum Valley Investments Headquarters We offer quantum readiness assessments to help you identify your organization s quantum risks, develop an upgrade path, and deliver
More informationPYTHIA SERVICE BY VIRGIL SECURITY WHITE PAPER
PYTHIA SERVICE WHITEPAPER BY VIRGIL SECURITY WHITE PAPER May 21, 2018 CONTENTS Introduction 2 How does Pythia solve these problems? 3 Are there any other solutions? 4 What is Pythia? 4 How does it work?
More informationIntroduction to Cryptography
Introduction to Cryptography 1 2 Definition process data into unintelligible form, reversibly, without data loss typically digitally usually one-to-one in size $ compression analog cryptography: voice
More informationCryptography Functions
Cryptography Functions Lecture 3 1/29/2013 References: Chapter 2-3 Network Security: Private Communication in a Public World, Kaufman, Perlman, Speciner Types of Cryptographic Functions Secret (Symmetric)
More informationWorksheet - Reading Guide for Keys and Passwords
Unit 2 Lesson 15 Name(s) Period Date Worksheet - Reading Guide for Keys and Passwords Background Algorithms vs. Keys. An algorithm is how to execute the encryption and decryption and key is the secret
More informationCSC 474/574 Information Systems Security
CSC 474/574 Information Systems Security Topic 2.1 Introduction to Cryptography CSC 474/574 By Dr. Peng Ning 1 Cryptography Cryptography Original meaning: The art of secret writing Becoming a science that
More informationAnonymous Credentials: How to show credentials without compromising privacy. Melissa Chase Microsoft Research
Anonymous Credentials: How to show credentials without compromising privacy Melissa Chase Microsoft Research Credentials: Motivation ID cards Sometimes used for other uses E.g. prove you re over 21, or
More informationRemote E-Voting System
Remote E-Voting System Crypto2-Spring 2013 Benjamin Kaiser Jacob Shedd Jeremy White Phases Initialization Registration Voting Verifying Activities Trusted Authority (TA) distributes 4 keys to Registrar,
More informationPQ-Crypto Standardization Preparing today for the future of cryptography
PQ-Crypto Standardization Preparing today for the future of cryptography Workshop Quantum-Safe Cryptography for Industry (QsCI) Aline Gouget Principal researcher, Advanced Cryptography team Manager Embedded
More informationCryptography. Andreas Hülsing. 6 September 2016
Cryptography Andreas Hülsing 6 September 2016 1 / 21 Announcements Homepage: http: //www.hyperelliptic.org/tanja/teaching/crypto16/ Lecture is recorded First row might be on recordings. Anything organizational:
More informationDistributed Systems. 25. Authentication Paul Krzyzanowski. Rutgers University. Fall 2018
Distributed Systems 25. Authentication Paul Krzyzanowski Rutgers University Fall 2018 2018 Paul Krzyzanowski 1 Authentication For a user (or process): Establish & verify identity Then decide whether to
More informationStructure-Preserving Certificateless Encryption and Its Application
SESSION ID: CRYP-T06 Structure-Preserving Certificateless Encryption and Its Application Prof. Sherman S. M. Chow Department of Information Engineering Chinese University of Hong Kong, Hong Kong @ShermanChow
More informationL13. Reviews. Rocky K. C. Chang, April 10, 2015
L13. Reviews Rocky K. C. Chang, April 10, 2015 1 Foci of this course Understand the 3 fundamental cryptographic functions and how they are used in network security. Understand the main elements in securing
More informationCovert Identity Information in Direct Anonymous Attestation (DAA)
Covert Identity Information in Direct Anonymous Attestation (DAA) Carsten Rudolph Fraunhofer Institute for Secure Information Technology - SIT, Rheinstrasse 75, Darmstadt, Germany, Carsten.Rudolph@sit.fraunhofer.de
More informationCS November 2018
Authentication Distributed Systems 25. Authentication For a user (or process): Establish & verify identity Then decide whether to allow access to resources (= authorization) Paul Krzyzanowski Rutgers University
More informationCUNY John Jay College of Criminal Justice MATH AND COMPUTER SCIENCE
Instructor: Prof Aftab Ahmad Office: NB 612 Telephone No. (212)393-6314 Email Address: aahmad@jjay.cuny.edu Office Hours: By appointment TEXT & REFERENCE MATERIAL Text Notes from instructor posted on Blackboard
More informationAn Overview of Secure Multiparty Computation
An Overview of Secure Multiparty Computation T. E. Bjørstad The Selmer Center Department of Informatics University of Bergen Norway Prøveforelesning for PhD-graden 2010-02-11 Outline Background 1 Background
More informationDemonstration Lecture: Cyber Security (MIT Department) Trusted cloud hardware and advanced cryptographic solutions. Andrei Costin
Demonstration Lecture: Cyber Security (MIT Department) Trusted cloud hardware and advanced cryptographic solutions Topic Prerequisites Security concepts Security-related concepts (e.g., entropy) Virtualization
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 9: Authentication Department of Computer Science and Engineering University at Buffalo 1 Lecture Outline Definition of entity authentication Solutions password-based
More information1 A Tale of Two Lovers
CS 120/ E-177: Introduction to Cryptography Salil Vadhan and Alon Rosen Dec. 12, 2006 Lecture Notes 19 (expanded): Secure Two-Party Computation Recommended Reading. Goldreich Volume II 7.2.2, 7.3.2, 7.3.3.
More informationEncryption. INST 346, Section 0201 April 3, 2018
Encryption INST 346, Section 0201 April 3, 2018 Goals for Today Symmetric Key Encryption Public Key Encryption Certificate Authorities Secure Sockets Layer Simple encryption scheme substitution cipher:
More informationSECURITY STORY WE NEVER SEE, TOUCH NOR HOLD YOUR DATA
SECURITY STORY WE NEVER SEE, TOUCH NOR HOLD YOUR DATA CTO Office www.digi.me another Engineering Briefing digi.me keeping your data secure at all times ALL YOUR DATA IN ONE PLACE TO SHARE WITH PEOPLE WHO
More informationSecurity & Privacy. Web Architecture and Information Management [./] Spring 2009 INFO (CCN 42509) Contents. Erik Wilde, UC Berkeley School of
Contents Security & Privacy Contents Web Architecture and Information Management [./] Spring 2009 INFO 190-02 (CCN 42509) Erik Wilde, UC Berkeley School of Information Abstract 1 Security Concepts Identification
More informationNotes for Lecture 24
U.C. Berkeley CS276: Cryptography Handout N24 Luca Trevisan April 21, 2009 Notes for Lecture 24 Scribed by Milosh Drezgich, posted May 11, 2009 Summary Today we introduce the notion of zero knowledge proof
More informationRethinking Authentication. Steven M. Bellovin
Rethinking Authentication Steven M. https://www.cs.columbia.edu/~smb Why? I don t think we understand the real security issues with authentication Our defenses are ad hoc I regard this as a step towards
More informationData Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle
Data Security and Privacy : Compliance to Stewardship Jignesh Patel Solution Consultant,Oracle Agenda Connected Government Security Threats and Risks Defense In Depth Approach Summary Connected Government
More informationDigital Signatures. Luke Anderson. 7 th April University Of Sydney.
Digital Signatures Luke Anderson luke@lukeanderson.com.au 7 th April 2017 University Of Sydney Overview 1. Digital Signatures 1.1 Background 1.2 Basic Operation 1.3 Attack Models Replay Naïve RSA 2. PKCS#1
More informationChapter 13. Digital Cash. Information Security/System Security p. 570/626
Chapter 13 Digital Cash Information Security/System Security p. 570/626 Introduction While cash is used in illegal activities such as bribing money laundering tax evasion it also protects privacy: not
More informationOneID An architectural overview
OneID An architectural overview Jim Fenton November 1, 2012 Introduction OneID is an identity management technology that takes a fresh look at the way that users authenticate and manage their identities
More informationDistributed Systems. Lecture 14: Security. Distributed Systems 1
06-06798 Distributed Systems Lecture 14: Security Distributed Systems 1 What is security? policies and mechanisms threats and attacks Overview Security of electronic transactions secure channels authentication
More information18-642: Cryptography 11/15/ Philip Koopman
18-642: Cryptography 11/15/2017 Cryptography Overview Anti-Patterns for Cryptography Using a home-made cryptographic algorithm Using private key when public key is required Not considering key distribution
More informationSecure digital certificates with a blockchain protocol
Secure digital certificates with a blockchain protocol Federico Pintore 1 Trento, 10 th February 2017 1 University of Trento Federico Pintore Blockchain and innovative applications Trento, 10 th February
More informationDistributed Systems. Lecture 14: Security. 5 March,
06-06798 Distributed Systems Lecture 14: Security 5 March, 2002 1 What is security? policies and mechanisms threats and attacks Overview Security of electronic transactions secure channels authentication
More informationCISC859: Topics in Advanced Networks & Distributed Computing: Network & Distributed System Security. A Brief Overview of Security & Privacy Issues
CISC859: Topics in Advanced Networks & Distributed Computing: Network & Distributed System Security A Brief Overview of Security & Privacy Issues 1 Topics to Be Covered Cloud computing RFID systems Bitcoin
More informationPublic-Key Cryptography
Computer Security Spring 2008 Public-Key Cryptography Aggelos Kiayias University of Connecticut A paradox Classic cryptography (ciphers etc.) Alice and Bob share a short private key using a secure channel.
More informationPOST-QUANTUM CRYPTOGRAPHY VIENNA CYBER SECURITY WEEK DR. DANIEL SLAMANIG
POST-QUANTUM CRYPTOGRAPHY VIENNA CYBER SECURITY WEEK 2018 02.02.2018 DR. DANIEL SLAMANIG WHAT IS POST-QUANTUM CRYPTOGRAPHY? Also called quantum safe/resistant cryptography NOT quantum cryptography (= quantum
More informationAnonymity. Assumption: If we know IP address, we know identity
03--4 Anonymity Some degree of anonymity from using pseudonyms However, anonymity is always limited by address TCP will reveal your address address together with ISP cooperation Anonymity is broken We
More informationThe LinkedIn Hack: Understanding Why It Was So Easy to Crack the Passwords
The LinkedIn Hack: Understanding Why It Was So Easy to Crack the Passwords LinkedIn was breached in 2012 with a reported 6.5 million user accounts compromised. LinkedIn sent a request to known hacked users
More informationThe Lord of the Keys How two-part seed records solve all safety concerns regarding two-factor authentication
White Paper The Lord of the Keys How two-part seed records solve all safety concerns regarding two-factor authentication Table of contents Introduction... 2 Password protection alone is no longer enough...
More information